Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/ab9012-bfae-4729-b993-09733cb0269e/1/hRViLioOhxazkHfvXEUqCQoWtcM.roa
File: hRViLioOhxazkHfvXEUqCQoWtcM.roa (raw, json)
Hash identifier: UwsVl6zDnCr1HkAOnBnopdZVrNViwXPi8g+Nx+h0Crk=
Subject key identifier: 85:15:62:2E:2A:0E:87:16:B3:90:77:EF:5C:45:2A:09:0A:16:B5:C3
Certificate issuer: /CN=1ab70e3488dc831d45a75744e2f8bba267fd31d6
Certificate serial: 019424448B177B96ED3A095397E26D18EE27
Authority key identifier: 1A:B7:0E:34:88:DC:83:1D:45:A7:57:44:E2:F8:BB:A2:67:FD:31:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GrcONIjcgx1Fp1dE4vi7omf9MdY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/ab9012-bfae-4729-b993-09733cb0269e/1/hRViLioOhxazkHfvXEUqCQoWtcM.roa
Signing time: Wed 01 Jan 2025 23:47:39 +0000
ROA not before: Wed 01 Jan 2025 23:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198463
IP address blocks: 185.117.104.0/22 maxlen: 24
2a06:8400::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:8b:17:7b:96:ed:3a:09:53:97:e2:6d:18:ee:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ab70e3488dc831d45a75744e2f8bba267fd31d6
Validity
Not Before: Jan 1 23:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8515622e2a0e8716b39077ef5c452a090a16b5c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:49:6d:1c:40:98:5c:87:27:54:fe:db:b3:03:
f8:a2:1c:63:5d:e6:36:79:4c:77:a8:80:4b:dd:59:
84:ca:9f:39:84:63:2d:fd:cd:70:4b:cf:7c:b6:3d:
2e:78:b9:4f:62:60:8b:5c:2c:d6:1e:b0:8a:03:dd:
d2:21:7c:fa:64:cb:65:0e:cc:72:56:97:e8:ca:6d:
d6:98:8e:3b:b0:c1:12:80:c9:5b:33:d8:48:00:1b:
a1:de:ce:63:01:f6:4b:af:c3:c5:67:e9:ac:84:fa:
e0:5a:4f:25:eb:41:91:d7:ff:ab:85:93:db:4a:07:
bf:3d:5b:aa:ed:7d:71:7c:dd:6c:9a:f8:0b:b5:fa:
87:8c:b8:0d:83:3e:dd:d5:fb:18:b2:a3:43:e0:63:
d7:5c:d4:24:83:96:2a:95:c0:f3:7c:f3:8c:d2:23:
25:30:85:a0:57:e6:8f:41:ff:86:a4:6a:d0:2f:36:
ef:1e:a0:cd:32:7f:0b:e2:b4:0c:48:f7:9f:80:12:
7f:48:56:5d:ec:98:45:ae:40:f8:91:d1:6a:18:b4:
b4:51:c4:cb:16:a4:ed:88:c1:fe:6b:bf:35:b3:ea:
d9:25:c6:a2:29:33:5a:a5:6e:a7:a3:24:76:64:56:
48:96:c9:e6:0c:8f:9f:8c:f0:ba:5a:18:2b:73:9d:
c3:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:15:62:2E:2A:0E:87:16:B3:90:77:EF:5C:45:2A:09:0A:16:B5:C3
X509v3 Authority Key Identifier:
keyid:1A:B7:0E:34:88:DC:83:1D:45:A7:57:44:E2:F8:BB:A2:67:FD:31:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GrcONIjcgx1Fp1dE4vi7omf9MdY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/ab9012-bfae-4729-b993-09733cb0269e/1/hRViLioOhxazkHfvXEUqCQoWtcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/ab9012-bfae-4729-b993-09733cb0269e/1/GrcONIjcgx1Fp1dE4vi7omf9MdY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.104.0/22
IPv6:
2a06:8400::/29
Signature Algorithm: sha256WithRSAEncryption
2a:1e:03:fc:10:08:17:95:3d:f6:66:e9:2c:69:20:2d:d1:41:
54:75:f5:02:80:7e:03:b1:7a:6b:68:27:90:a5:eb:68:e3:d0:
95:5b:15:d7:87:91:26:3a:ba:4c:fb:dc:57:43:e0:03:36:8f:
64:8e:8e:ac:9f:63:e0:f1:55:93:35:18:0a:74:40:9a:06:cc:
0d:2a:e2:71:cd:27:18:e1:78:53:0b:88:80:a9:ff:a3:9c:e3:
3a:1c:95:e3:52:5e:a4:d5:ce:8c:b1:a6:38:fd:84:9a:58:ed:
a2:93:cf:11:1e:04:d6:8a:94:e4:c5:45:15:9a:6b:6b:38:34:
10:e6:4e:3e:86:07:80:75:fa:82:e0:b1:a1:fd:2d:b3:08:fc:
eb:d6:73:33:af:ef:b5:f3:04:8f:9d:7e:93:8b:b8:38:8c:1a:
3f:6f:c0:8b:07:d7:38:7b:df:35:91:d1:26:c9:05:61:d2:97:
17:09:c1:eb:23:01:80:9c:e5:d7:62:4e:29:ae:7d:bd:08:04:
80:b3:b9:f9:3b:be:ff:8d:bf:8c:71:17:a7:0e:60:99:5b:6d:
8f:01:4c:1a:b4:ca:d4:51:93:f4:b8:57:bb:7b:d3:f5:e3:85:
0e:44:54:ba:19:86:38:04:50:21:f8:cc:22:c1:3a:39:a0:fd:
cb:8d:d9:a5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRIsXe5btOglTl+JtGO4nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhYjcwZTM0ODhkYzgzMWQ0NWE3NTc0NGUyZjhiYmEyNjdm
ZDMxZDYwHhcNMjUwMTAxMjM0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTE1NjIyZTJhMGU4NzE2YjM5MDc3ZWY1YzQ1MmEwOTBhMTZiNWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0ltHECYXIcnVP7bswP4ohxjXeY2
eUx3qIBL3VmEyp85hGMt/c1wS898tj0ueLlPYmCLXCzWHrCKA93SIXz6ZMtlDsxy
Vpfoym3WmI47sMESgMlbM9hIABuh3s5jAfZLr8PFZ+mshPrgWk8l60GR1/+rhZPb
Sge/PVuq7X1xfN1smvgLtfqHjLgNgz7d1fsYsqND4GPXXNQkg5YqlcDzfPOM0iMl
MIWgV+aPQf+GpGrQLzbvHqDNMn8L4rQMSPefgBJ/SFZd7JhFrkD4kdFqGLS0UcTL
FqTtiMH+a781s+rZJcaiKTNapW6noyR2ZFZIlsnmDI+fjPC6Whgrc53DXwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIUVYi4qDocWs5B371xFKgkKFrXDMB8GA1UdIwQY
MBaAFBq3DjSI3IMdRadXROL4u6Jn/THWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3JjT05JamNneDFGcDFkRTR2aTdvbWY5TWRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9hYjkwMTItYmZhZS00NzI5LWI5OTMt
MDk3MzNjYjAyNjllLzEvaFJWaUxpb09oeGF6a0hmdlhFVXFDUW9XdGNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9hYjkwMTItYmZhZS00NzI5LWI5OTMtMDk3MzNjYjAyNjll
LzEvR3JjT05JamNneDFGcDFkRTR2aTdvbWY5TWRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXVoMA0E
AgACMAcDBQMqBoQAMA0GCSqGSIb3DQEBCwUAA4IBAQAqHgP8EAgXlT32ZuksaSAt
0UFUdfUCgH4DsXpraCeQpeto49CVWxXXh5EmOrpM+9xXQ+ADNo9kjo6sn2Pg8VWT
NRgKdECaBswNKuJxzScY4XhTC4iAqf+jnOM6HJXjUl6k1c6MsaY4/YSaWO2ik88R
HgTWipTkxUUVmmtrODQQ5k4+hgeAdfqC4LGh/S2zCPzr1nMzr++18wSPnX6Ti7g4
jBo/b8CLB9c4e981kdEmyQVh0pcXCcHrIwGAnOXXYk4prn29CASAs7n5O77/jb+M
cRenDmCZW22PAUwatMrUUZP0uFe7e9P144UORFS6GYY4BFAh+MwiwTo5oP3Ljdml
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:23:20 2025 by rpki-client