Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/iFAhtv5PKw-R0uRuqsn6zYlBJeY.roa
File: iFAhtv5PKw-R0uRuqsn6zYlBJeY.roa (raw, json)
Hash identifier: J1k4HxLBQ61ElULxYYYHcMSZf+H65zMaicMKIhyViUA=
Subject key identifier: 88:50:21:B6:FE:4F:2B:0F:91:D2:E4:6E:AA:C9:FA:CD:89:41:25:E6
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 01944311AC66ACF72D8A150FD3AB9AE536DB
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/iFAhtv5PKw-R0uRuqsn6zYlBJeY.roa
Signing time: Tue 07 Jan 2025 23:20:19 +0000
ROA not before: Tue 07 Jan 2025 23:20:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213673
IP address blocks: 185.184.123.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:43:11:ac:66:ac:f7:2d:8a:15:0f:d3:ab:9a:e5:36:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jan 7 23:20:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=885021b6fe4f2b0f91d2e46eaac9facd894125e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e7:91:1e:87:db:83:3a:99:7d:93:bb:f6:43:
d8:55:94:c3:c9:1a:76:f7:86:f5:b9:79:20:72:90:
f9:8c:0e:10:67:af:f9:8f:e2:97:2e:2f:35:f2:a4:
45:fe:4d:cc:1f:2d:4f:79:16:40:82:f9:cf:86:47:
9d:22:83:d7:73:dc:d5:a9:69:dc:7f:5f:2e:31:e4:
9d:1c:e6:fd:b2:24:d2:af:d2:77:c6:79:66:b3:a3:
75:b2:75:f5:75:df:30:07:97:8e:5f:6c:03:ff:94:
b7:1c:f6:28:62:90:cd:c9:48:3b:98:07:0b:66:1a:
e7:02:88:b0:c8:66:d2:54:95:26:22:53:79:79:4f:
92:a2:5b:30:54:8a:4e:29:55:2f:f5:49:68:6b:be:
e6:e3:bd:93:6c:e1:b9:89:0c:57:e3:eb:f8:45:7b:
e6:df:f9:87:61:e4:ad:69:1e:c4:35:dd:d9:a7:59:
d4:02:90:ac:18:1d:c6:d2:c7:e2:a3:06:68:ec:7b:
10:e5:81:04:4b:79:5d:08:9f:4f:58:6c:d7:6b:7e:
1e:e4:3f:2c:8f:a2:f2:b2:1d:b3:b1:7a:4e:56:a0:
bd:b0:7e:13:ac:c8:5b:f1:ad:a8:c9:87:91:72:9e:
c1:df:97:e6:a4:dd:4a:af:c5:14:27:60:39:75:90:
f1:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:50:21:B6:FE:4F:2B:0F:91:D2:E4:6E:AA:C9:FA:CD:89:41:25:E6
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/iFAhtv5PKw-R0uRuqsn6zYlBJeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.184.123.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:e2:3c:b7:d5:32:14:ea:97:2e:39:a3:e8:0e:63:03:08:17:
e9:89:2d:71:da:4d:fd:9b:3f:48:01:6d:b9:37:60:ee:e8:5e:
fc:d6:a1:e3:ca:c4:3c:72:f4:fa:c1:2d:f8:65:3a:90:98:7a:
f7:f9:eb:4c:6c:96:c0:e9:d6:07:d9:b4:38:cb:74:cb:0c:ec:
bb:b9:8c:52:63:9e:ba:f9:fc:ba:53:52:2d:9a:53:ea:38:bf:
6c:ba:cc:e0:98:02:6e:19:63:10:59:2e:62:1f:66:6f:17:83:
7b:bb:cf:21:6f:0f:bd:8a:f5:ad:70:ee:48:16:9f:50:4d:f3:
70:3e:dc:08:b9:12:0d:0d:c8:aa:23:fb:0d:f4:5f:c1:42:4b:
2a:85:57:88:9b:e1:1b:20:d8:30:15:7d:30:01:4b:7a:47:87:
3c:ea:f7:e3:bf:c4:cb:8b:78:da:96:47:c7:bd:dc:02:1d:f8:
e3:3a:2d:cd:e2:06:cc:a6:39:6c:88:b9:21:59:43:c8:ea:4f:
a2:dd:e3:97:ae:fd:5c:69:7b:e5:94:e9:ba:84:6b:fc:95:68:
fb:25:fc:46:f3:e1:7e:37:18:77:e7:75:1c:81:57:51:e0:a6:
be:51:62:ff:f9:b5:55:5c:3c:f2:32:a6:3c:f4:b5:e4:a9:88:
7a:ef:91:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRDEaxmrPctihUP06ua5TbbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwMTA3MjMyMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODUwMjFiNmZlNGYyYjBmOTFkMmU0NmVhYWM5ZmFjZDg5NDEyNWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteeRHofbgzqZfZO79kPYVZTDyRp2
94b1uXkgcpD5jA4QZ6/5j+KXLi818qRF/k3MHy1PeRZAgvnPhkedIoPXc9zVqWnc
f18uMeSdHOb9siTSr9J3xnlms6N1snX1dd8wB5eOX2wD/5S3HPYoYpDNyUg7mAcL
ZhrnAoiwyGbSVJUmIlN5eU+SolswVIpOKVUv9Uloa77m472TbOG5iQxX4+v4RXvm
3/mHYeStaR7ENd3Zp1nUApCsGB3G0sfiowZo7HsQ5YEES3ldCJ9PWGzXa34e5D8s
j6Lysh2zsXpOVqC9sH4TrMhb8a2oyYeRcp7B35fmpN1Kr8UUJ2A5dZDxAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIhQIbb+TysPkdLkbqrJ+s2JQSXmMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvaUZBaHR2NVBLdy1SMHVSdXFzbjZ6WWxCSmVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubh7MA0G
CSqGSIb3DQEBCwUAA4IBAQCj4jy31TIU6pcuOaPoDmMDCBfpiS1x2k39mz9IAW25
N2Du6F781qHjysQ8cvT6wS34ZTqQmHr3+etMbJbA6dYH2bQ4y3TLDOy7uYxSY566
+fy6U1ItmlPqOL9suszgmAJuGWMQWS5iH2ZvF4N7u88hbw+9ivWtcO5IFp9QTfNw
PtwIuRINDciqI/sN9F/BQksqhVeIm+EbINgwFX0wAUt6R4c86vfjv8TLi3jalkfH
vdwCHfjjOi3N4gbMpjlsiLkhWUPI6k+i3eOXrv1caXvllOm6hGv8lWj7JfxG8+F+
Nxh353UcgVdR4Ka+UWL/+bVVXDzyMqY89LXkqYh675FA
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:17:34 2025 by rpki-client