Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/dd08f7-b6f4-4b42-81d7-23ab59798421/1/UHp7t70IbcWp2bwKOGl-4b8ScF4.roa
File: UHp7t70IbcWp2bwKOGl-4b8ScF4.roa (raw, json)
Hash identifier: UvX//cn/2erRwYZHy/h/xPpeIQdcBl4GUvhBbyEANqc=
Subject key identifier: 50:7A:7B:B7:BD:08:6D:C5:A9:D9:BC:0A:38:69:7E:E1:BF:12:70:5E
Certificate issuer: /CN=d8a994d846cb6696e889c1cc32285e0b23afc777
Certificate serial: 019420686E67E12D633EDA0DA12CB0AD37E8
Authority key identifier: D8:A9:94:D8:46:CB:66:96:E8:89:C1:CC:32:28:5E:0B:23:AF:C7:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2KmU2EbLZpboicHMMiheCyOvx3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/dd08f7-b6f4-4b42-81d7-23ab59798421/1/UHp7t70IbcWp2bwKOGl-4b8ScF4.roa
Signing time: Wed 01 Jan 2025 05:48:22 +0000
ROA not before: Wed 01 Jan 2025 05:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202707
IP address blocks: 185.156.156.0/22 maxlen: 24
185.156.156.0/24 maxlen: 24
185.156.157.0/24 maxlen: 24
185.156.158.0/24 maxlen: 24
185.156.159.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:6e:67:e1:2d:63:3e:da:0d:a1:2c:b0:ad:37:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8a994d846cb6696e889c1cc32285e0b23afc777
Validity
Not Before: Jan 1 05:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=507a7bb7bd086dc5a9d9bc0a38697ee1bf12705e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:3d:d5:1d:84:7f:9b:69:19:bf:a5:47:40:db:
1a:5e:e1:b3:30:56:0a:38:d2:eb:b4:dc:25:d8:42:
0d:27:83:25:4a:aa:7b:11:73:bf:0f:2f:45:23:14:
71:4c:1c:42:05:d9:60:0d:25:8e:d0:e1:5c:f0:e8:
16:87:aa:74:da:69:26:6f:2a:63:0d:61:83:c4:68:
61:48:d8:31:c0:c1:ba:65:c1:93:68:3c:c5:c5:f7:
c1:02:b3:07:b5:ed:f5:f6:40:a7:75:ba:92:33:31:
a2:c7:86:82:e7:17:c6:e6:d4:42:a0:42:72:fb:d6:
9b:6e:2a:5d:c2:b6:71:d1:f2:7c:d1:39:68:ef:30:
ed:80:d5:b5:ef:93:45:1a:7f:5b:13:11:6c:5a:db:
0f:32:4c:9e:29:83:b1:1f:95:5e:c4:1b:e3:00:ec:
9e:d5:ce:3d:99:26:80:89:a0:f7:0c:f8:a1:c4:d2:
f7:b0:0f:4e:fd:83:5c:a1:0b:38:f9:33:1f:0c:cf:
93:ca:41:4a:47:1c:1a:a3:5b:f4:49:35:ae:a1:21:
44:a6:84:c9:5b:5c:5c:4a:fc:41:89:b6:3d:42:f5:
c7:f7:73:c0:ee:ba:72:0d:4d:dd:dd:d0:74:a0:e6:
c9:87:71:09:4d:63:79:21:91:6c:b6:9f:59:84:bb:
4d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:7A:7B:B7:BD:08:6D:C5:A9:D9:BC:0A:38:69:7E:E1:BF:12:70:5E
X509v3 Authority Key Identifier:
keyid:D8:A9:94:D8:46:CB:66:96:E8:89:C1:CC:32:28:5E:0B:23:AF:C7:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2KmU2EbLZpboicHMMiheCyOvx3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/dd08f7-b6f4-4b42-81d7-23ab59798421/1/UHp7t70IbcWp2bwKOGl-4b8ScF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/dd08f7-b6f4-4b42-81d7-23ab59798421/1/2KmU2EbLZpboicHMMiheCyOvx3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.156.0/22
Signature Algorithm: sha256WithRSAEncryption
17:83:c9:d5:90:31:0b:5e:c7:50:ba:e4:48:7e:66:7b:d2:42:
37:0f:c6:a1:49:45:4a:56:6f:2c:ba:21:4f:fc:5e:3d:3f:f8:
0b:29:3a:fe:df:e2:73:1f:05:2b:bb:5d:a9:68:10:68:0e:c6:
8c:d8:8b:66:16:d3:81:96:21:93:50:33:99:f9:f7:48:72:2a:
51:eb:79:bd:90:72:38:4c:5e:a7:30:73:3c:5c:a8:d2:cb:65:
24:3e:3d:ca:77:96:5a:f0:16:18:d2:e1:5c:bc:7b:f4:84:96:
0e:9e:65:f5:d5:b8:bf:5b:a9:df:45:0f:a9:03:3a:3d:0a:ec:
ff:ce:27:1f:cf:b7:81:55:d5:e8:26:c2:96:cf:72:c1:e0:68:
b0:4a:e3:af:13:57:72:b9:49:cb:0d:7e:61:45:23:08:dd:70:
81:87:cb:45:33:44:99:e9:95:5f:d6:a2:b6:9f:7e:84:4f:0d:
e2:0f:03:79:d5:97:7d:8f:48:51:21:e6:a7:39:e7:88:23:f3:
a3:eb:5c:22:ad:ab:9b:da:5b:f0:71:bb:fa:d1:b3:59:8d:f8:
9f:4d:cf:c5:e8:a7:fe:53:72:35:54:98:61:06:4d:be:5a:ff:
0e:32:86:c5:67:85:4a:ce:30:e9:81:b7:6f:8e:82:be:93:4a:
45:c7:cd:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaG5n4S1jPtoNoSywrTfoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YTk5NGQ4NDZjYjY2OTZlODg5YzFjYzMyMjg1ZTBiMjNh
ZmM3NzcwHhcNMjUwMTAxMDU0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDdhN2JiN2JkMDg2ZGM1YTlkOWJjMGEzODY5N2VlMWJmMTI3MDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjT3VHYR/m2kZv6VHQNsaXuGzMFYK
ONLrtNwl2EINJ4MlSqp7EXO/Dy9FIxRxTBxCBdlgDSWO0OFc8OgWh6p02mkmbypj
DWGDxGhhSNgxwMG6ZcGTaDzFxffBArMHte319kCndbqSMzGix4aC5xfG5tRCoEJy
+9abbipdwrZx0fJ80Tlo7zDtgNW175NFGn9bExFsWtsPMkyeKYOxH5VexBvjAOye
1c49mSaAiaD3DPihxNL3sA9O/YNcoQs4+TMfDM+TykFKRxwao1v0STWuoSFEpoTJ
W1xcSvxBibY9QvXH93PA7rpyDU3d3dB0oObJh3EJTWN5IZFstp9ZhLtN/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFB6e7e9CG3Fqdm8CjhpfuG/EnBeMB8GA1UdIwQY
MBaAFNiplNhGy2aW6InBzDIoXgsjr8d3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkttVTJFYkxacGJvaWNITU1paGVDeU92eDNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9kZDA4ZjctYjZmNC00YjQyLTgxZDct
MjNhYjU5Nzk4NDIxLzEvVUhwN3Q3MEliY1dwMmJ3S09HbC00YjhTY0Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9kZDA4ZjctYjZmNC00YjQyLTgxZDctMjNhYjU5Nzk4NDIx
LzEvMkttVTJFYkxacGJvaWNITU1paGVDeU92eDNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZycMA0G
CSqGSIb3DQEBCwUAA4IBAQAXg8nVkDELXsdQuuRIfmZ70kI3D8ahSUVKVm8suiFP
/F49P/gLKTr+3+JzHwUru12paBBoDsaM2ItmFtOBliGTUDOZ+fdIcipR63m9kHI4
TF6nMHM8XKjSy2UkPj3Kd5Za8BYY0uFcvHv0hJYOnmX11bi/W6nfRQ+pAzo9Cuz/
zicfz7eBVdXoJsKWz3LB4GiwSuOvE1dyuUnLDX5hRSMI3XCBh8tFM0SZ6ZVf1qK2
n36ETw3iDwN51Zd9j0hRIeanOeeII/Oj61wiraub2lvwcbv60bNZjfifTc/F6Kf+
U3I1VJhhBk2+Wv8OMobFZ4VKzjDpgbdvjoK+k0pFx83S
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:28:49 2025 by rpki-client