Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/32c5ce-28b2-47d7-abd5-2e9d6ca08701/1/gKloA0WpERm-vywcZnNVAySTig0.roa
File: gKloA0WpERm-vywcZnNVAySTig0.roa (raw, json)
Hash identifier: jQiBrnp7zhGYRXutfdh1/DuCbW2WNwtAqSXo5n9JuqQ=
Subject key identifier: 80:A9:68:03:45:A9:11:19:BE:BF:2C:1C:66:73:55:03:24:93:8A:0D
Certificate issuer: /CN=65865968a1d8f4f377865c913af3b9af890d7cce
Certificate serial: 018CC4245A9C61E3E3A03F0A9B02D1D274F5
Authority key identifier: 65:86:59:68:A1:D8:F4:F3:77:86:5C:91:3A:F3:B9:AF:89:0D:7C:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZYZZaKHY9PN3hlyROvO5r4kNfM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/32c5ce-28b2-47d7-abd5-2e9d6ca08701/1/gKloA0WpERm-vywcZnNVAySTig0.roa
Signing time: Mon 01 Jan 2024 08:29:25 +0000
ROA not before: Mon 01 Jan 2024 08:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8288
IP address blocks: 185.161.175.0/24 maxlen: 24
185.161.174.0/24 maxlen: 24
185.161.174.0/23 maxlen: 23
2a07:c387::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:5a:9c:61:e3:e3:a0:3f:0a:9b:02:d1:d2:74:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65865968a1d8f4f377865c913af3b9af890d7cce
Validity
Not Before: Jan 1 08:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80a9680345a91119bebf2c1c6673550324938a0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f8:f0:b4:82:ab:42:32:cf:3c:41:fc:c0:88:
39:5f:83:86:92:a9:ae:b4:7a:b7:4c:90:8c:cd:fe:
38:26:a2:7d:8c:2a:f4:e4:4a:91:f6:33:da:00:be:
d6:18:77:dd:48:6d:48:08:c2:79:fe:89:15:81:42:
f9:3a:91:b6:2e:4e:90:da:ca:22:15:f4:ee:ac:e0:
58:9b:e0:c5:f8:00:73:22:26:fc:b4:05:46:44:33:
a0:44:b5:7f:fe:ae:dc:e7:65:69:04:04:e2:99:93:
23:f9:2b:07:73:19:5c:fe:46:33:6c:1d:ef:d2:df:
a8:f8:5d:2a:9e:7f:47:79:95:d2:e7:11:80:b7:ee:
b6:19:4f:4b:02:5d:93:fa:40:6b:e7:99:22:96:2f:
51:16:1b:85:26:2d:cf:5d:b2:cd:64:19:bc:f5:66:
53:93:5e:0b:9a:2c:da:e6:f7:ad:2c:c5:e9:5b:41:
8c:ef:80:fd:dd:0c:35:19:3b:f7:eb:2a:05:87:a7:
dd:d9:e6:e2:78:77:8a:aa:b3:32:00:71:2e:41:1e:
00:eb:59:3f:29:e9:b0:93:73:58:b7:a9:f6:74:d0:
c1:ed:41:8b:32:71:46:96:d9:be:4c:fc:c8:1c:89:
af:e7:d1:d6:ad:15:11:d5:74:e5:dd:11:f9:20:f6:
b5:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:A9:68:03:45:A9:11:19:BE:BF:2C:1C:66:73:55:03:24:93:8A:0D
X509v3 Authority Key Identifier:
keyid:65:86:59:68:A1:D8:F4:F3:77:86:5C:91:3A:F3:B9:AF:89:0D:7C:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYZZaKHY9PN3hlyROvO5r4kNfM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/32c5ce-28b2-47d7-abd5-2e9d6ca08701/1/gKloA0WpERm-vywcZnNVAySTig0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/32c5ce-28b2-47d7-abd5-2e9d6ca08701/1/ZYZZaKHY9PN3hlyROvO5r4kNfM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.174.0/23
IPv6:
2a07:c387::/32
Signature Algorithm: sha256WithRSAEncryption
7f:27:e6:a1:66:60:4c:f8:9c:27:c0:16:85:2b:86:32:f5:a5:
ce:04:79:78:7d:0f:b7:85:b1:4e:b6:01:23:b8:71:3e:1b:d0:
6a:ce:d7:bc:99:20:82:15:dc:43:39:49:f2:7a:3f:c6:c6:3a:
ff:55:af:9e:c0:2f:e6:db:63:58:66:60:c2:50:5e:32:6b:be:
96:cf:9f:b4:da:b4:bf:b7:e8:0e:54:40:b8:16:0f:e0:2a:fc:
df:4f:4f:5a:bd:11:b6:ec:9a:c6:13:62:e6:03:75:68:09:26:
59:f2:74:46:1b:aa:2f:ef:be:f2:b7:0c:52:0b:5c:ab:7f:5c:
26:d7:de:ce:2f:aa:1e:a9:77:f6:c4:bb:04:23:73:1c:4b:b0:
b2:7f:38:69:af:9d:ef:6a:59:2b:e8:7c:bc:9c:76:64:4a:78:
8a:d3:88:f6:51:7c:33:18:d7:21:31:b0:ed:ff:76:60:fa:5c:
ba:83:cc:2b:ff:1d:a2:bb:f9:95:f8:f2:db:3c:39:3a:ff:55:
3f:d8:17:3c:47:d4:1c:cd:e1:ed:e6:e4:59:ac:5f:21:f9:0f:
a5:58:13:7b:26:83:f4:97:1b:5a:9e:55:0e:b0:3f:fe:32:e2:
8d:17:4d:84:46:72:84:af:82:32:fa:14:66:6d:37:2f:0e:79:
33:8e:56:6a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJFqcYePjoD8KmwLR0nT1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ODY1OTY4YTFkOGY0ZjM3Nzg2NWM5MTNhZjNiOWFmODkw
ZDdjY2UwHhcNMjQwMTAxMDgyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGE5NjgwMzQ1YTkxMTE5YmViZjJjMWM2NjczNTUwMzI0OTM4YTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvjwtIKrQjLPPEH8wIg5X4OGkqmu
tHq3TJCMzf44JqJ9jCr05EqR9jPaAL7WGHfdSG1ICMJ5/okVgUL5OpG2Lk6Q2soi
FfTurOBYm+DF+ABzIib8tAVGRDOgRLV//q7c52VpBATimZMj+SsHcxlc/kYzbB3v
0t+o+F0qnn9HeZXS5xGAt+62GU9LAl2T+kBr55kili9RFhuFJi3PXbLNZBm89WZT
k14Lmiza5vetLMXpW0GM74D93Qw1GTv36yoFh6fd2ebieHeKqrMyAHEuQR4A61k/
Kemwk3NYt6n2dNDB7UGLMnFGltm+TPzIHImv59HWrRUR1XTl3RH5IPa1zwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFICpaANFqREZvr8sHGZzVQMkk4oNMB8GA1UdIwQY
MBaAFGWGWWih2PTzd4ZckTrzua+JDXzOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWllaWmFLSFk5UE4zaGx5Uk92TzVyNGtOZk00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8zMmM1Y2UtMjhiMi00N2Q3LWFiZDUt
MmU5ZDZjYTA4NzAxLzEvZ0tsb0EwV3BFUm0tdnl3Y1puTlZBeVNUaWcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8zMmM1Y2UtMjhiMi00N2Q3LWFiZDUtMmU5ZDZjYTA4NzAx
LzEvWllaWmFLSFk5UE4zaGx5Uk92TzVyNGtOZk00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuaGuMA0E
AgACMAcDBQAqB8OHMA0GCSqGSIb3DQEBCwUAA4IBAQB/J+ahZmBM+JwnwBaFK4Yy
9aXOBHl4fQ+3hbFOtgEjuHE+G9Bqzte8mSCCFdxDOUnyej/Gxjr/Va+ewC/m22NY
ZmDCUF4ya76Wz5+02rS/t+gOVEC4Fg/gKvzfT09avRG27JrGE2LmA3VoCSZZ8nRG
G6ov777ytwxSC1yrf1wm197OL6oeqXf2xLsEI3McS7Cyfzhpr53valkr6Hy8nHZk
SniK04j2UXwzGNchMbDt/3Zg+ly6g8wr/x2iu/mV+PLbPDk6/1U/2Bc8R9QczeHt
5uRZrF8h+Q+lWBN7JoP0lxtanlUOsD/+MuKNF02ERnKEr4Iy+hRmbTcvDnkzjlZq
-----END CERTIFICATE-----
Generated at Wed Apr 30 03:40:06 2025 by rpki-client