Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/f4Ucn45Rv4XzGRea7jIYv06EQoM.roa
File: f4Ucn45Rv4XzGRea7jIYv06EQoM.roa (raw, json)
Hash identifier: dEkb9TCXMwOfFotkjpNPCU75fXglPlFmFSOsMZEXlWI=
Subject key identifier: 7F:85:1C:9F:8E:51:BF:85:F3:19:17:9A:EE:32:18:BF:4E:84:42:83
Certificate issuer: /CN=543c5c34a62ffbed8fc0f0ec01b42c0c50ee7ef7
Certificate serial: 0194CD10045CCE8F8734156BAF3BC5A07983
Authority key identifier: 54:3C:5C:34:A6:2F:FB:ED:8F:C0:F0:EC:01:B4:2C:0C:50:EE:7E:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VDxcNKYv--2PwPDsAbQsDFDufvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/f4Ucn45Rv4XzGRea7jIYv06EQoM.roa
Signing time: Mon 03 Feb 2025 18:26:06 +0000
ROA not before: Mon 03 Feb 2025 18:26:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61272
IP address blocks: 185.23.16.0/23 maxlen: 23
185.23.16.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cd:10:04:5c:ce:8f:87:34:15:6b:af:3b:c5:a0:79:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=543c5c34a62ffbed8fc0f0ec01b42c0c50ee7ef7
Validity
Not Before: Feb 3 18:26:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f851c9f8e51bf85f319179aee3218bf4e844283
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7c:68:1f:25:21:6b:b8:7d:40:c9:16:ab:e7:
0b:6b:1c:78:1e:ba:07:f2:5f:5b:89:a2:8a:df:1e:
cc:8b:5b:05:0f:e6:84:45:56:fb:f5:f9:99:69:70:
bb:ac:a6:82:28:f0:36:98:e4:55:67:9a:c0:1d:cf:
b5:8f:67:f0:e6:c8:a1:eb:1c:46:7b:40:4b:d1:c2:
e0:a2:66:05:42:33:b8:f7:41:3f:f9:30:e3:a9:47:
44:89:8e:0b:62:63:b8:16:05:39:e7:d7:3d:99:24:
ae:96:50:28:0e:76:ad:ec:ce:ad:1d:ea:8e:61:0c:
b8:01:f1:37:ac:c0:1b:d6:fe:06:32:67:c9:fb:5e:
61:7a:8a:f5:86:62:95:a9:03:47:64:aa:95:ad:4a:
57:78:ce:71:88:1b:2c:04:b6:41:40:81:46:09:f6:
9b:4f:8e:44:ce:dc:5e:67:c3:ea:5c:9e:77:ca:0c:
5c:15:47:db:49:79:8b:73:d9:ce:6b:24:f8:59:92:
16:cc:56:3e:b7:fb:d2:c5:77:a2:77:ee:08:c1:da:
3f:ea:db:93:b4:2e:e8:8f:87:ea:96:d3:bd:46:c3:
2d:bb:b3:1f:13:f6:8f:39:05:9e:c5:9c:2e:0d:77:
4a:a0:1d:f5:df:02:08:77:5e:a1:44:40:ef:bf:d9:
79:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:85:1C:9F:8E:51:BF:85:F3:19:17:9A:EE:32:18:BF:4E:84:42:83
X509v3 Authority Key Identifier:
keyid:54:3C:5C:34:A6:2F:FB:ED:8F:C0:F0:EC:01:B4:2C:0C:50:EE:7E:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VDxcNKYv--2PwPDsAbQsDFDufvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/f4Ucn45Rv4XzGRea7jIYv06EQoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/VDxcNKYv--2PwPDsAbQsDFDufvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.16.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:1d:f5:71:23:20:2a:b0:08:00:44:2d:d8:22:b2:bd:76:40:
28:e5:10:24:50:cd:15:86:e6:41:51:35:76:80:f6:2f:6e:7d:
60:e8:36:88:62:f7:f0:96:92:8c:fd:55:67:b3:16:7a:32:cc:
d1:0e:cd:a6:a7:5e:83:a3:57:ea:68:1a:dd:5c:2b:3f:1d:15:
10:df:05:15:9f:ec:9a:3a:09:31:fa:b0:4a:1b:44:82:2c:e0:
f5:89:c2:47:0f:18:c6:64:a5:8a:4c:71:b8:79:77:d9:f4:ab:
c9:44:ab:e2:a7:22:d6:bc:84:27:60:d6:7d:6d:5d:c4:d7:17:
cf:0c:c0:d2:ae:36:6b:38:9a:a4:e7:f1:90:9b:c2:d6:49:2c:
3d:c9:79:db:c8:6e:58:5f:ba:f1:d5:ec:4f:8b:39:bb:3d:0d:
1c:e9:db:71:81:5e:7d:2c:13:c3:f8:3a:49:5f:d6:30:e0:94:
4a:b8:3c:37:bb:33:29:27:c7:ae:da:25:e9:9d:88:39:d8:4b:
af:84:21:7d:9c:ee:ea:65:ff:fb:94:e8:6f:0b:1b:89:7f:21:
7f:84:fa:08:bd:57:4d:76:d5:97:03:d3:62:7d:01:31:06:47:
7a:bc:62:aa:f0:4b:24:9d:ea:b0:4a:8e:94:68:dd:c2:d2:99:
60:53:03:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTNEARczo+HNBVrrzvFoHmDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0M2M1YzM0YTYyZmZiZWQ4ZmMwZjBlYzAxYjQyYzBjNTBl
ZTdlZjcwHhcNMjUwMjAzMTgyNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Zjg1MWM5ZjhlNTFiZjg1ZjMxOTE3OWFlZTMyMThiZjRlODQ0MjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnxoHyUha7h9QMkWq+cLaxx4HroH
8l9biaKK3x7Mi1sFD+aERVb79fmZaXC7rKaCKPA2mORVZ5rAHc+1j2fw5sih6xxG
e0BL0cLgomYFQjO490E/+TDjqUdEiY4LYmO4FgU559c9mSSullAoDnat7M6tHeqO
YQy4AfE3rMAb1v4GMmfJ+15heor1hmKVqQNHZKqVrUpXeM5xiBssBLZBQIFGCfab
T45EztxeZ8PqXJ53ygxcFUfbSXmLc9nOayT4WZIWzFY+t/vSxXeid+4Iwdo/6tuT
tC7oj4fqltO9RsMtu7MfE/aPOQWexZwuDXdKoB313wIId16hREDvv9l5rQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH+FHJ+OUb+F8xkXmu4yGL9OhEKDMB8GA1UdIwQY
MBaAFFQ8XDSmL/vtj8Dw7AG0LAxQ7n73MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkR4Y05LWXYtLTJQd1BEc0FiUXNERkR1ZnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8xNmUwMjItNGRhOC00Njg0LTg1ZTYt
ZjRmMWY5M2UwNDY3LzEvZjRVY240NVJ2NFh6R1JlYTdqSVl2MDZFUW9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8xNmUwMjItNGRhOC00Njg0LTg1ZTYtZjRmMWY5M2UwNDY3
LzEvVkR4Y05LWXYtLTJQd1BEc0FiUXNERkR1ZnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuRcQMA0G
CSqGSIb3DQEBCwUAA4IBAQCaHfVxIyAqsAgARC3YIrK9dkAo5RAkUM0VhuZBUTV2
gPYvbn1g6DaIYvfwlpKM/VVnsxZ6MszRDs2mp16Do1fqaBrdXCs/HRUQ3wUVn+ya
Ogkx+rBKG0SCLOD1icJHDxjGZKWKTHG4eXfZ9KvJRKvipyLWvIQnYNZ9bV3E1xfP
DMDSrjZrOJqk5/GQm8LWSSw9yXnbyG5YX7rx1exPizm7PQ0c6dtxgV59LBPD+DpJ
X9Yw4JRKuDw3uzMpJ8eu2iXpnYg52EuvhCF9nO7qZf/7lOhvCxuJfyF/hPoIvVdN
dtWXA9NifQExBkd6vGKq8EskneqwSo6UaN3C0plgUwMM
-----END CERTIFICATE-----
Generated at Sun Apr 6 23:32:54 2025 by rpki-client