Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/B3hYI-yFzUsfLaXXcmpVXDtm1FA.roa
File: B3hYI-yFzUsfLaXXcmpVXDtm1FA.roa (raw, json)
Hash identifier: l103Ybv4lweW1usLLXjIO7Qt2UGlUxgwH75Nm0FO+Vs=
Subject key identifier: 07:78:58:23:EC:85:CD:4B:1F:2D:A5:D7:72:6A:55:5C:3B:66:D4:50
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019423D7FDF9327AE5546F81CCCF9A49188D
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/B3hYI-yFzUsfLaXXcmpVXDtm1FA.roa
Signing time: Wed 01 Jan 2025 21:49:05 +0000
ROA not before: Wed 01 Jan 2025 21:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207957
IP address blocks: 185.170.153.0/24 maxlen: 24
185.170.154.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:fd:f9:32:7a:e5:54:6f:81:cc:cf:9a:49:18:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jan 1 21:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07785823ec85cd4b1f2da5d7726a555c3b66d450
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:62:f0:bb:f4:f6:d3:fc:4c:04:e2:1d:b1:8c:
ff:05:44:5a:1b:62:ea:70:d1:dd:81:f0:5f:8e:8a:
87:32:b1:c2:b7:af:ab:83:f1:82:27:12:7e:8c:51:
7b:71:59:74:ed:fa:c7:66:d4:ef:d5:0c:7c:5a:41:
4b:93:83:22:b6:53:ce:4a:fb:bd:0b:21:6f:32:fa:
67:d1:df:5a:15:4c:c1:3c:be:2b:cb:73:ac:47:b8:
7e:c5:9a:14:6a:8b:2a:af:d6:d3:60:4f:03:b5:66:
71:d1:8e:70:b5:7e:00:3b:6e:6f:d7:be:e8:78:1d:
6a:af:eb:fd:5c:d3:a6:67:ea:11:91:68:92:bb:8f:
95:55:e6:7c:7c:8c:41:f5:9d:5a:f1:ca:01:dc:e4:
44:06:d0:d8:53:a1:79:74:4e:e4:b5:df:9f:7a:08:
d4:2a:f9:0e:12:a9:7b:3b:14:56:30:70:37:17:8d:
fd:8c:e7:bd:5a:df:12:1f:64:4e:65:4a:f4:ed:c6:
0e:a8:ff:fc:5b:ae:f8:07:95:90:96:0b:42:51:05:
ff:66:e0:28:9b:07:a7:0c:03:e0:db:68:86:83:19:
d3:94:c6:47:10:db:c4:ba:5d:9f:25:ac:e6:f1:0e:
c6:83:40:b8:06:68:aa:09:ab:47:e9:cb:1a:b1:71:
ab:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:78:58:23:EC:85:CD:4B:1F:2D:A5:D7:72:6A:55:5C:3B:66:D4:50
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/B3hYI-yFzUsfLaXXcmpVXDtm1FA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.153.0-185.170.154.255
Signature Algorithm: sha256WithRSAEncryption
55:5d:6e:f4:33:31:1e:3a:eb:d0:d4:59:e0:93:9b:f2:3b:fc:
79:a3:9a:39:0f:27:01:c6:6e:23:5e:ab:89:2b:0e:0e:98:82:
54:be:40:71:69:c2:00:e4:a2:19:a0:65:1e:c8:1e:ae:dd:b7:
12:7d:a8:7b:06:b7:5e:33:be:ac:dc:4a:bf:1b:72:f7:38:c9:
c3:9e:fb:e5:e8:fb:7a:a9:5b:19:a0:a1:71:79:1b:3e:4a:31:
62:26:42:ee:7e:d9:f2:b9:4d:f1:0c:23:b8:4d:07:ef:af:8c:
c6:d7:de:7a:e5:3c:0d:ec:94:c2:e9:df:fc:57:50:49:8e:1e:
6b:9e:1c:f4:72:6e:74:33:b0:d5:a8:12:93:c9:98:13:cb:2a:
a8:89:49:83:5d:83:b1:55:33:d5:e9:d1:07:8d:c6:f3:ed:7b:
29:9d:eb:5e:32:24:15:39:a9:bd:f5:7e:74:8e:7e:2c:98:cf:
d5:3f:6b:57:c8:a2:ae:a7:f8:a0:1a:8b:e1:dc:8d:0e:a3:78:
2d:8b:4d:1f:9a:6f:d9:77:49:bc:96:fe:3a:10:df:b1:cc:18:
15:0d:4e:7b:c8:4b:21:46:d6:7d:27:d6:3b:7a:21:20:47:62:
25:12:cd:56:85:47:a9:db:8e:ee:b2:c3:68:a1:ac:ad:df:dc:
ec:79:39:41
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQj1/35MnrlVG+BzM+aSRiNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwMTAxMjE0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzc4NTgyM2VjODVjZDRiMWYyZGE1ZDc3MjZhNTU1YzNiNjZkNDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2Lwu/T20/xMBOIdsYz/BURaG2Lq
cNHdgfBfjoqHMrHCt6+rg/GCJxJ+jFF7cVl07frHZtTv1Qx8WkFLk4MitlPOSvu9
CyFvMvpn0d9aFUzBPL4ry3OsR7h+xZoUaosqr9bTYE8DtWZx0Y5wtX4AO25v177o
eB1qr+v9XNOmZ+oRkWiSu4+VVeZ8fIxB9Z1a8coB3OREBtDYU6F5dE7ktd+fegjU
KvkOEql7OxRWMHA3F439jOe9Wt8SH2ROZUr07cYOqP/8W674B5WQlgtCUQX/ZuAo
mwenDAPg22iGgxnTlMZHENvEul2fJazm8Q7Gg0C4BmiqCatH6csasXGrLQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAd4WCPshc1LHy2l13JqVVw7ZtRQMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvQjNoWUkteUZ6VXNmTGFYWGNtcFZYRHRtMUZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5qpkD
BAC5qpowDQYJKoZIhvcNAQELBQADggEBAFVdbvQzMR4669DUWeCTm/I7/HmjmjkP
JwHGbiNeq4krDg6YglS+QHFpwgDkohmgZR7IHq7dtxJ9qHsGt14zvqzcSr8bcvc4
ycOe++Xo+3qpWxmgoXF5Gz5KMWImQu5+2fK5TfEMI7hNB++vjMbX3nrlPA3slMLp
3/xXUEmOHmueHPRybnQzsNWoEpPJmBPLKqiJSYNdg7FVM9Xp0QeNxvPteymd614y
JBU5qb31fnSOfiyYz9U/a1fIoq6n+KAai+HcjQ6jeC2LTR+ab9l3SbyW/joQ37HM
GBUNTnvISyFG1n0n1jt6ISBHYiUSzVaFR6nbju6yw2ihrK3f3Ox5OUE=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:17:04 2025 by rpki-client