Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/ceba5c-e9d9-4e91-babc-67282d7138a0/1/ldlRi9PG7yaWe_OISm5PxetZ-fs.roa
File: ldlRi9PG7yaWe_OISm5PxetZ-fs.roa (raw, json)
Hash identifier: zAtX/bKzY97x7lzgIkaYD8HV9V6BCkypXN+jO7OstUg=
Subject key identifier: 95:D9:51:8B:D3:C6:EF:26:96:7B:F3:88:4A:6E:4F:C5:EB:59:F9:FB
Certificate issuer: /CN=a538bb0c2b41efa8c3b02064ebc52fba92c23626
Certificate serial: 019421B1E8C9B2D5FDA046BC9EE29D7E39F0
Authority key identifier: A5:38:BB:0C:2B:41:EF:A8:C3:B0:20:64:EB:C5:2F:BA:92:C2:36:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTi7DCtB76jDsCBk68UvupLCNiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/ceba5c-e9d9-4e91-babc-67282d7138a0/1/ldlRi9PG7yaWe_OISm5PxetZ-fs.roa
Signing time: Wed 01 Jan 2025 11:48:15 +0000
ROA not before: Wed 01 Jan 2025 11:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60341
IP address blocks: 185.251.236.0/22 maxlen: 24
2a0c:1ec0::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:e8:c9:b2:d5:fd:a0:46:bc:9e:e2:9d:7e:39:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a538bb0c2b41efa8c3b02064ebc52fba92c23626
Validity
Not Before: Jan 1 11:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95d9518bd3c6ef26967bf3884a6e4fc5eb59f9fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:71:04:9f:9a:64:d8:7d:b3:f1:77:3c:1c:ba:
3a:43:4b:7d:4d:e0:55:49:43:ed:c8:5b:0d:e5:d6:
4e:fe:32:31:ce:a9:eb:69:4f:66:3c:50:e7:1e:04:
b6:9b:fb:c4:24:f1:93:0f:e5:ad:7f:f3:cb:0a:83:
9f:66:54:50:85:7a:42:c6:6f:dc:cf:ad:2f:1f:81:
4f:d4:b9:e4:ad:d3:5a:60:94:fa:7d:61:fc:33:31:
57:a3:f9:4b:21:46:22:d3:bc:46:f0:c0:f0:65:54:
51:f1:b3:10:37:3d:64:ed:bc:44:44:87:a6:ca:12:
93:32:02:7d:ae:f8:5f:03:30:5f:ba:86:dd:8f:e5:
e2:bc:6e:a3:7d:18:5e:61:47:da:83:ef:fb:4d:0c:
6e:6b:56:25:a0:9c:9a:44:56:a7:3f:30:28:0b:e8:
5e:cf:54:5c:3a:88:76:83:13:43:9b:e2:53:9f:e7:
e8:b1:d2:da:63:71:55:35:69:91:0a:6b:5b:e2:4e:
ee:eb:ea:fa:da:d2:a0:bd:47:67:d7:75:9f:44:fc:
83:e2:4a:33:2b:cd:3e:f8:db:1c:0b:86:34:dd:fa:
95:71:89:d6:51:ec:79:dc:f9:c7:af:ad:39:8b:c2:
f2:8e:4f:95:1d:2d:44:2d:96:b5:09:96:51:53:fd:
40:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:D9:51:8B:D3:C6:EF:26:96:7B:F3:88:4A:6E:4F:C5:EB:59:F9:FB
X509v3 Authority Key Identifier:
keyid:A5:38:BB:0C:2B:41:EF:A8:C3:B0:20:64:EB:C5:2F:BA:92:C2:36:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTi7DCtB76jDsCBk68UvupLCNiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/ceba5c-e9d9-4e91-babc-67282d7138a0/1/ldlRi9PG7yaWe_OISm5PxetZ-fs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/ceba5c-e9d9-4e91-babc-67282d7138a0/1/pTi7DCtB76jDsCBk68UvupLCNiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.236.0/22
IPv6:
2a0c:1ec0::/29
Signature Algorithm: sha256WithRSAEncryption
22:d2:d9:2f:4d:72:c7:20:f2:31:ea:8c:06:72:4b:bf:0b:c7:
71:92:71:ad:2d:23:58:2d:dc:38:8a:f0:fb:9b:65:55:af:e4:
0b:02:29:bf:68:23:97:84:b7:52:2a:12:e4:28:c1:63:27:bb:
99:ed:2a:87:39:65:e3:98:13:fa:da:78:5b:e1:24:5f:db:2c:
bd:ee:10:5c:ff:04:98:87:62:4c:bf:c1:c8:3c:a7:57:91:b1:
b6:54:f5:5b:d3:c1:bc:0e:d6:25:b1:09:93:d3:29:7b:9d:d1:
3f:55:2b:63:d0:55:d0:e9:06:f9:eb:b1:fe:13:08:73:c9:33:
ed:6f:11:98:40:ad:6d:c6:ce:93:80:ed:87:e8:87:90:fc:e3:
94:43:0b:81:25:39:3c:c6:36:30:83:96:18:a1:86:a3:cf:58:
38:ba:ca:08:37:b0:ab:29:d4:a3:33:97:47:ce:dc:91:0b:b8:
ae:3a:9e:eb:0b:36:57:2f:47:2c:57:3a:07:19:9b:9b:5b:97:
b5:61:7d:56:04:58:60:e9:7f:d9:4a:67:31:be:95:f5:be:b3:
15:47:e5:6f:35:01:5c:cc:96:2d:5a:ed:9a:91:5e:ef:f5:3f:
ac:1e:29:9e:81:45:71:17:5d:18:1c:db:58:a2:4c:94:d9:44:
c4:68:18:76
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhsejJstX9oEa8nuKdfjnwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzhiYjBjMmI0MWVmYThjM2IwMjA2NGViYzUyZmJhOTJj
MjM2MjYwHhcNMjUwMTAxMTE0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWQ5NTE4YmQzYzZlZjI2OTY3YmYzODg0YTZlNGZjNWViNTlmOWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnEEn5pk2H2z8Xc8HLo6Q0t9TeBV
SUPtyFsN5dZO/jIxzqnraU9mPFDnHgS2m/vEJPGTD+Wtf/PLCoOfZlRQhXpCxm/c
z60vH4FP1LnkrdNaYJT6fWH8MzFXo/lLIUYi07xG8MDwZVRR8bMQNz1k7bxERIem
yhKTMgJ9rvhfAzBfuobdj+XivG6jfRheYUfag+/7TQxua1YloJyaRFanPzAoC+he
z1RcOoh2gxNDm+JTn+fosdLaY3FVNWmRCmtb4k7u6+r62tKgvUdn13WfRPyD4koz
K80++NscC4Y03fqVcYnWUex53PnHr605i8Lyjk+VHS1ELZa1CZZRU/1AnQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJXZUYvTxu8mlnvziEpuT8XrWfn7MB8GA1UdIwQY
MBaAFKU4uwwrQe+ow7AgZOvFL7qSwjYmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRpN0RDdEI3NmpEc0NCazY4VXZ1cExDTmlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9jZWJhNWMtZTlkOS00ZTkxLWJhYmMt
NjcyODJkNzEzOGEwLzEvbGRsUmk5UEc3eWFXZV9PSVNtNVB4ZXRaLWZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9jZWJhNWMtZTlkOS00ZTkxLWJhYmMtNjcyODJkNzEzOGEw
LzEvcFRpN0RDdEI3NmpEc0NCazY4VXZ1cExDTmlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufvsMA0E
AgACMAcDBQMqDB7AMA0GCSqGSIb3DQEBCwUAA4IBAQAi0tkvTXLHIPIx6owGcku/
C8dxknGtLSNYLdw4ivD7m2VVr+QLAim/aCOXhLdSKhLkKMFjJ7uZ7SqHOWXjmBP6
2nhb4SRf2yy97hBc/wSYh2JMv8HIPKdXkbG2VPVb08G8DtYlsQmT0yl7ndE/VStj
0FXQ6Qb567H+EwhzyTPtbxGYQK1txs6TgO2H6IeQ/OOUQwuBJTk8xjYwg5YYoYaj
z1g4usoIN7CrKdSjM5dHztyRC7iuOp7rCzZXL0csVzoHGZubW5e1YX1WBFhg6X/Z
SmcxvpX1vrMVR+VvNQFczJYtWu2akV7v9T+sHimegUVxF10YHNtYokyU2UTEaBh2
-----END CERTIFICATE-----
Generated at Sat Apr 26 05:26:28 2025 by rpki-client