Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/5bf797-bc55-48c1-9e92-992825cd3214/1/4iEprq9S0niaPUM7nGF34QiTqwo.roa
File: 4iEprq9S0niaPUM7nGF34QiTqwo.roa (raw, json)
Hash identifier: f7Epr5pWf6vu+WKqHqf6izv8485TY6ZobKvsLuSbPr4=
Subject key identifier: E2:21:29:AE:AF:52:D2:78:9A:3D:43:3B:9C:61:77:E1:08:93:AB:0A
Certificate issuer: /CN=3204c03c36c806d687e83ea8d2720ceebbbdc343
Certificate serial: 01942369A1024B4CEE50DB8EDD3DA2A8C5AD
Authority key identifier: 32:04:C0:3C:36:C8:06:D6:87:E8:3E:A8:D2:72:0C:EE:BB:BD:C3:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MgTAPDbIBtaH6D6o0nIM7ru9w0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/5bf797-bc55-48c1-9e92-992825cd3214/1/4iEprq9S0niaPUM7nGF34QiTqwo.roa
Signing time: Wed 01 Jan 2025 19:48:32 +0000
ROA not before: Wed 01 Jan 2025 19:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51152
IP address blocks: 185.151.36.0/24 maxlen: 24
185.151.37.0/24 maxlen: 24
185.151.38.0/24 maxlen: 24
185.151.39.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:a1:02:4b:4c:ee:50:db:8e:dd:3d:a2:a8:c5:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3204c03c36c806d687e83ea8d2720ceebbbdc343
Validity
Not Before: Jan 1 19:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e22129aeaf52d2789a3d433b9c6177e10893ab0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f6:67:38:8b:f0:25:51:48:e4:79:74:60:7c:
bf:28:92:4e:06:e2:63:6a:a7:63:af:4f:3e:f7:fd:
d6:80:54:ba:4c:b4:13:30:25:6b:0a:f3:8d:a0:be:
3d:bf:34:19:ce:2f:fb:62:a9:55:7e:4c:fd:10:2b:
c8:95:bc:d4:31:ba:e3:f7:44:38:e1:52:4e:7d:bf:
b4:2f:9b:ab:7c:c0:68:a7:5e:2c:80:f3:59:14:8c:
4b:15:a5:33:28:cb:06:ac:ee:70:3a:82:97:83:3e:
3c:0d:a7:9b:93:2d:01:df:cc:ae:5d:01:e0:09:cb:
d0:f8:fb:7e:48:2a:3a:c8:dd:96:1d:90:d7:2b:84:
c5:38:08:b0:25:a2:76:14:ce:fc:14:e6:e4:02:be:
9b:f6:c2:21:05:12:d9:dc:b5:4f:02:0b:36:e6:46:
5f:ed:93:cd:5d:d2:55:61:ca:e3:6a:e9:bb:60:2d:
ae:b7:23:2c:2f:bf:5f:27:66:ed:82:72:af:ce:53:
64:f1:f4:fe:a7:5f:58:3e:e7:33:e5:ce:0c:7e:37:
26:3a:e4:f3:14:17:2e:6a:5e:7a:50:b7:bb:a4:2f:
a0:3a:89:ab:27:e4:42:68:b4:8c:aa:82:01:f9:83:
d2:3e:e6:fd:10:57:b0:e4:a9:98:81:ef:63:26:3c:
20:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:21:29:AE:AF:52:D2:78:9A:3D:43:3B:9C:61:77:E1:08:93:AB:0A
X509v3 Authority Key Identifier:
keyid:32:04:C0:3C:36:C8:06:D6:87:E8:3E:A8:D2:72:0C:EE:BB:BD:C3:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MgTAPDbIBtaH6D6o0nIM7ru9w0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/5bf797-bc55-48c1-9e92-992825cd3214/1/4iEprq9S0niaPUM7nGF34QiTqwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/5bf797-bc55-48c1-9e92-992825cd3214/1/MgTAPDbIBtaH6D6o0nIM7ru9w0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.151.36.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:7a:5f:48:6d:57:bf:b1:ec:25:2f:62:7c:b6:30:da:58:86:
e5:a4:38:e1:59:7f:0f:91:97:75:2e:2a:79:a2:39:17:66:9a:
a6:fc:8a:65:f7:7d:02:e0:d1:23:65:db:e7:ec:94:44:9f:8c:
a3:03:ac:04:f7:6a:1b:df:5e:e3:b4:4f:76:44:6d:de:d0:0b:
d4:94:ca:d8:01:27:cd:bf:5e:c9:ea:80:2a:32:56:11:60:04:
4a:b0:56:05:ba:16:f2:bc:31:bd:ed:8c:d9:26:74:64:34:82:
49:0b:29:f5:0a:23:cd:db:36:c2:a8:c5:7c:46:e7:7d:6a:93:
12:30:40:c8:9e:90:c9:8b:99:9e:d3:43:73:86:35:e8:09:d8:
8a:b4:e3:64:b7:d4:05:9b:d4:25:cf:59:6d:6d:07:f4:22:07:
ff:ec:f5:af:4e:cc:38:ba:52:39:0d:96:0f:44:ef:27:94:03:
80:cd:8b:86:57:af:f7:e3:9d:de:38:ef:6b:b7:c0:2b:41:77:
f4:1c:5f:57:b0:3f:18:a1:49:42:34:e6:5b:31:d6:ad:c8:ac:
ac:cb:7f:8e:28:f1:d7:08:12:b5:20:f6:cd:9b:02:40:8a:41:
00:38:c7:9e:c0:59:b8:38:cd:b7:09:86:95:0b:fd:ec:88:9a:
17:68:6b:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaaECS0zuUNuO3T2iqMWtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMDRjMDNjMzZjODA2ZDY4N2U4M2VhOGQyNzIwY2VlYmJi
ZGMzNDMwHhcNMjUwMTAxMTk0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjIxMjlhZWFmNTJkMjc4OWEzZDQzM2I5YzYxNzdlMTA4OTNhYjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPZnOIvwJVFI5Hl0YHy/KJJOBuJj
aqdjr08+9/3WgFS6TLQTMCVrCvONoL49vzQZzi/7YqlVfkz9ECvIlbzUMbrj90Q4
4VJOfb+0L5urfMBop14sgPNZFIxLFaUzKMsGrO5wOoKXgz48Daebky0B38yuXQHg
CcvQ+Pt+SCo6yN2WHZDXK4TFOAiwJaJ2FM78FObkAr6b9sIhBRLZ3LVPAgs25kZf
7ZPNXdJVYcrjaum7YC2utyMsL79fJ2btgnKvzlNk8fT+p19YPucz5c4MfjcmOuTz
FBcual56ULe7pC+gOomrJ+RCaLSMqoIB+YPSPub9EFew5KmYge9jJjwgaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOIhKa6vUtJ4mj1DO5xhd+EIk6sKMB8GA1UdIwQY
MBaAFDIEwDw2yAbWh+g+qNJyDO67vcNDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWdUQVBEYklCdGFINkQ2bzBuSU03cnU5dzBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny81YmY3OTctYmM1NS00OGMxLTllOTIt
OTkyODI1Y2QzMjE0LzEvNGlFcHJxOVMwbmlhUFVNN25HRjM0UWlUcXdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny81YmY3OTctYmM1NS00OGMxLTllOTItOTkyODI1Y2QzMjE0
LzEvTWdUQVBEYklCdGFINkQ2bzBuSU03cnU5dzBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZckMA0G
CSqGSIb3DQEBCwUAA4IBAQCjel9IbVe/sewlL2J8tjDaWIblpDjhWX8PkZd1Lip5
ojkXZpqm/Ipl930C4NEjZdvn7JREn4yjA6wE92ob317jtE92RG3e0AvUlMrYASfN
v17J6oAqMlYRYARKsFYFuhbyvDG97YzZJnRkNIJJCyn1CiPN2zbCqMV8Rud9apMS
MEDInpDJi5me00NzhjXoCdiKtONkt9QFm9Qlz1ltbQf0Igf/7PWvTsw4ulI5DZYP
RO8nlAOAzYuGV6/3453eOO9rt8ArQXf0HF9XsD8YoUlCNOZbMdatyKysy3+OKPHX
CBK1IPbNmwJAikEAOMeewFm4OM23CYaVC/3siJoXaGuO
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:17:39 2025 by rpki-client