Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/855011-092c-4f7d-a0b6-94d1369025fe/1/qOmLt1HGw8d7UdA3hbTJDSkFTBk.roa
File: qOmLt1HGw8d7UdA3hbTJDSkFTBk.roa (raw, json)
Hash identifier: smNNCDZu0Ify7Nd/LLdkARqPgEy2ScrxfAEtR/JGOQM=
Subject key identifier: A8:E9:8B:B7:51:C6:C3:C7:7B:51:D0:37:85:B4:C9:0D:29:05:4C:19
Certificate issuer: /CN=320444c0c2990b13749f3044662297ea824d5064
Certificate serial: 018CC64A8284B962FF9A2346BEC41ADF5081
Authority key identifier: 32:04:44:C0:C2:99:0B:13:74:9F:30:44:66:22:97:EA:82:4D:50:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MgREwMKZCxN0nzBEZiKX6oJNUGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/855011-092c-4f7d-a0b6-94d1369025fe/1/qOmLt1HGw8d7UdA3hbTJDSkFTBk.roa
Signing time: Mon 01 Jan 2024 18:30:21 +0000
ROA not before: Mon 01 Jan 2024 18:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204983
IP address blocks: 185.233.172.0/22 maxlen: 22
2a0c:eb00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:82:84:b9:62:ff:9a:23:46:be:c4:1a:df:50:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=320444c0c2990b13749f3044662297ea824d5064
Validity
Not Before: Jan 1 18:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8e98bb751c6c3c77b51d03785b4c90d29054c19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d4:92:bb:6a:16:56:d4:c3:00:6a:2d:47:77:
df:51:c7:9a:94:42:90:e1:e3:27:00:64:70:70:7a:
0f:ba:87:3d:43:85:5e:dc:c9:9d:9e:e3:7f:aa:a9:
a2:8a:37:d7:45:e0:d2:fe:e2:5b:5d:ed:cd:07:f9:
65:50:a3:97:b7:68:cf:0e:6a:3a:9f:6b:7a:9f:51:
8a:d8:89:8b:c9:34:50:8f:cd:17:0e:ca:19:e8:ff:
9e:10:1f:8f:ce:8e:1b:7e:93:69:29:18:db:29:e6:
2a:0d:89:62:04:66:d7:ad:07:f5:39:33:d7:b7:46:
3f:4d:e8:c4:7c:11:fb:08:36:4a:a2:40:66:4e:8c:
1c:2d:54:1e:44:34:8e:18:aa:90:aa:4c:8d:88:1f:
f8:b9:5c:d3:db:1e:79:ce:3a:50:bd:f5:f8:4a:ec:
d7:b0:75:e3:9e:89:c5:38:ab:96:2b:2c:9a:e1:15:
4e:5a:8b:27:83:70:fd:b6:01:b8:26:16:a0:c6:9d:
f2:32:bd:ea:70:31:bc:29:be:45:22:27:af:24:02:
67:ba:7a:f3:10:d4:5f:f4:62:77:b0:ff:f8:99:0b:
86:c4:0d:64:e8:2a:aa:9a:b4:40:b7:9c:9f:72:66:
8e:8d:04:71:c0:ed:ec:a9:be:31:04:66:e5:54:fe:
52:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:E9:8B:B7:51:C6:C3:C7:7B:51:D0:37:85:B4:C9:0D:29:05:4C:19
X509v3 Authority Key Identifier:
keyid:32:04:44:C0:C2:99:0B:13:74:9F:30:44:66:22:97:EA:82:4D:50:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MgREwMKZCxN0nzBEZiKX6oJNUGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/855011-092c-4f7d-a0b6-94d1369025fe/1/qOmLt1HGw8d7UdA3hbTJDSkFTBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/855011-092c-4f7d-a0b6-94d1369025fe/1/MgREwMKZCxN0nzBEZiKX6oJNUGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.233.172.0/22
IPv6:
2a0c:eb00::/32
Signature Algorithm: sha256WithRSAEncryption
3f:9d:ce:76:53:42:c3:80:1c:81:53:0d:87:01:92:88:5c:52:
ee:34:b2:64:19:8d:c3:72:ad:fc:aa:2b:b6:1b:84:9b:33:7e:
e0:94:ae:92:eb:5e:16:62:ac:d8:34:c2:ca:9a:2a:8a:5f:a9:
a1:17:f8:7f:dc:cc:9b:f3:6a:cb:3c:70:1b:59:18:68:2f:4d:
4c:47:c2:2c:9f:41:c3:90:8b:80:08:ec:8d:5c:5e:00:25:83:
bf:b4:72:be:59:31:2c:2d:98:c8:c7:87:7e:06:aa:87:af:ae:
d1:71:99:3b:0d:6f:fb:78:4a:3f:8d:e8:8d:d9:50:03:07:89:
1d:a8:70:c3:26:7c:c5:e5:c5:61:55:a2:2d:a9:f5:2e:07:d5:
56:27:b1:21:ec:60:93:58:68:1a:f6:a2:34:15:39:92:d0:3c:
2a:a5:a4:31:0f:19:e9:3e:bd:18:33:49:ca:43:a4:60:15:9a:
1a:ff:60:ef:b0:a8:32:04:5f:db:c8:df:68:62:85:f5:6d:92:
5f:8b:0f:a3:f5:8b:b8:20:bc:68:c7:ef:77:f9:3e:86:6e:6a:
02:56:12:fe:36:63:c0:ff:a0:9d:df:c6:31:bb:2f:90:12:65:
87:95:23:c9:b8:25:a5:10:7e:e0:0b:e4:b6:e8:93:48:7e:2f:
5a:15:36:f0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGSoKEuWL/miNGvsQa31CBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMDQ0NGMwYzI5OTBiMTM3NDlmMzA0NDY2MjI5N2VhODI0
ZDUwNjQwHhcNMjQwMTAxMTgzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGU5OGJiNzUxYzZjM2M3N2I1MWQwMzc4NWI0YzkwZDI5MDU0YzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9SSu2oWVtTDAGotR3ffUcealEKQ
4eMnAGRwcHoPuoc9Q4Ve3MmdnuN/qqmiijfXReDS/uJbXe3NB/llUKOXt2jPDmo6
n2t6n1GK2ImLyTRQj80XDsoZ6P+eEB+Pzo4bfpNpKRjbKeYqDYliBGbXrQf1OTPX
t0Y/TejEfBH7CDZKokBmTowcLVQeRDSOGKqQqkyNiB/4uVzT2x55zjpQvfX4SuzX
sHXjnonFOKuWKyya4RVOWosng3D9tgG4Jhagxp3yMr3qcDG8Kb5FIievJAJnunrz
ENRf9GJ3sP/4mQuGxA1k6CqqmrRAt5yfcmaOjQRxwO3sqb4xBGblVP5SNwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKjpi7dRxsPHe1HQN4W0yQ0pBUwZMB8GA1UdIwQY
MBaAFDIERMDCmQsTdJ8wRGYil+qCTVBkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWdSRXdNS1pDeE4wbnpCRVppS1g2b0pOVUdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy84NTUwMTEtMDkyYy00ZjdkLWEwYjYt
OTRkMTM2OTAyNWZlLzEvcU9tTHQxSEd3OGQ3VWRBM2hiVEpEU2tGVEJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy84NTUwMTEtMDkyYy00ZjdkLWEwYjYtOTRkMTM2OTAyNWZl
LzEvTWdSRXdNS1pDeE4wbnpCRVppS1g2b0pOVUdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuemsMA0E
AgACMAcDBQAqDOsAMA0GCSqGSIb3DQEBCwUAA4IBAQA/nc52U0LDgByBUw2HAZKI
XFLuNLJkGY3Dcq38qiu2G4SbM37glK6S614WYqzYNMLKmiqKX6mhF/h/3Myb82rL
PHAbWRhoL01MR8Isn0HDkIuACOyNXF4AJYO/tHK+WTEsLZjIx4d+BqqHr67RcZk7
DW/7eEo/jeiN2VADB4kdqHDDJnzF5cVhVaItqfUuB9VWJ7Eh7GCTWGga9qI0FTmS
0DwqpaQxDxnpPr0YM0nKQ6RgFZoa/2DvsKgyBF/byN9oYoX1bZJfiw+j9Yu4ILxo
x+93+T6GbmoCVhL+NmPA/6Cd38Yxuy+QEmWHlSPJuCWlEH7gC+S26JNIfi9aFTbw
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:55:20 2025 by rpki-client