Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/4560e9-7173-429c-b6f1-5f4a15cb9054/1/kY1a0BACd1_TYMv9GQ8E9K8p7qU.roa
File: kY1a0BACd1_TYMv9GQ8E9K8p7qU.roa (raw, json)
Hash identifier: YxOrzROBL63q/PQ0W9//5oVoP7okiooDJdhlfo33RWM=
Subject key identifier: 91:8D:5A:D0:10:02:77:5F:D3:60:CB:FD:19:0F:04:F4:AF:29:EE:A5
Certificate issuer: /CN=a0e049d00ba8421e4c45a948492945c78fd9e16d
Certificate serial: 019423D74E60DE9C03B8129DD4F1DBEC07F7
Authority key identifier: A0:E0:49:D0:0B:A8:42:1E:4C:45:A9:48:49:29:45:C7:8F:D9:E1:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oOBJ0AuoQh5MRalISSlFx4_Z4W0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/4560e9-7173-429c-b6f1-5f4a15cb9054/1/kY1a0BACd1_TYMv9GQ8E9K8p7qU.roa
Signing time: Wed 01 Jan 2025 21:48:20 +0000
ROA not before: Wed 01 Jan 2025 21:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20811
IP address blocks: 185.141.84.0/22 maxlen: 24
2a0b:aa00::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:4e:60:de:9c:03:b8:12:9d:d4:f1:db:ec:07:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0e049d00ba8421e4c45a948492945c78fd9e16d
Validity
Not Before: Jan 1 21:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=918d5ad01002775fd360cbfd190f04f4af29eea5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:ec:20:5c:05:f0:6e:47:1b:bb:88:d0:24:17:
77:7b:17:5b:76:1e:32:ac:25:9a:f0:a6:26:a6:6e:
ed:df:5c:fe:71:fc:af:06:81:d9:62:0b:fb:01:38:
d4:18:44:36:3b:16:06:0f:60:83:e0:98:80:e6:85:
6c:24:f7:a0:c6:58:9e:df:53:b7:41:e0:63:cb:ce:
af:97:d4:6d:3f:77:33:06:94:fc:ee:c9:aa:be:a9:
1d:1b:54:b3:ec:ae:6b:a0:be:53:bd:c2:59:5b:c8:
80:0d:a4:62:7c:cb:2d:1f:9a:96:6d:93:2b:30:57:
a0:3f:ca:7d:d7:e1:3f:3e:3e:ae:1a:42:80:8b:bd:
34:93:17:f7:e6:d3:c9:9f:aa:06:47:a4:44:24:c8:
7e:28:93:e7:19:51:7d:b3:38:cf:f5:a6:65:09:b8:
39:0b:5f:6c:47:95:73:61:aa:89:8a:cc:0a:20:da:
3f:91:cb:88:df:60:78:02:84:06:b0:e2:93:f7:de:
56:a2:d0:02:1d:ff:9a:bb:88:15:fd:57:bf:3e:37:
79:fd:90:74:cc:a7:eb:ef:e1:10:42:ea:ba:91:51:
67:88:38:1e:3a:ff:90:6a:03:52:d8:16:49:be:ee:
60:74:44:b1:05:d2:e0:6c:45:f7:cc:6a:c1:f1:e5:
3d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:8D:5A:D0:10:02:77:5F:D3:60:CB:FD:19:0F:04:F4:AF:29:EE:A5
X509v3 Authority Key Identifier:
keyid:A0:E0:49:D0:0B:A8:42:1E:4C:45:A9:48:49:29:45:C7:8F:D9:E1:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oOBJ0AuoQh5MRalISSlFx4_Z4W0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/4560e9-7173-429c-b6f1-5f4a15cb9054/1/kY1a0BACd1_TYMv9GQ8E9K8p7qU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/4560e9-7173-429c-b6f1-5f4a15cb9054/1/oOBJ0AuoQh5MRalISSlFx4_Z4W0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.84.0/22
IPv6:
2a0b:aa00::/29
Signature Algorithm: sha256WithRSAEncryption
4a:50:79:d4:c6:fb:15:87:d9:6d:0e:51:5f:48:09:c5:81:a8:
fa:02:e3:5c:02:54:50:82:e0:3c:43:81:10:9c:fa:6e:0c:88:
a9:d9:1d:2b:78:12:a0:e1:f0:03:0d:b2:97:1f:dc:e1:4c:11:
ee:82:ef:14:87:1b:4b:7a:57:b3:cf:88:73:35:8f:eb:e5:df:
f9:3d:0f:e1:da:f4:af:81:00:cb:10:0d:2a:3e:74:18:03:6c:
d3:a2:ca:39:27:41:56:04:d9:89:c1:51:a9:aa:3f:2d:cd:75:
62:65:4c:43:bc:c7:9d:63:82:72:5b:35:9e:c5:4a:4f:32:90:
90:e2:a2:fe:70:fe:c7:71:aa:54:3e:c0:33:5c:ca:83:00:80:
38:32:59:d3:55:7b:d4:8d:5f:e5:9a:05:93:32:e5:9b:f5:f6:
ed:dc:a6:31:f3:6e:7d:6a:9c:9c:b3:17:cb:a3:45:e5:68:75:
5d:da:d4:b6:19:98:69:ea:1b:4d:43:a8:7e:71:26:5c:77:31:
17:1b:ac:27:7e:8f:d3:be:62:d9:b3:50:38:19:f3:ed:32:11:
55:9c:b6:db:3b:e3:1d:bc:28:ff:cb:94:6c:8d:eb:83:24:5f:
07:55:5d:85:cb:0f:13:f0:a3:9f:9e:22:5d:9d:50:8d:0d:1a:
fb:31:bf:dd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj105g3pwDuBKd1PHb7Af3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZTA0OWQwMGJhODQyMWU0YzQ1YTk0ODQ5Mjk0NWM3OGZk
OWUxNmQwHhcNMjUwMTAxMjE0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MThkNWFkMDEwMDI3NzVmZDM2MGNiZmQxOTBmMDRmNGFmMjllZWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4uwgXAXwbkcbu4jQJBd3exdbdh4y
rCWa8KYmpm7t31z+cfyvBoHZYgv7ATjUGEQ2OxYGD2CD4JiA5oVsJPegxlie31O3
QeBjy86vl9RtP3czBpT87smqvqkdG1Sz7K5roL5TvcJZW8iADaRifMstH5qWbZMr
MFegP8p91+E/Pj6uGkKAi700kxf35tPJn6oGR6REJMh+KJPnGVF9szjP9aZlCbg5
C19sR5VzYaqJiswKINo/kcuI32B4AoQGsOKT995WotACHf+au4gV/Ve/Pjd5/ZB0
zKfr7+EQQuq6kVFniDgeOv+QagNS2BZJvu5gdESxBdLgbEX3zGrB8eU9BQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJGNWtAQAndf02DL/RkPBPSvKe6lMB8GA1UdIwQY
MBaAFKDgSdALqEIeTEWpSEkpRceP2eFtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb09CSjBBdW9RaDVNUmFsSVNTbEZ4NF9aNFcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80NTYwZTktNzE3My00MjljLWI2ZjEt
NWY0YTE1Y2I5MDU0LzEva1kxYTBCQUNkMV9UWU12OUdROEU5SzhwN3FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy80NTYwZTktNzE3My00MjljLWI2ZjEtNWY0YTE1Y2I5MDU0
LzEvb09CSjBBdW9RaDVNUmFsSVNTbEZ4NF9aNFcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuY1UMA0E
AgACMAcDBQMqC6oAMA0GCSqGSIb3DQEBCwUAA4IBAQBKUHnUxvsVh9ltDlFfSAnF
gaj6AuNcAlRQguA8Q4EQnPpuDIip2R0reBKg4fADDbKXH9zhTBHugu8UhxtLelez
z4hzNY/r5d/5PQ/h2vSvgQDLEA0qPnQYA2zToso5J0FWBNmJwVGpqj8tzXViZUxD
vMedY4JyWzWexUpPMpCQ4qL+cP7HcapUPsAzXMqDAIA4MlnTVXvUjV/lmgWTMuWb
9fbt3KYx8259apycsxfLo0XlaHVd2tS2GZhp6htNQ6h+cSZcdzEXG6wnfo/TvmLZ
s1A4GfPtMhFVnLbbO+MdvCj/y5RsjeuDJF8HVV2Fyw8T8KOfniJdnVCNDRr7Mb/d
-----END CERTIFICATE-----
Generated at Mon Apr 28 14:34:24 2025 by rpki-client