Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/IhQKj6UiQS-W5EmNKI0dkpCOs90.roa
File: IhQKj6UiQS-W5EmNKI0dkpCOs90.roa (raw, json)
Hash identifier: dOyH8r0Q3jqdPxzWjgiYUrfy8XskQY+sMtZqebKaaBc=
Subject key identifier: 22:14:0A:8F:A5:22:41:2F:96:E4:49:8D:28:8D:1D:92:90:8E:B3:DD
Certificate issuer: /CN=2236ed5f5623edeb7910acd31d5f6ee81e5cb17e
Certificate serial: 01942747FBCC0E5764D8EB4249253038AB71
Authority key identifier: 22:36:ED:5F:56:23:ED:EB:79:10:AC:D3:1D:5F:6E:E8:1E:5C:B1:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IjbtX1Yj7et5EKzTHV9u6B5csX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/IhQKj6UiQS-W5EmNKI0dkpCOs90.roa
Signing time: Thu 02 Jan 2025 13:50:16 +0000
ROA not before: Thu 02 Jan 2025 13:50:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43009
IP address blocks: 83.166.64.0/19 maxlen: 19
83.166.64.0/24 maxlen: 24
83.166.65.0/24 maxlen: 24
83.166.67.0/24 maxlen: 24
83.166.78.0/24 maxlen: 24
83.166.79.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:fb:cc:0e:57:64:d8:eb:42:49:25:30:38:ab:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2236ed5f5623edeb7910acd31d5f6ee81e5cb17e
Validity
Not Before: Jan 2 13:50:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22140a8fa522412f96e4498d288d1d92908eb3dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ab:a6:cd:69:61:81:e9:24:cb:20:ff:2d:b6:
53:e3:58:b0:19:73:e0:e2:eb:c5:93:87:a5:c7:7e:
80:71:4d:8c:df:87:21:7c:0b:14:19:28:68:df:9f:
03:76:b8:b2:53:86:5b:62:fa:4c:76:c4:84:16:d1:
09:26:25:e7:20:9b:88:a7:ef:be:eb:b8:2d:bb:0c:
8d:a1:61:28:61:b0:c1:58:6d:7d:d5:52:61:eb:b1:
53:fa:9e:db:11:70:9e:02:fa:c6:f2:99:8d:7b:c8:
68:a0:90:d9:16:8f:16:70:a8:5c:d0:53:be:3a:f6:
11:d7:aa:6a:ab:00:74:c5:52:9d:50:d5:a2:b5:16:
58:0e:45:35:1e:40:82:f8:ce:ed:93:26:c1:14:9e:
e5:c0:9a:6e:aa:e3:6a:aa:3b:12:25:59:4b:e9:9a:
5b:d1:40:1c:fc:2a:02:3a:1b:83:2b:5f:e5:e2:89:
c5:23:a7:56:2c:d6:d4:b5:1a:4d:1b:61:17:3e:ca:
e2:34:28:c7:d7:2c:87:2c:85:1c:4d:00:8c:d6:b3:
61:5b:15:61:55:94:4b:76:cc:5a:a5:9f:42:92:5b:
2b:e7:58:94:44:f5:aa:2f:7c:c8:61:23:9e:5e:a3:
59:a8:2c:8d:72:be:05:8f:ff:89:03:b6:9f:03:f8:
03:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:14:0A:8F:A5:22:41:2F:96:E4:49:8D:28:8D:1D:92:90:8E:B3:DD
X509v3 Authority Key Identifier:
keyid:22:36:ED:5F:56:23:ED:EB:79:10:AC:D3:1D:5F:6E:E8:1E:5C:B1:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IjbtX1Yj7et5EKzTHV9u6B5csX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/IhQKj6UiQS-W5EmNKI0dkpCOs90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/IjbtX1Yj7et5EKzTHV9u6B5csX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.166.64.0/19
Signature Algorithm: sha256WithRSAEncryption
94:2b:dc:e9:6d:59:37:54:1d:b7:b3:72:a1:fc:42:11:d0:2c:
99:46:54:f2:68:f2:b5:e7:b2:e2:34:e3:b9:2e:9f:55:30:31:
8b:f1:f2:bf:01:e8:f1:16:4e:ac:e7:14:9e:78:86:04:b5:61:
e0:28:d0:f9:57:c3:0b:3e:9d:34:0c:c6:c2:65:ae:bc:64:1e:
12:70:41:f2:56:c5:a5:ae:82:fb:70:4c:4b:ba:28:42:33:b8:
8b:de:a3:5d:89:12:96:2b:b9:0b:ac:b7:22:c4:bc:24:7b:97:
d9:f9:ce:5b:aa:f6:56:7a:93:b0:33:e7:87:04:5a:24:b1:46:
36:7e:1a:85:6e:ed:e8:fd:cc:d9:b2:29:b0:27:55:f7:e9:a1:
0c:65:45:cd:d2:88:b3:bb:b1:7f:23:e9:54:e1:82:ab:d0:90:
f4:71:8d:34:17:df:07:14:dd:ca:08:d1:c7:56:fb:f0:98:57:
2b:29:26:89:18:13:a0:64:77:e1:4d:f4:c4:23:94:59:aa:e9:
ea:89:1c:0f:23:1b:ee:b6:3b:67:63:eb:69:09:56:33:e4:6b:
02:2b:f6:a3:be:65:e0:26:c2:d3:df:67:aa:af:6b:fc:98:6d:
60:8d:ea:6a:dc:bd:8f:65:2c:11:69:52:45:4f:ec:1b:49:cb:
e9:8b:a7:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR/vMDldk2OtCSSUwOKtxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzZlZDVmNTYyM2VkZWI3OTEwYWNkMzFkNWY2ZWU4MWU1
Y2IxN2UwHhcNMjUwMTAyMTM1MDE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjE0MGE4ZmE1MjI0MTJmOTZlNDQ5OGQyODhkMWQ5MjkwOGViM2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKumzWlhgekkyyD/LbZT41iwGXPg
4uvFk4elx36AcU2M34chfAsUGSho358DdriyU4ZbYvpMdsSEFtEJJiXnIJuIp+++
67gtuwyNoWEoYbDBWG191VJh67FT+p7bEXCeAvrG8pmNe8hooJDZFo8WcKhc0FO+
OvYR16pqqwB0xVKdUNWitRZYDkU1HkCC+M7tkybBFJ7lwJpuquNqqjsSJVlL6Zpb
0UAc/CoCOhuDK1/l4onFI6dWLNbUtRpNG2EXPsriNCjH1yyHLIUcTQCM1rNhWxVh
VZRLdsxapZ9Cklsr51iURPWqL3zIYSOeXqNZqCyNcr4Fj/+JA7afA/gD7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCIUCo+lIkEvluRJjSiNHZKQjrPdMB8GA1UdIwQY
MBaAFCI27V9WI+3reRCs0x1fbugeXLF+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpidFgxWWo3ZXQ1RUt6VEhWOXU2QjVjc1g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8xZDlkZGEtMmFkZi00NmJkLThhZjct
NGQxNmJlOWJhMTMyLzEvSWhRS2o2VWlRUy1XNUVtTktJMGRrcENPczkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8xZDlkZGEtMmFkZi00NmJkLThhZjctNGQxNmJlOWJhMTMy
LzEvSWpidFgxWWo3ZXQ1RUt6VEhWOXU2QjVjc1g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFU6ZAMA0G
CSqGSIb3DQEBCwUAA4IBAQCUK9zpbVk3VB23s3Kh/EIR0CyZRlTyaPK157LiNOO5
Lp9VMDGL8fK/AejxFk6s5xSeeIYEtWHgKND5V8MLPp00DMbCZa68ZB4ScEHyVsWl
roL7cExLuihCM7iL3qNdiRKWK7kLrLcixLwke5fZ+c5bqvZWepOwM+eHBFoksUY2
fhqFbu3o/czZsimwJ1X36aEMZUXN0oizu7F/I+lU4YKr0JD0cY00F98HFN3KCNHH
VvvwmFcrKSaJGBOgZHfhTfTEI5RZqunqiRwPIxvutjtnY+tpCVYz5GsCK/ajvmXg
JsLT32eqr2v8mG1gjepq3L2PZSwRaVJFT+wbScvpi6e9
-----END CERTIFICATE-----
Generated at Fri Apr 25 19:41:31 2025 by rpki-client