Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/71fff9-343d-4f07-a491-7c0fd29cf3e9/1/uVc-YEHIfoCC97dYSAB-pvf1GkY.roa
File: uVc-YEHIfoCC97dYSAB-pvf1GkY.roa (raw, json)
Hash identifier: xpxJQ9Mtn3be8wfSELsmv9qWpA192efhc4xx/FDBoxc=
Subject key identifier: B9:57:3E:60:41:C8:7E:80:82:F7:B7:58:48:00:7E:A6:F7:F5:1A:46
Certificate issuer: /CN=84ffa542f3d8c9b07bf76eae8a86985a3d7b4dc7
Certificate serial: 01941F8C1A669E0AD96C3601C3A4D5D10203
Authority key identifier: 84:FF:A5:42:F3:D8:C9:B0:7B:F7:6E:AE:8A:86:98:5A:3D:7B:4D:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hP-lQvPYybB7926uioaYWj17Tcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/71fff9-343d-4f07-a491-7c0fd29cf3e9/1/uVc-YEHIfoCC97dYSAB-pvf1GkY.roa
Signing time: Wed 01 Jan 2025 01:47:42 +0000
ROA not before: Wed 01 Jan 2025 01:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207058
IP address blocks: 185.167.88.0/24 maxlen: 24
185.167.89.0/24 maxlen: 24
185.167.90.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:1a:66:9e:0a:d9:6c:36:01:c3:a4:d5:d1:02:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84ffa542f3d8c9b07bf76eae8a86985a3d7b4dc7
Validity
Not Before: Jan 1 01:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b9573e6041c87e8082f7b75848007ea6f7f51a46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fe:71:12:ad:91:87:b1:b7:ea:0a:1a:79:cb:
7a:b0:1f:2e:13:29:4a:d2:63:6c:c0:c5:e8:bb:b5:
65:5c:8f:a2:63:53:6f:2f:4b:81:3d:a9:5f:1f:dc:
60:6f:c9:4b:1d:78:7a:d5:5e:ae:eb:64:bf:1d:cc:
ca:8f:fa:4e:8e:db:16:0c:a9:16:f9:f2:c7:04:43:
2c:30:1b:78:3d:14:8f:be:54:89:a8:37:ff:50:8c:
da:42:db:b4:e6:e0:68:78:bf:a5:11:4c:e8:bf:86:
cd:a6:65:a4:e2:0f:9b:ed:a6:e6:43:b1:b1:6e:69:
b4:6c:7f:66:4a:13:7d:e3:2f:b3:b0:45:e7:cb:a1:
af:c9:88:e0:a3:28:11:f8:7a:85:9d:ae:90:39:9b:
ac:dd:b7:0d:de:49:55:81:f4:1d:68:f4:db:87:a2:
27:57:f4:6e:a5:ab:98:9c:f0:a0:11:99:3e:9e:cb:
63:a0:f2:f6:12:1b:61:95:a6:3d:de:07:a6:4b:86:
a5:90:4c:17:d6:8c:68:bb:2c:66:38:c6:24:c9:02:
09:b6:78:e5:ff:e4:db:f0:39:68:9c:0d:21:bc:31:
c7:b0:73:68:0e:a3:aa:d6:3a:d3:50:56:1a:40:40:
14:1f:3a:66:ad:46:33:0a:5c:d4:78:7d:2a:9e:59:
c6:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:57:3E:60:41:C8:7E:80:82:F7:B7:58:48:00:7E:A6:F7:F5:1A:46
X509v3 Authority Key Identifier:
keyid:84:FF:A5:42:F3:D8:C9:B0:7B:F7:6E:AE:8A:86:98:5A:3D:7B:4D:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hP-lQvPYybB7926uioaYWj17Tcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/71fff9-343d-4f07-a491-7c0fd29cf3e9/1/uVc-YEHIfoCC97dYSAB-pvf1GkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/71fff9-343d-4f07-a491-7c0fd29cf3e9/1/hP-lQvPYybB7926uioaYWj17Tcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.88.0-185.167.90.255
Signature Algorithm: sha256WithRSAEncryption
54:5c:96:4d:80:02:80:92:10:c1:6e:56:03:cd:c3:04:ed:c2:
c7:8d:0e:7f:e0:65:e2:89:31:d1:8e:63:3f:b7:d4:6e:30:7a:
12:47:ef:f8:12:25:92:a6:f1:d9:a9:9a:1f:d4:ae:ea:aa:d6:
ff:91:f4:ba:0d:a1:f3:8f:20:94:78:f7:d2:41:f0:7e:1a:80:
ef:d2:c0:9e:24:f9:44:9e:7a:26:67:93:f6:79:71:c3:bd:96:
24:1e:e7:df:3c:a2:8c:57:34:52:fb:3b:ae:e1:3f:37:47:44:
cf:c5:0a:71:75:27:84:d0:70:68:4d:11:4d:e2:ae:14:6b:d4:
df:5e:b5:9f:c6:ce:9d:2e:cb:65:81:d9:c5:0a:12:1c:05:82:
d1:4a:e6:14:d7:be:05:97:b0:83:2c:b5:1f:12:60:58:c1:c2:
9f:c2:ea:c8:cf:aa:be:fb:76:11:88:5c:d2:c9:3c:d7:35:7b:
c6:ea:19:8e:ee:f4:4a:04:9c:b1:28:7d:c0:a3:4c:81:c3:c3:
4d:53:9d:c7:40:a0:8a:eb:6e:16:66:94:9b:75:52:bb:43:10:
d4:3c:4c:96:8b:14:b7:30:8f:2f:88:44:22:b1:5d:e2:5e:56:
b8:94:85:c7:f7:81:8d:08:68:d7:d9:ac:16:4c:c1:45:23:9f:
91:eb:84:d4
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQfjBpmngrZbDYBw6TV0QIDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZmZhNTQyZjNkOGM5YjA3YmY3NmVhZThhODY5ODVhM2Q3
YjRkYzcwHhcNMjUwMTAxMDE0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTU3M2U2MDQxYzg3ZTgwODJmN2I3NTg0ODAwN2VhNmY3ZjUxYTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsv5xEq2Rh7G36goaect6sB8uEylK
0mNswMXou7VlXI+iY1NvL0uBPalfH9xgb8lLHXh61V6u62S/HczKj/pOjtsWDKkW
+fLHBEMsMBt4PRSPvlSJqDf/UIzaQtu05uBoeL+lEUzov4bNpmWk4g+b7abmQ7Gx
bmm0bH9mShN94y+zsEXny6GvyYjgoygR+HqFna6QOZus3bcN3klVgfQdaPTbh6In
V/RupauYnPCgEZk+nstjoPL2EhthlaY93gemS4alkEwX1oxouyxmOMYkyQIJtnjl
/+Tb8DlonA0hvDHHsHNoDqOq1jrTUFYaQEAUHzpmrUYzClzUeH0qnlnGmwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLlXPmBByH6Agve3WEgAfqb39RpGMB8GA1UdIwQY
MBaAFIT/pULz2Mmwe/duroqGmFo9e03HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFAtbFF2UFl5YkI3OTI2dWlvYVlXajE3VGNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC83MWZmZjktMzQzZC00ZjA3LWE0OTEt
N2MwZmQyOWNmM2U5LzEvdVZjLVlFSElmb0NDOTdkWVNBQi1wdmYxR2tZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC83MWZmZjktMzQzZC00ZjA3LWE0OTEtN2MwZmQyOWNmM2U5
LzEvaFAtbFF2UFl5YkI3OTI2dWlvYVlXajE3VGNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAO5p1gD
BAC5p1owDQYJKoZIhvcNAQELBQADggEBAFRclk2AAoCSEMFuVgPNwwTtwseNDn/g
ZeKJMdGOYz+31G4wehJH7/gSJZKm8dmpmh/Uruqq1v+R9LoNofOPIJR499JB8H4a
gO/SwJ4k+USeeiZnk/Z5ccO9liQe5988ooxXNFL7O67hPzdHRM/FCnF1J4TQcGhN
EU3irhRr1N9etZ/Gzp0uy2WB2cUKEhwFgtFK5hTXvgWXsIMstR8SYFjBwp/C6sjP
qr77dhGIXNLJPNc1e8bqGY7u9EoEnLEofcCjTIHDw01TncdAoIrrbhZmlJt1UrtD
ENQ8TJaLFLcwjy+IRCKxXeJeVriUhcf3gY0IaNfZrBZMwUUjn5HrhNQ=
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:14:17 2025 by rpki-client