Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/31a0ec-d9b8-49e4-b436-8b4215e58028/1/IQVuYRD39w1eDGvQI5n6qd53zJ0.roa
File: IQVuYRD39w1eDGvQI5n6qd53zJ0.roa (raw, json)
Hash identifier: YMuLKblQhuUFH21p6Ke9CEB5Y7GrJ0BpmU+txXFqoC4=
Subject key identifier: 21:05:6E:61:10:F7:F7:0D:5E:0C:6B:D0:23:99:FA:A9:DE:77:CC:9D
Certificate issuer: /CN=b00e25f55ebbacb069f103acb0866703835cfccd
Certificate serial: 019421B20EA6971DDD28C71BE92C82F5E821
Authority key identifier: B0:0E:25:F5:5E:BB:AC:B0:69:F1:03:AC:B0:86:67:03:83:5C:FC:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sA4l9V67rLBp8QOssIZnA4Nc_M0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/31a0ec-d9b8-49e4-b436-8b4215e58028/1/IQVuYRD39w1eDGvQI5n6qd53zJ0.roa
Signing time: Wed 01 Jan 2025 11:48:24 +0000
ROA not before: Wed 01 Jan 2025 11:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35369
IP address blocks: 185.197.181.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:0e:a6:97:1d:dd:28:c7:1b:e9:2c:82:f5:e8:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b00e25f55ebbacb069f103acb0866703835cfccd
Validity
Not Before: Jan 1 11:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21056e6110f7f70d5e0c6bd02399faa9de77cc9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:36:0e:0f:01:d7:7c:24:1f:21:98:74:bb:60:
a6:1a:08:cb:af:34:57:00:17:50:1f:1d:e3:30:b4:
62:f4:40:8c:0f:7e:0d:4d:9f:40:94:58:c4:a2:c6:
74:ce:e5:12:94:fc:7a:8e:b7:8b:9c:88:e9:15:ec:
9b:b3:9a:dc:89:58:ef:85:d1:13:dc:db:db:7c:a5:
f5:f9:96:43:f0:de:e9:3b:f6:12:59:45:49:92:01:
e9:47:8e:13:c0:64:76:39:1c:83:f3:d7:f5:e7:0a:
94:5b:1a:61:a6:bc:b3:5e:0e:79:53:eb:a5:02:b2:
73:6d:ef:84:4e:3d:43:4b:87:9c:44:9f:a6:fe:1c:
ac:4e:76:3e:33:f2:a8:c8:d8:33:d8:2a:0c:73:5a:
ef:cb:76:76:ec:12:fa:53:cb:68:25:79:b0:5c:de:
57:eb:23:b5:ce:12:3c:24:f2:fe:d1:f0:ba:e3:20:
b4:a8:b9:e9:15:f2:45:a6:c2:1f:f6:dc:b1:18:a1:
99:0d:b4:26:6e:0a:26:53:aa:2b:f7:62:a4:fc:13:
ae:50:7b:f7:ab:88:ef:72:18:b6:7a:07:13:b7:72:
34:18:57:69:09:2e:c3:8a:bf:d3:d3:d5:e2:cb:e3:
9b:6f:2d:77:65:2c:bc:a8:5b:e8:fb:a1:b8:79:b8:
1f:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:05:6E:61:10:F7:F7:0D:5E:0C:6B:D0:23:99:FA:A9:DE:77:CC:9D
X509v3 Authority Key Identifier:
keyid:B0:0E:25:F5:5E:BB:AC:B0:69:F1:03:AC:B0:86:67:03:83:5C:FC:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sA4l9V67rLBp8QOssIZnA4Nc_M0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/31a0ec-d9b8-49e4-b436-8b4215e58028/1/IQVuYRD39w1eDGvQI5n6qd53zJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/31a0ec-d9b8-49e4-b436-8b4215e58028/1/sA4l9V67rLBp8QOssIZnA4Nc_M0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.181.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:85:a1:1a:14:f5:a4:73:e2:6e:40:bc:84:56:7e:53:08:22:
97:ff:c9:54:4c:31:50:ee:9f:22:de:7b:ba:d8:f7:9a:7d:a5:
6e:fa:5e:af:fd:bd:3b:a3:67:d0:72:a5:71:6a:ad:7f:42:36:
4a:02:5f:d7:86:f0:08:53:68:f5:2e:52:1e:ac:03:84:d0:82:
9e:d0:2e:88:8c:2f:07:a4:ec:8a:61:5a:62:d8:97:68:96:9b:
29:62:98:f5:e8:6b:67:bf:b4:e7:de:a7:62:9a:19:9b:bf:df:
cd:c2:8b:2c:d9:97:78:fa:f6:38:2f:29:29:41:f3:4f:29:21:
3f:bd:9b:0c:b8:22:cd:2b:a0:b5:d7:6e:41:6a:bf:b6:9d:cc:
f5:8e:f9:d9:51:f3:49:59:83:48:b4:fa:8a:99:61:ee:5a:9a:
99:f7:23:05:e4:87:9d:02:2d:fb:66:05:63:69:e3:3c:7b:f7:
a1:ee:11:f0:6f:ad:4b:0b:dd:29:81:10:f7:53:d3:56:d9:b4:
5f:9f:a4:ba:fc:b2:a2:4e:96:0c:dc:78:d7:fd:55:d3:0d:ca:
04:dd:f9:cb:98:ec:67:7a:34:cb:00:3a:e0:14:9f:2e:cb:f3:
02:61:25:34:27:10:89:7e:6b:6f:8d:72:ee:18:5b:79:f2:42:
f9:73:66:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsg6mlx3dKMcb6SyC9eghMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMGUyNWY1NWViYmFjYjA2OWYxMDNhY2IwODY2NzAzODM1
Y2ZjY2QwHhcNMjUwMTAxMTE0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTA1NmU2MTEwZjdmNzBkNWUwYzZiZDAyMzk5ZmFhOWRlNzdjYzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDYODwHXfCQfIZh0u2CmGgjLrzRX
ABdQHx3jMLRi9ECMD34NTZ9AlFjEosZ0zuUSlPx6jreLnIjpFeybs5rciVjvhdET
3NvbfKX1+ZZD8N7pO/YSWUVJkgHpR44TwGR2ORyD89f15wqUWxphpryzXg55U+ul
ArJzbe+ETj1DS4ecRJ+m/hysTnY+M/KoyNgz2CoMc1rvy3Z27BL6U8toJXmwXN5X
6yO1zhI8JPL+0fC64yC0qLnpFfJFpsIf9tyxGKGZDbQmbgomU6or92Kk/BOuUHv3
q4jvchi2egcTt3I0GFdpCS7Dir/T09Xiy+Obby13ZSy8qFvo+6G4ebgfVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCEFbmEQ9/cNXgxr0COZ+qned8ydMB8GA1UdIwQY
MBaAFLAOJfVeu6ywafEDrLCGZwODXPzNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0E0bDlWNjdyTEJwOFFPc3NJWm5BNE5jX00wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8zMWEwZWMtZDliOC00OWU0LWI0MzYt
OGI0MjE1ZTU4MDI4LzEvSVFWdVlSRDM5dzFlREd2UUk1bjZxZDUzekowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8zMWEwZWMtZDliOC00OWU0LWI0MzYtOGI0MjE1ZTU4MDI4
LzEvc0E0bDlWNjdyTEJwOFFPc3NJWm5BNE5jX00wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucW1MA0G
CSqGSIb3DQEBCwUAA4IBAQDFhaEaFPWkc+JuQLyEVn5TCCKX/8lUTDFQ7p8i3nu6
2PeafaVu+l6v/b07o2fQcqVxaq1/QjZKAl/XhvAIU2j1LlIerAOE0IKe0C6IjC8H
pOyKYVpi2JdolpspYpj16Gtnv7Tn3qdimhmbv9/Nwoss2Zd4+vY4LykpQfNPKSE/
vZsMuCLNK6C1125Bar+2ncz1jvnZUfNJWYNItPqKmWHuWpqZ9yMF5IedAi37ZgVj
aeM8e/eh7hHwb61LC90pgRD3U9NW2bRfn6S6/LKiTpYM3HjX/VXTDcoE3fnLmOxn
ejTLADrgFJ8uy/MCYSU0JxCJfmtvjXLuGFt58kL5c2bp
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:09:21 2025 by rpki-client