Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/ptcH9EPFEU17qfPaJv0WXlYcznk.roa
File: ptcH9EPFEU17qfPaJv0WXlYcznk.roa (raw, json)
Hash identifier: mckXI8EADgmMiy3vCpGJfpz0vJ/X6nC4uDbCzbqCPcI=
Subject key identifier: A6:D7:07:F4:43:C5:11:4D:7B:A9:F3:DA:26:FD:16:5E:56:1C:CE:79
Certificate issuer: /CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
Certificate serial: 018CCA2B670CBF0F20EC2358A0F3EB80B1BE
Authority key identifier: F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/ptcH9EPFEU17qfPaJv0WXlYcznk.roa
Signing time: Tue 02 Jan 2024 12:34:51 +0000
ROA not before: Tue 02 Jan 2024 12:34:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62306
IP address blocks: 185.221.220.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:67:0c:bf:0f:20:ec:23:58:a0:f3:eb:80:b1:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
Validity
Not Before: Jan 2 12:34:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6d707f443c5114d7ba9f3da26fd165e561cce79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:20:85:7f:c7:a0:89:76:b2:9c:6e:38:53:9b:
45:e3:78:c6:89:ae:e9:34:8f:d5:fc:d1:73:69:81:
92:2d:32:a5:66:6e:68:b6:d0:65:4e:0c:fc:a1:65:
7b:62:b0:ab:73:4c:1a:ce:a7:1b:14:f3:21:77:68:
b2:32:23:da:e7:33:08:f0:3c:a9:fb:a8:ac:1e:de:
97:c9:16:bd:2d:ff:ac:9c:fe:19:48:85:fc:c5:6f:
4e:bf:2d:25:d5:5a:76:c0:80:1e:43:d9:8d:7a:86:
52:87:fe:0f:14:02:12:35:87:80:6e:36:e0:be:fc:
bd:aa:32:0f:1c:c4:da:9a:6a:12:22:37:58:61:26:
4c:8a:0f:b5:59:f5:b2:e4:23:ad:19:f7:8e:5b:b7:
86:a7:40:98:2c:56:c5:a3:be:14:94:6b:5b:fa:ce:
b2:b1:eb:98:f5:5d:d6:67:89:2d:4f:4b:f4:2f:e4:
72:3c:ce:f9:e7:2b:93:df:d2:80:b3:b4:fb:68:63:
ad:a7:af:01:9a:9a:52:d6:78:dd:a1:fc:f2:95:af:
c7:a4:7a:95:eb:21:1f:c2:11:fb:b9:f6:5e:65:5a:
ca:22:e5:3b:59:bf:0a:28:f9:12:ae:1c:e4:bd:2e:
c4:f6:06:96:81:29:1a:fa:8a:a5:fa:6e:61:f8:44:
72:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:D7:07:F4:43:C5:11:4D:7B:A9:F3:DA:26:FD:16:5E:56:1C:CE:79
X509v3 Authority Key Identifier:
keyid:F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/ptcH9EPFEU17qfPaJv0WXlYcznk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/8FIRKM9jSqavp-9S1THz_NVWKPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.220.0/24
Signature Algorithm: sha256WithRSAEncryption
13:93:4d:f7:8e:59:e6:1a:c0:97:3b:17:ea:55:fc:df:e9:55:
af:2f:58:4b:13:6d:2c:a2:92:77:bc:b1:86:c9:93:a5:24:17:
57:7c:40:7e:d5:05:c6:0b:64:7c:14:5c:69:20:f7:cc:88:17:
34:a3:12:8a:dd:fa:00:45:3d:14:8f:69:b7:ce:f9:66:46:56:
d1:08:20:4f:1e:51:2f:3f:8e:5e:27:24:f5:b2:66:f4:14:c3:
a7:2f:59:c9:7d:cc:c3:0b:0a:b9:cc:4b:e2:fc:6d:1e:73:a6:
9f:34:3b:77:d7:97:9f:59:ca:73:67:69:4e:d4:9e:ed:1f:50:
6b:8c:9c:fb:9c:bd:9f:80:eb:74:56:cf:28:3f:f7:06:31:01:
ac:73:40:08:2d:e8:7f:47:ee:ea:eb:21:77:ff:2c:64:a9:6f:
d9:fa:15:2b:61:7c:29:1e:7c:b2:b9:60:d7:ca:33:5f:1f:5e:
61:1c:5d:ff:9a:14:7d:94:60:dc:88:ca:1e:a9:04:ea:ee:41:
7b:f1:f0:ad:c1:4f:b3:1f:e0:cc:2c:58:0c:40:77:a8:5f:13:
3e:aa:70:bb:19:be:85:d6:03:d9:2a:6f:9f:36:f4:af:d6:55:
a2:0c:74:e0:8a:8e:83:22:3b:e7:17:6d:da:05:8e:a9:77:e6:
9f:d3:40:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK2cMvw8g7CNYoPPrgLG+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNTIxMTI4Y2Y2MzRhYTZhZmE3ZWY1MmQ1MzFmM2ZjZDU1
NjI4ZjkwHhcNMjQwMTAyMTIzNDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmQ3MDdmNDQzYzUxMTRkN2JhOWYzZGEyNmZkMTY1ZTU2MWNjZTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiCFf8egiXaynG44U5tF43jGia7p
NI/V/NFzaYGSLTKlZm5ottBlTgz8oWV7YrCrc0wazqcbFPMhd2iyMiPa5zMI8Dyp
+6isHt6XyRa9Lf+snP4ZSIX8xW9Ovy0l1Vp2wIAeQ9mNeoZSh/4PFAISNYeAbjbg
vvy9qjIPHMTammoSIjdYYSZMig+1WfWy5COtGfeOW7eGp0CYLFbFo74UlGtb+s6y
seuY9V3WZ4ktT0v0L+RyPM755yuT39KAs7T7aGOtp68BmppS1njdofzyla/HpHqV
6yEfwhH7ufZeZVrKIuU7Wb8KKPkSrhzkvS7E9gaWgSka+oql+m5h+ERyXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKbXB/RDxRFNe6nz2ib9Fl5WHM55MB8GA1UdIwQY
MBaAFPBSESjPY0qmr6fvUtUx8/zVVij5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEZJUktNOWpTcWF2cC05UzFUSHpfTlZXS1BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9iNGIxNTAtZGJiOC00NjVmLTgxNTUt
ZTQ0MTliNjQyMTJlLzEvcHRjSDlFUEZFVTE3cWZQYUp2MFdYbFljem5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9iNGIxNTAtZGJiOC00NjVmLTgxNTUtZTQ0MTliNjQyMTJl
LzEvOEZJUktNOWpTcWF2cC05UzFUSHpfTlZXS1BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud3cMA0G
CSqGSIb3DQEBCwUAA4IBAQATk033jlnmGsCXOxfqVfzf6VWvL1hLE20sopJ3vLGG
yZOlJBdXfEB+1QXGC2R8FFxpIPfMiBc0oxKK3foART0Uj2m3zvlmRlbRCCBPHlEv
P45eJyT1smb0FMOnL1nJfczDCwq5zEvi/G0ec6afNDt315efWcpzZ2lO1J7tH1Br
jJz7nL2fgOt0Vs8oP/cGMQGsc0AILeh/R+7q6yF3/yxkqW/Z+hUrYXwpHnyyuWDX
yjNfH15hHF3/mhR9lGDciMoeqQTq7kF78fCtwU+zH+DMLFgMQHeoXxM+qnC7Gb6F
1gPZKm+fNvSv1lWiDHTgio6DIjvnF23aBY6pd+af00CS
-----END CERTIFICATE-----
Generated at Mon Apr 7 14:32:15 2025 by rpki-client