Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/y1vgP5ALQ_f7ukNDpxMSde-e7v4.roa
File: y1vgP5ALQ_f7ukNDpxMSde-e7v4.roa (raw, json)
Hash identifier: ZEoHQwUMUOky+1AzVNvJesSEjysUoaXlGa2dMEl0rqU=
Subject key identifier: CB:5B:E0:3F:90:0B:43:F7:FB:BA:43:43:A7:13:12:75:EF:9E:EE:FE
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019423D73157CBC1F3691E076C57F2025EA3
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/y1vgP5ALQ_f7ukNDpxMSde-e7v4.roa
Signing time: Wed 01 Jan 2025 21:48:12 +0000
ROA not before: Wed 01 Jan 2025 21:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215997
IP address blocks: 185.244.174.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:31:57:cb:c1:f3:69:1e:07:6c:57:f2:02:5e:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 1 21:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb5be03f900b43f7fbba4343a7131275ef9eeefe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:22:b8:a0:8c:b9:b2:33:9a:c5:4a:0d:af:76:
0d:32:6f:f1:ea:7f:ec:0b:7b:45:24:31:e0:c5:ff:
d8:01:01:29:5e:83:c8:66:85:4c:ce:aa:ce:1e:5d:
6c:21:83:4d:b0:6d:c0:1e:e0:47:9c:71:2a:79:38:
ba:c8:c0:fe:13:d8:8f:33:1b:df:7c:b4:83:40:b3:
21:53:45:2f:39:cc:59:de:97:de:8d:1f:2e:c7:4d:
5e:60:e3:ad:4b:a4:e4:e0:20:1b:e2:af:e6:a2:f0:
d2:73:38:ca:68:39:03:99:27:13:22:c6:4b:88:b3:
1b:66:87:d2:c3:dd:00:47:60:90:f7:22:41:66:7c:
6b:7b:d6:17:d5:dc:1f:3a:fc:81:01:fb:be:21:3c:
2b:46:87:2d:9c:f1:41:b4:4a:55:77:4b:79:f7:80:
34:b7:ea:f7:83:d3:e3:de:bc:a8:32:8f:7e:f2:73:
33:56:b7:a0:fe:fd:ce:42:66:c6:6a:42:4e:16:b3:
97:b1:0d:08:9c:ac:e1:42:6f:19:e3:1f:07:19:c7:
60:b6:05:31:c1:fb:4e:bd:ea:ab:c3:ec:ff:f3:93:
86:29:35:e1:4c:38:ba:2e:56:54:b3:2c:79:70:5f:
c9:a6:85:63:c0:f4:a0:f1:ae:0f:e8:19:41:54:4d:
d5:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:5B:E0:3F:90:0B:43:F7:FB:BA:43:43:A7:13:12:75:EF:9E:EE:FE
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/y1vgP5ALQ_f7ukNDpxMSde-e7v4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.174.0/24
Signature Algorithm: sha256WithRSAEncryption
08:0f:dc:70:37:07:47:ab:7a:0d:11:16:36:4b:c8:2c:8b:7a:
9e:b1:eb:6e:c3:c2:7a:f0:a3:9e:5b:bc:c9:16:88:08:f5:2c:
4c:e2:17:44:9c:b7:75:4a:53:b8:08:c2:17:36:c4:a4:72:d7:
e8:ba:75:bb:13:50:3a:ae:02:05:88:7b:a4:a8:d5:d8:22:1e:
68:cf:f8:41:d9:b9:f9:1a:1d:fb:52:dc:4e:05:e7:c8:9c:d0:
60:dd:93:2f:d7:9f:ab:ff:78:fb:ff:bd:80:c4:87:14:5e:fc:
33:31:59:93:27:0a:cd:40:33:69:1e:b1:62:10:54:8d:16:a1:
15:1b:79:01:87:79:35:9b:f9:f7:a2:5e:8b:d1:a4:af:71:8b:
17:e2:4b:86:3c:2c:7d:43:fa:13:1d:d5:61:9a:6f:81:ed:51:
2a:ef:a5:1a:f7:d6:be:69:57:b4:31:aa:6d:97:7e:9c:c0:a6:
ff:d6:7b:e5:a7:0f:9d:88:00:0c:bc:bd:55:cd:1b:78:7f:fe:
c9:d2:74:cd:42:21:5f:dc:b6:8f:8d:9a:9f:dc:79:2d:fe:25:
35:dd:1e:a8:6a:93:fa:62:6a:37:25:f3:42:9d:ba:80:39:76:
16:cb:b9:bb:2d:24:e2:be:46:c7:72:3c:12:e3:9f:b7:f8:cd:
b7:0d:c4:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1zFXy8HzaR4HbFfyAl6jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwMTAxMjE0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjViZTAzZjkwMGI0M2Y3ZmJiYTQzNDNhNzEzMTI3NWVmOWVlZWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2CK4oIy5sjOaxUoNr3YNMm/x6n/s
C3tFJDHgxf/YAQEpXoPIZoVMzqrOHl1sIYNNsG3AHuBHnHEqeTi6yMD+E9iPMxvf
fLSDQLMhU0UvOcxZ3pfejR8ux01eYOOtS6Tk4CAb4q/movDSczjKaDkDmScTIsZL
iLMbZofSw90AR2CQ9yJBZnxre9YX1dwfOvyBAfu+ITwrRoctnPFBtEpVd0t594A0
t+r3g9Pj3ryoMo9+8nMzVreg/v3OQmbGakJOFrOXsQ0InKzhQm8Z4x8HGcdgtgUx
wftOveqrw+z/85OGKTXhTDi6LlZUsyx5cF/JpoVjwPSg8a4P6BlBVE3VTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMtb4D+QC0P3+7pDQ6cTEnXvnu7+MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEveTF2Z1A1QUxRX2Y3dWtORHB4TVNkZS1lN3Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufSuMA0G
CSqGSIb3DQEBCwUAA4IBAQAID9xwNwdHq3oNERY2S8gsi3qesetuw8J68KOeW7zJ
FogI9SxM4hdEnLd1SlO4CMIXNsSkctfounW7E1A6rgIFiHukqNXYIh5oz/hB2bn5
Gh37UtxOBefInNBg3ZMv15+r/3j7/72AxIcUXvwzMVmTJwrNQDNpHrFiEFSNFqEV
G3kBh3k1m/n3ol6L0aSvcYsX4kuGPCx9Q/oTHdVhmm+B7VEq76Ua99a+aVe0Mapt
l36cwKb/1nvlpw+diAAMvL1VzRt4f/7J0nTNQiFf3LaPjZqf3Hkt/iU13R6oapP6
Ymo3JfNCnbqAOXYWy7m7LSTivkbHcjwS45+3+M23DcSA
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:32:28 2025 by rpki-client