Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/08128a-690a-4f08-8865-69e3d0866ef6/1/mre0Sbb8szBBX4GresgiiwdF634.roa
File: mre0Sbb8szBBX4GresgiiwdF634.roa (raw, json)
Hash identifier: KGpatw4GtK16xXPbD1RSTnF7RbGtyhCDwaJXsQ0f2K8=
Subject key identifier: 9A:B7:B4:49:B6:FC:B3:30:41:5F:81:AB:7A:C8:22:8B:07:45:EB:7E
Certificate issuer: /CN=f28e0b758be73a1ddbfb517ee8b5e4f863a21f9e
Certificate serial: 01942067E316AF52B2E5C96E2A743D30FE87
Authority key identifier: F2:8E:0B:75:8B:E7:3A:1D:DB:FB:51:7E:E8:B5:E4:F8:63:A2:1F:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8o4LdYvnOh3b-1F-6LXk-GOiH54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/08128a-690a-4f08-8865-69e3d0866ef6/1/mre0Sbb8szBBX4GresgiiwdF634.roa
Signing time: Wed 01 Jan 2025 05:47:46 +0000
ROA not before: Wed 01 Jan 2025 05:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203393
IP address blocks: 185.136.84.0/24 maxlen: 24
185.136.85.0/24 maxlen: 24
185.136.86.0/24 maxlen: 24
185.238.29.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:e3:16:af:52:b2:e5:c9:6e:2a:74:3d:30:fe:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f28e0b758be73a1ddbfb517ee8b5e4f863a21f9e
Validity
Not Before: Jan 1 05:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ab7b449b6fcb330415f81ab7ac8228b0745eb7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:60:19:d0:46:df:e2:8e:5d:36:a7:cc:9a:0c:
d9:da:6c:0f:c0:4d:76:bd:76:ba:39:e5:e7:5a:e1:
b7:3b:0e:28:7e:10:9f:b3:ff:41:7f:51:1c:28:33:
1e:8e:d5:ba:28:37:8b:4b:34:e0:e9:20:5a:f1:aa:
c4:9a:57:99:20:50:10:4c:09:db:f9:dd:dd:b6:80:
e9:10:53:d1:d6:4e:d9:2b:08:12:2a:9e:d0:0f:ce:
02:0f:38:26:92:6f:da:ed:86:12:f9:15:d7:85:c9:
b3:02:b2:de:3c:f2:7b:cc:7d:98:df:d8:51:3e:6c:
95:22:40:a3:41:cc:41:1a:f9:83:cb:03:20:84:30:
77:6e:53:76:1d:35:9d:52:7a:f1:7a:42:13:d5:54:
0e:03:ff:c6:36:a7:b0:9c:c7:13:7f:fb:3b:68:6f:
53:f0:ce:7f:30:0f:5d:de:48:ab:8e:34:38:44:17:
75:b2:c0:fd:78:e6:89:1f:bd:c1:7e:de:93:f4:1e:
fd:fb:c9:1c:81:37:fc:a4:e3:8e:77:57:24:cb:e1:
2e:0f:d8:bd:6b:a1:38:bf:1a:13:e8:f7:a7:0a:86:
a2:77:c2:c6:41:de:2f:ac:4f:39:18:5b:ff:44:bc:
8d:13:d6:dd:5c:f1:bd:0a:33:8e:2c:f0:d5:40:0c:
c5:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:B7:B4:49:B6:FC:B3:30:41:5F:81:AB:7A:C8:22:8B:07:45:EB:7E
X509v3 Authority Key Identifier:
keyid:F2:8E:0B:75:8B:E7:3A:1D:DB:FB:51:7E:E8:B5:E4:F8:63:A2:1F:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8o4LdYvnOh3b-1F-6LXk-GOiH54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/08128a-690a-4f08-8865-69e3d0866ef6/1/mre0Sbb8szBBX4GresgiiwdF634.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/08128a-690a-4f08-8865-69e3d0866ef6/1/8o4LdYvnOh3b-1F-6LXk-GOiH54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.84.0-185.136.86.255
185.238.29.0/24
Signature Algorithm: sha256WithRSAEncryption
50:74:df:19:6e:4f:d2:fd:db:5d:a4:78:18:62:bb:5f:e4:64:
bb:bd:b9:96:69:b8:c2:46:d7:a1:8d:19:bd:6e:26:59:59:c9:
54:17:c5:c4:b5:a3:76:98:d0:3f:ef:a6:22:a2:e4:e9:d6:e2:
a5:00:69:61:5c:04:bb:ac:eb:29:3c:a2:c9:48:e5:55:5a:0d:
07:75:d7:52:b2:67:cf:9c:83:42:c4:ef:df:83:06:e7:fb:0e:
99:c1:7d:88:72:92:95:d3:82:05:a5:2a:98:eb:8f:e8:c4:f1:
76:d3:b8:c7:9f:34:6f:0b:1c:38:29:f1:41:28:97:a8:cf:8d:
40:e7:c4:4d:c3:d4:82:4f:a2:16:9e:16:c1:dd:fb:b9:60:46:
05:2c:4c:1a:bf:7f:22:f9:8b:27:bf:b0:46:8f:a5:ec:e6:d7:
37:3f:45:24:2c:42:89:2e:22:77:40:13:06:70:51:da:38:cd:
82:f8:af:17:62:1f:85:1a:da:79:07:ce:44:2a:54:66:2e:9b:
f5:a2:5a:a8:18:fc:29:8c:18:80:ed:f2:ad:2f:39:ce:00:60:
94:59:59:81:d3:0c:aa:9c:0e:04:72:8b:35:9c:da:d4:ab:43:
f7:43:5c:d2:c1:fd:7e:cf:21:7c:a9:8c:73:f3:c6:73:49:22:
b9:f6:3d:e6
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQgZ+MWr1Ky5cluKnQ9MP6HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyOGUwYjc1OGJlNzNhMWRkYmZiNTE3ZWU4YjVlNGY4NjNh
MjFmOWUwHhcNMjUwMTAxMDU0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWI3YjQ0OWI2ZmNiMzMwNDE1ZjgxYWI3YWM4MjI4YjA3NDVlYjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0GAZ0Ebf4o5dNqfMmgzZ2mwPwE12
vXa6OeXnWuG3Ow4ofhCfs/9Bf1EcKDMejtW6KDeLSzTg6SBa8arEmleZIFAQTAnb
+d3dtoDpEFPR1k7ZKwgSKp7QD84CDzgmkm/a7YYS+RXXhcmzArLePPJ7zH2Y39hR
PmyVIkCjQcxBGvmDywMghDB3blN2HTWdUnrxekIT1VQOA//GNqewnMcTf/s7aG9T
8M5/MA9d3kirjjQ4RBd1ssD9eOaJH73Bft6T9B79+8kcgTf8pOOOd1cky+EuD9i9
a6E4vxoT6PenCoaid8LGQd4vrE85GFv/RLyNE9bdXPG9CjOOLPDVQAzFswIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJq3tEm2/LMwQV+Bq3rIIosHRet+MB8GA1UdIwQY
MBaAFPKOC3WL5zod2/tRfui15Phjoh+eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG80TGRZdm5PaDNiLTFGLTZMWGstR09pSDU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8wODEyOGEtNjkwYS00ZjA4LTg4NjUt
NjllM2QwODY2ZWY2LzEvbXJlMFNiYjhzekJCWDRHcmVzZ2lpd2RGNjM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8wODEyOGEtNjkwYS00ZjA4LTg4NjUtNjllM2QwODY2ZWY2
LzEvOG80TGRZdm5PaDNiLTFGLTZMWGstR09pSDU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAK5iFQD
BAC5iFYDBAC57h0wDQYJKoZIhvcNAQELBQADggEBAFB03xluT9L9212keBhiu1/k
ZLu9uZZpuMJG16GNGb1uJllZyVQXxcS1o3aY0D/vpiKi5OnW4qUAaWFcBLus6yk8
oslI5VVaDQd111KyZ8+cg0LE79+DBuf7DpnBfYhykpXTggWlKpjrj+jE8XbTuMef
NG8LHDgp8UEol6jPjUDnxE3D1IJPohaeFsHd+7lgRgUsTBq/fyL5iye/sEaPpezm
1zc/RSQsQokuIndAEwZwUdo4zYL4rxdiH4Ua2nkHzkQqVGYum/WiWqgY/CmMGIDt
8q0vOc4AYJRZWYHTDKqcDgRyizWc2tSrQ/dDXNLB/X7PIXypjHPzxnNJIrn2PeY=
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:14:07 2025 by rpki-client