Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/RYdEtsOojE3SXyShhqAjMIQl9xQ.roa
File: RYdEtsOojE3SXyShhqAjMIQl9xQ.roa (raw, json)
Hash identifier: bxAZYk1bj8j4gGSsg9+CUkCHFq1GRl7baVopFxolE0s=
Subject key identifier: 45:87:44:B6:C3:A8:8C:4D:D2:5F:24:A1:86:A0:23:30:84:25:F7:14
Certificate issuer: /CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Certificate serial: 019427B58B9512EED86AD4C3DC96063D76D5
Authority key identifier: 99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/RYdEtsOojE3SXyShhqAjMIQl9xQ.roa
Signing time: Thu 02 Jan 2025 15:49:56 +0000
ROA not before: Thu 02 Jan 2025 15:49:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48629
IP address blocks: 185.170.131.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:8b:95:12:ee:d8:6a:d4:c3:dc:96:06:3d:76:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Validity
Not Before: Jan 2 15:49:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=458744b6c3a88c4dd25f24a186a023308425f714
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9e:6c:32:9f:af:b1:15:8a:55:6a:f3:0a:b2:
66:02:71:66:8c:71:53:35:77:85:cb:8a:cd:43:81:
d6:05:23:e2:46:08:c7:ab:55:d9:aa:ed:dd:ec:19:
af:b5:ab:42:ba:65:ae:5a:57:b7:0c:b6:9b:79:46:
c1:ce:4f:7c:12:1b:02:fe:d1:1b:30:74:62:e2:f2:
56:b3:1b:46:5c:c1:ba:54:59:b1:42:d4:78:0d:5f:
bc:25:4e:22:66:63:37:e9:1a:2e:15:84:7b:18:2e:
0f:cd:8c:79:6c:7c:b1:1d:ec:d9:e5:f6:94:d3:b5:
1d:08:85:8a:06:84:e6:79:4d:01:9c:37:db:4b:8b:
24:2c:bb:f7:9b:15:f3:0b:99:f1:ee:2f:24:6f:d5:
ee:d4:a9:62:8c:8b:25:5d:25:9d:90:24:4f:18:99:
e3:0b:ad:66:53:94:cb:3d:55:11:e5:90:62:25:48:
5b:61:70:55:a6:58:a2:e9:47:fa:b9:74:95:2a:43:
c0:ae:f4:e9:c9:78:13:83:40:14:82:9a:64:96:f3:
8a:48:5e:9d:68:91:a4:1d:28:48:84:79:b4:8a:20:
c9:ee:a3:b8:38:37:ea:bd:bf:a6:1a:6c:d7:bf:55:
81:39:5f:1f:0e:cf:0a:8b:45:4c:b8:dd:22:e0:c6:
89:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:87:44:B6:C3:A8:8C:4D:D2:5F:24:A1:86:A0:23:30:84:25:F7:14
X509v3 Authority Key Identifier:
keyid:99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/RYdEtsOojE3SXyShhqAjMIQl9xQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/mc5WmhTC2zdy8jGHzmjmVB7ABI4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.131.0/24
Signature Algorithm: sha256WithRSAEncryption
96:78:67:2e:82:75:7e:71:82:c6:0d:a8:99:6d:e3:ce:bf:5a:
a5:4f:44:88:ca:1c:f7:a5:7c:d1:2d:13:21:7a:cd:51:38:4d:
19:78:67:3d:75:e1:c3:97:37:bc:2d:57:ed:d7:e6:db:ee:ff:
a1:6a:2f:17:f7:65:58:13:f3:60:6b:0a:e0:45:e0:4d:d4:31:
a0:92:90:37:9a:9c:54:e5:76:c0:81:9d:c2:d7:2a:2d:0c:ad:
b5:c6:79:59:c9:b4:36:4d:51:42:68:8e:2e:56:2d:02:78:aa:
f0:f2:8e:36:33:4a:6e:9d:42:5e:9b:6c:89:21:f8:66:3e:2b:
d3:04:66:2f:0d:de:4f:48:ec:b7:5f:6d:d5:fd:77:40:a2:27:
ca:79:88:41:96:1f:a1:61:2c:d6:d8:64:16:f5:f0:da:1a:07:
ff:c4:54:82:51:3d:ca:cf:cd:c0:4b:4b:f2:13:7e:ac:2b:b0:
39:92:4a:ba:41:60:e2:e9:1b:fd:fd:01:60:83:e9:87:b9:38:
a9:ac:78:9e:4a:5c:c3:e4:4b:27:f4:5e:a4:dd:53:9a:7d:b8:
80:63:eb:80:7c:03:14:a6:63:f8:fa:34:be:3a:61:11:bf:e6:
eb:ea:c1:9b:37:ce:5a:4a:7d:2d:72:f2:63:dc:31:94:3d:cb:
78:b1:d2:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntYuVEu7YatTD3JYGPXbVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5Y2U1NjlhMTRjMmRiMzc3MmYyMzE4N2NlNjhlNjU0MWVj
MDA0OGUwHhcNMjUwMTAyMTU0OTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTg3NDRiNmMzYTg4YzRkZDI1ZjI0YTE4NmEwMjMzMDg0MjVmNzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJ5sMp+vsRWKVWrzCrJmAnFmjHFT
NXeFy4rNQ4HWBSPiRgjHq1XZqu3d7BmvtatCumWuWle3DLabeUbBzk98EhsC/tEb
MHRi4vJWsxtGXMG6VFmxQtR4DV+8JU4iZmM36RouFYR7GC4PzYx5bHyxHezZ5faU
07UdCIWKBoTmeU0BnDfbS4skLLv3mxXzC5nx7i8kb9Xu1KlijIslXSWdkCRPGJnj
C61mU5TLPVUR5ZBiJUhbYXBVplii6Uf6uXSVKkPArvTpyXgTg0AUgppklvOKSF6d
aJGkHShIhHm0iiDJ7qO4ODfqvb+mGmzXv1WBOV8fDs8Ki0VMuN0i4MaJKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEWHRLbDqIxN0l8koYagIzCEJfcUMB8GA1UdIwQY
MBaAFJnOVpoUwts3cvIxh85o5lQewASOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQt
MTA5NTU0NGM2YzUwLzEvUllkRXRzT29qRTNTWHlTaGhxQWpNSVFsOXhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQtMTA5NTU0NGM2YzUw
LzEvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaqDMA0G
CSqGSIb3DQEBCwUAA4IBAQCWeGcugnV+cYLGDaiZbePOv1qlT0SIyhz3pXzRLRMh
es1ROE0ZeGc9deHDlze8LVft1+bb7v+hai8X92VYE/NgawrgReBN1DGgkpA3mpxU
5XbAgZ3C1yotDK21xnlZybQ2TVFCaI4uVi0CeKrw8o42M0punUJem2yJIfhmPivT
BGYvDd5PSOy3X23V/XdAoifKeYhBlh+hYSzW2GQW9fDaGgf/xFSCUT3Kz83AS0vy
E36sK7A5kkq6QWDi6Rv9/QFgg+mHuTiprHieSlzD5Esn9F6k3VOafbiAY+uAfAMU
pmP4+jS+OmERv+br6sGbN85aSn0tcvJj3DGUPct4sdKB
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:46:37 2025 by rpki-client