Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/48e1ae-90e8-4e42-af3d-5101be5dd615/1/KySbiR-MGliV0HnEusiYoVPq_Tw.roa
File: KySbiR-MGliV0HnEusiYoVPq_Tw.roa (raw, json)
Hash identifier: Tom90ESsjuLbQCudFU+oOzUxWbGr9ZgqEwEe4qv+gmU=
Subject key identifier: 2B:24:9B:89:1F:8C:1A:58:95:D0:79:C4:BA:C8:98:A1:53:EA:FD:3C
Certificate issuer: /CN=1fd5fef692b4c2d22bdd031fabfa7110b7b36e81
Certificate serial: 019420684722D54B1367B44B373E71FD6704
Authority key identifier: 1F:D5:FE:F6:92:B4:C2:D2:2B:DD:03:1F:AB:FA:71:10:B7:B3:6E:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H9X-9pK0wtIr3QMfq_pxELezboE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/48e1ae-90e8-4e42-af3d-5101be5dd615/1/KySbiR-MGliV0HnEusiYoVPq_Tw.roa
Signing time: Wed 01 Jan 2025 05:48:12 +0000
ROA not before: Wed 01 Jan 2025 05:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20542
IP address blocks: 185.55.32.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:47:22:d5:4b:13:67:b4:4b:37:3e:71:fd:67:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fd5fef692b4c2d22bdd031fabfa7110b7b36e81
Validity
Not Before: Jan 1 05:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b249b891f8c1a5895d079c4bac898a153eafd3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:17:5b:66:18:4d:63:e3:3b:62:40:d2:ea:6d:
9f:99:e7:1f:8f:36:95:81:6f:e9:49:1c:3c:fc:a7:
e8:f2:5b:36:82:20:3d:65:36:be:fa:3c:ec:33:4c:
85:1d:d6:cc:21:d0:b9:03:c3:a8:db:21:7f:a2:2d:
17:20:0e:b1:76:d7:9d:1d:ff:de:3c:f3:4c:ee:dc:
20:7f:fc:e3:7b:0c:81:97:bd:9f:50:3a:d9:c5:6e:
e6:cb:f9:32:1c:07:2e:e7:51:dc:cd:06:c3:7c:15:
b2:c1:c8:f2:68:3d:3d:c0:44:7b:d7:31:04:78:73:
d5:76:9d:99:16:48:07:d9:df:01:01:4d:79:45:b3:
d2:46:2a:0c:16:9f:79:34:2f:53:d5:cb:ae:d9:cb:
c2:93:c2:43:46:5b:bf:fd:01:37:90:2d:11:6c:40:
a7:22:2d:d6:a5:b0:05:b6:f8:19:8a:d4:41:ff:27:
cc:b9:77:5d:b6:5a:10:d4:3f:79:2c:08:02:6e:c4:
19:14:b0:22:62:8c:98:52:19:35:3b:7d:f2:f3:0a:
0e:ca:75:76:be:6a:91:8b:2e:b1:74:1e:c3:3f:bd:
bb:0f:37:68:00:f4:91:52:c3:36:a1:17:e2:e1:66:
3a:15:df:2a:80:35:cd:ab:ed:cc:74:57:6e:9f:fe:
ff:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:24:9B:89:1F:8C:1A:58:95:D0:79:C4:BA:C8:98:A1:53:EA:FD:3C
X509v3 Authority Key Identifier:
keyid:1F:D5:FE:F6:92:B4:C2:D2:2B:DD:03:1F:AB:FA:71:10:B7:B3:6E:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9X-9pK0wtIr3QMfq_pxELezboE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/48e1ae-90e8-4e42-af3d-5101be5dd615/1/KySbiR-MGliV0HnEusiYoVPq_Tw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/48e1ae-90e8-4e42-af3d-5101be5dd615/1/H9X-9pK0wtIr3QMfq_pxELezboE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.55.32.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:d3:b7:0b:b4:fc:ee:86:7e:67:0f:c5:3e:4d:d3:ff:90:0c:
a1:f7:31:c6:01:88:75:fb:b1:f8:2c:4f:d4:2a:d4:20:35:86:
0a:51:d5:be:19:6c:03:48:30:d3:55:ec:c3:ee:d1:9c:23:e7:
16:72:b4:bf:64:4f:2d:e8:e2:dc:87:4d:a1:43:6c:78:fb:02:
16:1b:e7:34:70:97:4c:ea:6a:f2:2d:41:9d:bf:0d:6b:09:d2:
90:6f:92:75:bd:e1:ad:3d:03:4f:c0:54:45:43:f3:1d:a6:36:
68:30:fe:8b:95:b1:f9:3e:a0:49:68:1a:f9:0a:61:62:72:bf:
1b:78:88:2a:95:19:45:e9:d6:d4:3b:0c:d3:82:26:52:6e:7a:
22:53:dd:a6:95:d8:a6:49:36:e8:e4:01:2e:30:64:af:28:90:
cb:bf:1e:6b:51:72:10:69:58:76:f3:5e:fc:62:a9:3e:49:ad:
c0:74:74:da:3e:6c:3e:90:ed:4d:b8:41:ff:c8:59:fb:51:f4:
6c:16:0c:d3:8d:ee:09:64:6d:9b:59:97:9c:20:4a:74:91:c2:
72:a1:43:9e:09:6a:ad:61:47:c7:0b:3f:5d:11:3f:b2:7c:3f:
d8:4f:e8:f5:86:3a:df:b4:f1:1b:2e:9e:95:01:84:e8:94:d0:
cf:bc:be:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaEci1UsTZ7RLNz5x/WcEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZDVmZWY2OTJiNGMyZDIyYmRkMDMxZmFiZmE3MTEwYjdi
MzZlODEwHhcNMjUwMTAxMDU0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjI0OWI4OTFmOGMxYTU4OTVkMDc5YzRiYWM4OThhMTUzZWFmZDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhdbZhhNY+M7YkDS6m2fmecfjzaV
gW/pSRw8/Kfo8ls2giA9ZTa++jzsM0yFHdbMIdC5A8Oo2yF/oi0XIA6xdtedHf/e
PPNM7twgf/zjewyBl72fUDrZxW7my/kyHAcu51HczQbDfBWywcjyaD09wER71zEE
eHPVdp2ZFkgH2d8BAU15RbPSRioMFp95NC9T1cuu2cvCk8JDRlu//QE3kC0RbECn
Ii3WpbAFtvgZitRB/yfMuXddtloQ1D95LAgCbsQZFLAiYoyYUhk1O33y8woOynV2
vmqRiy6xdB7DP727DzdoAPSRUsM2oRfi4WY6Fd8qgDXNq+3MdFdun/7/aQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCskm4kfjBpYldB5xLrImKFT6v08MB8GA1UdIwQY
MBaAFB/V/vaStMLSK90DH6v6cRC3s26BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDlYLTlwSzB3dElyM1FNZnFfcHhFTGV6Ym9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy80OGUxYWUtOTBlOC00ZTQyLWFmM2Qt
NTEwMWJlNWRkNjE1LzEvS3lTYmlSLU1HbGlWMEhuRXVzaVlvVlBxX1R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy80OGUxYWUtOTBlOC00ZTQyLWFmM2QtNTEwMWJlNWRkNjE1
LzEvSDlYLTlwSzB3dElyM1FNZnFfcHhFTGV6Ym9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTcgMA0G
CSqGSIb3DQEBCwUAA4IBAQAt07cLtPzuhn5nD8U+TdP/kAyh9zHGAYh1+7H4LE/U
KtQgNYYKUdW+GWwDSDDTVezD7tGcI+cWcrS/ZE8t6OLch02hQ2x4+wIWG+c0cJdM
6mryLUGdvw1rCdKQb5J1veGtPQNPwFRFQ/MdpjZoMP6LlbH5PqBJaBr5CmFicr8b
eIgqlRlF6dbUOwzTgiZSbnoiU92mldimSTbo5AEuMGSvKJDLvx5rUXIQaVh28178
Yqk+Sa3AdHTaPmw+kO1NuEH/yFn7UfRsFgzTje4JZG2bWZecIEp0kcJyoUOeCWqt
YUfHCz9dET+yfD/YT+j1hjrftPEbLp6VAYTolNDPvL6G
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:02:10 2025 by rpki-client