Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/I2YZ3IMak0VxnQcMthTtwmErqSw.roa
File: I2YZ3IMak0VxnQcMthTtwmErqSw.roa (raw, json)
Hash identifier: p04i2TuYtY5s50ZwH3Us8UiZXTbYrw5bHRhSeM6Ld8Q=
Subject key identifier: 23:66:19:DC:83:1A:93:45:71:9D:07:0C:B6:14:ED:C2:61:2B:A9:2C
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 019424455F2324F48B5D2A671259ED193D46
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/I2YZ3IMak0VxnQcMthTtwmErqSw.roa
Signing time: Wed 01 Jan 2025 23:48:33 +0000
ROA not before: Wed 01 Jan 2025 23:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203978
IP address blocks: 185.106.44.0/22 maxlen: 24
185.176.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:5f:23:24:f4:8b:5d:2a:67:12:59:ed:19:3d:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Jan 1 23:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=236619dc831a9345719d070cb614edc2612ba92c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d9:7f:05:b2:cc:2c:e1:ce:09:1c:5f:e4:d6:
e1:59:83:8b:ef:a9:a8:24:13:1c:ae:87:8e:0b:46:
6d:9c:7a:16:d0:4c:4b:1b:2d:99:c8:e6:12:15:02:
36:9b:ae:0e:99:89:23:5d:eb:c1:f7:d4:4e:bd:fc:
ac:bc:f9:68:de:70:88:c5:09:bd:f1:b6:c0:ce:46:
68:0e:85:18:09:2a:37:24:82:22:1f:d2:18:07:5a:
af:24:a0:0b:1d:75:f5:4c:f6:25:c1:97:be:cb:4c:
95:ca:6a:fe:1e:94:cb:f5:50:ee:9a:93:e5:9c:fa:
40:9f:9c:e2:93:9c:26:95:99:9c:28:e9:d2:36:9a:
66:20:5a:72:fc:a6:e6:72:df:f9:af:55:6d:40:cf:
2c:e1:13:1d:1d:c3:a7:e0:48:aa:16:be:df:06:01:
b6:4a:8c:36:88:b7:8b:86:5e:1b:e5:e9:30:63:7c:
37:e3:d8:70:56:d5:6f:df:1b:7e:4b:b0:64:af:79:
7f:73:f8:26:2e:ba:1b:da:22:6d:b8:4f:17:f8:c6:
d6:92:42:f0:e1:3a:39:1f:52:3d:23:78:b0:b8:7b:
3d:c6:28:2e:70:50:55:e7:ef:ae:d7:cb:da:78:1b:
32:f4:2b:94:49:b0:67:00:09:5a:41:ee:28:72:92:
a0:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:66:19:DC:83:1A:93:45:71:9D:07:0C:B6:14:ED:C2:61:2B:A9:2C
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/I2YZ3IMak0VxnQcMthTtwmErqSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.106.44.0/22
185.176.104.0/22
Signature Algorithm: sha256WithRSAEncryption
27:cc:9e:77:35:9a:d0:93:d0:ac:fb:03:be:26:25:39:4b:54:
20:f3:74:af:b7:73:84:29:fd:2c:9c:55:85:0c:5b:01:77:5d:
c2:6f:29:0d:04:e4:c8:75:1d:a3:ee:da:10:96:73:f8:db:49:
9c:25:18:2e:59:6e:3b:a6:2c:e7:fb:c1:d4:5c:28:24:5b:c9:
f6:5c:8b:05:c8:6e:d1:97:c5:34:f5:4a:77:dc:01:ee:46:bd:
1b:04:b0:57:de:0f:08:e4:b2:f9:e0:1d:36:de:d6:3b:fe:e5:
5b:d2:57:32:3f:8b:22:d0:22:85:c7:be:02:0d:a1:bd:21:09:
4e:71:34:ed:9a:d1:63:0c:9e:6a:d3:d3:ff:07:fa:eb:5c:e7:
c9:43:66:b6:9f:7b:73:33:26:78:45:b1:b5:cc:f3:11:07:90:
c1:e3:f6:6b:3f:e5:86:d5:48:b1:5a:c3:85:87:ff:bd:38:f2:
21:9f:48:fd:c1:6a:a6:6f:cf:35:3f:2d:ef:c8:3b:8e:77:d6:
63:6f:d3:5d:b8:48:24:7d:87:71:87:f7:06:52:40:b5:9a:48:
8a:98:d6:ae:5e:5d:5e:68:5a:84:4b:7e:3b:46:fe:31:72:f1:
19:12:43:05:43:76:ae:fe:8b:93:ff:81:bb:a5:a9:8c:1e:da:
d4:fd:57:61
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQkRV8jJPSLXSpnElntGT1GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjUwMTAxMjM0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzY2MTlkYzgzMWE5MzQ1NzE5ZDA3MGNiNjE0ZWRjMjYxMmJhOTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstl/BbLMLOHOCRxf5NbhWYOL76mo
JBMcroeOC0ZtnHoW0ExLGy2ZyOYSFQI2m64OmYkjXevB99ROvfysvPlo3nCIxQm9
8bbAzkZoDoUYCSo3JIIiH9IYB1qvJKALHXX1TPYlwZe+y0yVymr+HpTL9VDumpPl
nPpAn5zik5wmlZmcKOnSNppmIFpy/Kbmct/5r1VtQM8s4RMdHcOn4EiqFr7fBgG2
Sow2iLeLhl4b5ekwY3w349hwVtVv3xt+S7Bkr3l/c/gmLrob2iJtuE8X+MbWkkLw
4To5H1I9I3iwuHs9xigucFBV5++u18vaeBsy9CuUSbBnAAlaQe4ocpKgQwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCNmGdyDGpNFcZ0HDLYU7cJhK6ksMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvSTJZWjNJTWFrMFZ4blFjTXRoVHR3bUVycVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuWosAwQC
ubBoMA0GCSqGSIb3DQEBCwUAA4IBAQAnzJ53NZrQk9Cs+wO+JiU5S1Qg83Svt3OE
Kf0snFWFDFsBd13CbykNBOTIdR2j7toQlnP420mcJRguWW47pizn+8HUXCgkW8n2
XIsFyG7Rl8U09Up33AHuRr0bBLBX3g8I5LL54B023tY7/uVb0lcyP4si0CKFx74C
DaG9IQlOcTTtmtFjDJ5q09P/B/rrXOfJQ2a2n3tzMyZ4RbG1zPMRB5DB4/ZrP+WG
1UixWsOFh/+9OPIhn0j9wWqmb881Py3vyDuOd9Zjb9NduEgkfYdxh/cGUkC1mkiK
mNauXl1eaFqES347Rv4xcvEZEkMFQ3au/ouT/4G7pamMHtrU/Vdh
-----END CERTIFICATE-----
Generated at Fri Apr 25 16:32:55 2025 by rpki-client