Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/6-migOPl6ySuqwp8Pw8htjjU8Oc.roa
File: 6-migOPl6ySuqwp8Pw8htjjU8Oc.roa (raw, json)
Hash identifier: beZGIFZxSILc4SBTgPXLPaaUSRA0cn1VCsyUePQmhiY=
Subject key identifier: EB:E9:A2:80:E3:E5:EB:24:AE:AB:0A:7C:3F:0F:21:B6:38:D4:F0:E7
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 01856DE673A740CF4CB773C5010C94D17BE0
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/6-migOPl6ySuqwp8Pw8htjjU8Oc.roa
Signing time: Sun 01 Jan 2023 15:14:57 +0000
ROA not before: Sun 01 Jan 2023 15:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 85.239.144.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:73:a7:40:cf:4c:b7:73:c5:01:0c:94:d1:7b:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Jan 1 15:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ebe9a280e3e5eb24aeab0a7c3f0f21b638d4f0e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:6f:4c:08:b2:03:6a:9a:91:62:d8:5c:56:c5:
36:20:df:a1:11:f6:e0:b3:a1:dc:96:7c:65:d3:de:
69:b9:1f:85:68:02:14:a3:b1:e6:18:66:73:75:6c:
c8:a8:ed:ba:44:53:a4:13:9f:f6:03:e7:12:87:5b:
84:1f:93:b1:14:86:08:6b:32:e3:b3:50:22:87:80:
08:82:85:71:67:fd:79:f3:87:1c:13:f9:27:dc:71:
f5:cd:1e:40:20:e6:9a:66:88:97:c9:e6:0d:2c:18:
3f:3c:f1:4e:d3:c0:ff:fc:b0:88:a6:ee:67:05:33:
5e:4f:32:cb:fc:f9:36:40:6b:0d:ea:fb:59:44:f0:
2b:0d:dd:92:b5:2c:4c:1d:e9:64:d4:68:79:94:fb:
4b:71:90:ce:36:c8:d5:ef:23:de:7b:41:af:7a:ac:
e4:5d:d8:3d:e4:3f:b1:b5:50:ec:4d:d1:47:44:4d:
b6:e4:34:1e:d1:8e:33:1e:8f:4f:9d:0b:09:d0:0d:
b9:95:31:0d:79:68:b9:ec:1d:78:72:fb:3b:0c:63:
94:40:15:8e:3d:f7:cc:87:92:05:20:2d:77:66:fd:
b5:c1:17:6a:40:08:fd:84:7a:be:16:5a:51:71:31:
9e:79:e3:af:da:d1:77:ed:79:82:82:b5:c4:b1:80:
a2:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:E9:A2:80:E3:E5:EB:24:AE:AB:0A:7C:3F:0F:21:B6:38:D4:F0:E7
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/6-migOPl6ySuqwp8Pw8htjjU8Oc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.144.0/22
Signature Algorithm: sha256WithRSAEncryption
be:0a:61:b0:3a:4f:a5:1f:18:8e:87:1c:f4:81:1b:e8:e3:aa:
60:6c:8b:82:01:89:a3:28:37:7f:d8:00:af:0e:67:47:b6:8d:
51:48:38:db:fb:62:ad:b0:b0:d3:14:e3:cd:37:f2:97:78:0f:
c4:a9:ad:57:aa:0b:57:eb:35:48:b7:93:67:54:2b:57:9b:4f:
b6:a2:3b:7d:16:e7:f9:ed:4a:e7:c1:50:89:d9:01:79:ac:24:
6a:a0:06:b7:40:75:89:83:18:10:18:89:28:4a:3e:15:e1:ea:
2e:72:51:da:78:57:d3:fe:0b:a9:7e:b7:9d:a1:a2:11:2a:02:
1a:a3:76:7d:7e:fe:53:75:60:80:5c:62:10:91:5c:6e:c2:18:
04:dd:a7:62:2d:17:83:af:3e:14:09:c4:ee:4d:2b:29:f1:e7:
f6:84:ca:2c:43:ed:e3:6d:d9:f0:a1:d5:c0:6b:bf:ee:a7:de:
76:35:70:22:e4:93:83:ec:d5:55:5b:98:90:44:c2:3b:99:66:
9e:73:f7:0e:c0:33:9f:53:0b:da:a1:16:31:71:c9:5c:e7:f4:
09:17:a2:4b:49:09:3e:dd:7a:74:30:3d:53:9e:e2:2a:a9:f7:
2b:a7:79:82:6e:89:cc:b9:63:85:14:db:be:10:9b:fc:66:a0:
a3:55:00:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt5nOnQM9Mt3PFAQyU0XvgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjMwMTAxMTUxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmU5YTI4MGUzZTVlYjI0YWVhYjBhN2MzZjBmMjFiNjM4ZDRmMGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApW9MCLIDapqRYthcVsU2IN+hEfbg
s6Hclnxl095puR+FaAIUo7HmGGZzdWzIqO26RFOkE5/2A+cSh1uEH5OxFIYIazLj
s1Aih4AIgoVxZ/1584ccE/kn3HH1zR5AIOaaZoiXyeYNLBg/PPFO08D//LCIpu5n
BTNeTzLL/Pk2QGsN6vtZRPArDd2StSxMHelk1Gh5lPtLcZDONsjV7yPee0Gveqzk
Xdg95D+xtVDsTdFHRE225DQe0Y4zHo9PnQsJ0A25lTENeWi57B14cvs7DGOUQBWO
PffMh5IFIC13Zv21wRdqQAj9hHq+FlpRcTGeeeOv2tF37XmCgrXEsYCiowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOvpooDj5eskrqsKfD8PIbY41PDnMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvNi1taWdPUGw2eVN1cXdwOFB3OGh0ampVOE9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVe+QMA0G
CSqGSIb3DQEBCwUAA4IBAQC+CmGwOk+lHxiOhxz0gRvo46pgbIuCAYmjKDd/2ACv
DmdHto1RSDjb+2KtsLDTFOPNN/KXeA/Eqa1XqgtX6zVIt5NnVCtXm0+2ojt9Fuf5
7UrnwVCJ2QF5rCRqoAa3QHWJgxgQGIkoSj4V4eouclHaeFfT/gupfredoaIRKgIa
o3Z9fv5TdWCAXGIQkVxuwhgE3adiLReDrz4UCcTuTSsp8ef2hMosQ+3jbdnwodXA
a7/up952NXAi5JOD7NVVW5iQRMI7mWaec/cOwDOfUwvaoRYxcclc5/QJF6JLSQk+
3Xp0MD1TnuIqqfcrp3mCbonMuWOFFNu+EJv8ZqCjVQBZ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:48 2025 by rpki-client