Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/4iHcBGfl4oJ0jUkqbJpTpkjJRRA.roa
File: 4iHcBGfl4oJ0jUkqbJpTpkjJRRA.roa (raw, json)
Hash identifier: 9gUiJ2PpTaXRBDYpcks5/ZTXgi/FI7Hpa6+iF/UooaM=
Subject key identifier: E2:21:DC:04:67:E5:E2:82:74:8D:49:2A:6C:9A:53:A6:48:C9:45:10
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 0194266B1084DCE261987F46C17E78DABA81
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/4iHcBGfl4oJ0jUkqbJpTpkjJRRA.roa
Signing time: Thu 02 Jan 2025 09:48:58 +0000
ROA not before: Thu 02 Jan 2025 09:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397966
IP address blocks: 185.255.113.0/24 maxlen: 24
192.144.32.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:10:84:dc:e2:61:98:7f:46:c1:7e:78:da:ba:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 2 09:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e221dc0467e5e282748d492a6c9a53a648c94510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:04:72:3f:97:82:e1:f2:71:2f:3d:9e:4d:d7:
c2:7b:75:31:2e:75:3b:01:cd:89:ba:3b:89:c9:ff:
f7:82:16:e7:73:96:20:d4:58:d1:24:3e:2e:b6:52:
89:c9:f1:50:17:8c:f0:ba:1a:ee:3c:42:da:dc:e1:
31:be:5f:8e:e5:be:0e:17:c0:19:7d:fa:63:f7:92:
52:62:56:e1:1f:98:ff:9e:23:f6:1c:21:1a:b4:5f:
ad:22:28:ef:38:8b:6c:57:db:b9:06:91:47:7f:c7:
1f:33:cf:0b:a5:48:83:39:d0:67:95:1f:b0:7c:c5:
05:93:a3:54:b7:8e:00:a0:cd:02:25:46:c5:79:a0:
a8:28:1f:17:64:01:34:9d:48:cc:62:28:ac:a0:10:
79:14:fc:ba:4f:84:99:14:05:66:78:58:51:7f:31:
1c:1e:e4:9d:18:95:26:cc:9e:a5:62:5b:dc:f1:c5:
47:95:2d:1e:dd:e1:f6:6d:ee:17:ef:e5:cc:a1:b2:
26:4f:5d:f7:cb:3a:45:66:b2:fb:83:9d:86:03:16:
b3:3b:38:87:48:c6:4e:85:c9:19:69:34:e2:af:89:
f7:99:72:44:68:96:73:51:f4:83:02:40:6d:60:43:
71:a6:2c:ed:37:fa:a2:99:bd:d5:73:60:d7:22:f0:
d9:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:21:DC:04:67:E5:E2:82:74:8D:49:2A:6C:9A:53:A6:48:C9:45:10
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/4iHcBGfl4oJ0jUkqbJpTpkjJRRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.113.0/24
192.144.32.0/24
Signature Algorithm: sha256WithRSAEncryption
43:7b:a7:05:a8:22:8b:d4:dd:95:aa:63:6e:28:09:06:ad:05:
0d:04:9f:3f:f3:22:19:98:2b:81:f0:32:55:9c:0b:12:24:12:
0d:00:fb:4e:9e:27:9d:2c:14:e2:4c:a3:57:c4:9c:ba:19:2a:
8e:90:74:2a:ba:65:51:2e:69:9c:f5:9c:a8:87:03:73:0e:ad:
df:b7:13:d2:af:e9:73:3f:45:70:60:24:b1:92:ca:70:d1:56:
5f:8b:94:ae:4b:d9:72:31:f5:9f:6f:1c:31:c1:42:6c:ad:f9:
24:6e:dc:17:55:d1:9b:15:22:e5:07:c9:46:23:61:f8:14:13:
87:1b:41:89:80:47:a0:13:22:2f:cf:40:8b:1b:ca:b1:6d:5f:
fd:ae:40:74:92:63:c5:92:ba:47:5e:1f:09:16:71:84:0b:e2:
61:55:7f:9f:4c:bd:cc:36:ff:96:f5:a2:39:a7:62:d1:78:de:
95:4d:a6:46:06:cc:e8:e6:98:01:3b:f5:1c:4d:7c:05:19:f5:
96:c9:3b:f8:15:28:e0:17:b7:6c:cc:24:56:77:59:70:94:20:
f5:91:cc:0e:5a:38:d9:4c:73:3a:79:6d:b9:47:7a:80:62:36:
1c:fa:03:1c:e3:0e:97:8e:fb:aa:1f:9a:cf:ed:e9:a0:16:13:
36:58:06:8a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQmaxCE3OJhmH9GwX542rqBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjUwMTAyMDk0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjIxZGMwNDY3ZTVlMjgyNzQ4ZDQ5MmE2YzlhNTNhNjQ4Yzk0NTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0QRyP5eC4fJxLz2eTdfCe3UxLnU7
Ac2JujuJyf/3ghbnc5Yg1FjRJD4utlKJyfFQF4zwuhruPELa3OExvl+O5b4OF8AZ
ffpj95JSYlbhH5j/niP2HCEatF+tIijvOItsV9u5BpFHf8cfM88LpUiDOdBnlR+w
fMUFk6NUt44AoM0CJUbFeaCoKB8XZAE0nUjMYiisoBB5FPy6T4SZFAVmeFhRfzEc
HuSdGJUmzJ6lYlvc8cVHlS0e3eH2be4X7+XMobImT133yzpFZrL7g52GAxazOziH
SMZOhckZaTTir4n3mXJEaJZzUfSDAkBtYENxpiztN/qimb3Vc2DXIvDZlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOIh3ARn5eKCdI1JKmyaU6ZIyUUQMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvNGlIY0JHZmw0b0owalVrcWJKcFRwa2pKUlJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuf9xAwQA
wJAgMA0GCSqGSIb3DQEBCwUAA4IBAQBDe6cFqCKL1N2VqmNuKAkGrQUNBJ8/8yIZ
mCuB8DJVnAsSJBINAPtOniedLBTiTKNXxJy6GSqOkHQqumVRLmmc9ZyohwNzDq3f
txPSr+lzP0VwYCSxkspw0VZfi5SuS9lyMfWfbxwxwUJsrfkkbtwXVdGbFSLlB8lG
I2H4FBOHG0GJgEegEyIvz0CLG8qxbV/9rkB0kmPFkrpHXh8JFnGEC+JhVX+fTL3M
Nv+W9aI5p2LReN6VTaZGBszo5pgBO/UcTXwFGfWWyTv4FSjgF7dszCRWd1lwlCD1
kcwOWjjZTHM6eW25R3qAYjYc+gMc4w6XjvuqH5rP7emgFhM2WAaK
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:11:41 2025 by rpki-client