Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/Iy-azWAI6KWrOd6xINfWkQK0mmo.roa
File: Iy-azWAI6KWrOd6xINfWkQK0mmo.roa (raw, json)
Hash identifier: WW8+TBzRLpV7fj0dmKJQYyc2cjZjFlGMNCS3c3X42Q8=
Subject key identifier: 23:2F:9A:CD:60:08:E8:A5:AB:39:DE:B1:20:D7:D6:91:02:B4:9A:6A
Certificate issuer: /CN=2995944e84dc37ba6a42d68bb1e2b9a4421e84a4
Certificate serial: 019422FB87E848702EC1530FFC0090D053EE
Authority key identifier: 29:95:94:4E:84:DC:37:BA:6A:42:D6:8B:B1:E2:B9:A4:42:1E:84:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KZWUToTcN7pqQtaLseK5pEIehKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/Iy-azWAI6KWrOd6xINfWkQK0mmo.roa
Signing time: Wed 01 Jan 2025 17:48:17 +0000
ROA not before: Wed 01 Jan 2025 17:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 185.214.22.0/24 maxlen: 24
185.214.23.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:87:e8:48:70:2e:c1:53:0f:fc:00:90:d0:53:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2995944e84dc37ba6a42d68bb1e2b9a4421e84a4
Validity
Not Before: Jan 1 17:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=232f9acd6008e8a5ab39deb120d7d69102b49a6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:27:0f:9e:1a:27:30:24:e7:e3:16:98:da:f5:
4f:21:73:f2:25:d2:29:23:d1:4c:91:c1:be:f0:71:
19:9c:48:ba:3a:07:95:94:33:93:d5:97:cb:c1:8e:
3f:10:5d:70:77:b4:a1:ce:ff:0f:96:2f:04:70:c1:
45:0b:0e:92:0c:d3:e9:3c:9f:46:ca:11:53:05:6c:
ca:45:60:d7:0c:71:c9:53:85:e4:7f:99:38:8b:52:
89:86:9f:19:60:82:68:58:6f:d9:44:90:16:6c:8f:
1e:1c:4c:2a:c8:cc:72:d3:93:d9:38:f9:3c:5c:fe:
ca:a0:5e:b2:2d:4b:55:e5:f4:4b:27:61:10:96:9e:
b1:50:b4:14:b2:90:8d:4f:7c:88:b5:df:2d:b9:e2:
f8:7a:53:b1:d9:08:b2:e0:8b:44:c1:4d:7a:91:5a:
b2:2a:b7:3c:6f:48:54:c3:f2:51:3b:0b:f9:bd:37:
0e:41:e0:c2:09:89:52:a3:48:ee:14:53:a5:51:7d:
2b:13:74:19:94:ad:e2:51:74:c3:b3:34:02:12:97:
56:eb:69:af:8f:69:9e:8e:55:3f:2b:e6:1d:61:d5:
58:f1:54:02:3a:fb:c2:b1:eb:d7:18:48:c1:29:37:
96:36:6e:b4:f2:0b:1f:72:04:e8:07:02:fe:79:fd:
99:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:2F:9A:CD:60:08:E8:A5:AB:39:DE:B1:20:D7:D6:91:02:B4:9A:6A
X509v3 Authority Key Identifier:
keyid:29:95:94:4E:84:DC:37:BA:6A:42:D6:8B:B1:E2:B9:A4:42:1E:84:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KZWUToTcN7pqQtaLseK5pEIehKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/Iy-azWAI6KWrOd6xINfWkQK0mmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/KZWUToTcN7pqQtaLseK5pEIehKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.22.0/23
Signature Algorithm: sha256WithRSAEncryption
10:5a:a0:ef:d6:f4:bf:20:8c:21:25:92:de:f9:80:2e:d9:cb:
8b:f2:e2:f2:24:9e:ee:9f:97:7b:01:56:e7:ca:64:a0:bb:08:
84:82:ff:72:98:af:84:3a:2e:4b:e1:ac:8a:9a:ed:62:b6:f9:
c6:52:a8:4c:a7:da:49:6f:25:8d:9f:45:c3:de:fa:ec:02:a3:
aa:54:83:ad:34:b0:81:53:88:e1:47:b5:75:2b:7a:ed:ad:d8:
2a:18:d5:c3:4e:c5:be:d1:62:69:d6:d2:ab:a8:35:16:f8:d0:
1a:35:98:f7:32:ce:46:64:be:ba:2b:23:f5:31:d4:c9:c4:c8:
de:33:20:cf:5d:74:5c:ae:11:f8:53:2a:67:91:26:af:fa:84:
85:09:ce:26:22:47:e4:c1:94:fd:ec:74:b2:6c:91:07:78:cb:
87:12:6e:92:f7:f6:71:c6:56:32:c1:c4:cc:6f:56:14:f0:84:
9a:b7:da:74:78:fb:c1:11:64:7b:83:9e:d9:19:8f:d9:ef:a5:
79:1e:1b:ba:18:60:86:8c:bc:54:d0:b5:93:3d:19:da:f1:8f:
e5:7a:74:cf:d0:08:5b:1e:0e:6a:1b:c3:24:5a:aa:5e:80:8a:
78:3a:9c:1a:e2:9a:74:80:78:a6:ad:77:9a:5a:12:24:25:32:
ba:8e:ac:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+4foSHAuwVMP/ACQ0FPuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OTU5NDRlODRkYzM3YmE2YTQyZDY4YmIxZTJiOWE0NDIx
ZTg0YTQwHhcNMjUwMTAxMTc0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzJmOWFjZDYwMDhlOGE1YWIzOWRlYjEyMGQ3ZDY5MTAyYjQ5YTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ycPnhonMCTn4xaY2vVPIXPyJdIp
I9FMkcG+8HEZnEi6OgeVlDOT1ZfLwY4/EF1wd7Shzv8Pli8EcMFFCw6SDNPpPJ9G
yhFTBWzKRWDXDHHJU4Xkf5k4i1KJhp8ZYIJoWG/ZRJAWbI8eHEwqyMxy05PZOPk8
XP7KoF6yLUtV5fRLJ2EQlp6xULQUspCNT3yItd8tueL4elOx2Qiy4ItEwU16kVqy
Krc8b0hUw/JROwv5vTcOQeDCCYlSo0juFFOlUX0rE3QZlK3iUXTDszQCEpdW62mv
j2mejlU/K+YdYdVY8VQCOvvCsevXGEjBKTeWNm608gsfcgToBwL+ef2ZuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCMvms1gCOilqznesSDX1pECtJpqMB8GA1UdIwQY
MBaAFCmVlE6E3De6akLWi7HiuaRCHoSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1pXVVRvVGNON3BxUXRhTHNlSzVwRUllaEtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hMTIwNjktYTA2MS00NDJlLTliZmIt
MzM4YmRkNDM5ZWUxLzEvSXktYXpXQUk2S1dyT2Q2eElOZldrUUswbW1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hMTIwNjktYTA2MS00NDJlLTliZmItMzM4YmRkNDM5ZWUx
LzEvS1pXVVRvVGNON3BxUXRhTHNlSzVwRUllaEtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudYWMA0G
CSqGSIb3DQEBCwUAA4IBAQAQWqDv1vS/IIwhJZLe+YAu2cuL8uLyJJ7un5d7AVbn
ymSguwiEgv9ymK+EOi5L4ayKmu1itvnGUqhMp9pJbyWNn0XD3vrsAqOqVIOtNLCB
U4jhR7V1K3rtrdgqGNXDTsW+0WJp1tKrqDUW+NAaNZj3Ms5GZL66KyP1MdTJxMje
MyDPXXRcrhH4UypnkSav+oSFCc4mIkfkwZT97HSybJEHeMuHEm6S9/ZxxlYywcTM
b1YU8ISat9p0ePvBEWR7g57ZGY/Z76V5Hhu6GGCGjLxU0LWTPRna8Y/lenTP0Ahb
Hg5qG8MkWqpegIp4Opwa4pp0gHimrXeaWhIkJTK6jqyB
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:41:02 2025 by rpki-client