Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/SqyhTvGXNgrhuYH-7hnDEvAYvGY.roa
File: SqyhTvGXNgrhuYH-7hnDEvAYvGY.roa (raw, json)
Hash identifier: 8EhyH/YiOBQ3xI7kmqD3fXeYMUplAZ/OBPkNMBVsHnE=
Subject key identifier: 4A:AC:A1:4E:F1:97:36:0A:E1:B9:81:FE:EE:19:C3:12:F0:18:BC:66
Certificate issuer: /CN=4c7844abef711c232c84f83c807a420af3804728
Certificate serial: 0193BF6D2C8BE88A8C714758045568F3EC47
Authority key identifier: 4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/SqyhTvGXNgrhuYH-7hnDEvAYvGY.roa
Signing time: Fri 13 Dec 2024 09:50:23 +0000
ROA not before: Fri 13 Dec 2024 09:50:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203193
IP address blocks: 185.143.4.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:bf:6d:2c:8b:e8:8a:8c:71:47:58:04:55:68:f3:ec:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c7844abef711c232c84f83c807a420af3804728
Validity
Not Before: Dec 13 09:50:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4aaca14ef197360ae1b981feee19c312f018bc66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:1f:fb:1f:18:e2:7b:9e:aa:9a:90:dd:4c:8a:
6a:52:2e:56:83:47:89:d2:4b:9e:f2:1d:ed:a3:cd:
e6:8e:1e:cd:15:ff:f9:29:a8:c5:e3:50:fe:99:87:
90:31:29:12:73:6d:61:09:d4:4e:7d:fa:f1:7f:76:
c7:20:8e:c1:65:75:7f:c3:e1:db:b1:13:24:a9:5e:
2a:ad:b1:35:c6:44:b3:2a:26:31:8a:96:05:e2:ea:
e6:72:e9:32:12:e1:fc:ae:36:76:de:55:19:6e:3b:
af:6d:9a:e5:31:42:84:5a:67:60:6c:f0:dd:ca:82:
e3:d2:e5:3b:2f:4c:fa:c1:f4:90:ea:dc:84:72:3d:
16:4f:c1:34:ea:b0:d9:df:82:4e:dd:3d:f9:96:d2:
7b:d3:00:62:91:ff:0d:c4:25:1b:5c:3c:e3:e3:30:
da:31:68:7d:6c:42:65:ed:14:42:e9:2e:5f:85:58:
38:d3:e5:cf:c3:15:55:cf:d1:79:e3:80:d5:6f:a1:
c9:48:48:39:67:33:dc:dc:bd:f0:4b:3c:f2:a3:25:
2c:ef:66:f0:4b:d1:21:00:3b:33:7f:56:b2:1d:4f:
c5:f8:33:f9:7d:21:01:fa:fc:bc:89:a6:72:e0:5d:
d6:25:de:7e:09:da:e9:9a:af:c5:1d:30:de:08:03:
45:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:AC:A1:4E:F1:97:36:0A:E1:B9:81:FE:EE:19:C3:12:F0:18:BC:66
X509v3 Authority Key Identifier:
keyid:4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/SqyhTvGXNgrhuYH-7hnDEvAYvGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/THhEq-9xHCMshPg8gHpCCvOARyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.4.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:96:82:e7:3f:14:6a:7e:cf:d2:4c:e8:d4:4d:4a:8c:6c:8f:
05:e3:c8:2b:4a:37:74:5f:79:8f:43:9c:67:fe:da:ec:c1:7f:
46:f9:17:53:63:44:d6:6e:04:21:06:34:70:48:8e:f0:79:42:
20:8d:d1:47:8f:9d:2f:2a:12:d4:9f:29:15:c6:8d:b0:0e:a6:
1a:8a:8d:57:1d:a2:eb:4f:99:7b:73:40:45:2c:8e:44:a1:e9:
25:2c:c0:75:0b:c1:97:0b:a9:79:04:d5:a9:cf:ac:32:7a:89:
65:5e:79:47:eb:21:3b:ba:c0:70:15:67:cc:8f:99:27:2b:90:
f2:6c:ef:57:75:db:7e:24:26:46:ba:6a:ea:16:5b:c8:86:3c:
02:80:8b:3d:49:af:c1:f7:bf:e3:59:99:3b:0b:af:96:57:b7:
a4:f6:2c:01:ea:4b:73:66:9e:8d:ec:14:b8:0a:4b:0f:77:6f:
ff:e6:c9:be:fc:0e:d3:87:b2:cf:66:f2:21:92:f8:60:f8:98:
d6:44:c2:b9:e4:b9:e0:28:2e:6f:b0:d9:d2:9a:4c:3a:68:60:
4d:83:a2:68:5a:34:cf:2c:0d:84:bf:7d:c4:c0:a4:28:98:01:
12:dc:fc:c3:b9:0f:8e:5a:6a:85:ee:a6:eb:a0:38:3c:c6:0a:
20:d9:bb:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZO/bSyL6IqMcUdYBFVo8+xHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNzg0NGFiZWY3MTFjMjMyYzg0ZjgzYzgwN2E0MjBhZjM4
MDQ3MjgwHhcNMjQxMjEzMDk1MDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWFjYTE0ZWYxOTczNjBhZTFiOTgxZmVlZTE5YzMxMmYwMThiYzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2x/7Hxjie56qmpDdTIpqUi5Wg0eJ
0kue8h3to83mjh7NFf/5KajF41D+mYeQMSkSc21hCdROffrxf3bHII7BZXV/w+Hb
sRMkqV4qrbE1xkSzKiYxipYF4urmcukyEuH8rjZ23lUZbjuvbZrlMUKEWmdgbPDd
yoLj0uU7L0z6wfSQ6tyEcj0WT8E06rDZ34JO3T35ltJ70wBikf8NxCUbXDzj4zDa
MWh9bEJl7RRC6S5fhVg40+XPwxVVz9F544DVb6HJSEg5ZzPc3L3wSzzyoyUs72bw
S9EhADszf1ayHU/F+DP5fSEB+vy8iaZy4F3WJd5+Cdrpmq/FHTDeCANFlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEqsoU7xlzYK4bmB/u4ZwxLwGLxmMB8GA1UdIwQY
MBaAFEx4RKvvcRwjLIT4PIB6QgrzgEcoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgt
ZGFiNmI4M2NmN2VjLzEvU3F5aFR2R1hOZ3JodVlILTdobkRFdkFZdkdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgtZGFiNmI4M2NmN2Vj
LzEvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuY8EMA0G
CSqGSIb3DQEBCwUAA4IBAQBqloLnPxRqfs/STOjUTUqMbI8F48grSjd0X3mPQ5xn
/trswX9G+RdTY0TWbgQhBjRwSI7weUIgjdFHj50vKhLUnykVxo2wDqYaio1XHaLr
T5l7c0BFLI5EoeklLMB1C8GXC6l5BNWpz6wyeollXnlH6yE7usBwFWfMj5knK5Dy
bO9Xddt+JCZGumrqFlvIhjwCgIs9Sa/B97/jWZk7C6+WV7ek9iwB6ktzZp6N7BS4
CksPd2//5sm+/A7Th7LPZvIhkvhg+JjWRMK55LngKC5vsNnSmkw6aGBNg6JoWjTP
LA2Ev33EwKQomAES3PzDuQ+OWmqF7qbroDg8xgog2bsG
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:35 2025 by rpki-client