Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/pouST0MeFev3JW58yUINAcZduZY.roa
File: pouST0MeFev3JW58yUINAcZduZY.roa (raw, json)
Hash identifier: nOmrvQU+vdfjIPZs20pRPTMxOqpnt7FLZ+3nq5H/lMA=
Subject key identifier: A6:8B:92:4F:43:1E:15:EB:F7:25:6E:7C:C9:42:0D:01:C6:5D:B9:96
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0194236A4B99B32CB42CD6127CA4DA7E9083
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/pouST0MeFev3JW58yUINAcZduZY.roa
Signing time: Wed 01 Jan 2025 19:49:16 +0000
ROA not before: Wed 01 Jan 2025 19:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137882
IP address blocks: 185.255.152.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:4b:99:b3:2c:b4:2c:d6:12:7c:a4:da:7e:90:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 19:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a68b924f431e15ebf7256e7cc9420d01c65db996
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:2f:15:73:85:57:cb:a8:6c:e3:44:28:a9:14:
b9:6a:f7:b7:4c:ee:e4:39:cf:1a:7c:a6:f1:92:b1:
8a:ff:02:b1:80:a5:f8:3d:05:5e:3c:b5:d7:08:0d:
b0:3a:39:1c:c5:c5:91:89:f5:12:b5:9f:5d:88:6e:
4d:aa:52:2a:9a:fa:b7:ac:5d:0f:b3:c4:85:53:8e:
35:51:e2:de:90:23:98:a6:67:b2:0c:e2:64:16:60:
42:31:5a:5f:93:eb:6e:26:95:75:fb:ec:70:bc:b9:
d4:6a:1b:1e:ae:39:6e:4a:ec:b1:b5:a0:b6:22:05:
56:8d:e4:f6:c9:76:67:50:84:5e:11:7c:67:64:c5:
71:34:42:0b:d7:37:a1:0b:c7:a3:b3:1d:02:dd:55:
05:4e:93:3f:40:01:0c:fc:9c:2b:3f:8b:a4:34:cd:
e1:bb:25:93:57:d3:55:19:b4:0b:44:2e:5f:fb:fe:
7d:13:65:63:e7:c5:35:18:4a:a0:95:ac:c5:f0:3c:
b1:e4:e4:5b:4b:9d:79:6e:1e:3d:0d:14:87:16:b9:
72:b8:43:53:da:f0:44:13:69:c2:2f:dc:11:ed:00:
1f:38:0d:87:16:51:f5:e3:b6:e8:02:f0:e4:a9:e8:
00:87:ca:20:33:65:3e:8f:84:04:a5:17:4f:6e:61:
00:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:8B:92:4F:43:1E:15:EB:F7:25:6E:7C:C9:42:0D:01:C6:5D:B9:96
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/pouST0MeFev3JW58yUINAcZduZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.152.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:e8:f6:c9:9c:37:0c:d8:33:3b:b7:e8:64:25:4e:f8:1d:c1:
8d:0d:da:d7:4f:95:4c:64:1a:81:66:e6:ef:f3:07:06:75:3e:
6d:a9:7c:4e:c4:3c:50:90:db:06:92:d6:d3:c6:71:c0:fc:f5:
51:0e:ac:48:73:dc:9c:14:ef:ae:de:1f:71:d9:6d:ed:92:72:
7e:68:14:9c:09:88:48:7f:6f:a0:59:73:f4:f1:c8:25:65:9a:
55:a3:21:59:8e:46:aa:18:ea:93:c8:21:25:d2:a6:a3:9a:36:
fd:cd:5b:9d:d6:a8:dc:62:83:5c:b3:35:32:8d:8b:f7:ef:32:
19:be:ff:78:fe:f2:73:5b:13:d1:d2:f7:a7:94:1f:58:f9:f0:
f2:24:04:9e:f5:33:27:90:2a:fc:de:bc:7c:5c:43:59:f4:23:
77:a3:15:63:33:26:de:c0:9c:45:12:4e:43:ec:bc:4b:df:85:
dd:62:d9:75:27:4d:0d:47:1d:63:3c:c4:fa:4d:9a:cc:fd:f9:
ee:53:6d:fe:74:5d:04:f0:41:59:ec:71:fd:59:60:9a:a6:0e:
16:63:80:4c:74:78:77:62:99:8a:f2:c5:e4:99:ba:39:9f:55:
c4:52:e9:55:73:ad:fb:65:f5:ec:be:d1:22:c0:c5:70:7a:74:
24:d0:f1:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjakuZsyy0LNYSfKTafpCDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTAxMTk0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjhiOTI0ZjQzMWUxNWViZjcyNTZlN2NjOTQyMGQwMWM2NWRiOTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnS8Vc4VXy6hs40QoqRS5ave3TO7k
Oc8afKbxkrGK/wKxgKX4PQVePLXXCA2wOjkcxcWRifUStZ9diG5NqlIqmvq3rF0P
s8SFU441UeLekCOYpmeyDOJkFmBCMVpfk+tuJpV1++xwvLnUahserjluSuyxtaC2
IgVWjeT2yXZnUIReEXxnZMVxNEIL1zehC8ejsx0C3VUFTpM/QAEM/JwrP4ukNM3h
uyWTV9NVGbQLRC5f+/59E2Vj58U1GEqglazF8Dyx5ORbS515bh49DRSHFrlyuENT
2vBEE2nCL9wR7QAfOA2HFlH147boAvDkqegAh8ogM2U+j4QEpRdPbmEATwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKaLkk9DHhXr9yVufMlCDQHGXbmWMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvcG91U1QwTWVGZXYzSlc1OHlVSU5BY1pkdVpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf+YMA0G
CSqGSIb3DQEBCwUAA4IBAQBM6PbJnDcM2DM7t+hkJU74HcGNDdrXT5VMZBqBZubv
8wcGdT5tqXxOxDxQkNsGktbTxnHA/PVRDqxIc9ycFO+u3h9x2W3tknJ+aBScCYhI
f2+gWXP08cglZZpVoyFZjkaqGOqTyCEl0qajmjb9zVud1qjcYoNcszUyjYv37zIZ
vv94/vJzWxPR0venlB9Y+fDyJASe9TMnkCr83rx8XENZ9CN3oxVjMybewJxFEk5D
7LxL34XdYtl1J00NRx1jPMT6TZrM/fnuU23+dF0E8EFZ7HH9WWCapg4WY4BMdHh3
YpmK8sXkmbo5n1XEUulVc637ZfXsvtEiwMVwenQk0PGX
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:14:51 2025 by rpki-client