Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/1195ab-ed41-452f-bc22-7fd0deae32c5/1/myck32eboJtl7s_ieX37W3eHO5I.roa
File: myck32eboJtl7s_ieX37W3eHO5I.roa (raw, json)
Hash identifier: lbaHeA4mwtN12nrUCJbm8VTH7h5JMLbryEGQgqFX+UY=
Subject key identifier: 9B:27:24:DF:67:9B:A0:9B:65:EE:CF:E2:79:7D:FB:5B:77:87:3B:92
Certificate issuer: /CN=97aaa555a329edd86606cc0e3e296bd478ac73de
Certificate serial: 0194258F3C90F3DC469B063F7640702F18E4
Authority key identifier: 97:AA:A5:55:A3:29:ED:D8:66:06:CC:0E:3E:29:6B:D4:78:AC:73:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l6qlVaMp7dhmBswOPilr1Hisc94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/1195ab-ed41-452f-bc22-7fd0deae32c5/1/myck32eboJtl7s_ieX37W3eHO5I.roa
Signing time: Thu 02 Jan 2025 05:48:51 +0000
ROA not before: Thu 02 Jan 2025 05:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204431
IP address blocks: 185.249.16.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:3c:90:f3:dc:46:9b:06:3f:76:40:70:2f:18:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97aaa555a329edd86606cc0e3e296bd478ac73de
Validity
Not Before: Jan 2 05:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b2724df679ba09b65eecfe2797dfb5b77873b92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:cd:c0:3b:f8:1a:60:be:81:bd:e0:ae:82:96:
29:8d:32:b6:52:1e:92:32:5f:44:e7:01:6e:19:64:
0d:8b:aa:94:9e:03:4d:97:8c:31:00:b4:6b:9c:8b:
6f:69:fa:2b:05:5c:ce:61:df:48:e6:2d:07:4a:fb:
87:b8:72:b2:01:d3:27:af:e6:43:e8:4b:82:71:ab:
f3:7a:50:6e:d6:90:9b:13:d0:be:57:24:2e:49:ae:
59:14:43:a3:b4:9a:a2:6e:3a:04:79:e9:46:75:68:
05:28:22:3a:76:37:87:51:fa:fd:10:58:f8:59:13:
0b:01:54:36:9d:c4:c9:40:57:86:7b:5a:cb:e4:6d:
f3:0a:a3:ee:f0:b2:ec:a0:fc:74:4a:82:60:65:d9:
94:ca:d6:86:da:db:87:b5:35:95:6f:37:2f:93:92:
39:96:b4:d0:11:23:24:2e:59:9d:45:17:57:ac:b6:
5c:8a:ea:a7:40:7b:dd:79:da:bd:91:91:e3:c7:a7:
88:37:bc:35:42:af:d5:db:c4:e5:5c:6c:61:6a:fb:
95:82:9b:8d:f7:86:b4:f2:8a:b6:4a:05:79:08:d2:
fc:c5:9c:2f:af:08:25:3a:98:1b:af:08:c0:df:a0:
77:c0:43:1c:b3:aa:4e:7b:9c:e5:66:be:56:9a:a4:
f3:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:27:24:DF:67:9B:A0:9B:65:EE:CF:E2:79:7D:FB:5B:77:87:3B:92
X509v3 Authority Key Identifier:
keyid:97:AA:A5:55:A3:29:ED:D8:66:06:CC:0E:3E:29:6B:D4:78:AC:73:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l6qlVaMp7dhmBswOPilr1Hisc94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/1195ab-ed41-452f-bc22-7fd0deae32c5/1/myck32eboJtl7s_ieX37W3eHO5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/1195ab-ed41-452f-bc22-7fd0deae32c5/1/l6qlVaMp7dhmBswOPilr1Hisc94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.16.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:b8:db:2f:a0:e8:05:f3:84:b3:66:65:fa:f5:a3:47:cd:72:
45:1d:71:be:04:51:19:82:9f:ff:c8:b8:c7:40:24:2e:e8:3f:
dd:3c:4f:48:4b:0a:70:fa:9c:e8:8f:8e:7d:8d:c9:8a:aa:44:
74:43:8d:10:a4:82:87:80:c6:cc:3e:e1:6f:a2:b7:00:af:94:
f9:5b:98:6b:21:6b:c8:9e:15:58:b2:4e:27:0d:51:d3:fe:d7:
c8:9f:79:d9:13:3b:66:5f:38:01:97:70:8d:8e:e8:c7:de:de:
80:1e:c3:f0:83:bc:fd:e6:a0:3f:59:f2:c1:fc:ae:e0:8c:33:
f5:8c:af:a1:35:83:0d:12:47:3c:4f:8a:d0:eb:af:a8:a9:5e:
eb:2a:13:4c:8f:17:f7:ab:52:8a:8e:49:0f:f4:bd:6d:a2:f6:
c1:cb:34:cd:ec:25:99:6f:b9:2a:e5:55:be:b0:25:92:05:4f:
b9:d5:b4:10:66:67:52:8e:2e:c2:5d:99:66:3e:44:2a:30:03:
17:3a:e7:0e:90:58:2e:93:0c:1a:6c:38:b8:c2:77:f7:ec:4a:
47:1f:35:75:ce:f1:0d:8d:6a:5c:ec:93:1b:e7:cd:24:22:dc:
7d:81:69:ec:d1:3b:1f:2b:d2:9c:74:9a:d4:c9:50:ea:83:b5:
e7:e8:2a:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQljzyQ89xGmwY/dkBwLxjkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3YWFhNTU1YTMyOWVkZDg2NjA2Y2MwZTNlMjk2YmQ0Nzhh
YzczZGUwHhcNMjUwMTAyMDU0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjI3MjRkZjY3OWJhMDliNjVlZWNmZTI3OTdkZmI1Yjc3ODczYjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzM3AO/gaYL6BveCugpYpjTK2Uh6S
Ml9E5wFuGWQNi6qUngNNl4wxALRrnItvaforBVzOYd9I5i0HSvuHuHKyAdMnr+ZD
6EuCcavzelBu1pCbE9C+VyQuSa5ZFEOjtJqibjoEeelGdWgFKCI6djeHUfr9EFj4
WRMLAVQ2ncTJQFeGe1rL5G3zCqPu8LLsoPx0SoJgZdmUytaG2tuHtTWVbzcvk5I5
lrTQESMkLlmdRRdXrLZciuqnQHvdedq9kZHjx6eIN7w1Qq/V28TlXGxhavuVgpuN
94a08oq2SgV5CNL8xZwvrwglOpgbrwjA36B3wEMcs6pOe5zlZr5WmqTzFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJsnJN9nm6CbZe7P4nl9+1t3hzuSMB8GA1UdIwQY
MBaAFJeqpVWjKe3YZgbMDj4pa9R4rHPeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDZxbFZhTXA3ZGhtQnN3T1BpbHIxSGlzYzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8xMTk1YWItZWQ0MS00NTJmLWJjMjIt
N2ZkMGRlYWUzMmM1LzEvbXljazMyZWJvSnRsN3NfaWVYMzdXM2VITzVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8xMTk1YWItZWQ0MS00NTJmLWJjMjItN2ZkMGRlYWUzMmM1
LzEvbDZxbFZhTXA3ZGhtQnN3T1BpbHIxSGlzYzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufkQMA0G
CSqGSIb3DQEBCwUAA4IBAQAuuNsvoOgF84SzZmX69aNHzXJFHXG+BFEZgp//yLjH
QCQu6D/dPE9ISwpw+pzoj459jcmKqkR0Q40QpIKHgMbMPuFvorcAr5T5W5hrIWvI
nhVYsk4nDVHT/tfIn3nZEztmXzgBl3CNjujH3t6AHsPwg7z95qA/WfLB/K7gjDP1
jK+hNYMNEkc8T4rQ66+oqV7rKhNMjxf3q1KKjkkP9L1tovbByzTN7CWZb7kq5VW+
sCWSBU+51bQQZmdSji7CXZlmPkQqMAMXOucOkFgukwwabDi4wnf37EpHHzV1zvEN
jWpc7JMb580kItx9gWns0TsfK9KcdJrUyVDqg7Xn6Cqv
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:54:07 2025 by rpki-client