Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c494cb-2517-41a8-a457-e710c2a14bce/1/cLim36sao5pMYIlwI2yEy34s8Cc.roa
File: cLim36sao5pMYIlwI2yEy34s8Cc.roa (raw, json)
Hash identifier: uIZpeW0rixxT3YTztBsC073cFEv/iEgh04bRU5ug8RI=
Subject key identifier: 70:B8:A6:DF:AB:1A:A3:9A:4C:60:89:70:23:6C:84:CB:7E:2C:F0:27
Certificate issuer: /CN=823b6f3b7af87bb8ef6dd843bebd6d81b0559213
Certificate serial: 0194236985F5717E20D73DA4529610038A9A
Authority key identifier: 82:3B:6F:3B:7A:F8:7B:B8:EF:6D:D8:43:BE:BD:6D:81:B0:55:92:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gjtvO3r4e7jvbdhDvr1tgbBVkhM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c494cb-2517-41a8-a457-e710c2a14bce/1/cLim36sao5pMYIlwI2yEy34s8Cc.roa
Signing time: Wed 01 Jan 2025 19:48:25 +0000
ROA not before: Wed 01 Jan 2025 19:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211440
IP address blocks: 185.102.86.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:85:f5:71:7e:20:d7:3d:a4:52:96:10:03:8a:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=823b6f3b7af87bb8ef6dd843bebd6d81b0559213
Validity
Not Before: Jan 1 19:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70b8a6dfab1aa39a4c608970236c84cb7e2cf027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:ff:13:c5:cb:48:31:ec:b9:55:98:93:83:19:
c8:b6:55:77:9b:d9:aa:be:ab:da:fc:f8:62:a3:54:
8c:5d:9c:34:58:77:8c:da:31:86:d8:83:58:df:98:
0d:0b:eb:ec:cf:fa:79:26:9d:4c:65:85:26:ab:7a:
09:65:63:11:92:2e:1c:e0:ab:e6:07:73:33:7a:2e:
e0:a1:60:df:46:3d:fa:b6:2f:61:f9:12:5a:7a:cc:
e3:9a:6c:18:ce:39:e7:eb:0c:77:31:19:6b:95:e1:
a4:13:1c:80:a1:ea:42:85:ec:68:19:13:65:e2:b2:
a1:e7:23:b2:88:43:64:2d:b8:63:1a:c2:c2:5a:1e:
92:5a:ab:1c:74:c7:d3:f9:9d:1e:a7:bc:71:cd:a6:
1b:5e:81:a0:5d:35:c2:3f:bf:9d:eb:f5:32:5b:0d:
b2:02:13:93:84:64:a5:28:29:e9:84:f0:47:37:21:
a8:8d:a5:cc:69:7d:c3:65:65:02:a5:24:bc:20:13:
2a:d3:cb:31:ca:0a:ce:f2:8e:c8:3e:78:d7:62:40:
d3:b6:31:5c:c2:5a:9a:68:ab:e8:a3:e1:08:0b:27:
70:5b:2b:b5:05:81:f5:0f:b8:ed:9f:65:e6:25:8a:
f5:3a:35:c6:1e:30:24:58:f9:f5:c7:c7:1a:bc:9e:
a5:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:B8:A6:DF:AB:1A:A3:9A:4C:60:89:70:23:6C:84:CB:7E:2C:F0:27
X509v3 Authority Key Identifier:
keyid:82:3B:6F:3B:7A:F8:7B:B8:EF:6D:D8:43:BE:BD:6D:81:B0:55:92:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gjtvO3r4e7jvbdhDvr1tgbBVkhM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c494cb-2517-41a8-a457-e710c2a14bce/1/cLim36sao5pMYIlwI2yEy34s8Cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c494cb-2517-41a8-a457-e710c2a14bce/1/gjtvO3r4e7jvbdhDvr1tgbBVkhM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.86.0/24
Signature Algorithm: sha256WithRSAEncryption
20:88:f1:ff:8e:cc:e8:77:e3:1f:1a:21:62:7f:25:64:08:a4:
61:20:95:c0:11:d9:8b:35:e7:e7:d7:20:60:41:ea:1c:f2:a7:
95:c1:8b:ee:df:bc:1a:46:04:72:e5:a8:c5:0b:9f:4e:f4:c5:
10:cb:33:0f:69:87:8e:66:42:85:b9:f9:6e:50:5d:c3:44:17:
2f:b4:f9:14:18:0e:f7:50:ee:a4:37:bc:80:12:27:6f:f2:47:
35:aa:ac:c8:f6:49:a3:0b:2f:eb:61:36:36:a6:26:a0:14:51:
03:da:b4:e4:a4:1e:ce:3a:5d:35:8d:a5:2f:12:7d:bf:26:f2:
bf:12:f5:ed:06:2f:c2:7e:89:fe:32:0f:70:0b:00:24:e6:43:
36:fa:3e:79:5a:cd:d7:ae:33:a3:22:c1:5d:a0:fa:53:d2:e2:
f0:17:63:80:ed:b1:c6:cc:2b:ff:4c:23:ea:ef:6b:8f:fc:7e:
1e:99:42:93:29:96:1c:47:4a:7d:ac:83:fb:a1:8b:1d:1b:0b:
9f:24:2d:b9:e6:76:44:ec:3f:38:3a:99:33:b0:fa:e9:36:02:
0a:e0:c4:a9:1f:48:6d:86:7f:35:5d:fc:68:9f:df:5c:b4:b8:
b2:c7:1b:64:e8:5b:7f:02:51:16:ca:6a:d2:11:ce:a1:e2:be:
a7:46:29:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaYX1cX4g1z2kUpYQA4qaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyM2I2ZjNiN2FmODdiYjhlZjZkZDg0M2JlYmQ2ZDgxYjA1
NTkyMTMwHhcNMjUwMTAxMTk0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGI4YTZkZmFiMWFhMzlhNGM2MDg5NzAyMzZjODRjYjdlMmNmMDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8v8TxctIMey5VZiTgxnItlV3m9mq
vqva/Phio1SMXZw0WHeM2jGG2INY35gNC+vsz/p5Jp1MZYUmq3oJZWMRki4c4Kvm
B3Mzei7goWDfRj36ti9h+RJaeszjmmwYzjnn6wx3MRlrleGkExyAoepChexoGRNl
4rKh5yOyiENkLbhjGsLCWh6SWqscdMfT+Z0ep7xxzaYbXoGgXTXCP7+d6/UyWw2y
AhOThGSlKCnphPBHNyGojaXMaX3DZWUCpSS8IBMq08sxygrO8o7IPnjXYkDTtjFc
wlqaaKvoo+EICydwWyu1BYH1D7jtn2XmJYr1OjXGHjAkWPn1x8cavJ6lRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHC4pt+rGqOaTGCJcCNshMt+LPAnMB8GA1UdIwQY
MBaAFII7bzt6+Hu4723YQ769bYGwVZITMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2p0dk8zcjRlN2p2YmRoRHZyMXRnYkJWa2hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jNDk0Y2ItMjUxNy00MWE4LWE0NTct
ZTcxMGMyYTE0YmNlLzEvY0xpbTM2c2FvNXBNWUlsd0kyeUV5MzRzOENjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jNDk0Y2ItMjUxNy00MWE4LWE0NTctZTcxMGMyYTE0YmNl
LzEvZ2p0dk8zcjRlN2p2YmRoRHZyMXRnYkJWa2hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWZWMA0G
CSqGSIb3DQEBCwUAA4IBAQAgiPH/jszod+MfGiFifyVkCKRhIJXAEdmLNefn1yBg
Qeoc8qeVwYvu37waRgRy5ajFC59O9MUQyzMPaYeOZkKFufluUF3DRBcvtPkUGA73
UO6kN7yAEidv8kc1qqzI9kmjCy/rYTY2piagFFED2rTkpB7OOl01jaUvEn2/JvK/
EvXtBi/Cfon+Mg9wCwAk5kM2+j55Ws3XrjOjIsFdoPpT0uLwF2OA7bHGzCv/TCPq
72uP/H4emUKTKZYcR0p9rIP7oYsdGwufJC255nZE7D84OpkzsPrpNgIK4MSpH0ht
hn81Xfxon99ctLiyxxtk6Ft/AlEWymrSEc6h4r6nRilg
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:30:32 2025 by rpki-client