Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/SkDqJYtasnJYM-biaYFDlw-lbLI.roa
File: SkDqJYtasnJYM-biaYFDlw-lbLI.roa (raw, json)
Hash identifier: SIZnkeDSwwVblW7CmwDd2pAiA3RYFWayoud1xIYiOZE=
Subject key identifier: 4A:40:EA:25:8B:5A:B2:72:58:33:E6:E2:69:81:43:97:0F:A5:6C:B2
Certificate issuer: /CN=4c7844abef711c232c84f83c807a420af3804728
Certificate serial: 01942686DB73B57E1C7093336718E6D14387
Authority key identifier: 4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/SkDqJYtasnJYM-biaYFDlw-lbLI.roa
Signing time: Thu 02 Jan 2025 10:19:19 +0000
ROA not before: Thu 02 Jan 2025 10:19:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203194
IP address blocks: 185.142.228.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:86:db:73:b5:7e:1c:70:93:33:67:18:e6:d1:43:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c7844abef711c232c84f83c807a420af3804728
Validity
Not Before: Jan 2 10:19:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a40ea258b5ab2725833e6e2698143970fa56cb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:da:6f:34:e1:6b:2f:ca:cc:a8:6e:b3:25:99:
59:c0:c6:12:a1:41:2f:dd:94:52:af:d5:14:9d:86:
79:5e:fa:04:eb:f4:0f:87:df:e4:7b:99:bb:84:fb:
ff:04:7a:8a:74:e6:f8:11:97:cc:30:a8:d2:9e:c0:
16:73:0e:a8:a6:92:20:cc:4f:11:71:a1:0b:8f:b5:
89:d4:75:84:5e:e5:dd:64:8d:76:86:72:59:73:5b:
07:e7:49:c9:19:da:56:a6:bd:cd:e9:f5:51:8b:29:
d0:86:14:50:83:2a:84:9d:b9:4f:fa:b6:7a:0e:12:
21:41:3f:6f:3b:4e:b6:95:9f:c3:d0:49:03:8f:5f:
ff:89:05:c3:91:ef:2e:24:f3:66:09:e9:ee:5d:56:
66:eb:1c:57:2f:3e:ed:58:d8:df:60:0f:b3:d6:8e:
a1:c5:20:41:09:b3:ec:71:0b:2b:0e:ab:53:71:41:
fe:03:1e:c3:40:ad:8c:8d:6d:3f:5c:3e:0b:58:ad:
76:5c:aa:87:1f:81:15:10:d8:32:25:87:83:2c:3a:
9b:92:9c:da:c3:68:b7:33:7f:2d:cc:d7:d6:c2:74:
22:f6:b8:71:fc:80:bd:a4:e6:7b:67:8b:7b:5a:67:
ee:54:1b:13:64:ee:eb:b9:64:33:38:c9:a7:00:75:
23:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:40:EA:25:8B:5A:B2:72:58:33:E6:E2:69:81:43:97:0F:A5:6C:B2
X509v3 Authority Key Identifier:
keyid:4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/SkDqJYtasnJYM-biaYFDlw-lbLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/THhEq-9xHCMshPg8gHpCCvOARyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.142.228.0/22
Signature Algorithm: sha256WithRSAEncryption
86:eb:89:3b:b9:cd:9d:3f:77:66:25:2b:77:d7:a2:9e:52:a7:
f6:d5:12:1c:c9:f9:3c:df:6c:08:3b:93:b5:ee:00:64:91:7d:
88:c1:f3:de:ca:1b:92:c5:54:5c:15:68:65:42:3d:08:68:65:
81:0f:4e:15:0e:fd:23:3a:7f:ab:8b:c0:7f:45:44:bf:e4:17:
a6:ee:aa:3e:9e:1b:ae:25:e2:63:f9:9f:a9:63:18:3c:81:51:
fd:ed:fe:53:3d:5a:d8:cc:78:c8:70:5b:c2:72:61:56:6e:54:
3f:99:a9:d3:e9:8e:ff:ec:14:97:fb:7a:a0:b3:67:dd:a6:52:
91:fd:e6:9b:5b:a5:33:0c:d4:03:00:de:09:8c:85:a4:ff:13:
a5:6b:d0:1a:2d:0b:a6:0a:5c:3e:a0:8a:ff:f8:19:cf:0d:97:
51:b9:4b:75:a0:b6:20:87:69:5b:6f:36:57:e2:b4:36:f7:a5:
66:5d:a9:0a:a9:f6:b1:1d:da:cb:8e:a8:71:eb:6f:62:60:81:
3c:5b:c4:56:0e:85:e3:e8:9c:d3:35:64:43:1e:2b:36:16:40:
d7:d3:a6:0a:19:c5:45:12:8d:28:54:80:bd:b5:6d:99:5b:d3:
15:52:63:d1:85:ed:73:7f:e7:d7:39:23:36:ed:12:c3:c3:02:
b6:cb:67:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmhttztX4ccJMzZxjm0UOHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNzg0NGFiZWY3MTFjMjMyYzg0ZjgzYzgwN2E0MjBhZjM4
MDQ3MjgwHhcNMjUwMTAyMTAxOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTQwZWEyNThiNWFiMjcyNTgzM2U2ZTI2OTgxNDM5NzBmYTU2Y2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttpvNOFrL8rMqG6zJZlZwMYSoUEv
3ZRSr9UUnYZ5XvoE6/QPh9/ke5m7hPv/BHqKdOb4EZfMMKjSnsAWcw6oppIgzE8R
caELj7WJ1HWEXuXdZI12hnJZc1sH50nJGdpWpr3N6fVRiynQhhRQgyqEnblP+rZ6
DhIhQT9vO062lZ/D0EkDj1//iQXDke8uJPNmCenuXVZm6xxXLz7tWNjfYA+z1o6h
xSBBCbPscQsrDqtTcUH+Ax7DQK2MjW0/XD4LWK12XKqHH4EVENgyJYeDLDqbkpza
w2i3M38tzNfWwnQi9rhx/IC9pOZ7Z4t7WmfuVBsTZO7ruWQzOMmnAHUj5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEpA6iWLWrJyWDPm4mmBQ5cPpWyyMB8GA1UdIwQY
MBaAFEx4RKvvcRwjLIT4PIB6QgrzgEcoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgt
ZGFiNmI4M2NmN2VjLzEvU2tEcUpZdGFzbkpZTS1iaWFZRkRsdy1sYkxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgtZGFiNmI4M2NmN2Vj
LzEvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuY7kMA0G
CSqGSIb3DQEBCwUAA4IBAQCG64k7uc2dP3dmJSt316KeUqf21RIcyfk832wIO5O1
7gBkkX2IwfPeyhuSxVRcFWhlQj0IaGWBD04VDv0jOn+ri8B/RUS/5Bem7qo+nhuu
JeJj+Z+pYxg8gVH97f5TPVrYzHjIcFvCcmFWblQ/manT6Y7/7BSX+3qgs2fdplKR
/eabW6UzDNQDAN4JjIWk/xOla9AaLQumClw+oIr/+BnPDZdRuUt1oLYgh2lbbzZX
4rQ296VmXakKqfaxHdrLjqhx629iYIE8W8RWDoXj6JzTNWRDHis2FkDX06YKGcVF
Eo0oVIC9tW2ZW9MVUmPRhe1zf+fXOSM27RLDwwK2y2dO
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:49:19 2025 by rpki-client