Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/iKPQrhBrTRaiv5IdHoYlHbgmod8.roa
File: iKPQrhBrTRaiv5IdHoYlHbgmod8.roa (raw, json)
Hash identifier: 3IERFWdsRqXqrzB+sHCu75IHzdbe/vBiy3SeVBTynlo=
Subject key identifier: 88:A3:D0:AE:10:6B:4D:16:A2:BF:92:1D:1E:86:25:1D:B8:26:A1:DF
Certificate issuer: /CN=a85310f503137ae8b35d4f329f46f069dd703815
Certificate serial: 01937255DD23548043DCC8889ACD4CE1CCA7
Authority key identifier: A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/iKPQrhBrTRaiv5IdHoYlHbgmod8.roa
Signing time: Thu 28 Nov 2024 10:34:09 +0000
ROA not before: Thu 28 Nov 2024 10:34:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206961
IP address blocks: 185.165.124.0/22 maxlen: 24
185.197.140.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:72:55:dd:23:54:80:43:dc:c8:88:9a:cd:4c:e1:cc:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a85310f503137ae8b35d4f329f46f069dd703815
Validity
Not Before: Nov 28 10:34:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88a3d0ae106b4d16a2bf921d1e86251db826a1df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e3:8a:a6:6f:75:6f:7d:8f:3b:24:41:83:c7:
2e:62:69:df:30:3b:ed:9e:84:93:27:d2:24:be:46:
c4:14:c9:a5:c1:bc:3b:04:85:b3:b2:c6:79:db:23:
2a:20:8b:da:91:8f:4e:59:b7:f6:69:f4:72:48:a4:
4f:76:45:87:a5:d0:ee:24:ee:83:47:0f:0e:4f:cc:
f7:7f:57:0d:81:20:0c:96:c1:1e:dd:66:60:65:b7:
2d:38:f1:45:f0:4a:ce:19:3a:7f:97:90:b7:24:91:
81:97:5a:c3:95:9b:28:d9:38:2e:1b:12:3e:64:c0:
26:a5:75:5f:97:dd:49:4f:ee:4b:2d:bb:42:37:24:
b6:2b:5b:53:18:33:d5:13:48:18:40:ae:27:ba:62:
59:9e:b9:d3:90:9d:87:3d:02:ef:77:13:e1:96:d5:
a3:e3:72:e8:4e:28:fb:ca:a7:65:26:dd:f4:ab:e0:
92:bd:02:f2:2a:41:4b:e2:c1:3b:81:89:4f:da:15:
d4:6c:78:26:f4:34:5a:4a:a5:91:cb:d4:bd:6e:4e:
4e:f4:a6:db:e4:93:f9:64:5b:be:d9:d5:dd:f6:ed:
ab:2f:c6:3a:04:97:9b:ee:86:63:b6:5a:7c:f1:a9:
0f:98:1a:bd:50:10:9b:4d:20:b6:84:71:af:33:4a:
f5:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:A3:D0:AE:10:6B:4D:16:A2:BF:92:1D:1E:86:25:1D:B8:26:A1:DF
X509v3 Authority Key Identifier:
keyid:A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/iKPQrhBrTRaiv5IdHoYlHbgmod8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.124.0/22
185.197.140.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:46:7a:ab:07:fc:dc:47:cc:e5:0f:c9:5b:0e:ab:ad:5e:65:
2c:27:d9:1d:ff:79:a4:05:d7:c9:a1:ea:06:54:dd:35:d1:ae:
79:3f:74:8d:6c:01:10:56:7b:8a:06:67:ef:a1:2d:e6:11:ad:
d3:cb:7f:03:e1:4e:c3:25:37:9e:87:fc:82:5e:ab:60:47:d2:
dc:cc:53:e6:21:e7:c4:89:27:9f:73:61:c3:07:7f:49:ba:0d:
08:29:6c:ac:8e:8c:0e:8f:2a:5c:fc:13:75:72:9e:a7:4b:3f:
12:a8:5d:00:10:6d:ed:3e:1c:61:6c:e2:ae:5f:0c:8c:9e:c1:
83:88:15:f1:d8:53:e1:3a:bd:9d:98:07:41:f5:0c:d3:2c:5c:
d1:66:6f:84:b7:8c:85:70:b2:ad:32:81:60:60:df:0c:6f:7f:
3b:01:c7:b2:27:78:6b:f6:5d:bb:7b:c3:9f:cf:44:55:d7:e2:
81:f4:70:4f:6a:bb:9c:9d:88:b3:85:a6:16:a8:fc:58:e6:29:
46:b1:c9:1a:2e:96:c9:a0:79:b8:5f:cf:48:6e:40:98:e4:4e:
f8:fa:37:74:48:08:d2:19:fa:f0:5f:6f:8e:b1:79:c3:09:57:
f5:81:e6:50:be:f4:8c:96:25:49:de:46:cf:c8:5c:77:93:87:
65:d9:2d:97
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNyVd0jVIBD3MiIms1M4cynMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NTMxMGY1MDMxMzdhZThiMzVkNGYzMjlmNDZmMDY5ZGQ3
MDM4MTUwHhcNMjQxMTI4MTAzNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGEzZDBhZTEwNmI0ZDE2YTJiZjkyMWQxZTg2MjUxZGI4MjZhMWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuOKpm91b32POyRBg8cuYmnfMDvt
noSTJ9IkvkbEFMmlwbw7BIWzssZ52yMqIIvakY9OWbf2afRySKRPdkWHpdDuJO6D
Rw8OT8z3f1cNgSAMlsEe3WZgZbctOPFF8ErOGTp/l5C3JJGBl1rDlZso2TguGxI+
ZMAmpXVfl91JT+5LLbtCNyS2K1tTGDPVE0gYQK4numJZnrnTkJ2HPQLvdxPhltWj
43LoTij7yqdlJt30q+CSvQLyKkFL4sE7gYlP2hXUbHgm9DRaSqWRy9S9bk5O9Kbb
5JP5ZFu+2dXd9u2rL8Y6BJeb7oZjtlp88akPmBq9UBCbTSC2hHGvM0r1CwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIij0K4Qa00Wor+SHR6GJR24JqHfMB8GA1UdIwQY
MBaAFKhTEPUDE3ros11PMp9G8GndcDgVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYt
MzAxODlhNWE0ZWJhLzEvaUtQUXJoQnJUUmFpdjVJZEhvWWxIYmdtb2Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYtMzAxODlhNWE0ZWJh
LzEvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuaV8AwQC
ucWMMA0GCSqGSIb3DQEBCwUAA4IBAQAbRnqrB/zcR8zlD8lbDqutXmUsJ9kd/3mk
BdfJoeoGVN010a55P3SNbAEQVnuKBmfvoS3mEa3Ty38D4U7DJTeeh/yCXqtgR9Lc
zFPmIefEiSefc2HDB39Jug0IKWysjowOjypc/BN1cp6nSz8SqF0AEG3tPhxhbOKu
XwyMnsGDiBXx2FPhOr2dmAdB9QzTLFzRZm+Et4yFcLKtMoFgYN8Mb387AceyJ3hr
9l27e8Ofz0RV1+KB9HBParucnYizhaYWqPxY5ilGsckaLpbJoHm4X89IbkCY5E74
+jd0SAjSGfrwX2+OsXnDCVf1geZQvvSMliVJ3kbPyFx3k4dl2S2X
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:33:01 2025 by rpki-client