Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/j4rh0ZB1TNetuBYRDobHojuhdfk.roa
File: j4rh0ZB1TNetuBYRDobHojuhdfk.roa (raw, json)
Hash identifier: gG/GxtjjKSA1/GWHAwQGCjfaoi/2Fsi2k0vRIown77I=
Subject key identifier: 8F:8A:E1:D1:90:75:4C:D7:AD:B8:16:11:0E:86:C7:A2:3B:A1:75:F9
Certificate issuer: /CN=4c7844abef711c232c84f83c807a420af3804728
Certificate serial: 01942686DE63469AE24BE86608C4F97786D1
Authority key identifier: 4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/j4rh0ZB1TNetuBYRDobHojuhdfk.roa
Signing time: Thu 02 Jan 2025 10:19:20 +0000
ROA not before: Thu 02 Jan 2025 10:19:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203300
IP address blocks: 185.139.152.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:86:de:63:46:9a:e2:4b:e8:66:08:c4:f9:77:86:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c7844abef711c232c84f83c807a420af3804728
Validity
Not Before: Jan 2 10:19:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f8ae1d190754cd7adb816110e86c7a23ba175f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:65:d5:5c:f6:f4:4b:7e:fc:2c:b7:b1:6b:22:
ce:2c:09:85:cc:1e:56:d8:bf:03:17:c8:63:97:50:
80:2a:fe:d9:3e:af:79:b2:9c:1e:82:86:03:07:f1:
03:c4:99:a1:aa:6e:90:96:fc:6b:c7:99:4f:12:36:
9e:34:ce:53:27:8f:4d:66:1a:e4:c2:b8:64:9f:6f:
df:a3:ef:9d:47:a2:43:45:19:a2:54:23:96:31:c9:
75:90:73:25:0c:27:15:74:38:13:30:21:3c:48:f7:
00:db:af:4e:d2:6e:af:fb:8e:bb:99:dd:17:fa:71:
27:f4:26:ae:97:d7:f5:89:26:d8:70:0f:cb:8c:32:
4e:6f:af:6f:57:56:0b:b4:69:da:ad:16:07:83:f8:
bb:c2:24:4e:35:73:3c:50:3b:36:d4:23:21:ac:d3:
94:de:22:e5:55:a2:ad:96:55:7b:f3:c4:f5:56:65:
d4:54:1f:9a:20:8a:07:f4:0e:c0:d9:9d:cb:e3:43:
a1:89:b8:b0:00:82:c4:0b:e1:d5:5a:29:a3:fb:db:
46:fd:ba:e8:61:0a:d8:40:28:04:58:5f:c7:dc:ee:
21:52:83:39:6d:39:5f:68:ad:ff:b8:92:f0:cf:6d:
08:66:dd:09:2c:86:2b:f4:68:49:94:fc:95:86:08:
f6:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:8A:E1:D1:90:75:4C:D7:AD:B8:16:11:0E:86:C7:A2:3B:A1:75:F9
X509v3 Authority Key Identifier:
keyid:4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/j4rh0ZB1TNetuBYRDobHojuhdfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/THhEq-9xHCMshPg8gHpCCvOARyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.152.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:45:12:dd:a9:fd:10:9a:d0:f9:3d:da:6d:93:24:bc:12:45:
3a:54:86:5e:7f:71:70:dd:7f:19:fe:a0:11:ce:56:46:20:8b:
a9:3e:7b:24:73:10:58:11:8a:28:bf:f8:56:45:95:2c:42:4e:
cf:7c:96:0c:d8:40:58:11:9f:f5:e0:bd:4d:35:8b:ee:b3:ee:
8a:6b:fe:09:87:6f:f9:3c:31:3e:19:98:b3:49:86:e6:d1:e0:
e0:1b:d7:4d:4f:98:53:ce:79:78:dd:2b:83:c3:9e:8b:56:7a:
e8:2f:88:a5:f2:ce:86:36:6c:7e:cb:7d:a5:d3:b9:d7:45:d6:
8b:57:b7:e6:94:46:1b:e2:2a:74:de:65:74:9b:3f:4b:b0:39:
f1:a1:9c:d5:dc:e7:89:a9:ea:7d:a3:92:64:1e:38:e6:a3:d0:
63:34:9c:f2:3d:67:50:61:dc:aa:11:ca:91:a1:c6:53:48:3f:
60:aa:df:f3:54:57:3d:c4:bf:6f:08:21:6f:44:07:06:09:96:
48:f3:a7:a1:fc:af:4f:22:59:df:23:3f:0b:73:3c:f1:ae:84:
3b:e2:99:4e:f3:b5:5b:d2:80:70:6f:c4:0f:ca:61:c2:62:2a:
6e:77:2c:0b:3d:bc:6b:ca:40:9a:ac:ce:22:bb:06:fa:e3:03:
2a:9f:36:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmht5jRpriS+hmCMT5d4bRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNzg0NGFiZWY3MTFjMjMyYzg0ZjgzYzgwN2E0MjBhZjM4
MDQ3MjgwHhcNMjUwMTAyMTAxOTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjhhZTFkMTkwNzU0Y2Q3YWRiODE2MTEwZTg2YzdhMjNiYTE3NWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWXVXPb0S378LLexayLOLAmFzB5W
2L8DF8hjl1CAKv7ZPq95spwegoYDB/EDxJmhqm6Qlvxrx5lPEjaeNM5TJ49NZhrk
wrhkn2/fo++dR6JDRRmiVCOWMcl1kHMlDCcVdDgTMCE8SPcA269O0m6v+467md0X
+nEn9Caul9f1iSbYcA/LjDJOb69vV1YLtGnarRYHg/i7wiRONXM8UDs21CMhrNOU
3iLlVaKtllV788T1VmXUVB+aIIoH9A7A2Z3L40OhibiwAILEC+HVWimj+9tG/bro
YQrYQCgEWF/H3O4hUoM5bTlfaK3/uJLwz20IZt0JLIYr9GhJlPyVhgj22wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI+K4dGQdUzXrbgWEQ6Gx6I7oXX5MB8GA1UdIwQY
MBaAFEx4RKvvcRwjLIT4PIB6QgrzgEcoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgt
ZGFiNmI4M2NmN2VjLzEvajRyaDBaQjFUTmV0dUJZUkRvYkhvanVoZGZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgtZGFiNmI4M2NmN2Vj
LzEvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYuYMA0G
CSqGSIb3DQEBCwUAA4IBAQAvRRLdqf0QmtD5PdptkyS8EkU6VIZef3Fw3X8Z/qAR
zlZGIIupPnskcxBYEYoov/hWRZUsQk7PfJYM2EBYEZ/14L1NNYvus+6Ka/4Jh2/5
PDE+GZizSYbm0eDgG9dNT5hTznl43SuDw56LVnroL4il8s6GNmx+y32l07nXRdaL
V7fmlEYb4ip03mV0mz9LsDnxoZzV3OeJqep9o5JkHjjmo9BjNJzyPWdQYdyqEcqR
ocZTSD9gqt/zVFc9xL9vCCFvRAcGCZZI86eh/K9PIlnfIz8LczzxroQ74plO87Vb
0oBwb8QPymHCYipudywLPbxrykCarM4iuwb64wMqnzZC
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:52 2025 by rpki-client