Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/VJGjrq-Vj1UZ-ZdftelI9rBjXrY.roa
File: VJGjrq-Vj1UZ-ZdftelI9rBjXrY.roa (raw, json)
Hash identifier: M7iLMAib01DXWP3C9KltnfW9CPQAO54/pCYa1IL7qxE=
Subject key identifier: 54:91:A3:AE:AF:95:8F:55:19:F9:97:5F:B5:E9:48:F6:B0:63:5E:B6
Certificate issuer: /CN=b10c3cf3dc53ca549c03e4f5f46d91ce90b8e070
Certificate serial: 019427483AFCE1106EFD4F4D9BDB9505A4DF
Authority key identifier: B1:0C:3C:F3:DC:53:CA:54:9C:03:E4:F5:F4:6D:91:CE:90:B8:E0:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sQw889xTylScA-T19G2RzpC44HA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/VJGjrq-Vj1UZ-ZdftelI9rBjXrY.roa
Signing time: Thu 02 Jan 2025 13:50:32 +0000
ROA not before: Thu 02 Jan 2025 13:50:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212776
IP address blocks: 185.161.67.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:3a:fc:e1:10:6e:fd:4f:4d:9b:db:95:05:a4:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b10c3cf3dc53ca549c03e4f5f46d91ce90b8e070
Validity
Not Before: Jan 2 13:50:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5491a3aeaf958f5519f9975fb5e948f6b0635eb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:44:19:eb:5b:a2:86:04:c1:57:f5:c6:5b:7c:
81:16:b0:ca:ce:e5:39:b0:d3:29:33:d4:ec:14:00:
b0:a1:22:23:87:00:2d:c5:5f:83:b6:8c:40:7e:14:
35:c7:ab:d6:d9:93:4e:a3:d6:63:92:7d:72:68:6d:
64:8f:22:f7:49:a1:70:fb:6b:92:85:ac:15:ab:b3:
b0:1b:e6:67:ec:e7:97:f6:bc:a6:98:2a:6e:21:c9:
ad:99:55:72:e4:2e:42:63:8e:30:9c:f7:2a:2b:10:
23:6f:75:1a:45:4e:d7:77:dc:ce:72:dc:90:95:cd:
b1:9d:de:b8:6c:ab:4c:73:06:8d:9e:45:03:d7:3c:
5f:ea:a5:3d:37:dd:55:47:4e:0e:0c:26:24:e5:c7:
77:4a:a7:ad:65:3c:e0:b3:bd:75:e0:9f:80:3b:94:
3f:fc:fe:52:c9:26:ae:a9:cd:65:27:fc:60:4c:db:
cc:c5:23:ce:bd:a3:b8:06:35:6b:c9:24:7d:b1:3e:
d8:31:1d:e5:e0:ca:10:1c:78:95:10:27:cc:60:1d:
de:2a:d0:20:25:e3:ba:25:dd:6d:9b:20:99:48:a9:
83:4a:fb:a6:65:1e:8b:0b:d3:e3:4f:63:e2:c7:8c:
ae:ea:6b:4d:6b:30:c2:20:d4:0e:8b:c5:a1:9f:f0:
30:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:91:A3:AE:AF:95:8F:55:19:F9:97:5F:B5:E9:48:F6:B0:63:5E:B6
X509v3 Authority Key Identifier:
keyid:B1:0C:3C:F3:DC:53:CA:54:9C:03:E4:F5:F4:6D:91:CE:90:B8:E0:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sQw889xTylScA-T19G2RzpC44HA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/VJGjrq-Vj1UZ-ZdftelI9rBjXrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/sQw889xTylScA-T19G2RzpC44HA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.67.0/24
Signature Algorithm: sha256WithRSAEncryption
43:1c:d3:04:03:a2:31:51:99:dc:aa:d9:47:54:6f:1a:33:53:
0f:cd:aa:1b:f1:6d:de:78:d6:13:19:10:ad:4e:01:6d:1e:66:
55:13:ac:bf:91:d3:59:63:21:11:d8:c9:f7:83:c2:83:71:9b:
48:0a:ed:5f:39:0d:59:b6:dc:70:52:85:d5:fc:5e:f2:d2:93:
2f:5a:2c:03:21:36:0f:10:03:44:65:0f:81:1e:24:f2:a2:5a:
cb:69:d4:b9:44:99:3d:67:06:22:f8:da:2c:e9:6f:7e:f1:c0:
d7:de:5e:5e:ef:f3:7d:4e:68:20:94:27:07:d1:c5:16:80:4d:
24:af:a0:dc:87:1a:c1:61:6d:8d:d7:7f:3e:ea:5a:02:44:60:
6a:69:30:ef:b7:62:71:70:59:5c:b7:a7:84:9c:67:28:34:43:
c2:27:e3:09:6c:e1:52:ba:fb:b3:25:41:27:03:e9:28:fc:e2:
5f:65:3c:49:e9:3c:59:b2:78:bb:3c:71:ba:6c:01:50:ee:2b:
ad:b2:2f:78:08:37:9e:1e:2e:46:3b:7a:2a:dc:7f:31:d5:77:
a1:2c:4e:09:4c:d8:a3:ef:30:80:c7:d6:76:a9:68:be:18:12:
77:50:bd:7d:c2:17:a0:dc:cc:fa:40:1c:b8:ba:28:00:79:9b:
15:44:94:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSDr84RBu/U9Nm9uVBaTfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMGMzY2YzZGM1M2NhNTQ5YzAzZTRmNWY0NmQ5MWNlOTBi
OGUwNzAwHhcNMjUwMTAyMTM1MDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDkxYTNhZWFmOTU4ZjU1MTlmOTk3NWZiNWU5NDhmNmIwNjM1ZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UQZ61uihgTBV/XGW3yBFrDKzuU5
sNMpM9TsFACwoSIjhwAtxV+DtoxAfhQ1x6vW2ZNOo9Zjkn1yaG1kjyL3SaFw+2uS
hawVq7OwG+Zn7OeX9rymmCpuIcmtmVVy5C5CY44wnPcqKxAjb3UaRU7Xd9zOctyQ
lc2xnd64bKtMcwaNnkUD1zxf6qU9N91VR04ODCYk5cd3SqetZTzgs7114J+AO5Q/
/P5SySauqc1lJ/xgTNvMxSPOvaO4BjVrySR9sT7YMR3l4MoQHHiVECfMYB3eKtAg
JeO6Jd1tmyCZSKmDSvumZR6LC9PjT2Pix4yu6mtNazDCINQOi8Whn/AwvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFSRo66vlY9VGfmXX7XpSPawY162MB8GA1UdIwQY
MBaAFLEMPPPcU8pUnAPk9fRtkc6QuOBwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1F3ODg5eFR5bFNjQS1UMTlHMlJ6cEM0NEhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yNWNkYjQtZTUwOC00YjM3LTgxYmMt
MzZmODJiZDM3OWJkLzEvVkpHanJxLVZqMVVaLVpkZnRlbEk5ckJqWHJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8yNWNkYjQtZTUwOC00YjM3LTgxYmMtMzZmODJiZDM3OWJk
LzEvc1F3ODg5eFR5bFNjQS1UMTlHMlJ6cEM0NEhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaFDMA0G
CSqGSIb3DQEBCwUAA4IBAQBDHNMEA6IxUZncqtlHVG8aM1MPzaob8W3eeNYTGRCt
TgFtHmZVE6y/kdNZYyER2Mn3g8KDcZtICu1fOQ1ZttxwUoXV/F7y0pMvWiwDITYP
EANEZQ+BHiTyolrLadS5RJk9ZwYi+Nos6W9+8cDX3l5e7/N9TmgglCcH0cUWgE0k
r6DchxrBYW2N138+6loCRGBqaTDvt2JxcFlct6eEnGcoNEPCJ+MJbOFSuvuzJUEn
A+ko/OJfZTxJ6TxZsni7PHG6bAFQ7iutsi94CDeeHi5GO3oq3H8x1XehLE4JTNij
7zCAx9Z2qWi+GBJ3UL19wheg3Mz6QBy4uigAeZsVRJTO
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:09:21 2025 by rpki-client