Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/562e48-9e2b-499d-92bd-e27411f07945/1/OKrJr8BCb7aq8vXbdNqlWjlnucE.roa
File: OKrJr8BCb7aq8vXbdNqlWjlnucE.roa (raw, json)
Hash identifier: HDTOODfwQ9m4jOTdplojflXEMNDfXbXNnXqnH3QbFmY=
Subject key identifier: 38:AA:C9:AF:C0:42:6F:B6:AA:F2:F5:DB:74:DA:A5:5A:39:67:B9:C1
Certificate issuer: /CN=10642fdd4046e5a53d834cc7b2ca2758a8abda5a
Certificate serial: 018CC4246F9E3CE77B7ECB6CD96FDDB5A7FD
Authority key identifier: 10:64:2F:DD:40:46:E5:A5:3D:83:4C:C7:B2:CA:27:58:A8:AB:DA:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EGQv3UBG5aU9g0zHssonWKir2lo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/562e48-9e2b-499d-92bd-e27411f07945/1/OKrJr8BCb7aq8vXbdNqlWjlnucE.roa
Signing time: Mon 01 Jan 2024 08:29:31 +0000
ROA not before: Mon 01 Jan 2024 08:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208229
IP address blocks: 185.228.64.0/22 maxlen: 22
2a0f:1c40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:6f:9e:3c:e7:7b:7e:cb:6c:d9:6f:dd:b5:a7:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10642fdd4046e5a53d834cc7b2ca2758a8abda5a
Validity
Not Before: Jan 1 08:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38aac9afc0426fb6aaf2f5db74daa55a3967b9c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:04:36:70:ed:53:74:71:e2:55:58:1d:3f:02:
bf:eb:54:be:08:a4:b1:8a:28:0e:ee:9c:f6:91:ab:
76:f1:38:dd:47:49:a4:98:79:c4:c9:b9:d1:24:26:
8a:81:66:21:00:61:c2:20:bd:8b:21:c4:7a:a9:c9:
a8:62:eb:c4:b4:98:c6:79:e7:d4:10:33:b6:65:d1:
7e:ee:f4:2f:f8:9e:2d:48:1a:b6:f9:88:a8:fe:38:
0c:5b:32:11:27:a7:ae:d1:7b:3c:bb:fb:d6:72:e0:
a3:1b:2d:11:8d:22:33:82:ff:c6:79:3a:43:e5:85:
1e:40:8e:3f:74:0c:69:5a:31:a9:9f:70:34:a5:a1:
43:56:fd:c8:30:a6:17:e9:85:e8:49:9f:0d:04:7c:
b7:e6:de:0e:44:d2:0f:a9:8f:69:be:e9:b1:4a:6d:
11:72:c3:19:19:16:d5:de:48:d1:77:8e:c9:53:7b:
8d:27:2c:57:b6:a7:54:76:f9:d8:07:d6:4d:2c:c9:
ae:32:a3:45:f5:18:48:14:b9:5d:87:c6:21:a1:4f:
87:64:47:89:41:fc:59:f5:9c:b3:c1:23:cc:d0:63:
77:41:62:b4:c8:e7:7f:7a:fd:0c:8e:3d:1e:f1:63:
ea:6d:a0:aa:95:90:a5:c8:30:b3:c5:53:46:0b:13:
0e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:AA:C9:AF:C0:42:6F:B6:AA:F2:F5:DB:74:DA:A5:5A:39:67:B9:C1
X509v3 Authority Key Identifier:
keyid:10:64:2F:DD:40:46:E5:A5:3D:83:4C:C7:B2:CA:27:58:A8:AB:DA:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EGQv3UBG5aU9g0zHssonWKir2lo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/562e48-9e2b-499d-92bd-e27411f07945/1/OKrJr8BCb7aq8vXbdNqlWjlnucE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/562e48-9e2b-499d-92bd-e27411f07945/1/EGQv3UBG5aU9g0zHssonWKir2lo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.64.0/22
IPv6:
2a0f:1c40::/29
Signature Algorithm: sha256WithRSAEncryption
19:04:26:c3:e7:c7:7d:c4:eb:85:cb:eb:e7:cd:c0:8f:2d:8d:
1a:2c:64:8f:c8:d7:13:8c:ac:3e:1e:77:2b:05:10:8a:85:7e:
67:ca:86:41:53:9e:8a:3b:5f:c2:33:be:9e:6e:55:c7:1a:f1:
2c:22:58:75:81:d9:ad:63:58:8f:a3:c7:15:99:c4:1b:d1:a3:
59:85:5b:ef:e7:e2:d6:cc:ad:a2:af:bc:2a:40:6f:06:44:61:
05:de:24:e1:c8:cb:e1:57:93:19:a2:0a:74:a9:57:b6:37:42:
8a:2f:4d:98:d4:18:46:fa:96:c9:51:2d:1f:0b:22:08:53:c6:
0c:f6:a7:cc:eb:66:78:09:81:ba:8b:61:98:9d:20:69:4c:20:
05:4d:36:8b:48:1c:f0:47:7d:24:88:27:1b:b5:68:c0:4e:57:
cf:12:d4:b4:6d:10:18:74:57:26:db:ea:4e:3d:05:1e:78:07:
98:27:a7:44:a1:f5:ca:ca:ca:a7:f8:e5:44:55:cb:1a:4f:3e:
a0:b6:42:f0:5b:56:8c:13:e6:72:64:bd:a0:d7:49:64:60:b8:
01:98:5f:e3:8c:cb:6a:3b:fb:d7:16:e1:42:ee:61:03:39:db:
c8:c8:df:13:ea:4a:97:aa:91:2e:e6:56:02:07:3c:f7:2b:a2:
55:a8:4e:81
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJG+ePOd7fsts2W/dtaf9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNjQyZmRkNDA0NmU1YTUzZDgzNGNjN2IyY2EyNzU4YThh
YmRhNWEwHhcNMjQwMTAxMDgyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGFhYzlhZmMwNDI2ZmI2YWFmMmY1ZGI3NGRhYTU1YTM5NjdiOWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQQ2cO1TdHHiVVgdPwK/61S+CKSx
iigO7pz2kat28TjdR0mkmHnEybnRJCaKgWYhAGHCIL2LIcR6qcmoYuvEtJjGeefU
EDO2ZdF+7vQv+J4tSBq2+Yio/jgMWzIRJ6eu0Xs8u/vWcuCjGy0RjSIzgv/GeTpD
5YUeQI4/dAxpWjGpn3A0paFDVv3IMKYX6YXoSZ8NBHy35t4ORNIPqY9pvumxSm0R
csMZGRbV3kjRd47JU3uNJyxXtqdUdvnYB9ZNLMmuMqNF9RhIFLldh8YhoU+HZEeJ
QfxZ9ZyzwSPM0GN3QWK0yOd/ev0Mjj0e8WPqbaCqlZClyDCzxVNGCxMOswIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDiqya/AQm+2qvL123TapVo5Z7nBMB8GA1UdIwQY
MBaAFBBkL91ARuWlPYNMx7LKJ1ioq9paMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUdRdjNVQkc1YVU5ZzB6SHNzb25XS2lyMmxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC81NjJlNDgtOWUyYi00OTlkLTkyYmQt
ZTI3NDExZjA3OTQ1LzEvT0tySnI4QkNiN2FxOHZYYmROcWxXamxudWNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC81NjJlNDgtOWUyYi00OTlkLTkyYmQtZTI3NDExZjA3OTQ1
LzEvRUdRdjNVQkc1YVU5ZzB6SHNzb25XS2lyMmxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueRAMA0E
AgACMAcDBQMqDxxAMA0GCSqGSIb3DQEBCwUAA4IBAQAZBCbD58d9xOuFy+vnzcCP
LY0aLGSPyNcTjKw+HncrBRCKhX5nyoZBU56KO1/CM76eblXHGvEsIlh1gdmtY1iP
o8cVmcQb0aNZhVvv5+LWzK2ir7wqQG8GRGEF3iThyMvhV5MZogp0qVe2N0KKL02Y
1BhG+pbJUS0fCyIIU8YM9qfM62Z4CYG6i2GYnSBpTCAFTTaLSBzwR30kiCcbtWjA
TlfPEtS0bRAYdFcm2+pOPQUeeAeYJ6dEofXKysqn+OVEVcsaTz6gtkLwW1aME+Zy
ZL2g10lkYLgBmF/jjMtqO/vXFuFC7mEDOdvIyN8T6kqXqpEu5lYCBzz3K6JVqE6B
-----END CERTIFICATE-----
Generated at Mon May 6 16:53:23 2024 by rpki-client on console-fra.rpki-client.org