Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/fcd516-88f5-4e48-9ab4-93df45003e7e/1/4Z83aeiL1qKhRZ2WNkILMOJ_sWw.roa
File: 4Z83aeiL1qKhRZ2WNkILMOJ_sWw.roa (raw, json)
Hash identifier: n41nIQZg7HLjUhRFvbwLNJk7mnBYZCymPOk6XFqJF+8=
Subject key identifier: E1:9F:37:69:E8:8B:D6:A2:A1:45:9D:96:36:42:0B:30:E2:7F:B1:6C
Certificate issuer: /CN=6ac72a734392f6cf792b3d0c3ed11820286f19f4
Certificate serial: 0194258FB95B6F311BD9BF78FE5DCDB27CE6
Authority key identifier: 6A:C7:2A:73:43:92:F6:CF:79:2B:3D:0C:3E:D1:18:20:28:6F:19:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ascqc0OS9s95Kz0MPtEYIChvGfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/fcd516-88f5-4e48-9ab4-93df45003e7e/1/4Z83aeiL1qKhRZ2WNkILMOJ_sWw.roa
Signing time: Thu 02 Jan 2025 05:49:23 +0000
ROA not before: Thu 02 Jan 2025 05:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212574
IP address blocks: 185.153.232.0/24 maxlen: 24
2a10:7240::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:b9:5b:6f:31:1b:d9:bf:78:fe:5d:cd:b2:7c:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ac72a734392f6cf792b3d0c3ed11820286f19f4
Validity
Not Before: Jan 2 05:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e19f3769e88bd6a2a1459d9636420b30e27fb16c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a0:8e:bf:e6:11:8d:4d:dc:24:a4:b6:fe:63:
ca:93:bc:fe:f2:df:cf:55:cd:ef:fc:d4:39:60:9c:
89:dc:5c:04:f9:af:e3:6e:49:66:d0:88:72:51:97:
10:60:af:fa:d1:a5:28:24:36:92:4a:84:fc:75:6f:
f3:0f:b0:da:7b:66:a4:9f:16:2f:64:56:ab:d4:53:
e7:a2:e9:a8:e0:f2:f8:6d:e8:95:ae:36:48:10:12:
56:52:76:50:f5:01:f1:d0:e3:e3:0c:e3:a7:30:6d:
19:f0:d1:3d:89:ae:f4:f0:f0:23:4c:33:04:04:64:
f1:34:1f:c6:e0:cd:60:5a:1f:ad:4a:7a:a4:1d:75:
2e:9b:08:19:f0:b5:96:af:90:c1:be:b1:9a:f3:58:
a2:09:1f:36:77:18:85:a2:c9:af:b4:e0:00:5b:90:
a0:f9:3b:13:61:72:dd:5e:7b:2b:67:3e:0c:32:2b:
75:c0:ec:4a:d1:8e:80:5f:e8:9e:5d:ca:18:66:64:
47:1b:dc:4c:d0:6e:c7:56:18:e9:0a:1f:43:a9:e8:
12:05:4b:d7:d2:87:c6:dc:cc:45:96:8d:8d:f8:f0:
01:a9:72:19:09:2f:b0:bf:d3:2d:43:da:a1:88:c4:
3f:d7:35:38:bb:29:58:90:a3:01:a7:55:f7:25:6d:
f2:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:9F:37:69:E8:8B:D6:A2:A1:45:9D:96:36:42:0B:30:E2:7F:B1:6C
X509v3 Authority Key Identifier:
keyid:6A:C7:2A:73:43:92:F6:CF:79:2B:3D:0C:3E:D1:18:20:28:6F:19:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ascqc0OS9s95Kz0MPtEYIChvGfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fcd516-88f5-4e48-9ab4-93df45003e7e/1/4Z83aeiL1qKhRZ2WNkILMOJ_sWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fcd516-88f5-4e48-9ab4-93df45003e7e/1/ascqc0OS9s95Kz0MPtEYIChvGfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.232.0/24
IPv6:
2a10:7240::/32
Signature Algorithm: sha256WithRSAEncryption
b6:8d:e8:82:6d:de:33:a9:68:c0:a3:f0:2b:74:95:67:74:a5:
89:0b:82:06:a2:f8:46:e5:fb:4f:8d:66:22:bb:05:8f:70:3d:
81:47:c3:52:3f:a7:b4:1e:e7:6a:83:b4:3e:3c:a7:74:db:3c:
01:5a:8c:7f:b8:b6:1a:e7:a2:3f:1e:61:73:67:79:6e:25:3b:
ae:4a:fe:3d:85:55:31:1f:37:33:e1:b6:96:46:b1:a5:97:80:
e2:b2:b5:f4:79:7a:04:fe:32:0b:5e:8d:9a:65:7f:d3:56:d5:
8e:e0:e0:09:d6:cd:05:52:76:e5:9b:ce:c9:f3:de:0e:17:db:
de:9c:de:49:e8:df:dd:55:cd:3b:0a:00:69:cc:09:c1:ee:3c:
44:f6:e3:4d:84:09:de:70:4d:21:e6:c9:ba:bd:fa:63:76:1c:
4e:5a:be:44:1b:e7:32:b2:84:33:66:5f:8b:4f:d1:ed:55:e5:
23:65:5f:13:d5:d9:40:1f:f2:fb:17:93:81:2e:0f:66:e2:9e:
6e:3a:2b:c1:12:00:f0:28:1a:ed:6f:28:06:4d:99:9b:0b:f0:
fe:f6:83:57:ee:6a:9d:14:7a:b5:d8:a1:c5:05:26:55:60:f1:
c2:e8:24:89:0c:db:37:5a:c5:04:48:2c:5c:4d:d6:23:ba:0b:
24:d8:f5:1e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlj7lbbzEb2b94/l3NsnzmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhYzcyYTczNDM5MmY2Y2Y3OTJiM2QwYzNlZDExODIwMjg2
ZjE5ZjQwHhcNMjUwMTAyMDU0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTlmMzc2OWU4OGJkNmEyYTE0NTlkOTYzNjQyMGIzMGUyN2ZiMTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKCOv+YRjU3cJKS2/mPKk7z+8t/P
Vc3v/NQ5YJyJ3FwE+a/jbklm0IhyUZcQYK/60aUoJDaSSoT8dW/zD7Dae2aknxYv
ZFar1FPnoumo4PL4beiVrjZIEBJWUnZQ9QHx0OPjDOOnMG0Z8NE9ia708PAjTDME
BGTxNB/G4M1gWh+tSnqkHXUumwgZ8LWWr5DBvrGa81iiCR82dxiFosmvtOAAW5Cg
+TsTYXLdXnsrZz4MMit1wOxK0Y6AX+ieXcoYZmRHG9xM0G7HVhjpCh9DqegSBUvX
0ofG3MxFlo2N+PABqXIZCS+wv9MtQ9qhiMQ/1zU4uylYkKMBp1X3JW3yHQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOGfN2noi9aioUWdljZCCzDif7FsMB8GA1UdIwQY
MBaAFGrHKnNDkvbPeSs9DD7RGCAobxn0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXNjcWMwT1M5czk1S3owTVB0RVlJQ2h2R2ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9mY2Q1MTYtODhmNS00ZTQ4LTlhYjQt
OTNkZjQ1MDAzZTdlLzEvNFo4M2FlaUwxcUtoUloyV05rSUxNT0pfc1d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9mY2Q1MTYtODhmNS00ZTQ4LTlhYjQtOTNkZjQ1MDAzZTdl
LzEvYXNjcWMwT1M5czk1S3owTVB0RVlJQ2h2R2ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuZnoMA0E
AgACMAcDBQAqEHJAMA0GCSqGSIb3DQEBCwUAA4IBAQC2jeiCbd4zqWjAo/ArdJVn
dKWJC4IGovhG5ftPjWYiuwWPcD2BR8NSP6e0Hudqg7Q+PKd02zwBWox/uLYa56I/
HmFzZ3luJTuuSv49hVUxHzcz4baWRrGll4DisrX0eXoE/jILXo2aZX/TVtWO4OAJ
1s0FUnblm87J894OF9venN5J6N/dVc07CgBpzAnB7jxE9uNNhAnecE0h5sm6vfpj
dhxOWr5EG+cysoQzZl+LT9HtVeUjZV8T1dlAH/L7F5OBLg9m4p5uOivBEgDwKBrt
bygGTZmbC/D+9oNX7mqdFHq12KHFBSZVYPHC6CSJDNs3WsUESCxcTdYjugsk2PUe
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:01:42 2025 by rpki-client