Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/1k_-7iaL3-MiuBsEwzsqEjXw8Aw.roa
File: 1k_-7iaL3-MiuBsEwzsqEjXw8Aw.roa (raw, json)
Hash identifier: MvGzqoey/hCfcwmRhO21Z8RbLw85JPgQ7VzzDBc6ROg=
Subject key identifier: D6:4F:FE:EE:26:8B:DF:E3:22:B8:1B:04:C3:3B:2A:12:35:F0:F0:0C
Certificate issuer: /CN=c784128505f7f99c7570442980adeb8af90cc270
Certificate serial: 019422FBF5BD1F93A21D08BB977A4C3A713A
Authority key identifier: C7:84:12:85:05:F7:F9:9C:75:70:44:29:80:AD:EB:8A:F9:0C:C2:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x4QShQX3-Zx1cEQpgK3rivkMwnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/1k_-7iaL3-MiuBsEwzsqEjXw8Aw.roa
Signing time: Wed 01 Jan 2025 17:48:44 +0000
ROA not before: Wed 01 Jan 2025 17:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61273
IP address blocks: 185.151.204.0/24 maxlen: 24
185.151.205.0/24 maxlen: 24
185.151.206.0/24 maxlen: 24
185.151.207.0/24 maxlen: 24
185.230.39.0/24 maxlen: 24
185.255.24.0/22 maxlen: 24
2a0b:14c0:2::/48 maxlen: 48
2a0b:14c0:4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:f5:bd:1f:93:a2:1d:08:bb:97:7a:4c:3a:71:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c784128505f7f99c7570442980adeb8af90cc270
Validity
Not Before: Jan 1 17:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d64ffeee268bdfe322b81b04c33b2a1235f0f00c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:65:9d:b2:b4:70:c1:46:46:dc:a5:b0:0b:08:
78:01:99:e4:a0:9d:02:a6:36:50:2a:35:79:9e:e2:
50:68:54:99:fa:9c:f3:af:ff:2a:9c:e7:bb:db:87:
28:bf:44:71:d5:c6:a9:db:4a:80:70:12:d2:c0:18:
a2:9b:2f:60:be:77:f9:1f:fd:c1:ba:8c:da:ce:c1:
08:4e:73:88:b7:da:3e:f1:09:a4:01:3c:3b:09:4a:
e3:8d:73:49:b9:00:74:a6:5f:dd:a0:cb:d1:67:69:
f2:fa:46:bf:57:e5:4a:8a:fe:c9:40:74:50:47:65:
88:28:eb:7d:c1:b2:a9:6f:1c:f9:29:dd:84:13:87:
9b:9c:b0:04:1a:28:ac:07:5a:ca:d8:9d:3a:a5:2e:
a0:cb:3f:51:40:2d:8a:96:33:e4:f5:2d:68:db:56:
dd:d2:91:0c:1c:e2:9b:23:a9:6c:1e:70:e5:ec:20:
51:d2:67:32:20:32:dd:0b:a0:db:89:6f:c8:aa:16:
fa:05:34:bf:d1:60:a5:75:2e:82:be:a1:1a:dd:be:
de:ee:2e:cc:d4:59:02:f4:ef:11:f4:9f:19:64:c8:
95:0d:32:0a:25:fb:05:6f:8a:26:60:38:d7:ae:c1:
7e:38:e0:bd:10:da:55:dc:a8:9b:f6:bc:fc:f2:97:
5a:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:4F:FE:EE:26:8B:DF:E3:22:B8:1B:04:C3:3B:2A:12:35:F0:F0:0C
X509v3 Authority Key Identifier:
keyid:C7:84:12:85:05:F7:F9:9C:75:70:44:29:80:AD:EB:8A:F9:0C:C2:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x4QShQX3-Zx1cEQpgK3rivkMwnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/1k_-7iaL3-MiuBsEwzsqEjXw8Aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/x4QShQX3-Zx1cEQpgK3rivkMwnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.151.204.0/22
185.230.39.0/24
185.255.24.0/22
IPv6:
2a0b:14c0:2::/48
2a0b:14c0:4::/48
Signature Algorithm: sha256WithRSAEncryption
05:da:6a:57:b8:b2:aa:b2:49:81:70:90:73:1a:b4:70:ef:14:
4e:c5:4b:df:94:90:cc:e9:6f:87:2e:2e:a1:19:eb:a2:0b:54:
22:f0:9e:e4:c6:08:13:94:6a:85:24:b0:46:b8:c9:42:01:58:
d2:ab:8b:8c:2c:9b:25:aa:0e:8d:6a:d5:ce:5e:4c:f9:4a:7f:
a3:ae:7e:82:7b:9f:fb:90:4c:66:64:a9:71:26:fb:cb:d5:b6:
00:a4:2a:c4:c3:f3:79:2d:4e:b8:67:42:72:72:b1:34:00:a3:
97:f8:77:be:c1:19:c7:f9:08:08:ec:28:ce:00:67:f1:8c:cf:
18:69:5b:f9:4e:9c:50:c5:15:32:25:76:99:fa:4c:eb:00:84:
74:56:53:aa:d8:dc:44:6c:ac:4b:ca:c3:a2:f0:f0:3c:75:4d:
c6:d6:9a:55:7a:f0:59:ca:21:5f:cc:e4:27:ee:30:76:55:d4:
f4:c3:ee:9f:3e:02:b6:f2:b9:8c:1e:77:0e:5a:16:8f:a8:88:
64:d3:ff:4b:93:32:e9:24:90:8f:42:97:ae:b1:49:55:30:0e:
ac:04:73:6e:74:f4:0f:0a:b1:1d:23:af:a8:44:f7:1c:45:f3:
f5:5b:86:fe:49:14:f6:d1:e5:ea:08:8d:91:d3:2c:11:32:ea:
bb:cb:2d:2f
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQi+/W9H5OiHQi7l3pMOnE6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ODQxMjg1MDVmN2Y5OWM3NTcwNDQyOTgwYWRlYjhhZjkw
Y2MyNzAwHhcNMjUwMTAxMTc0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjRmZmVlZTI2OGJkZmUzMjJiODFiMDRjMzNiMmExMjM1ZjBmMDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWWdsrRwwUZG3KWwCwh4AZnkoJ0C
pjZQKjV5nuJQaFSZ+pzzr/8qnOe724cov0Rx1cap20qAcBLSwBiimy9gvnf5H/3B
uozazsEITnOIt9o+8QmkATw7CUrjjXNJuQB0pl/doMvRZ2ny+ka/V+VKiv7JQHRQ
R2WIKOt9wbKpbxz5Kd2EE4ebnLAEGiisB1rK2J06pS6gyz9RQC2KljPk9S1o21bd
0pEMHOKbI6lsHnDl7CBR0mcyIDLdC6DbiW/Iqhb6BTS/0WCldS6CvqEa3b7e7i7M
1FkC9O8R9J8ZZMiVDTIKJfsFb4omYDjXrsF+OOC9ENpV3Kib9rz88pdaBwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFNZP/u4mi9/jIrgbBMM7KhI18PAMMB8GA1UdIwQY
MBaAFMeEEoUF9/mcdXBEKYCt64r5DMJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDRRU2hRWDMtWngxY0VRcGdLM3JpdmtNd25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC80YzVjM2QtMjFiMC00MDU4LTg5ZmQt
NmMxYjQ0NzFmN2VlLzEvMWtfLTdpYUwzLU1pdUJzRXd6c3FFalh3OEF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC80YzVjM2QtMjFiMC00MDU4LTg5ZmQtNmMxYjQ0NzFmN2Vl
LzEveDRRU2hRWDMtWngxY0VRcGdLM3JpdmtNd25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQCuZfMAwQA
ueYnAwQCuf8YMBgEAgACMBIDBwAqCxTAAAIDBwAqCxTAAAQwDQYJKoZIhvcNAQEL
BQADggEBAAXaale4sqqySYFwkHMatHDvFE7FS9+UkMzpb4cuLqEZ66ILVCLwnuTG
CBOUaoUksEa4yUIBWNKri4wsmyWqDo1q1c5eTPlKf6OufoJ7n/uQTGZkqXEm+8vV
tgCkKsTD83ktTrhnQnJysTQAo5f4d77BGcf5CAjsKM4AZ/GMzxhpW/lOnFDFFTIl
dpn6TOsAhHRWU6rY3ERsrEvKw6Lw8Dx1TcbWmlV68FnKIV/M5CfuMHZV1PTD7p8+
ArbyuYwedw5aFo+oiGTT/0uTMukkkI9Cl66xSVUwDqwEc2509A8KsR0jr6hE9xxF
8/Vbhv5JFPbR5eoIjZHTLBEy6rvLLS8=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:54:05 2025 by rpki-client