Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/8c52a7-6609-450a-b361-63939505fe66/1/6mFWWvmAT5bsbpGhrdS4280FBZ0.roa
File: 6mFWWvmAT5bsbpGhrdS4280FBZ0.roa (raw, json)
Hash identifier: hhnVXV6NbpaD8wWoWB6TkszRJCN8jzZOHkVGDzev+wo=
Subject key identifier: EA:61:56:5A:F9:80:4F:96:EC:6E:91:A1:AD:D4:B8:DB:CD:05:05:9D
Certificate issuer: /CN=8d2f0791b0525159720b191c411bcc47420f1ce2
Certificate serial: 018CC86FCEAAF03FAD2FAF9C7BC235C88578
Authority key identifier: 8D:2F:07:91:B0:52:51:59:72:0B:19:1C:41:1B:CC:47:42:0F:1C:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jS8HkbBSUVlyCxkcQRvMR0IPHOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/8c52a7-6609-450a-b361-63939505fe66/1/6mFWWvmAT5bsbpGhrdS4280FBZ0.roa
Signing time: Tue 02 Jan 2024 04:30:19 +0000
ROA not before: Tue 02 Jan 2024 04:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24641
IP address blocks: 185.146.4.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:ce:aa:f0:3f:ad:2f:af:9c:7b:c2:35:c8:85:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d2f0791b0525159720b191c411bcc47420f1ce2
Validity
Not Before: Jan 2 04:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea61565af9804f96ec6e91a1add4b8dbcd05059d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:25:6d:07:e4:38:07:9f:8f:8c:2e:20:33:5c:
d2:51:7a:63:ae:80:1a:19:e8:16:7e:29:ad:f4:c1:
61:0a:2b:e8:dd:7d:65:c3:b1:8a:e9:f3:61:65:7c:
ef:b8:9e:a7:ab:1a:68:f7:f9:cc:4a:4f:f2:9e:7c:
7b:57:79:83:25:13:d6:c0:aa:35:bc:50:c4:f8:97:
d1:2f:90:3e:6a:44:c1:36:b2:d7:49:de:56:2a:7d:
cc:bd:14:2b:ac:c6:ad:df:16:ec:91:71:32:91:ee:
2e:a5:5a:e7:1e:bc:6b:f8:13:59:7a:dc:ac:7b:01:
90:f5:fb:14:31:a1:24:04:ab:3b:27:63:59:70:2d:
e0:96:ec:f8:2c:e7:2c:a0:5c:9a:58:dd:25:bc:11:
28:44:01:c9:a0:76:7b:e3:98:4a:64:be:27:c9:4e:
89:d5:d8:d0:c6:64:20:84:d9:5e:6a:e4:57:d6:dc:
47:e1:8a:5d:c7:3a:f3:c6:d1:b2:78:86:68:df:fd:
10:ed:55:f2:1d:8b:0f:bf:ca:61:ac:64:a4:a5:43:
cc:a8:b6:b5:6c:74:ac:bc:6e:d3:8f:f6:af:6e:04:
91:a3:6c:f2:33:bc:fd:b7:91:8d:fc:01:90:d2:e9:
0b:4b:41:b4:fa:0e:87:a3:9f:e6:ff:f2:9b:ce:1f:
ad:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:61:56:5A:F9:80:4F:96:EC:6E:91:A1:AD:D4:B8:DB:CD:05:05:9D
X509v3 Authority Key Identifier:
keyid:8D:2F:07:91:B0:52:51:59:72:0B:19:1C:41:1B:CC:47:42:0F:1C:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jS8HkbBSUVlyCxkcQRvMR0IPHOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8c52a7-6609-450a-b361-63939505fe66/1/6mFWWvmAT5bsbpGhrdS4280FBZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8c52a7-6609-450a-b361-63939505fe66/1/jS8HkbBSUVlyCxkcQRvMR0IPHOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.4.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:45:b4:40:71:ba:94:88:31:14:1c:8a:be:c3:44:e7:88:b2:
52:75:c4:4c:7a:98:89:c7:59:47:5b:61:f4:15:05:02:dc:22:
5f:c5:6f:de:65:3a:d5:0e:a4:46:0e:0c:90:57:3a:7f:1f:14:
bb:36:28:c9:46:a8:a9:f4:ac:cf:04:35:03:5b:ef:89:e7:41:
fc:8b:7c:be:78:6c:a1:e2:5d:84:49:7a:c2:21:fe:db:66:bc:
68:a5:1b:83:8b:2f:a6:d1:da:46:79:4e:33:f3:06:64:30:cb:
dd:ff:43:ff:19:bc:b8:a3:00:e2:ee:97:56:17:26:62:2f:72:
14:4a:8f:de:62:0c:8c:a3:11:64:87:dd:49:f8:f6:cd:d0:26:
66:7e:f2:5b:59:92:cf:4d:e9:1b:b9:2c:99:99:ea:62:05:cd:
5b:e0:cb:18:aa:ac:36:a3:22:bf:15:e1:e4:eb:65:5a:a6:69:
d7:18:52:8b:63:f9:3d:59:79:ab:da:19:df:de:ba:dd:27:27:
c9:54:e1:3e:3a:d2:a2:b5:71:22:6d:64:1f:fa:85:d6:31:f5:
c5:97:d4:cc:8a:88:8a:70:8e:70:af:bc:6c:1a:8d:53:4f:66:
6f:f7:6e:55:02:e3:c7:6a:4f:6c:fa:e0:b5:c2:d1:e8:61:03:
37:c5:16:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb86q8D+tL6+ce8I1yIV4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMmYwNzkxYjA1MjUxNTk3MjBiMTkxYzQxMWJjYzQ3NDIw
ZjFjZTIwHhcNMjQwMTAyMDQzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTYxNTY1YWY5ODA0Zjk2ZWM2ZTkxYTFhZGQ0YjhkYmNkMDUwNTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSVtB+Q4B5+PjC4gM1zSUXpjroAa
GegWfimt9MFhCivo3X1lw7GK6fNhZXzvuJ6nqxpo9/nMSk/ynnx7V3mDJRPWwKo1
vFDE+JfRL5A+akTBNrLXSd5WKn3MvRQrrMat3xbskXEyke4upVrnHrxr+BNZetys
ewGQ9fsUMaEkBKs7J2NZcC3gluz4LOcsoFyaWN0lvBEoRAHJoHZ745hKZL4nyU6J
1djQxmQghNleauRX1txH4YpdxzrzxtGyeIZo3/0Q7VXyHYsPv8phrGSkpUPMqLa1
bHSsvG7Tj/avbgSRo2zyM7z9t5GN/AGQ0ukLS0G0+g6Ho5/m//Kbzh+tcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOphVlr5gE+W7G6Roa3UuNvNBQWdMB8GA1UdIwQY
MBaAFI0vB5GwUlFZcgsZHEEbzEdCDxziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalM4SGtiQlNVVmx5Q3hrY1FSdk1SMElQSE9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84YzUyYTctNjYwOS00NTBhLWIzNjEt
NjM5Mzk1MDVmZTY2LzEvNm1GV1d2bUFUNWJzYnBHaHJkUzQyODBGQlowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS84YzUyYTctNjYwOS00NTBhLWIzNjEtNjM5Mzk1MDVmZTY2
LzEvalM4SGtiQlNVVmx5Q3hrY1FSdk1SMElQSE9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZIEMA0G
CSqGSIb3DQEBCwUAA4IBAQCNRbRAcbqUiDEUHIq+w0TniLJSdcRMepiJx1lHW2H0
FQUC3CJfxW/eZTrVDqRGDgyQVzp/HxS7NijJRqip9KzPBDUDW++J50H8i3y+eGyh
4l2ESXrCIf7bZrxopRuDiy+m0dpGeU4z8wZkMMvd/0P/Gby4owDi7pdWFyZiL3IU
So/eYgyMoxFkh91J+PbN0CZmfvJbWZLPTekbuSyZmepiBc1b4MsYqqw2oyK/FeHk
62VapmnXGFKLY/k9WXmr2hnf3rrdJyfJVOE+OtKitXEibWQf+oXWMfXFl9TMioiK
cI5wr7xsGo1TT2Zv925VAuPHak9s+uC1wtHoYQM3xRY+
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:06 2025 by rpki-client