Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/5b2d16-087f-488c-9ebb-e8a322846641/1/vkfZgYornLyFRcsSczSPVSrUfQk.roa
File: vkfZgYornLyFRcsSczSPVSrUfQk.roa (raw, json)
Hash identifier: KEormr1cuV7WUv9lxgaJIBb9fC8nujOGpBV6adXBfrs=
Subject key identifier: BE:47:D9:81:8A:2B:9C:BC:85:45:CB:12:73:34:8F:55:2A:D4:7D:09
Certificate issuer: /CN=370ea1b05cbd4e5c0926787c79533ee29d94be96
Certificate serial: 019426D92BAF049E8A13412C3045285AA4FC
Authority key identifier: 37:0E:A1:B0:5C:BD:4E:5C:09:26:78:7C:79:53:3E:E2:9D:94:BE:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nw6hsFy9TlwJJnh8eVM-4p2UvpY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/5b2d16-087f-488c-9ebb-e8a322846641/1/vkfZgYornLyFRcsSczSPVSrUfQk.roa
Signing time: Thu 02 Jan 2025 11:49:14 +0000
ROA not before: Thu 02 Jan 2025 11:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20704
IP address blocks: 185.158.16.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:2b:af:04:9e:8a:13:41:2c:30:45:28:5a:a4:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=370ea1b05cbd4e5c0926787c79533ee29d94be96
Validity
Not Before: Jan 2 11:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be47d9818a2b9cbc8545cb1273348f552ad47d09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:cd:78:bc:94:ca:0f:05:e9:2c:87:44:12:0d:
eb:43:3e:a7:5d:1b:69:6c:46:a4:6c:ef:52:fb:a8:
4e:6c:07:00:bf:e1:1f:8b:01:d4:d5:fd:73:f8:15:
31:31:bf:ba:40:ca:51:e1:ed:b2:86:4c:af:8b:d8:
b8:70:cf:7e:7a:e0:0f:ee:a8:8a:e0:6f:4d:ec:aa:
b8:0c:75:e1:ab:df:dc:63:2d:17:ea:cc:88:54:24:
52:89:67:77:91:60:71:0c:72:e6:ae:46:da:a2:03:
fd:74:ec:6f:3c:41:f9:2d:50:92:d7:61:57:20:d1:
05:1a:ed:af:3e:60:ea:2f:99:e7:15:2c:d6:e3:8a:
5b:b5:a9:98:32:ed:b3:38:0b:23:ff:01:81:30:61:
7f:b2:48:4f:5d:91:08:a1:8b:46:3c:0a:b9:ca:9d:
b7:71:0e:67:aa:a8:2d:b1:8d:d5:08:a0:6b:e5:2c:
30:d5:9e:cc:3e:2d:eb:9b:76:0f:dd:23:70:f5:70:
01:a8:31:78:5f:65:00:ab:3f:8b:1c:a7:f5:bf:4b:
84:61:ea:c5:11:eb:7e:fb:b6:81:37:29:f2:6c:a6:
a9:43:60:8b:25:da:01:e7:1f:5f:2f:df:53:9d:01:
6b:7a:db:06:2c:22:af:f9:9c:61:2d:97:90:1f:31:
8c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:47:D9:81:8A:2B:9C:BC:85:45:CB:12:73:34:8F:55:2A:D4:7D:09
X509v3 Authority Key Identifier:
keyid:37:0E:A1:B0:5C:BD:4E:5C:09:26:78:7C:79:53:3E:E2:9D:94:BE:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nw6hsFy9TlwJJnh8eVM-4p2UvpY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/5b2d16-087f-488c-9ebb-e8a322846641/1/vkfZgYornLyFRcsSczSPVSrUfQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/5b2d16-087f-488c-9ebb-e8a322846641/1/Nw6hsFy9TlwJJnh8eVM-4p2UvpY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.158.16.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:f3:15:23:e0:16:5d:46:5c:d5:24:73:71:88:25:90:1a:b0:
ba:1d:f7:5d:2b:df:06:90:2a:be:e3:4f:d0:3d:f0:e7:8e:e3:
e9:97:b5:07:71:ad:94:78:6e:3e:77:fe:d9:67:a9:f4:3c:6c:
9a:02:80:a2:bf:8c:a4:86:34:3e:a4:a7:e3:d6:29:ea:0e:4d:
18:2a:b6:8d:8d:62:5c:09:8b:9e:9c:8e:2c:85:b8:42:ce:6f:
b3:e9:11:79:fd:42:32:c1:d6:1c:aa:2e:d9:4a:2b:74:a3:f2:
8e:2b:5a:d4:c5:84:58:54:99:7a:d3:00:10:e2:2c:f6:ab:e2:
b9:8e:c9:b3:81:97:77:a1:b3:a1:d2:b3:80:5f:a2:fd:15:3c:
7c:5c:1a:d7:94:70:fb:df:d6:99:6c:d6:71:96:44:42:37:ef:
a5:a2:dd:f8:c4:ee:e6:ad:ed:61:6e:be:20:ed:13:a6:b6:02:
5c:bb:b7:c9:5e:c1:a7:bf:d6:fc:9d:b7:c4:62:8a:2a:d2:3a:
fd:ac:f8:60:90:0b:6a:eb:7b:dd:70:d7:40:06:cf:d2:5e:3d:
f9:c6:cd:ae:5d:61:cd:70:15:62:38:49:4a:4d:a8:2e:40:58:
73:52:17:e0:16:ba:ae:86:9a:ba:ea:02:64:42:fc:22:1f:65:
15:06:dc:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2SuvBJ6KE0EsMEUoWqT8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MGVhMWIwNWNiZDRlNWMwOTI2Nzg3Yzc5NTMzZWUyOWQ5
NGJlOTYwHhcNMjUwMTAyMTE0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTQ3ZDk4MThhMmI5Y2JjODU0NWNiMTI3MzM0OGY1NTJhZDQ3ZDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi814vJTKDwXpLIdEEg3rQz6nXRtp
bEakbO9S+6hObAcAv+EfiwHU1f1z+BUxMb+6QMpR4e2yhkyvi9i4cM9+euAP7qiK
4G9N7Kq4DHXhq9/cYy0X6syIVCRSiWd3kWBxDHLmrkbaogP9dOxvPEH5LVCS12FX
INEFGu2vPmDqL5nnFSzW44pbtamYMu2zOAsj/wGBMGF/skhPXZEIoYtGPAq5yp23
cQ5nqqgtsY3VCKBr5Sww1Z7MPi3rm3YP3SNw9XABqDF4X2UAqz+LHKf1v0uEYerF
Eet++7aBNynybKapQ2CLJdoB5x9fL99TnQFretsGLCKv+ZxhLZeQHzGM7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL5H2YGKK5y8hUXLEnM0j1Uq1H0JMB8GA1UdIwQY
MBaAFDcOobBcvU5cCSZ4fHlTPuKdlL6WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnc2aHNGeTlUbHdKSm5oOGVWTS00cDJVdnBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS81YjJkMTYtMDg3Zi00ODhjLTllYmIt
ZThhMzIyODQ2NjQxLzEvdmtmWmdZb3JuTHlGUmNzU2N6U1BWU3JVZlFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS81YjJkMTYtMDg3Zi00ODhjLTllYmItZThhMzIyODQ2NjQx
LzEvTnc2aHNGeTlUbHdKSm5oOGVWTS00cDJVdnBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZ4QMA0G
CSqGSIb3DQEBCwUAA4IBAQAs8xUj4BZdRlzVJHNxiCWQGrC6HfddK98GkCq+40/Q
PfDnjuPpl7UHca2UeG4+d/7ZZ6n0PGyaAoCiv4ykhjQ+pKfj1inqDk0YKraNjWJc
CYuenI4shbhCzm+z6RF5/UIywdYcqi7ZSit0o/KOK1rUxYRYVJl60wAQ4iz2q+K5
jsmzgZd3obOh0rOAX6L9FTx8XBrXlHD739aZbNZxlkRCN++lot34xO7mre1hbr4g
7ROmtgJcu7fJXsGnv9b8nbfEYooq0jr9rPhgkAtq63vdcNdABs/SXj35xs2uXWHN
cBViOElKTaguQFhzUhfgFrquhpq66gJkQvwiH2UVBtzb
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:42:29 2025 by rpki-client