Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/iVpmbRMejTGUfDF-Oj_sVv26rNM.roa
File: iVpmbRMejTGUfDF-Oj_sVv26rNM.roa (raw, json)
Hash identifier: 1p8ViB52qnwGOZfoqxvFyvMaRfbwGTRlAo1t3TSQgzY=
Subject key identifier: 89:5A:66:6D:13:1E:8D:31:94:7C:31:7E:3A:3F:EC:56:FD:BA:AC:D3
Certificate issuer: /CN=44e888a76e99851b01fb86cec537d4d8e610de16
Certificate serial: 019427B592066B6018AE8DCD6724CA3671A5
Authority key identifier: 44:E8:88:A7:6E:99:85:1B:01:FB:86:CE:C5:37:D4:D8:E6:10:DE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/iVpmbRMejTGUfDF-Oj_sVv26rNM.roa
Signing time: Thu 02 Jan 2025 15:49:58 +0000
ROA not before: Thu 02 Jan 2025 15:49:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50599
IP address blocks: 185.235.68.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:92:06:6b:60:18:ae:8d:cd:67:24:ca:36:71:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44e888a76e99851b01fb86cec537d4d8e610de16
Validity
Not Before: Jan 2 15:49:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=895a666d131e8d31947c317e3a3fec56fdbaacd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:37:aa:c8:e0:4b:9a:a8:9d:91:be:cd:c5:93:
44:c6:d5:90:16:49:23:ec:31:dc:c4:3a:72:89:5e:
e9:c9:9c:c8:89:41:03:3d:42:30:74:3b:2b:9d:51:
fe:88:e5:77:29:52:e5:43:b5:36:40:67:a8:e8:f2:
41:b2:2c:5c:3b:ca:ea:67:a9:ea:64:f5:4f:bc:d2:
9e:96:0a:b1:18:a8:09:f9:d6:0c:35:e9:fa:a3:3f:
80:ad:1a:bb:d5:75:47:b1:22:1a:ae:98:3e:0f:33:
ae:65:f7:b3:72:ac:90:7c:fe:02:32:bb:93:32:84:
27:23:9f:20:74:4d:56:4b:0d:99:30:cf:e4:d1:82:
dc:38:76:da:b8:ce:65:f4:2d:09:c9:a9:00:7e:62:
4b:c7:0a:d7:39:5e:c1:7f:e2:54:f2:26:47:31:16:
24:f3:08:9b:ab:ea:98:f5:dd:49:b8:f5:29:77:b5:
99:34:69:b9:7a:94:d4:cc:a8:51:88:67:7a:59:1f:
30:fc:25:88:b9:a9:fc:e7:09:4b:de:00:1c:02:25:
cd:f6:f6:f7:9e:a9:9e:25:6a:4d:ec:69:eb:8b:0a:
f0:45:36:64:01:cd:be:89:2e:c7:e7:90:59:61:fa:
9e:e7:57:6f:9a:c9:70:33:b4:d0:14:d6:fe:33:4f:
ae:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:5A:66:6D:13:1E:8D:31:94:7C:31:7E:3A:3F:EC:56:FD:BA:AC:D3
X509v3 Authority Key Identifier:
keyid:44:E8:88:A7:6E:99:85:1B:01:FB:86:CE:C5:37:D4:D8:E6:10:DE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/iVpmbRMejTGUfDF-Oj_sVv26rNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.68.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:ea:5f:29:24:d0:81:53:cf:b8:6c:a2:e0:95:e7:39:2c:2c:
b5:b6:e3:9e:2a:30:8e:de:28:af:0f:7c:ae:46:3a:66:2a:fa:
41:9c:cc:32:52:08:fa:26:bf:ef:dd:cb:c7:e1:3f:52:59:f8:
9d:29:1a:3f:61:8b:4a:1c:83:6d:7c:1e:6f:cb:3e:63:61:32:
79:c0:2c:ed:dd:84:25:28:30:ae:c6:90:54:3b:2a:f6:bf:ed:
66:12:ec:56:b4:6b:da:a2:c2:06:69:7c:63:c7:45:bc:55:14:
be:81:02:b4:76:87:a1:b2:54:ab:11:70:6e:c5:11:76:9d:b7:
c2:86:21:ed:9c:d6:a2:7a:a4:b5:06:f6:13:f0:ba:2c:57:03:
df:8e:ee:ea:f4:b1:58:4b:d1:83:3c:e8:97:4c:3f:5a:31:5e:
6f:08:a9:f6:97:4a:d0:a1:1d:e2:55:72:02:a8:8a:39:ef:f7:
be:17:3f:50:57:6f:4a:61:f4:70:13:5d:8d:f2:6e:4c:b3:8e:
0e:54:81:2f:50:35:4a:55:0f:bb:ef:26:6c:c6:42:e9:d4:ec:
c4:c8:f0:e0:56:39:3e:e8:1e:32:0d:ee:a9:f6:5f:28:e9:2a:
ff:c1:34:3d:69:9b:54:36:e6:0a:c6:17:60:90:db:d4:6c:b4:
8c:c6:44:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntZIGa2AYro3NZyTKNnGlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZTg4OGE3NmU5OTg1MWIwMWZiODZjZWM1MzdkNGQ4ZTYx
MGRlMTYwHhcNMjUwMTAyMTU0OTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTVhNjY2ZDEzMWU4ZDMxOTQ3YzMxN2UzYTNmZWM1NmZkYmFhY2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjeqyOBLmqidkb7NxZNExtWQFkkj
7DHcxDpyiV7pyZzIiUEDPUIwdDsrnVH+iOV3KVLlQ7U2QGeo6PJBsixcO8rqZ6nq
ZPVPvNKelgqxGKgJ+dYMNen6oz+ArRq71XVHsSIarpg+DzOuZfezcqyQfP4CMruT
MoQnI58gdE1WSw2ZMM/k0YLcOHbauM5l9C0JyakAfmJLxwrXOV7Bf+JU8iZHMRYk
8wibq+qY9d1JuPUpd7WZNGm5epTUzKhRiGd6WR8w/CWIuan85wlL3gAcAiXN9vb3
nqmeJWpN7GnriwrwRTZkAc2+iS7H55BZYfqe51dvmslwM7TQFNb+M0+uRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIlaZm0THo0xlHwxfjo/7Fb9uqzTMB8GA1UdIwQY
MBaAFEToiKdumYUbAfuGzsU31NjmEN4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk9pSXAyNlpoUnNCLTRiT3hUZlUyT1lRM2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS84MmUyYmEtNDQyYy00MmIwLTkzMTUt
YmMwZGJhOTMyYjM1LzEvaVZwbWJSTWVqVEdVZkRGLU9qX3NWdjI2ck5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS84MmUyYmEtNDQyYy00MmIwLTkzMTUtYmMwZGJhOTMyYjM1
LzEvUk9pSXAyNlpoUnNCLTRiT3hUZlUyT1lRM2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuetEMA0G
CSqGSIb3DQEBCwUAA4IBAQCO6l8pJNCBU8+4bKLglec5LCy1tuOeKjCO3iivD3yu
RjpmKvpBnMwyUgj6Jr/v3cvH4T9SWfidKRo/YYtKHINtfB5vyz5jYTJ5wCzt3YQl
KDCuxpBUOyr2v+1mEuxWtGvaosIGaXxjx0W8VRS+gQK0doehslSrEXBuxRF2nbfC
hiHtnNaieqS1BvYT8LosVwPfju7q9LFYS9GDPOiXTD9aMV5vCKn2l0rQoR3iVXIC
qIo57/e+Fz9QV29KYfRwE12N8m5Ms44OVIEvUDVKVQ+77yZsxkLp1OzEyPDgVjk+
6B4yDe6p9l8o6Sr/wTQ9aZtUNuYKxhdgkNvUbLSMxkS7
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:45:32 2025 by rpki-client