Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/c66a1f-7707-4f8d-a274-4df65aba6a62/1/k7UwqFFBmprxDA56kDwgmZFvA3g.roa
File: k7UwqFFBmprxDA56kDwgmZFvA3g.roa (raw, json)
Hash identifier: oLwFA32V9FgAocZGOyNmCc1klUCv8GcjZUVDNdla0Jo=
Subject key identifier: 93:B5:30:A8:51:41:9A:9A:F1:0C:0E:7A:90:3C:20:99:91:6F:03:78
Certificate issuer: /CN=e55b1a4f1942e4b1d894cbc8cf09073d02890170
Certificate serial: 0194258FB710AB3B90704B0B2CEC73BA18A2
Authority key identifier: E5:5B:1A:4F:19:42:E4:B1:D8:94:CB:C8:CF:09:07:3D:02:89:01:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5VsaTxlC5LHYlMvIzwkHPQKJAXA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/c66a1f-7707-4f8d-a274-4df65aba6a62/1/k7UwqFFBmprxDA56kDwgmZFvA3g.roa
Signing time: Thu 02 Jan 2025 05:49:22 +0000
ROA not before: Thu 02 Jan 2025 05:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211740
IP address blocks: 185.112.88.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:b7:10:ab:3b:90:70:4b:0b:2c:ec:73:ba:18:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e55b1a4f1942e4b1d894cbc8cf09073d02890170
Validity
Not Before: Jan 2 05:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93b530a851419a9af10c0e7a903c2099916f0378
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:aa:32:78:56:1e:d5:6f:be:b8:99:6c:6c:24:
df:af:97:5a:f4:4e:04:a9:83:54:e0:0d:c5:22:2c:
2d:6d:44:d4:b2:ca:af:52:6e:f5:b7:e3:fa:66:4f:
86:1a:7f:38:59:e0:e1:f9:c4:db:86:62:a5:48:ea:
10:bd:e1:cb:2a:3f:da:09:d1:dd:e6:eb:6c:04:af:
4c:fc:1b:74:b1:65:fb:94:13:d8:6a:2c:d2:48:c0:
bc:74:b9:59:d3:ce:93:c1:28:d5:4b:5b:30:7a:a5:
ef:97:fb:8c:24:7e:40:47:9f:c1:44:a8:81:e8:00:
2f:51:9b:0e:bd:dd:53:7a:4d:bb:d8:1a:86:1e:a3:
07:c2:a4:3a:ed:48:8a:3d:05:13:95:89:10:ed:16:
53:a3:5a:7b:63:8e:bc:09:f2:f1:4d:14:8f:98:85:
39:6d:d7:85:ef:d6:7d:9b:ca:63:5c:7d:26:0a:ab:
2d:74:39:78:59:4a:56:c3:83:f1:84:06:e7:fc:e8:
7c:b0:9f:1d:87:65:ba:69:d4:0f:ee:ca:ab:fd:73:
1b:3c:1b:e6:56:36:5b:0c:64:c6:46:e8:32:7f:d6:
c9:c5:ab:ce:da:60:07:3e:08:a0:72:da:07:91:93:
fd:ac:4d:e5:f0:40:a2:44:7c:c6:b2:3f:91:ad:96:
e5:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:B5:30:A8:51:41:9A:9A:F1:0C:0E:7A:90:3C:20:99:91:6F:03:78
X509v3 Authority Key Identifier:
keyid:E5:5B:1A:4F:19:42:E4:B1:D8:94:CB:C8:CF:09:07:3D:02:89:01:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5VsaTxlC5LHYlMvIzwkHPQKJAXA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/c66a1f-7707-4f8d-a274-4df65aba6a62/1/k7UwqFFBmprxDA56kDwgmZFvA3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/c66a1f-7707-4f8d-a274-4df65aba6a62/1/5VsaTxlC5LHYlMvIzwkHPQKJAXA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.88.0/22
Signature Algorithm: sha256WithRSAEncryption
89:01:d9:9c:bd:d3:27:bf:11:6a:76:6a:1c:26:b0:32:c8:6d:
f1:b4:6e:f7:bf:4a:5d:4c:87:7e:e2:cd:bd:b9:7e:4b:96:da:
8f:e4:48:ed:22:70:41:4f:d5:99:8b:8e:55:c7:fb:14:c0:fd:
54:6f:df:1d:07:63:c4:fc:8f:20:a2:91:14:05:9d:71:be:46:
d9:d6:40:d7:de:13:10:18:4f:09:a7:d1:f7:1f:6f:e8:0c:9a:
8a:48:7e:78:2c:0c:3f:f3:be:df:54:af:7d:6c:8d:20:92:40:
70:99:65:b0:b8:4e:6e:6e:72:d9:0c:55:db:f7:69:79:93:8f:
ff:dd:1e:a4:74:67:66:7f:a5:c3:67:d7:15:e9:70:2b:db:21:
5d:21:c3:12:99:7b:f8:5f:77:a3:ca:7f:fb:0f:ab:17:de:7a:
e1:61:0e:c8:2e:1f:f0:8a:a6:df:5b:ef:35:5b:3c:f6:7f:73:
c6:96:03:89:bf:1c:d7:2f:9f:e7:c3:62:86:c8:20:9a:bb:78:
5e:ee:89:e3:78:98:99:ce:68:21:28:07:8a:64:d3:aa:c7:79:
e8:80:c7:32:bb:f2:2f:52:a8:cc:01:58:d0:dd:6f:fe:48:4f:
82:b7:84:e1:86:7b:a7:13:d1:c9:60:d4:23:97:a8:0f:ae:0b:
af:ac:59:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj7cQqzuQcEsLLOxzuhiiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NWIxYTRmMTk0MmU0YjFkODk0Y2JjOGNmMDkwNzNkMDI4
OTAxNzAwHhcNMjUwMTAyMDU0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2I1MzBhODUxNDE5YTlhZjEwYzBlN2E5MDNjMjA5OTkxNmYwMzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6oyeFYe1W++uJlsbCTfr5da9E4E
qYNU4A3FIiwtbUTUssqvUm71t+P6Zk+GGn84WeDh+cTbhmKlSOoQveHLKj/aCdHd
5utsBK9M/Bt0sWX7lBPYaizSSMC8dLlZ086TwSjVS1sweqXvl/uMJH5AR5/BRKiB
6AAvUZsOvd1Tek272BqGHqMHwqQ67UiKPQUTlYkQ7RZTo1p7Y468CfLxTRSPmIU5
bdeF79Z9m8pjXH0mCqstdDl4WUpWw4PxhAbn/Oh8sJ8dh2W6adQP7sqr/XMbPBvm
VjZbDGTGRugyf9bJxavO2mAHPgigctoHkZP9rE3l8ECiRHzGsj+RrZbljwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJO1MKhRQZqa8QwOepA8IJmRbwN4MB8GA1UdIwQY
MBaAFOVbGk8ZQuSx2JTLyM8JBz0CiQFwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVZzYVR4bEM1TEhZbE12SXp3a0hQUUtKQVhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9jNjZhMWYtNzcwNy00ZjhkLWEyNzQt
NGRmNjVhYmE2YTYyLzEvazdVd3FGRkJtcHJ4REE1NmtEd2dtWkZ2QTNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9jNjZhMWYtNzcwNy00ZjhkLWEyNzQtNGRmNjVhYmE2YTYy
LzEvNVZzYVR4bEM1TEhZbE12SXp3a0hQUUtKQVhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXBYMA0G
CSqGSIb3DQEBCwUAA4IBAQCJAdmcvdMnvxFqdmocJrAyyG3xtG73v0pdTId+4s29
uX5LltqP5EjtInBBT9WZi45Vx/sUwP1Ub98dB2PE/I8gopEUBZ1xvkbZ1kDX3hMQ
GE8Jp9H3H2/oDJqKSH54LAw/877fVK99bI0gkkBwmWWwuE5ubnLZDFXb92l5k4//
3R6kdGdmf6XDZ9cV6XAr2yFdIcMSmXv4X3ejyn/7D6sX3nrhYQ7ILh/wiqbfW+81
Wzz2f3PGlgOJvxzXL5/nw2KGyCCau3he7onjeJiZzmghKAeKZNOqx3nogMcyu/Iv
UqjMAVjQ3W/+SE+Ct4ThhnunE9HJYNQjl6gPrguvrFmQ
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:09:46 2025 by rpki-client