Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/GuFWjWlD3UBm3bT8IF3cWRXAFYw.roa
File: GuFWjWlD3UBm3bT8IF3cWRXAFYw.roa (raw, json)
Hash identifier: iEFWgS9KhQCXetmLelFEZi06pDENUVz8bN9Is6KZ8G4=
Subject key identifier: 1A:E1:56:8D:69:43:DD:40:66:DD:B4:FC:20:5D:DC:59:15:C0:15:8C
Certificate issuer: /CN=1c766b058c096753a34ad625d53275cd2dba5b33
Certificate serial: 019426D9D85B8E7E49048EC248571E40576A
Authority key identifier: 1C:76:6B:05:8C:09:67:53:A3:4A:D6:25:D5:32:75:CD:2D:BA:5B:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHZrBYwJZ1OjStYl1TJ1zS26WzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/GuFWjWlD3UBm3bT8IF3cWRXAFYw.roa
Signing time: Thu 02 Jan 2025 11:49:58 +0000
ROA not before: Thu 02 Jan 2025 11:49:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24631
IP address blocks: 185.171.53.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:d8:5b:8e:7e:49:04:8e:c2:48:57:1e:40:57:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c766b058c096753a34ad625d53275cd2dba5b33
Validity
Not Before: Jan 2 11:49:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ae1568d6943dd4066ddb4fc205ddc5915c0158c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:14:39:09:e1:e5:6e:84:6c:64:ea:06:98:ab:
a2:89:ba:63:a6:7d:0f:04:fe:a2:90:3d:a9:dc:47:
d9:d9:41:e2:b5:52:07:8f:59:c0:24:71:0a:11:36:
4e:38:1c:8c:ce:fc:6b:14:8f:d5:74:26:c8:7a:12:
3b:02:17:e6:7b:42:6f:e6:23:da:91:87:4a:59:33:
ba:83:9f:18:c3:71:60:83:00:f8:5b:70:5a:e3:81:
96:63:2e:3b:3c:a3:c6:a6:8a:48:e6:a6:1a:1e:dc:
ed:fb:60:3d:0c:92:06:9d:60:61:90:fd:43:06:9f:
96:3f:51:0c:48:8b:4e:72:53:e2:f4:11:db:65:ba:
fb:96:b7:cc:4f:f5:ce:4f:b6:a4:77:ef:ae:0a:0c:
87:d0:9d:d0:8c:d4:00:e3:e6:9a:3b:a8:e2:ac:c8:
f6:0f:8c:ff:1f:3e:5f:a6:86:3e:11:95:3b:31:34:
2f:4b:37:a1:83:4b:fd:ed:a8:7a:6f:6f:39:08:3c:
06:b0:a5:c3:89:52:32:78:8e:b3:bc:f2:50:d2:b9:
b8:c2:c6:48:1a:47:21:ef:68:1e:ba:5c:6b:5b:b7:
13:f9:48:bf:8d:2c:96:d0:dd:48:b6:77:85:16:b5:
5e:12:cb:3c:51:d1:6c:fa:35:09:45:4a:18:b6:6a:
c3:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:E1:56:8D:69:43:DD:40:66:DD:B4:FC:20:5D:DC:59:15:C0:15:8C
X509v3 Authority Key Identifier:
keyid:1C:76:6B:05:8C:09:67:53:A3:4A:D6:25:D5:32:75:CD:2D:BA:5B:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHZrBYwJZ1OjStYl1TJ1zS26WzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/GuFWjWlD3UBm3bT8IF3cWRXAFYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/HHZrBYwJZ1OjStYl1TJ1zS26WzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.53.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:8b:7a:98:57:7d:6a:d2:87:56:25:79:5d:cf:1b:a0:4a:c3:
99:dd:26:b4:d9:f7:a4:89:ad:5f:5a:ce:92:a8:d9:5d:e4:46:
f6:43:27:29:8c:47:1c:e4:8f:4e:3e:c6:57:4e:f5:a9:81:15:
63:90:4e:ff:36:40:99:96:fd:b3:7d:36:6a:91:6f:d5:92:cd:
06:e2:09:e9:56:02:2e:8d:54:0b:f7:25:a3:3d:58:4d:ca:c2:
81:da:d1:c0:e2:6f:8d:c0:b0:e3:25:b7:cb:f2:1e:cc:65:2c:
74:c9:fc:8a:de:61:ad:da:49:dd:b2:19:bb:85:f3:45:42:f7:
c4:30:4b:77:b3:fc:98:82:29:18:a4:ea:93:6f:be:d1:a7:aa:
49:d8:c5:b6:cb:52:d5:7b:aa:c2:dd:08:33:31:ef:29:e1:db:
4c:97:a6:23:7c:ff:5a:99:fb:2a:17:cd:6e:97:7e:c4:a5:5b:
cf:a9:dd:64:91:3f:74:00:9b:a9:bb:40:74:db:9d:d0:e7:79:
8f:6b:52:2b:e2:6d:1e:d9:6b:25:d6:c8:79:c7:85:ff:2e:3c:
a9:8b:34:a4:8a:69:21:a2:3f:72:2a:c0:df:14:84:60:77:43:
9b:4a:2d:e7:95:5f:7a:00:4e:af:04:2b:42:a8:d6:7b:9f:b4:
a6:73:a9:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2dhbjn5JBI7CSFceQFdqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNzY2YjA1OGMwOTY3NTNhMzRhZDYyNWQ1MzI3NWNkMmRi
YTViMzMwHhcNMjUwMTAyMTE0OTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWUxNTY4ZDY5NDNkZDQwNjZkZGI0ZmMyMDVkZGM1OTE1YzAxNThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRQ5CeHlboRsZOoGmKuiibpjpn0P
BP6ikD2p3EfZ2UHitVIHj1nAJHEKETZOOByMzvxrFI/VdCbIehI7Ahfme0Jv5iPa
kYdKWTO6g58Yw3FggwD4W3Ba44GWYy47PKPGpopI5qYaHtzt+2A9DJIGnWBhkP1D
Bp+WP1EMSItOclPi9BHbZbr7lrfMT/XOT7akd++uCgyH0J3QjNQA4+aaO6jirMj2
D4z/Hz5fpoY+EZU7MTQvSzehg0v97ah6b285CDwGsKXDiVIyeI6zvPJQ0rm4wsZI
Gkch72geulxrW7cT+Ui/jSyW0N1ItneFFrVeEss8UdFs+jUJRUoYtmrDSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBrhVo1pQ91AZt20/CBd3FkVwBWMMB8GA1UdIwQY
MBaAFBx2awWMCWdTo0rWJdUydc0tulszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhackJZd0paMU9qU3RZbDFUSjF6UzI2V3pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hYjgzZGMtYzBlNy00ZWMzLWFmNzIt
ODE5MTdkZmZkY2Q3LzEvR3VGV2pXbEQzVUJtM2JUOElGM2NXUlhBRll3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hYjgzZGMtYzBlNy00ZWMzLWFmNzItODE5MTdkZmZkY2Q3
LzEvSEhackJZd0paMU9qU3RZbDFUSjF6UzI2V3pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuas1MA0G
CSqGSIb3DQEBCwUAA4IBAQALi3qYV31q0odWJXldzxugSsOZ3Sa02fekia1fWs6S
qNld5Eb2QycpjEcc5I9OPsZXTvWpgRVjkE7/NkCZlv2zfTZqkW/Vks0G4gnpVgIu
jVQL9yWjPVhNysKB2tHA4m+NwLDjJbfL8h7MZSx0yfyK3mGt2kndshm7hfNFQvfE
MEt3s/yYgikYpOqTb77Rp6pJ2MW2y1LVe6rC3QgzMe8p4dtMl6YjfP9amfsqF81u
l37EpVvPqd1kkT90AJupu0B0253Q53mPa1Ir4m0e2Wsl1sh5x4X/LjypizSkimkh
oj9yKsDfFIRgd0ObSi3nlV96AE6vBCtCqNZ7n7Smc6lM
-----END CERTIFICATE-----
Generated at Fri Apr 25 00:45:16 2025 by rpki-client