Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Cn0hkYyWzSnpgZwNWjPB1ZqyIIY.roa
File: Cn0hkYyWzSnpgZwNWjPB1ZqyIIY.roa (raw, json)
Hash identifier: iP+6zGvyLlsyfpKA2F+2e7Z8W9ltJb41UWQlq0ac5fQ=
Subject key identifier: 0A:7D:21:91:8C:96:CD:29:E9:81:9C:0D:5A:33:C1:D5:9A:B2:20:86
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019422205BD0B58DB2FFAB11FA0C0C91E19E
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Cn0hkYyWzSnpgZwNWjPB1ZqyIIY.roa
Signing time: Wed 01 Jan 2025 13:48:53 +0000
ROA not before: Wed 01 Jan 2025 13:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216307
IP address blocks: 185.218.100.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:5b:d0:b5:8d:b2:ff:ab:11:fa:0c:0c:91:e1:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a7d21918c96cd29e9819c0d5a33c1d59ab22086
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c5:df:86:57:58:97:b5:e9:fe:44:59:a1:38:
b3:bc:b9:64:89:8e:00:6f:07:e4:a8:f1:43:09:54:
f9:6b:4e:3a:dc:57:f8:ce:56:cc:a7:69:3f:59:29:
8a:77:9a:73:5d:7a:75:cd:d0:62:6f:48:2e:5b:42:
30:c9:cf:dc:12:5d:5c:a4:0a:1f:de:a3:6f:5d:3b:
ee:3f:8e:2f:6a:37:2d:58:b6:38:81:33:d9:12:a3:
a2:a9:d8:2e:bc:dc:79:99:79:05:55:4c:42:91:07:
70:61:51:f4:34:2e:10:ee:3a:05:4e:f5:e5:5f:48:
d2:f0:1d:81:2d:ed:1e:ea:53:34:c5:ce:11:64:2f:
b6:22:fa:e0:22:b6:9b:85:f9:aa:0a:6d:8c:cf:d1:
d8:74:a9:36:37:3b:37:03:8b:23:af:6b:ad:f5:4a:
57:89:14:60:59:7b:ab:5e:59:0e:b7:bc:7d:bc:0e:
01:b8:71:c6:c7:fd:9f:d4:9c:a7:cb:fb:bc:50:cf:
03:0d:8e:f8:f5:ad:32:87:83:25:eb:39:d5:0e:31:
cc:67:a0:b0:9b:69:4a:43:d3:cb:f2:fa:ba:d7:c3:
8e:c9:56:f7:57:4f:dd:6f:3a:26:10:57:46:fc:58:
85:c4:c5:44:24:b1:8d:63:4c:ca:6b:2c:26:a3:f1:
39:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:7D:21:91:8C:96:CD:29:E9:81:9C:0D:5A:33:C1:D5:9A:B2:20:86
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Cn0hkYyWzSnpgZwNWjPB1ZqyIIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.100.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:38:fd:3d:c0:2b:60:0b:ba:d4:a9:2a:26:a4:5f:05:19:a3:
14:b2:3c:75:58:aa:90:be:0a:68:d7:c5:5c:be:40:85:e1:94:
b1:3f:00:1c:0b:c2:89:cb:b5:7b:e5:af:87:ee:51:30:c3:4b:
26:6f:9a:f4:47:53:64:82:01:83:1e:e7:5c:83:ed:5c:d5:95:
67:f3:ec:36:7a:75:07:f8:91:5b:dd:97:b5:44:4a:c1:fd:21:
7d:19:30:e4:2d:0a:81:95:3a:49:aa:ce:b6:c2:33:90:fe:c7:
b9:52:e3:63:cd:f3:1c:9a:91:3e:f8:fc:b9:d8:f2:2b:43:86:
c8:67:95:b7:78:1d:d5:4f:a2:b9:bf:60:4a:f3:15:c5:d7:e6:
cd:72:33:18:96:7f:5f:a6:09:a0:82:09:09:33:0b:22:ba:c0:
1e:85:d4:6d:3a:87:d2:ec:d7:3a:f9:e3:b8:a2:40:ea:fa:64:
f7:fc:13:03:fc:bd:13:a6:62:65:a8:1a:da:ca:2c:51:2c:42:
e4:1e:03:c8:0a:c3:07:44:16:33:5d:85:d2:13:5c:29:40:87:
59:59:21:24:94:1f:76:ef:c8:c8:89:08:fe:f8:67:bc:59:65:
10:98:be:e8:e0:bf:41:f9:46:88:d0:ab:91:4e:1b:e9:23:e0:
ef:70:b8:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIFvQtY2y/6sR+gwMkeGeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTdkMjE5MThjOTZjZDI5ZTk4MTljMGQ1YTMzYzFkNTlhYjIyMDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycXfhldYl7Xp/kRZoTizvLlkiY4A
bwfkqPFDCVT5a0463Ff4zlbMp2k/WSmKd5pzXXp1zdBib0guW0Iwyc/cEl1cpAof
3qNvXTvuP44vajctWLY4gTPZEqOiqdguvNx5mXkFVUxCkQdwYVH0NC4Q7joFTvXl
X0jS8B2BLe0e6lM0xc4RZC+2IvrgIrabhfmqCm2Mz9HYdKk2Nzs3A4sjr2ut9UpX
iRRgWXurXlkOt7x9vA4BuHHGx/2f1Jyny/u8UM8DDY749a0yh4Ml6znVDjHMZ6Cw
m2lKQ9PL8vq618OOyVb3V0/dbzomEFdG/FiFxMVEJLGNY0zKaywmo/E5wwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAp9IZGMls0p6YGcDVozwdWasiCGMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvQ24waGtZeVd6U25wZ1p3TldqUEIxWnF5SUlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudpkMA0G
CSqGSIb3DQEBCwUAA4IBAQChOP09wCtgC7rUqSompF8FGaMUsjx1WKqQvgpo18Vc
vkCF4ZSxPwAcC8KJy7V75a+H7lEww0smb5r0R1NkggGDHudcg+1c1ZVn8+w2enUH
+JFb3Ze1RErB/SF9GTDkLQqBlTpJqs62wjOQ/se5UuNjzfMcmpE++Py52PIrQ4bI
Z5W3eB3VT6K5v2BK8xXF1+bNcjMYln9fpgmgggkJMwsiusAehdRtOofS7Nc6+eO4
okDq+mT3/BMD/L0TpmJlqBrayixRLELkHgPICsMHRBYzXYXSE1wpQIdZWSEklB92
78jIiQj++Ge8WWUQmL7o4L9B+UaI0KuRThvpI+DvcLih
-----END CERTIFICATE-----
Generated at Sat Apr 12 09:29:11 2025 by rpki-client