Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/35Hkh6WGB56LhQUZWJy4fWu8adc.roa
File: 35Hkh6WGB56LhQUZWJy4fWu8adc.roa (raw, json)
Hash identifier: N+zjw78vBIKP/bKJa3b5qGQ6N/RlG9tWFNOT+GZrtRA=
Subject key identifier: DF:91:E4:87:A5:86:07:9E:8B:85:05:19:58:9C:B8:7D:6B:BC:69:D7
Certificate issuer: /CN=cb9f8612b7f14750016b848c42f60df36ad832d9
Certificate serial: 01941F8C4D844B80E9BB43CF7AFDBD208219
Authority key identifier: CB:9F:86:12:B7:F1:47:50:01:6B:84:8C:42:F6:0D:F3:6A:D8:32:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y5-GErfxR1ABa4SMQvYN82rYMtk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/35Hkh6WGB56LhQUZWJy4fWu8adc.roa
Signing time: Wed 01 Jan 2025 01:47:56 +0000
ROA not before: Wed 01 Jan 2025 01:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205870
IP address blocks: 185.145.28.0/24 maxlen: 24
185.145.29.0/24 maxlen: 24
185.145.30.0/24 maxlen: 24
185.145.31.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:4d:84:4b:80:e9:bb:43:cf:7a:fd:bd:20:82:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb9f8612b7f14750016b848c42f60df36ad832d9
Validity
Not Before: Jan 1 01:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df91e487a586079e8b850519589cb87d6bbc69d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c5:48:65:b2:94:79:dc:4c:5a:ba:ba:c5:a6:
99:0c:6f:41:90:c5:32:b0:7f:fe:78:0a:e2:a1:39:
90:25:db:21:6c:28:bc:b9:c7:ab:f5:8e:b8:33:9d:
52:3c:28:e6:f0:8c:8d:79:79:34:a6:b7:bd:26:2a:
e4:55:6d:49:47:57:95:2b:b1:6c:da:d6:c2:53:ba:
75:75:ff:f7:a2:cb:e6:36:e7:8b:74:27:55:e3:6f:
8e:84:3c:1f:5a:fe:40:19:44:df:b2:24:32:c8:79:
d5:4b:f9:ad:74:0d:3a:ec:f5:14:d2:9e:70:95:f2:
40:bc:84:f3:b8:b8:d6:c0:d4:4b:a1:9e:44:17:97:
58:1a:50:53:4c:20:ce:d8:0f:f1:0e:53:28:82:2c:
1c:7f:d1:f1:45:0f:76:16:6f:61:6c:2f:f0:a7:82:
7e:cd:77:3e:05:f6:ec:e1:6a:d3:b1:45:cc:80:29:
60:d2:13:5d:24:02:f5:2f:70:2b:d5:a7:2e:4f:7b:
13:cc:ae:9d:c6:78:58:b5:33:84:92:81:5c:fe:a0:
77:3c:ed:6e:3e:b3:a4:20:2d:aa:39:fb:c7:4a:d6:
38:ce:37:ac:ed:78:05:b5:15:fd:b8:37:e4:45:3b:
84:1a:0f:a4:32:66:a0:0e:2c:88:37:84:c8:cb:02:
e6:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:91:E4:87:A5:86:07:9E:8B:85:05:19:58:9C:B8:7D:6B:BC:69:D7
X509v3 Authority Key Identifier:
keyid:CB:9F:86:12:B7:F1:47:50:01:6B:84:8C:42:F6:0D:F3:6A:D8:32:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y5-GErfxR1ABa4SMQvYN82rYMtk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/35Hkh6WGB56LhQUZWJy4fWu8adc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/y5-GErfxR1ABa4SMQvYN82rYMtk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.145.28.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:9d:66:04:f1:fb:30:a2:9d:b2:04:12:f6:91:f0:bf:ec:9e:
47:dc:9d:55:e7:e9:30:29:7c:e1:71:a8:da:7d:7f:36:5b:f6:
cd:a7:34:58:33:da:42:98:12:f6:ac:e0:3c:52:2b:4d:7f:09:
07:50:47:e2:02:71:ca:88:2a:4c:5f:55:b5:3c:9d:56:a4:24:
66:7a:6b:0b:b9:2e:cc:de:70:59:a2:e4:2d:d2:91:b0:ee:94:
99:97:08:b1:5b:60:cf:9c:f4:42:4e:2b:7f:da:7d:41:fd:47:
1b:df:be:1e:af:16:2d:cd:13:8f:34:2a:be:8e:ca:d0:89:07:
33:32:b8:6f:0b:8b:f0:2f:db:fa:43:f8:b5:5f:69:9b:93:cc:
d5:e4:06:48:79:b8:c5:50:2b:7d:71:fa:e5:17:e5:f2:2d:45:
0d:0f:9a:0f:14:0c:8a:d6:02:c7:77:68:99:f2:2c:6c:bf:39:
3b:f9:c6:45:62:76:fe:10:1f:71:17:78:4d:5f:9d:5a:22:c7:
01:37:0c:34:a3:c9:c8:02:70:7f:ff:8b:a0:76:e8:eb:2a:ef:
64:ae:b8:44:4d:9d:4c:60:7e:68:a7:cb:cf:ed:86:24:da:bf:
7e:fc:ad:a3:4d:64:ea:f5:f3:79:54:b0:03:fd:aa:e8:74:8c:
10:4b:ee:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjE2ES4Dpu0PPev29IIIZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiOWY4NjEyYjdmMTQ3NTAwMTZiODQ4YzQyZjYwZGYzNmFk
ODMyZDkwHhcNMjUwMTAxMDE0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjkxZTQ4N2E1ODYwNzllOGI4NTA1MTk1ODljYjg3ZDZiYmM2OWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8VIZbKUedxMWrq6xaaZDG9BkMUy
sH/+eArioTmQJdshbCi8ucer9Y64M51SPCjm8IyNeXk0pre9JirkVW1JR1eVK7Fs
2tbCU7p1df/3osvmNueLdCdV42+OhDwfWv5AGUTfsiQyyHnVS/mtdA067PUU0p5w
lfJAvITzuLjWwNRLoZ5EF5dYGlBTTCDO2A/xDlMogiwcf9HxRQ92Fm9hbC/wp4J+
zXc+Bfbs4WrTsUXMgClg0hNdJAL1L3Ar1acuT3sTzK6dxnhYtTOEkoFc/qB3PO1u
PrOkIC2qOfvHStY4zjes7XgFtRX9uDfkRTuEGg+kMmagDiyIN4TIywLmZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN+R5Ielhgeei4UFGVicuH1rvGnXMB8GA1UdIwQY
MBaAFMufhhK38UdQAWuEjEL2DfNq2DLZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTUtR0VyZnhSMUFCYTRTTVF2WU44MnJZTXRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iODQ1MDAtZmZkYi00MmQyLTk0NjUt
YTJlYWRlODM5NTVkLzEvMzVIa2g2V0dCNTZMaFFVWldKeTRmV3U4YWRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9iODQ1MDAtZmZkYi00MmQyLTk0NjUtYTJlYWRlODM5NTVk
LzEveTUtR0VyZnhSMUFCYTRTTVF2WU44MnJZTXRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZEcMA0G
CSqGSIb3DQEBCwUAA4IBAQConWYE8fswop2yBBL2kfC/7J5H3J1V5+kwKXzhcaja
fX82W/bNpzRYM9pCmBL2rOA8UitNfwkHUEfiAnHKiCpMX1W1PJ1WpCRmemsLuS7M
3nBZouQt0pGw7pSZlwixW2DPnPRCTit/2n1B/Ucb374erxYtzROPNCq+jsrQiQcz
MrhvC4vwL9v6Q/i1X2mbk8zV5AZIebjFUCt9cfrlF+XyLUUND5oPFAyK1gLHd2iZ
8ixsvzk7+cZFYnb+EB9xF3hNX51aIscBNww0o8nIAnB//4ugdujrKu9krrhETZ1M
YH5op8vP7YYk2r9+/K2jTWTq9fN5VLAD/arodIwQS+4B
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:33:51 2025 by rpki-client