Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/fmh0j5ILJUXjF4KvMwgkDEMlCmI.roa
File: fmh0j5ILJUXjF4KvMwgkDEMlCmI.roa (raw, json)
Hash identifier: wrjpS833aBcEJgI4MWXbjbnpBg2d3HlWaN2vdrMV4wc=
Subject key identifier: 7E:68:74:8F:92:0B:25:45:E3:17:82:AF:33:08:24:0C:43:25:0A:62
Certificate issuer: /CN=4c7844abef711c232c84f83c807a420af3804728
Certificate serial: 0193BF6D2C28B7906A552D26B9B27E17A715
Authority key identifier: 4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/fmh0j5ILJUXjF4KvMwgkDEMlCmI.roa
Signing time: Fri 13 Dec 2024 09:50:23 +0000
ROA not before: Fri 13 Dec 2024 09:50:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203192
IP address blocks: 185.143.8.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:bf:6d:2c:28:b7:90:6a:55:2d:26:b9:b2:7e:17:a7:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c7844abef711c232c84f83c807a420af3804728
Validity
Not Before: Dec 13 09:50:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e68748f920b2545e31782af3308240c43250a62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:53:02:2c:81:01:9d:db:b4:cf:71:7f:cb:16:
5a:b0:56:1a:8b:ea:b1:21:0d:c9:29:c2:90:4c:82:
52:03:e0:4c:35:e6:d9:70:a3:02:71:54:28:cf:e1:
ae:fb:3c:9f:56:a1:de:00:3d:99:e3:e0:59:f6:9c:
27:c8:68:e8:1d:2f:cf:99:5d:a2:52:62:fd:44:ee:
f4:0c:f6:8b:42:7a:61:2e:23:4c:82:1a:d0:90:3b:
69:82:44:a0:a7:df:10:27:5b:4e:39:1a:e4:44:1c:
47:5d:66:d8:d4:54:b3:40:dd:0d:91:96:9a:61:d5:
66:f2:ea:28:31:57:fd:ed:14:66:61:f6:ad:8e:a4:
33:20:c6:cd:cc:90:ec:48:03:47:84:a9:db:9b:f8:
05:03:4d:3d:d7:99:2c:8a:37:37:ee:a7:dd:0b:b2:
1e:04:59:15:72:a8:fe:02:4b:48:73:15:fa:33:42:
16:82:f4:e1:d2:82:d9:dc:98:b1:5e:b4:d4:79:c0:
ac:9a:1c:79:ca:5b:13:36:52:40:a8:02:ce:70:94:
f0:8a:65:48:66:27:25:ad:67:f7:31:e1:f4:ab:45:
4c:6c:62:c9:f9:de:56:f7:a9:7d:e9:3a:31:a9:da:
60:44:d7:b3:25:12:32:be:42:b3:9c:6e:81:43:32:
13:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:68:74:8F:92:0B:25:45:E3:17:82:AF:33:08:24:0C:43:25:0A:62
X509v3 Authority Key Identifier:
keyid:4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/fmh0j5ILJUXjF4KvMwgkDEMlCmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/THhEq-9xHCMshPg8gHpCCvOARyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.8.0/22
Signature Algorithm: sha256WithRSAEncryption
81:aa:17:c1:77:d0:0a:8d:87:ee:f8:86:18:9e:26:65:b1:44:
5c:16:7b:93:33:11:ce:28:f9:28:e4:31:40:1a:13:2f:c8:86:
a1:ec:64:9e:ff:1d:bd:c3:96:7e:31:47:d1:e9:d5:97:3e:8f:
16:1d:00:bc:34:aa:96:4c:d7:21:6c:fc:1a:d9:42:4c:e5:33:
41:98:2a:86:73:b7:3d:f6:09:6c:c0:7b:70:ae:0a:68:2e:5d:
f4:e9:91:4b:23:bc:80:0d:e7:a4:62:70:50:cf:96:2d:76:2e:
1a:8f:de:bc:db:e4:e5:76:dc:ba:b9:00:48:4b:0e:ee:5f:77:
af:4f:c4:d7:04:23:bb:bd:e7:c4:c7:73:47:b5:72:4f:1d:cc:
c4:3d:8f:20:1c:1c:83:87:ea:ff:70:37:bc:a7:a3:83:1e:39:
50:dc:44:b3:19:ed:e6:0a:df:97:c3:a5:1f:c5:62:49:c5:6a:
52:24:8c:1d:a4:1e:1d:18:3e:f1:2f:56:56:d2:d8:19:19:db:
97:eb:ab:ae:ec:f1:88:89:33:63:29:a2:de:08:88:ff:a6:f1:
eb:47:be:6e:e0:85:e4:7a:90:de:bb:b4:32:50:cd:e9:9e:43:
22:55:18:57:cc:c5:97:0b:8a:32:25:e0:f2:51:97:b0:83:4a:
4e:e1:6c:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZO/bSwot5BqVS0mubJ+F6cVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNzg0NGFiZWY3MTFjMjMyYzg0ZjgzYzgwN2E0MjBhZjM4
MDQ3MjgwHhcNMjQxMjEzMDk1MDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTY4NzQ4ZjkyMGIyNTQ1ZTMxNzgyYWYzMzA4MjQwYzQzMjUwYTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1MCLIEBndu0z3F/yxZasFYai+qx
IQ3JKcKQTIJSA+BMNebZcKMCcVQoz+Gu+zyfVqHeAD2Z4+BZ9pwnyGjoHS/PmV2i
UmL9RO70DPaLQnphLiNMghrQkDtpgkSgp98QJ1tOORrkRBxHXWbY1FSzQN0NkZaa
YdVm8uooMVf97RRmYfatjqQzIMbNzJDsSANHhKnbm/gFA00915ksijc37qfdC7Ie
BFkVcqj+AktIcxX6M0IWgvTh0oLZ3JixXrTUecCsmhx5ylsTNlJAqALOcJTwimVI
ZiclrWf3MeH0q0VMbGLJ+d5W96l96ToxqdpgRNezJRIyvkKznG6BQzITWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH5odI+SCyVF4xeCrzMIJAxDJQpiMB8GA1UdIwQY
MBaAFEx4RKvvcRwjLIT4PIB6QgrzgEcoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgt
ZGFiNmI4M2NmN2VjLzEvZm1oMGo1SUxKVVhqRjRLdk13Z2tERU1sQ21JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgtZGFiNmI4M2NmN2Vj
LzEvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuY8IMA0G
CSqGSIb3DQEBCwUAA4IBAQCBqhfBd9AKjYfu+IYYniZlsURcFnuTMxHOKPko5DFA
GhMvyIah7GSe/x29w5Z+MUfR6dWXPo8WHQC8NKqWTNchbPwa2UJM5TNBmCqGc7c9
9glswHtwrgpoLl306ZFLI7yADeekYnBQz5Ytdi4aj9682+Tldty6uQBISw7uX3ev
T8TXBCO7vefEx3NHtXJPHczEPY8gHByDh+r/cDe8p6ODHjlQ3ESzGe3mCt+Xw6Uf
xWJJxWpSJIwdpB4dGD7xL1ZW0tgZGduX66uu7PGIiTNjKaLeCIj/pvHrR75u4IXk
epDeu7QyUM3pnkMiVRhXzMWXC4oyJeDyUZewg0pO4Wzi
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:16 2025 by rpki-client