Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/etz2hZixJbP5i4gWcSwK7LRFSm0.roa
File: etz2hZixJbP5i4gWcSwK7LRFSm0.roa (raw, json)
Hash identifier: He+gUSNkDpgM/YmAlWou/f7IBd7ClRDJZpOAAsQM4Gc=
Subject key identifier: 7A:DC:F6:85:98:B1:25:B3:F9:8B:88:16:71:2C:0A:EC:B4:45:4A:6D
Certificate issuer: /CN=4c7844abef711c232c84f83c807a420af3804728
Certificate serial: 01942686E10833AF90057BE365BC4B3957B2
Authority key identifier: 4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/etz2hZixJbP5i4gWcSwK7LRFSm0.roa
Signing time: Thu 02 Jan 2025 10:19:20 +0000
ROA not before: Thu 02 Jan 2025 10:19:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203814
IP address blocks: 185.123.32.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:86:e1:08:33:af:90:05:7b:e3:65:bc:4b:39:57:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c7844abef711c232c84f83c807a420af3804728
Validity
Not Before: Jan 2 10:19:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7adcf68598b125b3f98b8816712c0aecb4454a6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ef:47:0d:95:36:53:8f:5a:f7:96:e2:35:a2:
a5:88:77:39:d2:8a:8a:67:68:8f:e1:3a:18:eb:5f:
f2:d6:ea:a1:a6:ce:89:17:26:47:ee:e4:b8:ac:8a:
8b:e8:b2:65:d5:d5:10:08:b3:40:6a:17:3b:36:f5:
31:bb:dd:1b:1e:93:dc:de:1b:d5:70:90:1c:cd:55:
5f:cb:a2:3f:be:4e:12:d7:e4:b9:a1:eb:a2:58:bc:
20:b9:0d:f8:38:6f:6a:48:d5:da:80:49:19:34:a7:
69:bf:28:9a:cc:71:d1:13:b9:4b:19:58:2a:37:8a:
6c:bc:c6:b9:ff:cf:07:34:fc:16:5d:d5:f2:6a:52:
e8:ba:18:80:6a:0a:b8:e5:86:6c:fb:c7:e3:ff:f1:
1d:a8:d0:7b:11:05:5a:4d:8a:9a:bd:a0:15:1b:82:
1f:2b:63:fc:57:0b:f2:d4:1c:1e:36:b8:3b:bb:ca:
6c:b0:d6:e7:38:66:f4:16:2b:ff:ea:ed:97:91:fa:
22:db:78:29:c1:09:cd:37:a2:08:cc:a5:1b:e8:6e:
d9:f9:c4:10:2b:bc:a8:79:32:d2:12:96:94:f4:98:
83:a7:d2:61:14:fa:9c:83:57:4a:57:de:01:39:9c:
a5:c2:2d:93:9e:6c:aa:04:90:a9:84:a5:92:0c:2a:
8f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:DC:F6:85:98:B1:25:B3:F9:8B:88:16:71:2C:0A:EC:B4:45:4A:6D
X509v3 Authority Key Identifier:
keyid:4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/etz2hZixJbP5i4gWcSwK7LRFSm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/THhEq-9xHCMshPg8gHpCCvOARyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.32.0/22
Signature Algorithm: sha256WithRSAEncryption
55:9d:91:a8:fe:97:2f:7f:bc:da:74:92:c4:87:03:96:95:1a:
08:9c:bb:7a:e9:cb:1a:36:86:db:37:b9:2c:b5:93:fb:55:8a:
e9:5d:41:3f:a9:00:4b:cd:29:a5:1e:59:ed:2d:0f:ad:5b:b3:
10:10:3e:9c:8e:02:d1:c8:a1:ae:d3:06:5b:d0:c4:41:37:e5:
11:f1:71:74:96:a7:56:c7:1f:02:32:ad:68:48:6a:c0:c4:7b:
6d:89:c8:92:14:50:f4:7f:0d:80:cc:79:2d:b8:8d:c5:5b:2e:
45:99:15:41:55:ac:3c:db:fb:f4:8b:01:c1:35:53:a5:1a:78:
20:da:3c:54:55:7e:4b:c2:cc:44:41:e6:5d:12:85:46:99:65:
37:67:61:0f:7d:60:00:ed:05:24:57:27:e8:89:1b:fa:b8:3a:
2f:37:9f:4a:03:d9:74:3f:83:5c:d2:74:05:3e:ce:d7:91:00:
8e:28:cc:25:7f:78:1f:c8:00:a7:9d:0a:3f:68:d3:0a:69:fe:
d8:5c:dd:00:f1:0c:69:d6:7f:e3:96:99:44:0d:bd:68:c6:da:
cd:c8:e9:14:d4:87:b2:f4:87:29:41:23:a0:8d:ee:82:e8:f2:
79:00:51:e6:5a:70:50:ee:5c:95:7f:ab:f6:4c:b9:ea:76:8a:
f7:c1:4f:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmhuEIM6+QBXvjZbxLOVeyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNzg0NGFiZWY3MTFjMjMyYzg0ZjgzYzgwN2E0MjBhZjM4
MDQ3MjgwHhcNMjUwMTAyMTAxOTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWRjZjY4NTk4YjEyNWIzZjk4Yjg4MTY3MTJjMGFlY2I0NDU0YTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3u9HDZU2U49a95biNaKliHc50oqK
Z2iP4ToY61/y1uqhps6JFyZH7uS4rIqL6LJl1dUQCLNAahc7NvUxu90bHpPc3hvV
cJAczVVfy6I/vk4S1+S5oeuiWLwguQ34OG9qSNXagEkZNKdpvyiazHHRE7lLGVgq
N4psvMa5/88HNPwWXdXyalLouhiAagq45YZs+8fj//EdqNB7EQVaTYqavaAVG4If
K2P8Vwvy1BweNrg7u8pssNbnOGb0Fiv/6u2Xkfoi23gpwQnNN6IIzKUb6G7Z+cQQ
K7yoeTLSEpaU9JiDp9JhFPqcg1dKV94BOZylwi2TnmyqBJCphKWSDCqPIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHrc9oWYsSWz+YuIFnEsCuy0RUptMB8GA1UdIwQY
MBaAFEx4RKvvcRwjLIT4PIB6QgrzgEcoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgt
ZGFiNmI4M2NmN2VjLzEvZXR6MmhaaXhKYlA1aTRnV2NTd0s3TFJGU20wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgtZGFiNmI4M2NmN2Vj
LzEvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXsgMA0G
CSqGSIb3DQEBCwUAA4IBAQBVnZGo/pcvf7zadJLEhwOWlRoInLt66csaNobbN7ks
tZP7VYrpXUE/qQBLzSmlHlntLQ+tW7MQED6cjgLRyKGu0wZb0MRBN+UR8XF0lqdW
xx8CMq1oSGrAxHtticiSFFD0fw2AzHktuI3FWy5FmRVBVaw82/v0iwHBNVOlGngg
2jxUVX5LwsxEQeZdEoVGmWU3Z2EPfWAA7QUkVyfoiRv6uDovN59KA9l0P4Nc0nQF
Ps7XkQCOKMwlf3gfyACnnQo/aNMKaf7YXN0A8Qxp1n/jlplEDb1oxtrNyOkU1Iey
9IcpQSOgje6C6PJ5AFHmWnBQ7lyVf6v2TLnqdor3wU9I
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:52 2025 by rpki-client