Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/1o-GTDP6gWWQig3K6SMEuXJ3oOk.roa
File: 1o-GTDP6gWWQig3K6SMEuXJ3oOk.roa (raw, json)
Hash identifier: 4FXHn10hFyuiLIF41Ksp4C3/pSciOZKVtPpYmUYYvRE=
Subject key identifier: D6:8F:86:4C:33:FA:81:65:90:8A:0D:CA:E9:23:04:B9:72:77:A0:E9
Certificate issuer: /CN=543c5c34a62ffbed8fc0f0ec01b42c0c50ee7ef7
Certificate serial: 0194C7E7D3C4020D0AF84DCDC7A5131697F5
Authority key identifier: 54:3C:5C:34:A6:2F:FB:ED:8F:C0:F0:EC:01:B4:2C:0C:50:EE:7E:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VDxcNKYv--2PwPDsAbQsDFDufvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/1o-GTDP6gWWQig3K6SMEuXJ3oOk.roa
Signing time: Sun 02 Feb 2025 18:24:06 +0000
ROA not before: Sun 02 Feb 2025 18:24:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 185.23.18.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c7:e7:d3:c4:02:0d:0a:f8:4d:cd:c7:a5:13:16:97:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=543c5c34a62ffbed8fc0f0ec01b42c0c50ee7ef7
Validity
Not Before: Feb 2 18:24:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d68f864c33fa8165908a0dcae92304b97277a0e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a2:88:e6:9e:36:87:93:47:6c:6c:93:17:6e:
46:40:58:17:39:86:49:49:d2:4f:31:b4:fa:6d:24:
20:97:e0:84:36:4e:4f:d8:cc:14:a2:bd:a2:87:db:
b1:94:4c:f9:82:0a:94:1c:9d:a1:ce:f8:87:2c:76:
fa:a1:91:41:73:bd:95:0b:66:48:7f:3a:1c:ce:6b:
2b:2a:8f:43:82:3b:9d:ff:af:b1:63:d5:ec:fe:6c:
7f:f9:12:02:71:63:7c:20:56:a2:7c:5a:95:82:1f:
03:72:87:6a:bf:2e:8c:54:dc:fb:15:e6:7e:f8:7d:
89:e0:5b:1c:73:e2:79:89:07:7d:39:f3:8c:9b:9d:
6f:02:8c:72:e4:d8:de:69:ee:c0:63:1d:da:15:a2:
76:b7:27:ad:47:30:8b:55:2c:be:fe:88:f9:3b:82:
19:43:ba:89:ac:1b:73:70:a8:23:f5:b2:53:f5:0a:
d0:ed:7e:b3:1a:90:b4:d6:5a:69:3b:d9:51:ed:b1:
d0:dd:5b:6a:5d:e1:e8:3a:27:c3:1c:c2:f4:9f:64:
00:9e:39:2f:5b:12:f5:51:62:c3:e2:80:46:c4:0b:
62:cd:f6:e3:2d:2b:23:c7:21:59:cc:d4:3d:e0:90:
9a:99:3e:35:9d:f4:9a:42:91:ce:51:6d:c5:55:c9:
22:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:8F:86:4C:33:FA:81:65:90:8A:0D:CA:E9:23:04:B9:72:77:A0:E9
X509v3 Authority Key Identifier:
keyid:54:3C:5C:34:A6:2F:FB:ED:8F:C0:F0:EC:01:B4:2C:0C:50:EE:7E:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VDxcNKYv--2PwPDsAbQsDFDufvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/1o-GTDP6gWWQig3K6SMEuXJ3oOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/VDxcNKYv--2PwPDsAbQsDFDufvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.18.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:17:a1:6a:51:da:28:6f:22:2b:41:56:5d:59:2f:65:4d:54:
70:a9:7f:e0:4c:44:37:44:eb:55:df:45:f4:87:d5:b0:94:ed:
3d:35:76:db:1a:ed:8b:6d:4e:a4:ac:a9:e6:d4:17:67:e8:ab:
03:11:ec:a1:ba:d0:35:09:c2:d6:0a:c4:f8:8c:f6:97:2c:50:
40:61:4d:0e:c6:bd:f1:39:6a:22:d8:10:54:56:0f:5e:51:b1:
55:9a:5f:bb:22:09:62:e8:64:f6:4b:0c:65:d5:af:64:1a:86:
b4:6b:5b:ca:b1:a7:4f:5c:1b:6e:7b:3b:90:42:58:25:2f:be:
90:fd:b2:7c:89:f9:6f:8b:68:65:83:8a:36:0d:ee:a6:51:bb:
f6:f7:06:37:23:79:f4:70:55:3b:e6:57:76:ed:2a:fa:82:6c:
bb:4b:e8:be:d0:81:e8:62:2b:c1:d0:17:88:99:2e:8e:8f:08:
90:32:20:29:b0:4a:c3:3b:fc:87:f5:49:98:5a:f2:96:8f:0b:
31:a2:6c:c7:76:08:6d:85:7d:61:35:8f:ed:91:56:6f:d6:6a:
89:48:80:92:de:cf:40:15:1d:e4:72:0f:71:fd:93:11:c8:ad:
06:44:c7:67:ed:de:ae:20:a3:f0:b3:50:f9:4a:c2:e2:21:fe:
d9:91:b0:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTH59PEAg0K+E3Nx6UTFpf1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0M2M1YzM0YTYyZmZiZWQ4ZmMwZjBlYzAxYjQyYzBjNTBl
ZTdlZjcwHhcNMjUwMjAyMTgyNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjhmODY0YzMzZmE4MTY1OTA4YTBkY2FlOTIzMDRiOTcyNzdhMGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqKI5p42h5NHbGyTF25GQFgXOYZJ
SdJPMbT6bSQgl+CENk5P2MwUor2ih9uxlEz5ggqUHJ2hzviHLHb6oZFBc72VC2ZI
fzoczmsrKo9Dgjud/6+xY9Xs/mx/+RICcWN8IFaifFqVgh8Dcodqvy6MVNz7FeZ+
+H2J4Fscc+J5iQd9OfOMm51vAoxy5Njeae7AYx3aFaJ2tyetRzCLVSy+/oj5O4IZ
Q7qJrBtzcKgj9bJT9QrQ7X6zGpC01lppO9lR7bHQ3VtqXeHoOifDHML0n2QAnjkv
WxL1UWLD4oBGxAtizfbjLSsjxyFZzNQ94JCamT41nfSaQpHOUW3FVckibwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNaPhkwz+oFlkIoNyukjBLlyd6DpMB8GA1UdIwQY
MBaAFFQ8XDSmL/vtj8Dw7AG0LAxQ7n73MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkR4Y05LWXYtLTJQd1BEc0FiUXNERkR1ZnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8xNmUwMjItNGRhOC00Njg0LTg1ZTYt
ZjRmMWY5M2UwNDY3LzEvMW8tR1REUDZnV1dRaWczSzZTTUV1WEozb09rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8xNmUwMjItNGRhOC00Njg0LTg1ZTYtZjRmMWY5M2UwNDY3
LzEvVkR4Y05LWXYtLTJQd1BEc0FiUXNERkR1ZnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRcSMA0G
CSqGSIb3DQEBCwUAA4IBAQAvF6FqUdoobyIrQVZdWS9lTVRwqX/gTEQ3ROtV30X0
h9WwlO09NXbbGu2LbU6krKnm1Bdn6KsDEeyhutA1CcLWCsT4jPaXLFBAYU0Oxr3x
OWoi2BBUVg9eUbFVml+7Igli6GT2Swxl1a9kGoa0a1vKsadPXBtuezuQQlglL76Q
/bJ8iflvi2hlg4o2De6mUbv29wY3I3n0cFU75ld27Sr6gmy7S+i+0IHoYivB0BeI
mS6OjwiQMiApsErDO/yH9UmYWvKWjwsxomzHdghthX1hNY/tkVZv1mqJSICS3s9A
FR3kcg9x/ZMRyK0GRMdn7d6uIKPws1D5SsLiIf7ZkbBP
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:13:02 2025 by rpki-client