Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/24abaf-d1f2-4058-b5e7-36ff932ad611/1/cIi8rOnMeQ3m6xiUefnXakqSy1A.roa
File: cIi8rOnMeQ3m6xiUefnXakqSy1A.roa (raw, json)
Hash identifier: k7VPSwwY0T6/aLkORnWkFCvX6Mg2hhTiFX58BkbUhHY=
Subject key identifier: 70:88:BC:AC:E9:CC:79:0D:E6:EB:18:94:79:F9:D7:6A:4A:92:CB:50
Certificate issuer: /CN=c754c6069e49d24931379a4c92456385922b46ce
Certificate serial: 018CC3B6799B32911E4CB484E00687408472
Authority key identifier: C7:54:C6:06:9E:49:D2:49:31:37:9A:4C:92:45:63:85:92:2B:46:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x1TGBp5J0kkxN5pMkkVjhZIrRs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/24abaf-d1f2-4058-b5e7-36ff932ad611/1/cIi8rOnMeQ3m6xiUefnXakqSy1A.roa
Signing time: Mon 01 Jan 2024 06:29:24 +0000
ROA not before: Mon 01 Jan 2024 06:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50673
IP address blocks: 185.23.253.0/24 maxlen: 24
2a0f:4a80::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:79:9b:32:91:1e:4c:b4:84:e0:06:87:40:84:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c754c6069e49d24931379a4c92456385922b46ce
Validity
Not Before: Jan 1 06:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7088bcace9cc790de6eb189479f9d76a4a92cb50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a7:f7:82:d9:bc:b9:af:c1:5a:b3:41:9d:aa:
e5:a3:f0:42:80:03:3d:eb:20:44:22:89:2e:84:4f:
12:36:72:da:1a:d8:ec:50:63:f9:8f:ab:f9:0f:44:
52:2f:35:7f:a7:61:aa:56:2d:cd:2f:46:3b:3e:6d:
4f:a4:13:ee:8b:33:d5:e1:7a:79:18:b0:bc:58:fa:
b8:44:de:a6:97:0f:c1:e1:34:c4:b8:30:77:e0:1c:
85:b4:04:ec:e4:53:df:97:43:7c:8f:05:69:95:73:
94:fa:8a:65:2d:5a:c6:61:fd:b5:77:6d:1b:cd:ec:
92:6e:bd:c1:6d:79:13:c9:f6:ed:54:a4:cf:0a:8b:
91:fa:2e:b7:72:2b:6f:0f:04:4e:d7:ec:75:9e:00:
5e:48:bf:da:83:1d:d9:07:4a:a8:59:0e:3f:21:58:
98:fb:0e:17:f1:14:0e:c5:ff:a0:80:34:c3:0c:35:
b8:49:9d:49:81:96:ff:08:81:4d:39:d3:64:d3:bd:
ef:c6:e9:0b:b6:b9:af:99:ee:6b:a8:bd:c2:ea:71:
15:34:c4:c5:b6:b3:63:c0:61:c7:4b:2a:b2:dd:76:
fc:6b:26:db:06:7d:cf:86:c5:6a:a7:f6:de:5b:cc:
72:71:06:ee:ca:ac:10:00:13:df:21:b7:e3:06:c7:
54:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:88:BC:AC:E9:CC:79:0D:E6:EB:18:94:79:F9:D7:6A:4A:92:CB:50
X509v3 Authority Key Identifier:
keyid:C7:54:C6:06:9E:49:D2:49:31:37:9A:4C:92:45:63:85:92:2B:46:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x1TGBp5J0kkxN5pMkkVjhZIrRs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/24abaf-d1f2-4058-b5e7-36ff932ad611/1/cIi8rOnMeQ3m6xiUefnXakqSy1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/24abaf-d1f2-4058-b5e7-36ff932ad611/1/x1TGBp5J0kkxN5pMkkVjhZIrRs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.253.0/24
IPv6:
2a0f:4a80::/48
Signature Algorithm: sha256WithRSAEncryption
27:dc:61:ca:59:f3:48:1b:f9:b7:6d:0e:5f:ff:75:af:2e:42:
7b:6b:d7:79:49:15:1d:9e:ad:78:7f:9f:3d:74:2b:01:2f:41:
98:be:d6:db:5c:50:fd:f2:ee:49:0a:49:9a:27:cd:01:93:34:
d5:1f:a3:29:82:ef:79:ca:0a:10:26:19:e9:8f:9b:fd:40:3a:
99:57:34:fe:48:a7:af:e3:33:f4:2e:7a:f1:e9:1a:a2:8c:75:
0b:37:d0:ed:06:7e:ac:e1:54:9c:6b:da:85:c9:c2:2b:9e:71:
a8:5f:91:ae:9e:47:c6:20:78:e3:27:aa:b5:b0:5e:3c:3f:c6:
8d:92:1b:69:a9:e3:d6:01:6b:a4:af:77:4a:ac:f2:67:11:82:
b7:7c:13:58:e0:ba:09:d4:b7:2c:0d:11:04:60:fc:ab:98:0f:
0e:db:82:91:ca:ca:56:8f:07:66:39:67:a5:aa:0d:0c:35:07:
06:9f:3f:ba:43:77:38:f0:1e:ca:58:54:7d:b5:35:fe:d6:68:
d1:6e:3d:c2:8d:f1:25:1e:b7:41:55:df:55:b2:d9:3d:9c:0c:
fe:bf:45:68:68:5b:82:d1:eb:ac:de:17:af:f2:54:a4:93:fd:
93:6f:98:2b:02:99:5a:b1:59:57:94:92:ed:82:46:4b:78:ef:
59:54:ce:2b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzDtnmbMpEeTLSE4AaHQIRyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NTRjNjA2OWU0OWQyNDkzMTM3OWE0YzkyNDU2Mzg1OTIy
YjQ2Y2UwHhcNMjQwMTAxMDYyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDg4YmNhY2U5Y2M3OTBkZTZlYjE4OTQ3OWY5ZDc2YTRhOTJjYjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6f3gtm8ua/BWrNBnarlo/BCgAM9
6yBEIokuhE8SNnLaGtjsUGP5j6v5D0RSLzV/p2GqVi3NL0Y7Pm1PpBPuizPV4Xp5
GLC8WPq4RN6mlw/B4TTEuDB34ByFtATs5FPfl0N8jwVplXOU+oplLVrGYf21d20b
zeySbr3BbXkTyfbtVKTPCouR+i63citvDwRO1+x1ngBeSL/agx3ZB0qoWQ4/IViY
+w4X8RQOxf+ggDTDDDW4SZ1JgZb/CIFNOdNk073vxukLtrmvme5rqL3C6nEVNMTF
trNjwGHHSyqy3Xb8aybbBn3PhsVqp/beW8xycQbuyqwQABPfIbfjBsdUGQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHCIvKzpzHkN5usYlHn512pKkstQMB8GA1UdIwQY
MBaAFMdUxgaeSdJJMTeaTJJFY4WSK0bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDFUR0JwNUowa2t4TjVwTWtrVmpoWklyUnM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yNGFiYWYtZDFmMi00MDU4LWI1ZTct
MzZmZjkzMmFkNjExLzEvY0lpOHJPbk1lUTNtNnhpVWVmblhha3FTeTFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8yNGFiYWYtZDFmMi00MDU4LWI1ZTctMzZmZjkzMmFkNjEx
LzEveDFUR0JwNUowa2t4TjVwTWtrVmpoWklyUnM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuRf9MA8E
AgACMAkDBwAqD0qAAAAwDQYJKoZIhvcNAQELBQADggEBACfcYcpZ80gb+bdtDl//
da8uQntr13lJFR2erXh/nz10KwEvQZi+1ttcUP3y7kkKSZonzQGTNNUfoymC73nK
ChAmGemPm/1AOplXNP5Ip6/jM/QuevHpGqKMdQs30O0GfqzhVJxr2oXJwiuecahf
ka6eR8YgeOMnqrWwXjw/xo2SG2mp49YBa6Svd0qs8mcRgrd8E1jgugnUtywNEQRg
/KuYDw7bgpHKylaPB2Y5Z6WqDQw1BwafP7pDdzjwHspYVH21Nf7WaNFuPcKN8SUe
t0FV31Wy2T2cDP6/RWhoW4LR66zeF6/yVKST/ZNvmCsCmVqxWVeUku2CRkt471lU
zis=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:26:50 2025 by rpki-client