Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/M28ZfVNr11gpCiQgEY8M53Q3po4.roa
File: M28ZfVNr11gpCiQgEY8M53Q3po4.roa (raw, json)
Hash identifier: UT9peLxqDYb7FmH0pz6MyxU11RIgWuIUt49MRWfIr+A=
Subject key identifier: 33:6F:19:7D:53:6B:D7:58:29:0A:24:20:11:8F:0C:E7:74:37:A6:8E
Certificate issuer: /CN=23cbbf9348ae558c6efa0c086f24be04cb23c6e9
Certificate serial: 0194228E3633EAF94D4883E4A83D45390212
Authority key identifier: 23:CB:BF:93:48:AE:55:8C:6E:FA:0C:08:6F:24:BE:04:CB:23:C6:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I8u_k0iuVYxu-gwIbyS-BMsjxuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/M28ZfVNr11gpCiQgEY8M53Q3po4.roa
Signing time: Wed 01 Jan 2025 15:48:52 +0000
ROA not before: Wed 01 Jan 2025 15:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60751
IP address blocks: 185.24.233.0/24 maxlen: 24
185.24.234.0/23 maxlen: 23
185.24.234.0/24 maxlen: 24
185.24.235.0/24 maxlen: 24
185.104.216.0/22 maxlen: 24
2a04:2e00::/32 maxlen: 36
2a04:2e03::/32 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:36:33:ea:f9:4d:48:83:e4:a8:3d:45:39:02:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23cbbf9348ae558c6efa0c086f24be04cb23c6e9
Validity
Not Before: Jan 1 15:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=336f197d536bd758290a2420118f0ce77437a68e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:93:30:67:b0:b7:1b:d4:32:9e:16:fe:07:1e:
ed:4d:24:c4:6c:a7:54:2d:18:ed:ea:5e:c4:bf:ce:
08:c9:97:87:64:44:a2:6b:61:9a:05:da:54:99:94:
d3:4e:81:af:01:80:47:e8:ae:3c:21:7f:84:9c:83:
0f:d3:f2:e7:45:da:17:61:cf:56:e4:85:59:c1:0f:
9d:1e:5c:a5:7e:13:a9:f1:df:81:39:4a:06:7f:dc:
07:91:d4:d1:a5:a5:49:0c:13:5b:b6:17:01:0f:a5:
db:bc:1d:44:40:72:f9:d0:3d:e2:c1:cf:73:03:c8:
56:84:3a:e7:9c:e6:e6:54:3c:89:71:5d:77:a4:82:
5c:fa:33:78:23:9d:2d:0c:cf:60:25:7a:2b:f2:d1:
a2:19:f1:81:09:0c:0c:3c:ec:9e:82:3c:a7:5b:57:
0e:ee:ba:12:4f:47:d5:59:be:26:1a:90:c1:88:b7:
29:67:9c:86:1b:1b:f5:68:c7:36:c9:c2:2b:4b:30:
79:bd:7c:6e:a6:10:71:63:83:b9:e3:e6:95:6d:47:
5f:5f:61:4a:24:25:dc:d1:25:b6:ec:fa:dc:79:21:
93:1a:90:3f:e9:43:67:80:d3:6f:6a:51:7c:e6:c7:
cc:93:7a:e2:64:c4:6f:3c:3c:19:84:31:5e:e5:7e:
c6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:6F:19:7D:53:6B:D7:58:29:0A:24:20:11:8F:0C:E7:74:37:A6:8E
X509v3 Authority Key Identifier:
keyid:23:CB:BF:93:48:AE:55:8C:6E:FA:0C:08:6F:24:BE:04:CB:23:C6:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I8u_k0iuVYxu-gwIbyS-BMsjxuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/M28ZfVNr11gpCiQgEY8M53Q3po4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/I8u_k0iuVYxu-gwIbyS-BMsjxuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.233.0-185.24.235.255
185.104.216.0/22
IPv6:
2a04:2e00::/32
2a04:2e03::/32
Signature Algorithm: sha256WithRSAEncryption
ab:5e:ad:e8:b5:2d:6d:43:0e:b1:54:f0:2d:ee:71:31:74:c5:
08:2a:a8:00:9c:a2:80:f3:36:6a:82:55:b3:bb:bc:05:81:41:
81:0f:4c:c5:e1:95:6b:f8:4c:3c:64:4a:96:88:3b:67:36:db:
68:49:3d:b3:c1:42:26:97:f5:c9:bd:9d:c9:f3:69:ff:e8:16:
ef:7e:f0:8e:96:41:3d:f7:cc:fa:81:4b:9e:df:de:f1:4a:3f:
bd:13:a7:d9:49:84:52:00:90:f6:cf:6e:6e:ef:3a:22:1b:86:
cd:a1:cf:b9:e0:a3:77:52:65:94:f1:62:f1:7c:48:90:c7:e5:
5c:41:0f:6b:58:92:67:2f:ac:1b:8b:d9:51:e7:f2:34:b9:1b:
00:1d:4c:b0:5c:65:4d:10:53:bb:d0:9b:8d:74:05:93:a2:7a:
c6:b0:aa:6e:58:2b:70:fe:85:f9:32:b6:8b:42:11:9d:e7:fc:
55:57:80:ee:cd:9c:a4:95:76:0c:e1:fc:35:20:b9:26:00:06:
8c:7e:d3:f7:44:30:1f:57:8f:0d:e6:e8:f1:a4:f1:70:a7:6d:
d8:c3:cb:31:4c:e7:0b:9e:7b:fe:2c:dc:92:80:b1:47:6d:d6:
31:c4:76:17:6c:7c:4b:30:23:85:8a:9b:d1:65:83:d0:fe:e3:
f9:e7:3f:0c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQijjYz6vlNSIPkqD1FOQISMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzY2JiZjkzNDhhZTU1OGM2ZWZhMGMwODZmMjRiZTA0Y2Iy
M2M2ZTkwHhcNMjUwMTAxMTU0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzZmMTk3ZDUzNmJkNzU4MjkwYTI0MjAxMThmMGNlNzc0MzdhNjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJMwZ7C3G9Qynhb+Bx7tTSTEbKdU
LRjt6l7Ev84IyZeHZESia2GaBdpUmZTTToGvAYBH6K48IX+EnIMP0/LnRdoXYc9W
5IVZwQ+dHlylfhOp8d+BOUoGf9wHkdTRpaVJDBNbthcBD6XbvB1EQHL50D3iwc9z
A8hWhDrnnObmVDyJcV13pIJc+jN4I50tDM9gJXor8tGiGfGBCQwMPOyegjynW1cO
7roST0fVWb4mGpDBiLcpZ5yGGxv1aMc2ycIrSzB5vXxuphBxY4O54+aVbUdfX2FK
JCXc0SW27PrceSGTGpA/6UNngNNvalF85sfMk3riZMRvPDwZhDFe5X7GgQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDNvGX1Ta9dYKQokIBGPDOd0N6aOMB8GA1UdIwQY
MBaAFCPLv5NIrlWMbvoMCG8kvgTLI8bpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTh1X2swaXVWWXh1LWd3SWJ5Uy1CTXNqeHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZTkwZjktZThkMy00NTYyLWE1YjMt
NjIxZWUwNTJhNmZjLzEvTTI4WmZWTnIxMWdwQ2lRZ0VZOE01M1EzcG80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZTkwZjktZThkMy00NTYyLWE1YjMtNjIxZWUwNTJhNmZj
LzEvSTh1X2swaXVWWXh1LWd3SWJ5Uy1CTXNqeHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAaBAIAATAUMAwDBAC5GOkD
BAK5GOgDBAK5aNgwFAQCAAIwDgMFACoELgADBQAqBC4DMA0GCSqGSIb3DQEBCwUA
A4IBAQCrXq3otS1tQw6xVPAt7nExdMUIKqgAnKKA8zZqglWzu7wFgUGBD0zF4ZVr
+Ew8ZEqWiDtnNttoST2zwUIml/XJvZ3J82n/6BbvfvCOlkE998z6gUue397xSj+9
E6fZSYRSAJD2z25u7zoiG4bNoc+54KN3UmWU8WLxfEiQx+VcQQ9rWJJnL6wbi9lR
5/I0uRsAHUywXGVNEFO70JuNdAWTonrGsKpuWCtw/oX5MraLQhGd5/xVV4DuzZyk
lXYM4fw1ILkmAAaMftP3RDAfV48N5ujxpPFwp23Yw8sxTOcLnnv+LNySgLFHbdYx
xHYXbHxLMCOFipvRZYPQ/uP55z8M
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:54:50 2025 by rpki-client