Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/9dc933-5c0d-4461-a45d-8f7d5691c1be/1/B1dTi0f_of0kmb1xPgeCM0wY_So.roa
File: B1dTi0f_of0kmb1xPgeCM0wY_So.roa (raw, json)
Hash identifier: AUmVPkVAQPCmSbSqHlAfz6SLH5DutLJ3OBZdx5Ql8g8=
Subject key identifier: 07:57:53:8B:47:FF:A1:FD:24:99:BD:71:3E:07:82:33:4C:18:FD:2A
Certificate issuer: /CN=fb782b78f20a6e4b70643052bd1a40af15a56338
Certificate serial: 0194221FFAB05127DDA1CFF8E39994A9A309
Authority key identifier: FB:78:2B:78:F2:0A:6E:4B:70:64:30:52:BD:1A:40:AF:15:A5:63:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-3grePIKbktwZDBSvRpArxWlYzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/9dc933-5c0d-4461-a45d-8f7d5691c1be/1/B1dTi0f_of0kmb1xPgeCM0wY_So.roa
Signing time: Wed 01 Jan 2025 13:48:28 +0000
ROA not before: Wed 01 Jan 2025 13:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209689
IP address blocks: 185.174.148.0/24 maxlen: 24
185.174.149.0/24 maxlen: 24
185.174.150.0/24 maxlen: 24
185.174.151.0/24 maxlen: 24
212.87.208.0/23 maxlen: 24
212.87.210.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:fa:b0:51:27:dd:a1:cf:f8:e3:99:94:a9:a3:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb782b78f20a6e4b70643052bd1a40af15a56338
Validity
Not Before: Jan 1 13:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0757538b47ffa1fd2499bd713e0782334c18fd2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:76:de:2c:54:7d:e6:51:28:ba:41:ba:53:43:
e4:8d:ed:b6:9c:ec:61:23:09:01:80:64:c3:04:6f:
2f:07:75:90:01:7e:8d:fb:a4:f5:15:48:0e:c9:5f:
5f:2a:81:99:4d:54:d2:29:e8:e7:38:44:ba:c8:a9:
3e:d9:41:fa:39:d6:c1:fb:11:6d:0e:a1:b8:04:30:
78:c1:de:40:4e:c9:cf:f7:8f:26:49:d8:7f:74:95:
63:ef:15:2f:7d:33:a0:fc:7c:13:6e:a0:48:13:1d:
7c:82:f6:34:9c:76:fa:10:9f:34:f0:98:53:38:68:
90:3d:71:f1:32:46:3c:02:cb:89:4b:57:70:00:80:
fd:96:63:11:5b:75:66:9d:43:48:70:74:2d:1f:88:
49:3e:32:07:e7:ae:c5:55:78:e7:e4:0a:0d:a2:55:
21:5d:0b:55:77:01:66:0c:cd:6b:16:1c:be:dd:fd:
2f:07:74:b4:7d:aa:59:aa:b5:62:ee:56:57:f1:8f:
5d:19:d5:3a:c2:98:df:b9:33:e0:2b:1e:c8:2c:4e:
eb:f2:71:61:cf:69:0d:56:c2:b0:7c:4e:6e:df:ab:
f9:1c:80:f0:f9:81:3f:c7:f6:32:71:d6:dd:47:f6:
33:5a:60:1d:ff:2c:0c:ac:c6:ca:4b:62:6b:ed:9e:
56:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:57:53:8B:47:FF:A1:FD:24:99:BD:71:3E:07:82:33:4C:18:FD:2A
X509v3 Authority Key Identifier:
keyid:FB:78:2B:78:F2:0A:6E:4B:70:64:30:52:BD:1A:40:AF:15:A5:63:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-3grePIKbktwZDBSvRpArxWlYzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9dc933-5c0d-4461-a45d-8f7d5691c1be/1/B1dTi0f_of0kmb1xPgeCM0wY_So.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9dc933-5c0d-4461-a45d-8f7d5691c1be/1/1-3grePIKbktwZDBSvRpArxWlYzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.148.0/22
212.87.208.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:4e:f8:f5:42:ac:85:93:6f:a3:31:6b:71:f3:dd:14:1f:26:
4b:56:4b:1c:c4:3e:f9:7d:84:c7:5f:af:31:dc:b4:02:57:02:
22:4d:2b:b3:b3:6f:29:19:49:04:10:2b:8b:06:40:ba:da:98:
26:09:16:c5:a6:9d:06:63:de:a2:fa:4e:cf:7f:32:ea:b1:c5:
44:00:0e:84:01:37:99:72:a1:88:65:0d:94:92:ce:f5:99:69:
fd:cd:76:92:79:30:50:6a:2d:21:8b:0f:ae:82:62:7a:5b:da:
2d:df:7f:ef:27:cd:61:1e:05:c7:ef:ed:74:b5:28:e0:4b:58:
8e:14:33:b9:b3:bd:06:90:68:9a:aa:73:dd:8d:f3:b0:a8:a2:
57:88:78:c0:30:33:2e:ca:55:d3:f8:e4:ae:c7:d9:49:45:c1:
7d:23:d0:e5:65:a3:c9:a0:ff:57:cd:c7:f8:46:6e:7d:6b:ab:
cf:57:0c:da:c7:ed:0b:db:30:3e:cf:6a:3a:f8:a4:52:4e:31:
39:de:fc:66:98:7e:70:60:1b:27:8f:ae:93:5c:88:bd:5b:27:
2e:7f:ae:b7:fb:f2:48:ea:fd:a4:e7:6d:ca:89:e1:5d:f8:86:
ac:ed:22:99:b4:81:4e:9d:28:be:44:d4:f2:b8:af:ce:aa:1b:
9b:57:08:c3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQiH/qwUSfdoc/445mUqaMJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiNzgyYjc4ZjIwYTZlNGI3MDY0MzA1MmJkMWE0MGFmMTVh
NTYzMzgwHhcNMjUwMTAxMTM0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzU3NTM4YjQ3ZmZhMWZkMjQ5OWJkNzEzZTA3ODIzMzRjMThmZDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHbeLFR95lEoukG6U0Pkje22nOxh
IwkBgGTDBG8vB3WQAX6N+6T1FUgOyV9fKoGZTVTSKejnOES6yKk+2UH6OdbB+xFt
DqG4BDB4wd5ATsnP948mSdh/dJVj7xUvfTOg/HwTbqBIEx18gvY0nHb6EJ808JhT
OGiQPXHxMkY8AsuJS1dwAID9lmMRW3VmnUNIcHQtH4hJPjIH567FVXjn5AoNolUh
XQtVdwFmDM1rFhy+3f0vB3S0fapZqrVi7lZX8Y9dGdU6wpjfuTPgKx7ILE7r8nFh
z2kNVsKwfE5u36v5HIDw+YE/x/YycdbdR/YzWmAd/ywMrMbKS2Jr7Z5WawIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAdXU4tH/6H9JJm9cT4HgjNMGP0qMB8GA1UdIwQY
MBaAFPt4K3jyCm5LcGQwUr0aQK8VpWM4MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS0zZ3JlUElLYmt0d1pEQlN2UnBBcnhXbFl6Zy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTMvOWRjOTMzLTVjMGQtNDQ2MS1hNDVk
LThmN2Q1NjkxYzFiZS8xL0IxZFRpMGZfb2Ywa21iMXhQZ2VDTTB3WV9Tby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTMvOWRjOTMzLTVjMGQtNDQ2MS1hNDVkLThmN2Q1NjkxYzFi
ZS8xLzEtM2dyZVBJS2JrdHdaREJTdlJwQXJ4V2xZemcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAK5rpQD
BALUV9AwDQYJKoZIhvcNAQELBQADggEBACpO+PVCrIWTb6Mxa3Hz3RQfJktWSxzE
Pvl9hMdfrzHctAJXAiJNK7OzbykZSQQQK4sGQLramCYJFsWmnQZj3qL6Ts9/Muqx
xUQADoQBN5lyoYhlDZSSzvWZaf3NdpJ5MFBqLSGLD66CYnpb2i3ff+8nzWEeBcfv
7XS1KOBLWI4UM7mzvQaQaJqqc92N87CooleIeMAwMy7KVdP45K7H2UlFwX0j0OVl
o8mg/1fNx/hGbn1rq89XDNrH7QvbMD7Pajr4pFJOMTne/GaYfnBgGyePrpNciL1b
Jy5/rrf78kjq/aTnbcqJ4V34hqztIpm0gU6dKL5E1PK4r86qG5tXCMM=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:43 2025 by rpki-client