Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/IrsYdpqcOnQ3SpbKBx6nFfzcVrQ.roa
File: IrsYdpqcOnQ3SpbKBx6nFfzcVrQ.roa (raw, json)
Hash identifier: AIbJqohxVTkRlwXht+/E+fE7aYFk0d/YsXjveY/e/+A=
Subject key identifier: 22:BB:18:76:9A:9C:3A:74:37:4A:96:CA:07:1E:A7:15:FC:DC:56:B4
Certificate issuer: /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial: 0194214400BC8646B5241EAB4246238DDAF0
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/IrsYdpqcOnQ3SpbKBx6nFfzcVrQ.roa
Signing time: Wed 01 Jan 2025 09:48:12 +0000
ROA not before: Wed 01 Jan 2025 09:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212609
IP address blocks: 185.191.146.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:00:bc:86:46:b5:24:1e:ab:42:46:23:8d:da:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
Validity
Not Before: Jan 1 09:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22bb18769a9c3a74374a96ca071ea715fcdc56b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a4:11:fd:65:1a:79:e3:9a:b8:a8:73:08:ae:
92:81:e5:16:c7:04:8b:b1:56:36:c9:c1:9e:29:01:
e8:ce:89:45:eb:5e:2c:49:69:26:f0:15:89:a0:4f:
96:c6:bc:a3:54:fe:e8:85:6e:5f:61:ab:32:44:21:
e6:64:fd:ae:1a:68:62:c6:7c:c7:0b:0d:28:44:ae:
24:46:90:24:72:d6:3b:84:a5:81:9d:fa:08:34:e3:
25:7a:e1:bf:e9:22:2e:62:47:95:f0:00:d2:33:87:
0b:19:3b:ba:10:5e:04:1a:37:d3:f6:aa:0f:49:3d:
6b:c2:e0:1a:04:74:f3:79:dc:30:75:65:0d:0f:6a:
7b:10:39:18:43:5a:8b:ef:d7:38:57:2a:d3:82:8a:
36:33:ab:5e:b2:6c:43:53:df:df:4e:b8:cf:03:ab:
52:dd:36:b8:4d:90:21:67:d4:f9:0c:13:75:52:03:
6d:64:43:9d:b3:54:e6:14:69:64:31:fa:ca:31:ec:
95:a2:5d:68:2b:20:54:ab:e6:8f:cd:56:ca:ee:1d:
1d:29:21:20:54:78:ea:b4:c6:37:33:f5:ab:18:34:
79:6a:57:db:6a:5e:f1:45:40:9e:3d:79:79:0d:94:
3e:0e:e2:a8:98:22:20:bd:54:73:41:1b:7d:b3:b7:
90:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:BB:18:76:9A:9C:3A:74:37:4A:96:CA:07:1E:A7:15:FC:DC:56:B4
X509v3 Authority Key Identifier:
keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/IrsYdpqcOnQ3SpbKBx6nFfzcVrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.146.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:fd:b0:9c:63:42:7a:9b:6a:ca:e3:77:47:59:07:8f:99:65:
60:75:ea:aa:4d:32:8e:34:51:88:c1:47:e8:99:cd:b4:04:73:
e9:e4:11:b6:8e:da:91:0d:13:83:d7:84:8e:2b:3f:5f:d2:a0:
54:c0:cd:f4:95:ac:d0:68:6e:f9:df:4b:8c:2a:2b:21:ea:10:
76:8d:8c:c2:47:e1:86:1d:95:2f:fb:c9:ca:de:a9:53:28:de:
27:0f:df:b7:93:c1:45:73:1c:d7:32:60:0f:76:93:e8:86:89:
6e:5a:e3:65:be:bd:fa:55:0f:61:66:4d:c3:a2:39:eb:7e:b1:
ca:6a:1e:a5:3a:8e:ac:45:1c:7a:52:63:be:0a:6f:21:05:00:
e2:73:e2:ea:7b:eb:1e:6d:a4:eb:ab:73:65:de:1e:e2:47:8e:
c6:98:4d:47:83:b0:b2:f7:35:a8:b8:3c:d8:1c:63:22:46:47:
c7:5a:13:0a:aa:38:e4:7d:55:ff:c7:63:4e:e0:16:97:35:97:
0d:d0:5d:c2:e1:7d:cb:1e:18:b5:fe:da:78:f7:8b:a3:ce:61:
1d:b3:1c:4d:09:18:bc:b7:b3:9a:b7:56:de:56:dd:9e:60:a3:
09:29:9d:88:9b:5d:5f:58:c4:68:4b:3b:74:4d:93:a6:03:2d:
bf:47:99:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRAC8hka1JB6rQkYjjdrwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQy
Yjg3OTYwHhcNMjUwMTAxMDk0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmJiMTg3NjlhOWMzYTc0Mzc0YTk2Y2EwNzFlYTcxNWZjZGM1NmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0aQR/WUaeeOauKhzCK6SgeUWxwSL
sVY2ycGeKQHozolF614sSWkm8BWJoE+WxryjVP7ohW5fYasyRCHmZP2uGmhixnzH
Cw0oRK4kRpAkctY7hKWBnfoINOMleuG/6SIuYkeV8ADSM4cLGTu6EF4EGjfT9qoP
ST1rwuAaBHTzedwwdWUND2p7EDkYQ1qL79c4VyrTgoo2M6tesmxDU9/fTrjPA6tS
3Ta4TZAhZ9T5DBN1UgNtZEOds1TmFGlkMfrKMeyVol1oKyBUq+aPzVbK7h0dKSEg
VHjqtMY3M/WrGDR5alfbal7xRUCePXl5DZQ+DuKomCIgvVRzQRt9s7eQgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCK7GHaanDp0N0qWygcepxX83Fa0MB8GA1UdIwQY
MBaAFN1kAznlmt3HX9l4EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAt
NjFiNzMzNTRhYmRiLzEvSXJzWWRwcWNPblEzU3BiS0J4Nm5GZnpjVnJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRi
LzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+SMA0G
CSqGSIb3DQEBCwUAA4IBAQBq/bCcY0J6m2rK43dHWQePmWVgdeqqTTKONFGIwUfo
mc20BHPp5BG2jtqRDROD14SOKz9f0qBUwM30lazQaG7530uMKish6hB2jYzCR+GG
HZUv+8nK3qlTKN4nD9+3k8FFcxzXMmAPdpPoholuWuNlvr36VQ9hZk3DojnrfrHK
ah6lOo6sRRx6UmO+Cm8hBQDic+Lqe+sebaTrq3Nl3h7iR47GmE1Hg7Cy9zWouDzY
HGMiRkfHWhMKqjjkfVX/x2NO4BaXNZcN0F3C4X3LHhi1/tp494ujzmEdsxxNCRi8
t7Oat1beVt2eYKMJKZ2Im11fWMRoSzt0TZOmAy2/R5nQ
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:16:57 2025 by rpki-client