Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/1LQCtZnfUGqd8KyQA-HacF-tGBQ.roa
File: 1LQCtZnfUGqd8KyQA-HacF-tGBQ.roa (raw, json)
Hash identifier: yOYHnFekcPAP+efARUxy2qjkV/2ZlJddS5aVPt2UJkE=
Subject key identifier: D4:B4:02:B5:99:DF:50:6A:9D:F0:AC:90:03:E1:DA:70:5F:AD:18:14
Certificate issuer: /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial: 0187532790C2A1DA5E9FFACBA71FBA2B3352
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/1LQCtZnfUGqd8KyQA-HacF-tGBQ.roa
Signing time: Wed 05 Apr 2023 20:41:54 +0000
ROA not before: Wed 05 Apr 2023 20:41:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 140947
IP address blocks: 185.191.145.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:53:27:90:c2:a1:da:5e:9f:fa:cb:a7:1f:ba:2b:33:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
Validity
Not Before: Apr 5 20:41:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4b402b599df506a9df0ac9003e1da705fad1814
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:79:0d:3c:c3:20:58:af:57:69:83:89:12:12:
21:69:ba:d2:e1:1c:bb:07:cf:8e:82:6a:32:a7:d0:
eb:a1:91:8f:ed:b8:43:0c:e0:9f:d7:8b:b4:8d:88:
9d:7a:22:63:c5:e7:d6:3a:c5:97:d1:ae:27:00:2d:
0a:94:73:4b:07:7a:2c:5e:34:84:e7:08:2b:a7:bd:
db:0e:99:88:7c:0b:82:34:7f:cb:b1:7e:81:2a:bc:
11:11:61:c4:79:ce:1f:6f:be:7d:d6:4a:e0:a8:20:
a6:be:52:02:e7:f5:2b:00:37:24:10:ec:2c:c0:e6:
0b:f6:ae:79:12:a0:ac:82:27:21:19:6d:f4:30:a2:
bb:fc:02:76:48:75:db:7e:13:1a:05:aa:a1:38:d5:
bd:a1:ef:f2:46:c7:77:95:c5:ae:3f:04:6e:25:5d:
f5:ff:5d:a6:13:0b:2d:cd:f7:3c:dd:cf:0f:af:67:
00:79:63:ab:77:61:47:ec:11:5c:f8:b8:33:35:b5:
3a:75:b9:89:9c:01:79:9b:fe:9b:88:f8:73:0e:c8:
b5:74:26:2d:e8:36:fb:87:ba:d9:ec:b6:77:61:d3:
ca:a6:a4:60:90:87:e4:d7:e0:f2:d2:5a:eb:6d:1f:
53:79:2f:47:10:e5:5a:5b:76:2d:c9:26:91:74:2a:
5e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:B4:02:B5:99:DF:50:6A:9D:F0:AC:90:03:E1:DA:70:5F:AD:18:14
X509v3 Authority Key Identifier:
keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/1LQCtZnfUGqd8KyQA-HacF-tGBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.145.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:82:0c:15:8e:c6:89:36:b7:f9:93:85:15:0b:4e:4c:98:59:
c8:c6:00:d3:2f:db:24:26:77:51:58:a1:a7:e5:ca:eb:0c:aa:
1e:ee:5f:c6:f7:36:bc:e9:1e:5d:c8:0d:a9:a7:6b:93:65:16:
b7:f1:29:1c:7f:93:5b:b4:a7:cd:af:c0:8f:05:52:fc:27:4d:
9d:74:f4:fc:9e:52:bb:c3:86:46:f3:64:31:3b:f0:55:22:ba:
91:55:91:a9:fb:5e:ef:dc:45:de:ef:a6:ff:44:b8:a1:a4:50:
eb:bf:c3:c5:c8:80:3a:e2:d3:da:08:d0:b3:75:a8:85:8b:15:
f2:92:5f:2f:2e:89:a5:20:45:9f:3d:49:68:4d:ff:57:32:cf:
2d:d3:4a:3c:de:0c:58:12:9b:90:50:e4:7a:b1:f2:50:87:19:
58:49:cd:89:92:8a:14:a6:f8:b4:12:3e:57:df:22:cb:31:f2:
e9:30:89:7f:1c:7f:32:53:4d:28:2a:fb:21:c7:80:07:f6:4a:
0b:ea:37:9b:97:ea:62:82:ce:79:63:ab:91:79:64:61:38:74:
63:33:f4:08:97:c5:21:f5:9a:73:d8:dd:e6:5a:1b:d3:d8:c8:
94:34:67:d3:d9:3a:6d:80:57:53:6f:be:35:b9:b2:1f:a9:9b:
ef:64:61:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdTJ5DCodpen/rLpx+6KzNSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQy
Yjg3OTYwHhcNMjMwNDA1MjA0MTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGI0MDJiNTk5ZGY1MDZhOWRmMGFjOTAwM2UxZGE3MDVmYWQxODE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjnkNPMMgWK9XaYOJEhIhabrS4Ry7
B8+Ogmoyp9DroZGP7bhDDOCf14u0jYideiJjxefWOsWX0a4nAC0KlHNLB3osXjSE
5wgrp73bDpmIfAuCNH/LsX6BKrwREWHEec4fb7591krgqCCmvlIC5/UrADckEOws
wOYL9q55EqCsgichGW30MKK7/AJ2SHXbfhMaBaqhONW9oe/yRsd3lcWuPwRuJV31
/12mEwstzfc83c8Pr2cAeWOrd2FH7BFc+LgzNbU6dbmJnAF5m/6biPhzDsi1dCYt
6Db7h7rZ7LZ3YdPKpqRgkIfk1+Dy0lrrbR9TeS9HEOVaW3YtySaRdCpebQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNS0ArWZ31BqnfCskAPh2nBfrRgUMB8GA1UdIwQY
MBaAFN1kAznlmt3HX9l4EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAt
NjFiNzMzNTRhYmRiLzEvMUxRQ3RabmZVR3FkOEt5UUEtSGFjRi10R0JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRi
LzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+RMA0G
CSqGSIb3DQEBCwUAA4IBAQCfggwVjsaJNrf5k4UVC05MmFnIxgDTL9skJndRWKGn
5crrDKoe7l/G9za86R5dyA2pp2uTZRa38Skcf5NbtKfNr8CPBVL8J02ddPT8nlK7
w4ZG82QxO/BVIrqRVZGp+17v3EXe76b/RLihpFDrv8PFyIA64tPaCNCzdaiFixXy
kl8vLomlIEWfPUloTf9XMs8t00o83gxYEpuQUOR6sfJQhxlYSc2JkooUpvi0Ej5X
3yLLMfLpMIl/HH8yU00oKvshx4AH9koL6jebl+pigs55Y6uReWRhOHRjM/QIl8Uh
9Zpz2N3mWhvT2MiUNGfT2TptgFdTb741ubIfqZvvZGEy
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:20:30 2025 by rpki-client