Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/511d83-7531-4430-a839-0ccc703fe471/1/VlUkqVXq4pD8DdrYNzGnohL2rdE.roa
File: VlUkqVXq4pD8DdrYNzGnohL2rdE.roa (raw, json)
Hash identifier: RuqQ0nh3v1UQiJ2f6wvRYsbJ1jvcXoe87w6A65XCHcg=
Subject key identifier: 56:55:24:A9:55:EA:E2:90:FC:0D:DA:D8:37:31:A7:A2:12:F6:AD:D1
Certificate issuer: /CN=42e4605bc566ed910cbfe28bc2273db99ae6a68d
Certificate serial: 0194258FC61A393712090D290E1DEA420D37
Authority key identifier: 42:E4:60:5B:C5:66:ED:91:0C:BF:E2:8B:C2:27:3D:B9:9A:E6:A6:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QuRgW8Vm7ZEMv-KLwic9uZrmpo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/511d83-7531-4430-a839-0ccc703fe471/1/VlUkqVXq4pD8DdrYNzGnohL2rdE.roa
Signing time: Thu 02 Jan 2025 05:49:26 +0000
ROA not before: Thu 02 Jan 2025 05:49:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202105
IP address blocks: 185.206.132.0/24 maxlen: 24
185.206.133.0/24 maxlen: 24
185.206.134.0/24 maxlen: 24
185.206.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:c6:1a:39:37:12:09:0d:29:0e:1d:ea:42:0d:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42e4605bc566ed910cbfe28bc2273db99ae6a68d
Validity
Not Before: Jan 2 05:49:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=565524a955eae290fc0ddad83731a7a212f6add1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:33:97:63:b4:a8:ae:ee:47:2e:5a:27:48:4d:
2d:14:22:c6:a9:0b:35:35:23:81:0c:f7:11:91:27:
8e:3e:12:5a:fa:28:64:c5:6a:ff:fe:ed:37:48:9f:
e3:00:97:a9:21:e7:db:ec:98:7c:09:40:d7:4d:ae:
4f:e1:70:24:30:d5:d5:9f:a0:15:8b:a2:7c:d5:1d:
dc:44:d3:59:ed:53:74:73:54:38:2c:33:9d:79:72:
ef:f5:0a:0a:81:eb:a8:f5:e8:b5:dd:23:d5:ac:38:
c9:05:a3:5e:7b:2e:ba:26:23:27:43:02:c0:b2:fb:
4d:5c:29:36:92:d2:ec:13:b6:f0:82:45:2d:2c:90:
e9:d0:ce:e3:be:fb:05:21:97:07:91:67:0f:91:ef:
a5:08:a6:fb:1f:eb:99:96:30:13:7d:ca:a3:4f:5f:
16:5b:80:e6:3f:78:bb:80:95:e9:f7:6d:bd:b1:07:
1a:46:f8:30:06:ab:df:da:e2:29:0f:d7:b1:f3:f3:
70:c2:05:e8:6f:bc:f7:6b:64:c5:38:e9:e7:7e:54:
f1:41:fe:75:95:47:14:10:e8:3c:76:5c:09:a0:2f:
3d:39:c5:a2:14:22:f0:7a:4a:ce:3d:75:13:98:3c:
3a:99:27:83:f8:12:dd:d0:98:57:5c:d0:3f:37:43:
4b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:55:24:A9:55:EA:E2:90:FC:0D:DA:D8:37:31:A7:A2:12:F6:AD:D1
X509v3 Authority Key Identifier:
keyid:42:E4:60:5B:C5:66:ED:91:0C:BF:E2:8B:C2:27:3D:B9:9A:E6:A6:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QuRgW8Vm7ZEMv-KLwic9uZrmpo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/511d83-7531-4430-a839-0ccc703fe471/1/VlUkqVXq4pD8DdrYNzGnohL2rdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/511d83-7531-4430-a839-0ccc703fe471/1/QuRgW8Vm7ZEMv-KLwic9uZrmpo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.132.0/22
Signature Algorithm: sha256WithRSAEncryption
31:ef:96:0d:e9:19:7b:fa:d8:48:c3:10:08:6f:c3:17:25:02:
16:66:04:a4:54:12:b5:f0:ae:95:a4:39:6f:5c:3c:f7:90:15:
11:51:f2:17:a5:7c:13:f0:d3:1f:57:1c:cd:77:a0:3e:61:7d:
ae:4e:d2:3b:3f:bc:0b:1e:b0:a4:df:12:7b:69:b9:36:af:98:
80:dd:06:f9:68:7b:f5:67:44:b2:2e:9e:0b:44:2b:47:bd:e5:
82:ce:d9:56:a0:ab:de:52:e6:2b:85:b1:8e:73:3d:e0:c3:fe:
81:ab:95:c6:13:6d:be:76:82:4c:8b:a9:a3:02:ab:b5:0d:b9:
ca:cb:ca:b4:df:57:18:1e:ce:c8:69:be:23:01:1b:e6:3c:6c:
2e:39:15:6c:d2:b4:07:3a:6e:ae:b0:2c:1d:71:cb:d6:91:0a:
49:2b:23:22:87:83:76:47:ec:f8:47:b0:72:f8:eb:7e:c8:49:
fd:6a:f0:f7:87:88:93:37:4e:d5:2f:28:9d:31:c4:d6:63:c5:
cd:4c:9d:64:9e:99:b1:0c:fa:c2:49:eb:bf:02:0b:41:62:ce:
bc:ec:a1:d2:7e:42:df:69:27:ba:af:74:1f:9f:a9:34:2c:78:
93:d7:44:4e:a7:0b:ba:60:c2:13:9d:d2:da:3a:96:60:2a:4b:
50:55:57:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj8YaOTcSCQ0pDh3qQg03MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZTQ2MDViYzU2NmVkOTEwY2JmZTI4YmMyMjczZGI5OWFl
NmE2OGQwHhcNMjUwMTAyMDU0OTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjU1MjRhOTU1ZWFlMjkwZmMwZGRhZDgzNzMxYTdhMjEyZjZhZGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jOXY7Soru5HLlonSE0tFCLGqQs1
NSOBDPcRkSeOPhJa+ihkxWr//u03SJ/jAJepIefb7Jh8CUDXTa5P4XAkMNXVn6AV
i6J81R3cRNNZ7VN0c1Q4LDOdeXLv9QoKgeuo9ei13SPVrDjJBaNeey66JiMnQwLA
svtNXCk2ktLsE7bwgkUtLJDp0M7jvvsFIZcHkWcPke+lCKb7H+uZljATfcqjT18W
W4DmP3i7gJXp9229sQcaRvgwBqvf2uIpD9ex8/NwwgXob7z3a2TFOOnnflTxQf51
lUcUEOg8dlwJoC89OcWiFCLwekrOPXUTmDw6mSeD+BLd0JhXXNA/N0NLVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFZVJKlV6uKQ/A3a2Dcxp6IS9q3RMB8GA1UdIwQY
MBaAFELkYFvFZu2RDL/ii8InPbma5qaNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXVSZ1c4Vm03WkVNdi1LTHdpYzl1WnJtcG8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81MTFkODMtNzUzMS00NDMwLWE4Mzkt
MGNjYzcwM2ZlNDcxLzEvVmxVa3FWWHE0cEQ4RGRyWU56R25vaEwycmRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81MTFkODMtNzUzMS00NDMwLWE4MzktMGNjYzcwM2ZlNDcx
LzEvUXVSZ1c4Vm03WkVNdi1LTHdpYzl1WnJtcG8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuc6EMA0G
CSqGSIb3DQEBCwUAA4IBAQAx75YN6Rl7+thIwxAIb8MXJQIWZgSkVBK18K6VpDlv
XDz3kBURUfIXpXwT8NMfVxzNd6A+YX2uTtI7P7wLHrCk3xJ7abk2r5iA3Qb5aHv1
Z0SyLp4LRCtHveWCztlWoKveUuYrhbGOcz3gw/6Bq5XGE22+doJMi6mjAqu1DbnK
y8q031cYHs7Iab4jARvmPGwuORVs0rQHOm6usCwdccvWkQpJKyMih4N2R+z4R7By
+Ot+yEn9avD3h4iTN07VLyidMcTWY8XNTJ1knpmxDPrCSeu/AgtBYs687KHSfkLf
aSe6r3Qfn6k0LHiT10ROpwu6YMITndLaOpZgKktQVVdd
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:09:23 2025 by rpki-client