Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/e5a814-16a5-403b-93f3-cf32a0d92825/1/mOHhCAnpxR-dp3-6rcl-KfmxQF4.roa
File: mOHhCAnpxR-dp3-6rcl-KfmxQF4.roa (raw, json)
Hash identifier: 3p2JZm+3j1SVt0MOxqOY+5HYmBdbi1aC8iIMBMpg4u0=
Subject key identifier: 98:E1:E1:08:09:E9:C5:1F:9D:A7:7F:BA:AD:C9:7E:29:F9:B1:40:5E
Certificate issuer: /CN=c256d25f1fdd00dc80dd6d225b21119bf2121e89
Certificate serial: 019423D739C95F40FAAAA647E5AD371B1661
Authority key identifier: C2:56:D2:5F:1F:DD:00:DC:80:DD:6D:22:5B:21:11:9B:F2:12:1E:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wlbSXx_dANyA3W0iWyERm_ISHok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/e5a814-16a5-403b-93f3-cf32a0d92825/1/mOHhCAnpxR-dp3-6rcl-KfmxQF4.roa
Signing time: Wed 01 Jan 2025 21:48:15 +0000
ROA not before: Wed 01 Jan 2025 21:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202757
IP address blocks: 185.255.216.0/24 maxlen: 24
185.255.217.0/24 maxlen: 24
185.255.218.0/24 maxlen: 24
185.255.219.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:39:c9:5f:40:fa:aa:a6:47:e5:ad:37:1b:16:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c256d25f1fdd00dc80dd6d225b21119bf2121e89
Validity
Not Before: Jan 1 21:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98e1e10809e9c51f9da77fbaadc97e29f9b1405e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f6:c9:97:14:7e:98:31:03:e3:e1:6d:5b:67:
0b:18:a9:15:b1:72:65:dc:37:b0:9d:f5:3b:aa:25:
46:c7:ec:80:c5:73:a6:9e:6e:e0:ab:f8:6a:19:d7:
c2:0d:ad:ac:f7:10:2b:c1:dc:e9:24:a6:b8:44:48:
da:85:9c:3b:e6:ee:34:d9:e6:03:8a:89:76:da:ce:
bc:ea:a0:c7:8b:a7:39:a9:07:ba:98:60:61:16:69:
a2:5c:fc:16:03:68:12:db:a9:c8:3a:6e:b6:85:4e:
ba:f8:80:0f:3b:dc:f0:84:18:c6:4d:86:f3:75:21:
6b:fb:91:db:db:6e:d0:bc:0a:19:a0:bf:19:73:90:
be:78:11:38:f5:88:37:03:4e:6d:85:8e:51:95:94:
3c:81:4e:c2:36:b9:b6:f8:a0:b6:52:70:0d:63:49:
c5:6a:db:b4:c1:66:d8:7c:e6:0c:6c:6c:b3:f2:46:
78:11:34:9b:af:71:38:23:45:26:c0:10:fb:33:44:
9d:07:59:ee:aa:cd:be:d9:85:8e:09:a5:bd:fb:c2:
cc:cf:25:b7:fb:f1:90:fb:b8:26:c5:96:17:99:36:
e0:5b:8d:c0:9b:98:fd:c6:03:bf:52:67:64:ac:6b:
92:aa:5b:fd:f6:16:33:8c:84:38:7f:f1:8c:f5:c6:
b2:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:E1:E1:08:09:E9:C5:1F:9D:A7:7F:BA:AD:C9:7E:29:F9:B1:40:5E
X509v3 Authority Key Identifier:
keyid:C2:56:D2:5F:1F:DD:00:DC:80:DD:6D:22:5B:21:11:9B:F2:12:1E:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wlbSXx_dANyA3W0iWyERm_ISHok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e5a814-16a5-403b-93f3-cf32a0d92825/1/mOHhCAnpxR-dp3-6rcl-KfmxQF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e5a814-16a5-403b-93f3-cf32a0d92825/1/wlbSXx_dANyA3W0iWyERm_ISHok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.216.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:43:e0:8d:83:88:0e:e8:bb:db:ff:5d:96:ec:a8:df:fd:1a:
bd:a8:1d:91:56:fe:4c:51:49:87:b3:bf:9f:df:31:fc:54:89:
2f:18:99:f9:0d:1b:7e:c1:8f:9f:5e:76:e7:f7:8c:aa:af:6c:
0a:75:77:5f:5d:40:f4:e2:83:a1:0e:77:a6:38:9c:ae:4c:10:
aa:1e:cd:e4:49:95:49:1a:9d:86:30:49:6c:30:23:44:ef:f9:
1c:13:20:01:62:9f:4a:5a:cf:76:d2:b2:71:05:94:41:21:1e:
04:9c:2f:49:a2:87:f4:70:d7:ef:1d:c8:af:0b:63:e4:0d:4a:
a4:49:91:d1:f6:30:3f:9c:98:d3:b1:ce:41:3a:07:13:b2:3a:
60:06:0a:ce:20:fd:7e:51:10:b0:8e:19:69:31:42:ea:65:e5:
91:80:9e:13:fb:f9:80:f0:a2:a9:63:f3:39:32:07:f1:87:a1:
2d:c6:63:5a:78:ba:f3:90:19:01:f0:8d:72:c2:95:8c:47:19:
fa:53:ce:ff:98:3c:7d:f0:6d:ca:fa:19:ae:61:fd:b5:a1:40:
36:e3:a3:05:30:c5:23:01:39:3e:dc:83:c0:76:77:05:58:66:
54:89:23:5e:89:ed:48:1a:3b:f9:09:bf:3c:72:e0:9c:01:b9:
9e:6b:49:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1znJX0D6qqZH5a03GxZhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNTZkMjVmMWZkZDAwZGM4MGRkNmQyMjViMjExMTliZjIx
MjFlODkwHhcNMjUwMTAxMjE0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGUxZTEwODA5ZTljNTFmOWRhNzdmYmFhZGM5N2UyOWY5YjE0MDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfbJlxR+mDED4+FtW2cLGKkVsXJl
3DewnfU7qiVGx+yAxXOmnm7gq/hqGdfCDa2s9xArwdzpJKa4REjahZw75u402eYD
iol22s686qDHi6c5qQe6mGBhFmmiXPwWA2gS26nIOm62hU66+IAPO9zwhBjGTYbz
dSFr+5Hb227QvAoZoL8Zc5C+eBE49Yg3A05thY5RlZQ8gU7CNrm2+KC2UnANY0nF
atu0wWbYfOYMbGyz8kZ4ETSbr3E4I0UmwBD7M0SdB1nuqs2+2YWOCaW9+8LMzyW3
+/GQ+7gmxZYXmTbgW43Am5j9xgO/UmdkrGuSqlv99hYzjIQ4f/GM9cayzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJjh4QgJ6cUfnad/uq3Jfin5sUBeMB8GA1UdIwQY
MBaAFMJW0l8f3QDcgN1tIlshEZvyEh6JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2xiU1h4X2RBTnlBM1cwaVd5RVJtX0lTSG9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9lNWE4MTQtMTZhNS00MDNiLTkzZjMt
Y2YzMmEwZDkyODI1LzEvbU9IaENBbnB4Ui1kcDMtNnJjbC1LZm14UUY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9lNWE4MTQtMTZhNS00MDNiLTkzZjMtY2YzMmEwZDkyODI1
LzEvd2xiU1h4X2RBTnlBM1cwaVd5RVJtX0lTSG9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuf/YMA0G
CSqGSIb3DQEBCwUAA4IBAQB9Q+CNg4gO6Lvb/12W7Kjf/Rq9qB2RVv5MUUmHs7+f
3zH8VIkvGJn5DRt+wY+fXnbn94yqr2wKdXdfXUD04oOhDnemOJyuTBCqHs3kSZVJ
Gp2GMElsMCNE7/kcEyABYp9KWs920rJxBZRBIR4EnC9Joof0cNfvHcivC2PkDUqk
SZHR9jA/nJjTsc5BOgcTsjpgBgrOIP1+URCwjhlpMULqZeWRgJ4T+/mA8KKpY/M5
Mgfxh6EtxmNaeLrzkBkB8I1ywpWMRxn6U87/mDx98G3K+hmuYf21oUA246MFMMUj
ATk+3IPAdncFWGZUiSNeie1IGjv5Cb88cuCcAbmea0nO
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:50:46 2025 by rpki-client