Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/rmZecdTW4XPtU0xChaDPuL_gq6I.roa
File: rmZecdTW4XPtU0xChaDPuL_gq6I.roa (raw, json)
Hash identifier: 3RpTFa+ChEQVbNYT1WMKaDCMZdzjwu7p8qGczA45mnI=
Subject key identifier: AE:66:5E:71:D4:D6:E1:73:ED:53:4C:42:85:A0:CF:B8:BF:E0:AB:A2
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 04F82D5E
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/rmZecdTW4XPtU0xChaDPuL_gq6I.roa
Signing time: Tue 19 Apr 2022 15:56:11 +0000
ROA not before: Tue 19 Apr 2022 15:56:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25211
IP address blocks: 178.239.112.0/20 maxlen: 20
185.95.159.0/24 maxlen: 24
185.95.157.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83373406 (0x4f82d5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Apr 19 15:56:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ae665e71d4d6e173ed534c4285a0cfb8bfe0aba2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5d:82:cf:78:f2:4f:0e:95:5e:9e:a7:4c:86:
5c:63:6d:65:69:66:38:2e:af:4b:48:17:22:e7:a6:
2d:08:09:81:ce:59:aa:a6:ea:ed:ea:0a:52:c8:6b:
67:d8:a0:0b:ff:5f:27:77:32:71:ed:54:0b:47:e4:
65:16:7b:ca:af:1c:34:7e:19:aa:00:d2:68:3d:9d:
1b:c7:38:f9:8c:e7:57:6b:ca:7c:80:4d:d2:a5:f4:
b0:89:5f:f1:6c:76:c0:7c:af:9a:0e:b4:01:e7:ff:
b7:6d:d8:c4:a1:83:13:6a:18:a0:68:3c:1e:d8:1b:
1a:81:f0:7c:fe:cc:1b:45:79:cb:df:fa:53:df:34:
3c:e3:d7:ac:1c:25:00:5c:ed:87:09:2d:7e:02:df:
aa:33:47:ea:33:56:2f:31:14:6f:b2:4b:a6:2a:d5:
49:68:3b:08:23:77:86:64:d5:90:0f:7d:5f:80:b7:
3b:ae:5c:04:00:ce:b8:3c:f8:8e:d6:be:18:d1:0f:
c2:55:26:96:ef:50:15:c1:60:12:b8:a6:71:7b:14:
d2:14:84:3e:c4:3a:f2:3a:22:c7:5a:d2:f6:f7:f1:
93:ca:65:e0:43:7e:55:7e:3f:d6:d3:6e:92:29:02:
ff:e0:16:b0:9d:37:b8:af:8f:9f:69:d4:e2:65:0a:
10:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:66:5E:71:D4:D6:E1:73:ED:53:4C:42:85:A0:CF:B8:BF:E0:AB:A2
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/rmZecdTW4XPtU0xChaDPuL_gq6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.112.0/20
185.95.157.0/24
185.95.159.0/24
Signature Algorithm: sha256WithRSAEncryption
65:e6:85:9f:b4:91:99:2c:ef:90:41:d9:98:a5:fb:db:74:30:
6e:9d:35:0f:77:03:d0:ce:c8:8e:1b:75:f9:b6:85:0a:e0:26:
cf:3e:a4:7b:1d:0a:6e:6a:09:22:57:33:72:d3:c2:3e:9d:a0:
fc:1a:7d:a6:01:59:df:be:5f:c8:86:2a:08:d3:19:34:b3:92:
ac:52:4e:c3:7b:c4:4a:42:d8:79:23:57:83:cf:48:c4:3f:12:
ee:06:fe:b0:09:24:40:8d:ca:66:f8:80:c1:92:de:20:21:a7:
be:1c:c9:4a:25:c4:5e:d9:d5:d1:84:6a:2d:9a:2c:ae:7b:b6:
78:f6:cc:eb:5b:25:9c:66:82:91:a9:17:4e:93:17:7a:3a:ba:
2b:39:ee:0b:09:8a:ba:42:7a:53:af:6c:39:d5:96:c7:0a:c5:
e2:cb:ad:77:a2:8c:4e:b3:32:58:61:d1:65:80:5e:3a:5c:8f:
9d:fb:25:18:b0:7b:c9:b0:78:e0:29:5d:62:a3:0c:b7:e3:24:
4b:f1:71:10:4e:5c:b8:6d:85:ad:2d:d1:be:70:51:45:10:f6:
9b:4d:45:10:a9:fe:a7:b8:74:3d:2b:a4:7a:0c:c9:14:7f:8a:
37:3d:b2:e2:2d:88:34:f3:f9:e6:ea:c2:b2:5f:6c:36:97:29:
fb:a1:43:5f
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBPgtXjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OWQyZGFmZjFjNWJiNjFhMGFjOGIzY2FlYWQ0YjhhMWZhMjg0ZDBmMB4XDTIyMDQx
OTE1NTYxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWU2NjVlNzFkNGQ2
ZTE3M2VkNTM0YzQyODVhMGNmYjhiZmUwYWJhMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ9dgs948k8OlV6ep0yGXGNtZWlmOC6vS0gXIuemLQgJgc5Z
qqbq7eoKUshrZ9igC/9fJ3cyce1UC0fkZRZ7yq8cNH4ZqgDSaD2dG8c4+YznV2vK
fIBN0qX0sIlf8Wx2wHyvmg60Aef/t23YxKGDE2oYoGg8HtgbGoHwfP7MG0V5y9/6
U980POPXrBwlAFzthwktfgLfqjNH6jNWLzEUb7JLpirVSWg7CCN3hmTVkA99X4C3
O65cBADOuDz4jta+GNEPwlUmlu9QFcFgErimcXsU0hSEPsQ68joix1rS9vfxk8pl
4EN+VX4/1tNukikC/+AWsJ03uK+Pn2nU4mUKEH0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSuZl5x1Nbhc+1TTEKFoM+4v+CrojAfBgNVHSMEGDAWgBQp0tr/HFu2GgrI
s8rq1Lih+ihNDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tkTGFfeHhidGhvS3lMUEs2dFM0b2Zvb1RROC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDcvZTVlYTk4LTk2MDEtNGFkZC1hN2Y4LTRmNTdkOWNmNWNhYS8x
L3JtWmVjZFRXNFhQdFUweENoYURQdUxfZ3E2SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcv
ZTVlYTk4LTk2MDEtNGFkZC1hN2Y4LTRmNTdkOWNmNWNhYS8xL0tkTGFfeHhidGhv
S3lMUEs2dFM0b2Zvb1RROC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEBLLvcAMEALlfnQMEALlfnzANBgkq
hkiG9w0BAQsFAAOCAQEAZeaFn7SRmSzvkEHZmKX723Qwbp01D3cD0M7Ijht1+baF
CuAmzz6kex0KbmoJIlczctPCPp2g/Bp9pgFZ375fyIYqCNMZNLOSrFJOw3vESkLY
eSNXg89IxD8S7gb+sAkkQI3KZviAwZLeICGnvhzJSiXEXtnV0YRqLZosrnu2ePbM
61slnGaCkakXTpMXejq6KznuCwmKukJ6U69sOdWWxwrF4sutd6KMTrMyWGHRZYBe
OlyPnfslGLB7ybB44CldYqMMt+MkS/FxEE5cuG2FrS3RvnBRRRD2m01FEKn+p7h0
PSukegzJFH+KNz2y4i2INPP55urCsl9sNpcp+6FDXw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:26 2025 by rpki-client