Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/0kEdok5SHyHblOdZlB8N_Jkav3w.roa
File: 0kEdok5SHyHblOdZlB8N_Jkav3w.roa (raw, json)
Hash identifier: icSkSWRM0V4FSX61s+dNgVPOgFTd13RRwXly310XnhM=
Subject key identifier: D2:41:1D:A2:4E:52:1F:21:DB:94:E7:59:94:1F:0D:FC:99:1A:BF:7C
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019423D70E4E528703DD6B7490AEC7E0BE22
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/0kEdok5SHyHblOdZlB8N_Jkav3w.roa
Signing time: Wed 01 Jan 2025 21:48:03 +0000
ROA not before: Wed 01 Jan 2025 21:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48940
IP address blocks: 185.128.106.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:0e:4e:52:87:03:dd:6b:74:90:ae:c7:e0:be:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 1 21:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2411da24e521f21db94e759941f0dfc991abf7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f1:92:08:58:bc:c7:16:f2:2d:47:f9:a5:f9:
7f:22:e3:18:19:e7:9f:4f:8b:71:23:3c:9a:3b:cf:
73:3e:eb:b1:cd:c5:ec:33:00:2e:05:94:f5:ea:2c:
a6:2d:2d:0f:a2:20:e0:1a:ec:d4:19:81:fd:6f:db:
a9:4b:4a:0c:9b:a2:98:a7:d9:d4:d0:5d:9f:e9:33:
cb:f1:f4:a7:33:c6:dc:3e:9c:a4:a0:4c:af:c7:82:
28:5a:09:cc:c1:79:52:77:7c:45:c0:83:fc:ca:2d:
e2:ed:3d:da:58:87:fd:be:26:d0:67:41:3d:1e:22:
5d:02:95:31:43:a2:fe:42:46:e8:d0:c5:49:ec:7e:
5b:41:b8:f0:e1:75:7b:a6:72:e3:5b:d9:17:42:13:
6b:d9:4f:a6:93:0f:cc:96:33:b3:f2:e6:33:4e:67:
32:59:ab:25:a0:44:68:0a:2c:6e:3e:37:75:49:5d:
4d:a1:43:3a:42:5e:e9:0c:0d:f6:16:8e:eb:3d:ca:
7f:6d:29:77:47:ae:ff:af:d1:43:29:2c:b2:71:a2:
2c:78:1f:f1:23:35:93:36:b8:07:fc:d4:dd:c1:62:
13:46:9c:0e:02:3b:76:11:36:03:35:35:c8:c9:8e:
17:f2:0c:d8:e0:26:22:d9:87:ed:25:70:6d:93:f9:
f1:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:41:1D:A2:4E:52:1F:21:DB:94:E7:59:94:1F:0D:FC:99:1A:BF:7C
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/0kEdok5SHyHblOdZlB8N_Jkav3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.106.0/23
Signature Algorithm: sha256WithRSAEncryption
20:29:ce:ee:1f:e1:90:47:58:f3:d5:2d:95:8a:14:29:16:6c:
87:9f:b2:fe:96:8a:42:b9:c2:89:22:90:73:39:04:fc:a6:fa:
0b:b7:ce:f1:c5:a5:1b:b0:0a:f9:2e:9e:59:a5:75:fc:3e:98:
97:71:8a:ca:09:47:f0:6c:8a:91:73:6d:31:09:8f:c4:2d:05:
69:6b:2c:e6:4d:66:83:e6:39:70:2f:f3:da:e3:57:79:5a:3d:
5a:af:52:f6:53:a1:e2:0f:a7:1e:2f:6a:c2:1b:51:41:0b:3e:
48:bc:0a:cb:2a:8c:30:fe:6f:95:dc:bf:be:68:fc:46:4c:a6:
b6:67:68:69:82:92:64:9a:f8:64:24:f5:63:a3:0d:5b:d8:53:
27:16:5f:4d:e8:e9:13:e2:03:53:a5:43:a5:ed:e6:2d:a4:9a:
7f:82:0d:4f:b6:67:8b:9e:7c:be:84:35:5f:26:16:5e:8d:a3:
b9:76:02:a8:85:1a:b5:a0:ec:dd:c0:d8:de:f8:e7:54:46:b3:
cb:49:f9:00:23:8d:cd:43:03:8e:d4:d8:98:ef:a7:2b:e3:80:
cd:c7:d9:a2:e6:53:f2:55:72:5a:ae:21:80:b8:68:a6:91:26:
de:06:ad:fc:75:b4:e8:ae:50:4c:ff:17:68:f0:43:8f:71:e4:
71:9f:d3:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1w5OUocD3Wt0kK7H4L4iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwMTAxMjE0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjQxMWRhMjRlNTIxZjIxZGI5NGU3NTk5NDFmMGRmYzk5MWFiZjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPGSCFi8xxbyLUf5pfl/IuMYGeef
T4txIzyaO89zPuuxzcXsMwAuBZT16iymLS0PoiDgGuzUGYH9b9upS0oMm6KYp9nU
0F2f6TPL8fSnM8bcPpykoEyvx4IoWgnMwXlSd3xFwIP8yi3i7T3aWIf9vibQZ0E9
HiJdApUxQ6L+Qkbo0MVJ7H5bQbjw4XV7pnLjW9kXQhNr2U+mkw/MljOz8uYzTmcy
WasloERoCixuPjd1SV1NoUM6Ql7pDA32Fo7rPcp/bSl3R67/r9FDKSyycaIseB/x
IzWTNrgH/NTdwWITRpwOAjt2ETYDNTXIyY4X8gzY4CYi2YftJXBtk/nxLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNJBHaJOUh8h25TnWZQfDfyZGr98MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvMGtFZG9rNVNIeUhibE9kWmxCOE5fSmthdjN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuYBqMA0G
CSqGSIb3DQEBCwUAA4IBAQAgKc7uH+GQR1jz1S2VihQpFmyHn7L+lopCucKJIpBz
OQT8pvoLt87xxaUbsAr5Lp5ZpXX8PpiXcYrKCUfwbIqRc20xCY/ELQVpayzmTWaD
5jlwL/Pa41d5Wj1ar1L2U6HiD6ceL2rCG1FBCz5IvArLKoww/m+V3L++aPxGTKa2
Z2hpgpJkmvhkJPVjow1b2FMnFl9N6OkT4gNTpUOl7eYtpJp/gg1PtmeLnny+hDVf
JhZejaO5dgKohRq1oOzdwNje+OdURrPLSfkAI43NQwOO1NiY76cr44DNx9mi5lPy
VXJariGAuGimkSbeBq38dbTorlBM/xdo8EOPceRxn9Ow
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:03:20 2025 by rpki-client