Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/686cfd-a02c-4073-99dd-d7f45e0a7736/1/1cBDORiVvrRChAcdm2hc6y292d0.roa
File: 1cBDORiVvrRChAcdm2hc6y292d0.roa (raw, json)
Hash identifier: XIDQHNSLIfpf1kaFUtLQNCl28oalABx/0LdYZxGeMgk=
Subject key identifier: D5:C0:43:39:18:95:BE:B4:42:84:07:1D:9B:68:5C:EB:2D:BD:D9:DD
Certificate issuer: /CN=0ca4bb69b3f56805140efae243e4dd4b36c0dd1b
Certificate serial: 0194258FB136F8BE05C5957C44030151E629
Authority key identifier: 0C:A4:BB:69:B3:F5:68:05:14:0E:FA:E2:43:E4:DD:4B:36:C0:DD:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DKS7abP1aAUUDvriQ-TdSzbA3Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/686cfd-a02c-4073-99dd-d7f45e0a7736/1/1cBDORiVvrRChAcdm2hc6y292d0.roa
Signing time: Thu 02 Jan 2025 05:49:21 +0000
ROA not before: Thu 02 Jan 2025 05:49:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201634
IP address blocks: 185.69.32.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:b1:36:f8:be:05:c5:95:7c:44:03:01:51:e6:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ca4bb69b3f56805140efae243e4dd4b36c0dd1b
Validity
Not Before: Jan 2 05:49:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5c043391895beb44284071d9b685ceb2dbdd9dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:86:7d:23:d6:1a:4b:67:9b:01:5c:79:28:16:
f9:fd:04:43:43:15:33:0a:0f:47:a1:d0:e8:7a:26:
c4:36:7b:73:a3:5a:c6:e9:3c:47:73:8f:ae:a2:30:
97:f1:78:1f:db:69:4d:8b:1a:3a:8d:dc:ed:71:5f:
19:45:21:df:8c:a5:ce:c9:0e:2d:17:81:6c:85:a3:
10:dd:41:00:8e:72:8c:26:52:7b:29:99:04:4b:ab:
d5:a7:1f:dd:b4:4a:50:61:c7:c3:2e:9c:8c:a1:bb:
f4:d8:e4:cf:28:ae:40:7e:04:2a:58:7e:c2:78:3f:
ac:ae:91:3e:46:ee:d8:c9:be:b6:41:bf:49:be:ff:
fe:ab:fe:e9:08:a7:f8:33:39:cc:c4:ac:cc:79:ed:
1a:64:04:28:e1:d4:df:97:2f:3b:07:a3:9d:9f:bc:
eb:57:0e:0c:b9:4d:a4:b0:ef:0a:77:16:3c:83:37:
ee:6d:eb:71:fe:fc:a4:77:16:35:16:f8:1d:a1:f2:
ce:97:fd:38:4f:dd:34:b6:cf:a9:44:30:12:dd:06:
b5:18:a9:03:ae:f0:79:28:ca:65:75:3e:30:37:dc:
22:d8:13:12:90:7c:64:3d:e4:1e:78:9c:c1:de:d7:
79:e6:2e:f1:23:81:f6:d3:03:37:e8:1d:44:d4:16:
96:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:C0:43:39:18:95:BE:B4:42:84:07:1D:9B:68:5C:EB:2D:BD:D9:DD
X509v3 Authority Key Identifier:
keyid:0C:A4:BB:69:B3:F5:68:05:14:0E:FA:E2:43:E4:DD:4B:36:C0:DD:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DKS7abP1aAUUDvriQ-TdSzbA3Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/686cfd-a02c-4073-99dd-d7f45e0a7736/1/1cBDORiVvrRChAcdm2hc6y292d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/686cfd-a02c-4073-99dd-d7f45e0a7736/1/DKS7abP1aAUUDvriQ-TdSzbA3Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.32.0/22
Signature Algorithm: sha256WithRSAEncryption
21:89:4b:54:23:45:fe:dd:4b:78:43:b7:21:5c:09:34:2f:72:
28:15:df:58:18:56:59:c8:e0:84:e4:67:84:2b:f3:85:30:68:
01:fd:66:da:d2:3c:04:66:68:6b:90:d2:14:f3:5c:92:a5:96:
3a:c2:67:0f:37:a8:53:2a:0c:ea:71:96:69:75:6d:c1:68:e9:
0b:72:15:17:dc:d1:dd:4d:82:a5:a9:39:23:ac:6b:c6:e2:d3:
d8:f9:42:6d:f4:33:1a:ee:bc:5d:15:55:55:ce:da:7f:2a:65:
00:ba:0f:aa:5b:bb:e9:61:e5:84:63:59:88:0b:7a:9d:a7:e1:
b0:a0:33:5c:59:23:ce:aa:37:63:11:3f:92:cb:b7:54:fc:91:
3d:53:d7:85:d6:3e:fc:2e:9b:1c:18:40:e5:9a:be:4a:3d:13:
bc:9d:1d:11:c9:af:9b:99:4f:6d:77:e5:2e:48:fd:bf:05:f9:
97:62:54:c6:6e:05:33:bc:36:1e:15:cf:23:4d:ad:61:bf:2c:
6f:74:d5:db:df:71:c3:8e:95:95:d1:2f:93:9f:bc:b2:b9:81:
a5:02:64:14:87:a8:0d:75:d7:1a:59:23:7b:35:33:7c:0d:6c:
aa:f6:b3:03:75:80:fb:45:b3:21:d0:29:5f:1f:35:65:75:71:
fe:29:f3:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj7E2+L4FxZV8RAMBUeYpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjYTRiYjY5YjNmNTY4MDUxNDBlZmFlMjQzZTRkZDRiMzZj
MGRkMWIwHhcNMjUwMTAyMDU0OTIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWMwNDMzOTE4OTViZWI0NDI4NDA3MWQ5YjY4NWNlYjJkYmRkOWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmoZ9I9YaS2ebAVx5KBb5/QRDQxUz
Cg9HodDoeibENntzo1rG6TxHc4+uojCX8Xgf22lNixo6jdztcV8ZRSHfjKXOyQ4t
F4FshaMQ3UEAjnKMJlJ7KZkES6vVpx/dtEpQYcfDLpyMobv02OTPKK5AfgQqWH7C
eD+srpE+Ru7Yyb62Qb9Jvv/+q/7pCKf4MznMxKzMee0aZAQo4dTfly87B6Odn7zr
Vw4MuU2ksO8KdxY8gzfubetx/vykdxY1FvgdofLOl/04T900ts+pRDAS3Qa1GKkD
rvB5KMpldT4wN9wi2BMSkHxkPeQeeJzB3td55i7xI4H20wM36B1E1BaWqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNXAQzkYlb60QoQHHZtoXOstvdndMB8GA1UdIwQY
MBaAFAyku2mz9WgFFA764kPk3Us2wN0bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREtTN2FiUDFhQVVVRHZyaVEtVGRTemJBM1JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC82ODZjZmQtYTAyYy00MDczLTk5ZGQt
ZDdmNDVlMGE3NzM2LzEvMWNCRE9SaVZ2clJDaEFjZG0yaGM2eTI5MmQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC82ODZjZmQtYTAyYy00MDczLTk5ZGQtZDdmNDVlMGE3NzM2
LzEvREtTN2FiUDFhQVVVRHZyaVEtVGRTemJBM1JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUUgMA0G
CSqGSIb3DQEBCwUAA4IBAQAhiUtUI0X+3Ut4Q7chXAk0L3IoFd9YGFZZyOCE5GeE
K/OFMGgB/Wba0jwEZmhrkNIU81ySpZY6wmcPN6hTKgzqcZZpdW3BaOkLchUX3NHd
TYKlqTkjrGvG4tPY+UJt9DMa7rxdFVVVztp/KmUAug+qW7vpYeWEY1mIC3qdp+Gw
oDNcWSPOqjdjET+Sy7dU/JE9U9eF1j78LpscGEDlmr5KPRO8nR0Rya+bmU9td+Uu
SP2/BfmXYlTGbgUzvDYeFc8jTa1hvyxvdNXb33HDjpWV0S+Tn7yyuYGlAmQUh6gN
ddcaWSN7NTN8DWyq9rMDdYD7RbMh0ClfHzVldXH+KfMV
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:32:01 2025 by rpki-client