Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/4c043c-5fcd-48cb-bd50-c596af2a42ba/1/IjLvJG0-M1KnBbBDVenkXKquV78.roa
File: IjLvJG0-M1KnBbBDVenkXKquV78.roa (raw, json)
Hash identifier: n27HZGX2v3aJZrtVUVhPUuskMFjClOmq43C+EIraFso=
Subject key identifier: 22:32:EF:24:6D:3E:33:52:A7:05:B0:43:55:E9:E4:5C:AA:AE:57:BF
Certificate issuer: /CN=3e17837a10db1d3dd73e20df0b479e40db2236fe
Certificate serial: 01942445A43C22182C8015FB570963E520C8
Authority key identifier: 3E:17:83:7A:10:DB:1D:3D:D7:3E:20:DF:0B:47:9E:40:DB:22:36:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PheDehDbHT3XPiDfC0eeQNsiNv4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/4c043c-5fcd-48cb-bd50-c596af2a42ba/1/IjLvJG0-M1KnBbBDVenkXKquV78.roa
Signing time: Wed 01 Jan 2025 23:48:51 +0000
ROA not before: Wed 01 Jan 2025 23:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201730
IP address blocks: 185.173.148.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:a4:3c:22:18:2c:80:15:fb:57:09:63:e5:20:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e17837a10db1d3dd73e20df0b479e40db2236fe
Validity
Not Before: Jan 1 23:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2232ef246d3e3352a705b04355e9e45caaae57bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f9:d6:1e:2f:1d:d9:77:e9:84:79:5b:20:53:
07:f4:ec:35:ff:97:97:22:86:1d:5c:69:9c:3f:0d:
26:5e:d6:4a:af:af:ee:7e:0b:9c:31:3f:e0:7b:e3:
1e:72:ed:84:a7:b5:a8:06:06:05:0b:a8:a3:be:12:
e9:2c:96:80:2f:96:1c:c9:94:9d:a2:9e:94:d3:a1:
ee:f1:94:5b:72:3f:86:ca:41:f6:ad:a9:54:e7:9e:
85:dd:93:83:ba:5a:6c:99:a6:a1:14:4f:d9:9e:f1:
c7:98:c5:42:b5:7a:94:0b:e9:bd:94:30:92:ef:39:
de:eb:9c:aa:5d:ff:5d:4a:5a:2e:92:fc:31:4f:42:
e2:3d:25:0b:28:74:93:9f:e2:90:2b:9c:2e:e4:15:
68:e0:b7:03:aa:0f:6d:07:68:48:0b:bf:3a:84:56:
03:c7:60:3a:ad:56:e4:6d:db:84:a0:d0:18:6a:33:
0d:1c:90:44:19:46:63:c6:37:c6:6b:4c:89:ce:1d:
d4:62:d6:8c:76:a4:c2:56:a6:9c:f5:4a:1c:0d:e4:
25:ed:e7:7c:06:2d:5b:88:78:5f:d6:51:bd:dd:90:
8c:c8:b7:6d:74:d2:82:32:92:3c:bb:2d:b7:2c:4d:
05:58:10:15:ca:a7:49:c5:c7:b9:a1:21:0b:56:0b:
03:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:32:EF:24:6D:3E:33:52:A7:05:B0:43:55:E9:E4:5C:AA:AE:57:BF
X509v3 Authority Key Identifier:
keyid:3E:17:83:7A:10:DB:1D:3D:D7:3E:20:DF:0B:47:9E:40:DB:22:36:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PheDehDbHT3XPiDfC0eeQNsiNv4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/4c043c-5fcd-48cb-bd50-c596af2a42ba/1/IjLvJG0-M1KnBbBDVenkXKquV78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/4c043c-5fcd-48cb-bd50-c596af2a42ba/1/PheDehDbHT3XPiDfC0eeQNsiNv4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.148.0/22
Signature Algorithm: sha256WithRSAEncryption
97:4d:ae:12:b8:c6:72:dc:e8:6b:30:4c:28:db:5c:02:93:4c:
9b:5c:5b:7f:d3:c7:a2:43:1c:7d:4f:a8:38:9b:67:0a:73:d2:
e7:4f:fd:d6:30:27:d0:51:4e:ee:99:ae:1c:30:74:f5:e0:22:
70:fc:33:32:3f:f8:ad:1b:4d:8d:b7:f1:28:65:46:7e:bf:06:
3f:40:a9:7a:03:64:e1:7e:b3:08:23:df:29:d5:d8:c2:67:62:
a2:24:12:70:8e:b8:5b:32:2f:1a:54:97:3d:f6:53:54:10:02:
64:4b:8d:da:5e:c8:bb:62:43:00:4b:c1:eb:8f:de:85:43:d9:
99:1c:3a:2f:c7:83:44:21:8a:5e:04:66:69:b4:dd:e8:4a:e2:
21:f2:d2:cf:bd:90:80:32:fc:c4:c2:7e:e1:b8:85:81:b3:99:
8c:cd:f3:48:69:be:4f:83:a3:45:b5:a5:83:14:df:a0:d3:67:
4a:eb:39:d8:4b:64:f8:45:93:2c:02:ee:fc:d8:ee:75:88:3a:
3c:c3:79:37:d8:ec:f5:f1:4b:a4:3f:5d:0b:0a:60:19:ad:18:
71:06:91:7a:2d:68:93:ba:db:17:f8:81:4d:d9:c9:3d:aa:3a:
6f:92:7f:be:09:bf:dc:bc:44:f4:bb:55:b8:8d:6d:87:60:66:
be:0e:a2:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRaQ8IhgsgBX7Vwlj5SDIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMTc4MzdhMTBkYjFkM2RkNzNlMjBkZjBiNDc5ZTQwZGIy
MjM2ZmUwHhcNMjUwMTAxMjM0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjMyZWYyNDZkM2UzMzUyYTcwNWIwNDM1NWU5ZTQ1Y2FhYWU1N2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/nWHi8d2XfphHlbIFMH9Ow1/5eX
IoYdXGmcPw0mXtZKr6/ufgucMT/ge+Mecu2Ep7WoBgYFC6ijvhLpLJaAL5YcyZSd
op6U06Hu8ZRbcj+GykH2ralU556F3ZODulpsmaahFE/ZnvHHmMVCtXqUC+m9lDCS
7zne65yqXf9dSloukvwxT0LiPSULKHSTn+KQK5wu5BVo4LcDqg9tB2hIC786hFYD
x2A6rVbkbduEoNAYajMNHJBEGUZjxjfGa0yJzh3UYtaMdqTCVqac9UocDeQl7ed8
Bi1biHhf1lG93ZCMyLdtdNKCMpI8uy23LE0FWBAVyqdJxce5oSELVgsDawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCIy7yRtPjNSpwWwQ1Xp5Fyqrle/MB8GA1UdIwQY
MBaAFD4Xg3oQ2x091z4g3wtHnkDbIjb+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGhlRGVoRGJIVDNYUGlEZkMwZWVRTnNpTnY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS80YzA0M2MtNWZjZC00OGNiLWJkNTAt
YzU5NmFmMmE0MmJhLzEvSWpMdkpHMC1NMUtuQmJCRFZlbmtYS3F1Vjc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS80YzA0M2MtNWZjZC00OGNiLWJkNTAtYzU5NmFmMmE0MmJh
LzEvUGhlRGVoRGJIVDNYUGlEZkMwZWVRTnNpTnY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCua2UMA0G
CSqGSIb3DQEBCwUAA4IBAQCXTa4SuMZy3OhrMEwo21wCk0ybXFt/08eiQxx9T6g4
m2cKc9LnT/3WMCfQUU7uma4cMHT14CJw/DMyP/itG02Nt/EoZUZ+vwY/QKl6A2Th
frMII98p1djCZ2KiJBJwjrhbMi8aVJc99lNUEAJkS43aXsi7YkMAS8Hrj96FQ9mZ
HDovx4NEIYpeBGZptN3oSuIh8tLPvZCAMvzEwn7huIWBs5mMzfNIab5Pg6NFtaWD
FN+g02dK6znYS2T4RZMsAu782O51iDo8w3k32Oz18UukP10LCmAZrRhxBpF6LWiT
utsX+IFN2ck9qjpvkn++Cb/cvET0u1W4jW2HYGa+DqJb
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:07:03 2025 by rpki-client