Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/tl2CuMI8daX_Uy_0-dhV_jYIjok.roa
File: tl2CuMI8daX_Uy_0-dhV_jYIjok.roa (raw, json)
Hash identifier: fhgp+n0E4Y3FzjH1buSmXdmrrGnvYKzvAV0R9W80bHI=
Subject key identifier: B6:5D:82:B8:C2:3C:75:A5:FF:53:2F:F4:F9:D8:55:FE:36:08:8E:89
Certificate issuer: /CN=4c7844abef711c232c84f83c807a420af3804728
Certificate serial: 01942686DC5A1C7598635C7458461F09E388
Authority key identifier: 4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/tl2CuMI8daX_Uy_0-dhV_jYIjok.roa
Signing time: Thu 02 Jan 2025 10:19:19 +0000
ROA not before: Thu 02 Jan 2025 10:19:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203240
IP address blocks: 185.141.88.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:86:dc:5a:1c:75:98:63:5c:74:58:46:1f:09:e3:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c7844abef711c232c84f83c807a420af3804728
Validity
Not Before: Jan 2 10:19:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b65d82b8c23c75a5ff532ff4f9d855fe36088e89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:33:af:eb:a7:aa:e9:0a:d6:25:57:f1:e4:66:
28:69:d6:d1:77:3d:4e:8e:e2:b3:0f:8d:2c:af:36:
9c:0d:45:63:60:04:64:eb:28:5f:c3:25:c0:b3:13:
4e:94:b4:e6:91:ce:4f:09:8a:6a:f9:34:94:ea:d9:
f5:b5:d4:a8:85:bc:d6:70:c0:d9:40:88:96:55:2d:
36:61:2b:65:19:e5:c8:f9:78:9c:6e:52:84:b4:23:
5b:df:4c:77:bf:11:f7:e8:e5:11:d1:b6:cb:93:41:
8a:2d:14:5d:a7:39:05:a3:ab:3a:6f:bc:0a:1e:62:
07:b7:53:d0:21:64:0e:0a:05:89:d0:b8:96:4e:67:
0b:c7:f9:8a:7d:e3:03:5d:38:4a:26:19:28:28:76:
60:97:bc:4f:b5:da:4d:1f:6a:62:2d:5a:b6:5e:e5:
cd:13:06:4f:2e:5b:13:41:45:8d:fd:71:cd:2e:35:
94:23:fb:4f:46:a3:c5:bf:70:00:33:87:0f:60:67:
74:67:4b:be:6b:63:f5:1e:51:4c:9e:03:9e:5e:3c:
b8:19:24:c8:af:bb:5b:bc:d6:1e:75:69:f1:a2:bc:
8d:09:16:96:f1:1a:54:26:79:e6:0f:0f:cb:fe:ef:
5a:16:d9:35:89:1e:95:30:f2:29:bc:7b:82:9a:04:
e3:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:5D:82:B8:C2:3C:75:A5:FF:53:2F:F4:F9:D8:55:FE:36:08:8E:89
X509v3 Authority Key Identifier:
keyid:4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/tl2CuMI8daX_Uy_0-dhV_jYIjok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/THhEq-9xHCMshPg8gHpCCvOARyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.88.0/22
Signature Algorithm: sha256WithRSAEncryption
dd:95:49:22:70:8e:64:a8:fb:66:a3:ee:ab:14:7a:79:4f:ff:
b8:de:be:ae:a5:fd:aa:59:63:1e:26:a0:0b:62:28:8b:ba:87:
c2:61:ef:c9:7d:90:cb:8c:79:f4:4a:86:10:85:45:38:2f:b6:
e3:41:1d:ae:bb:14:cd:a1:79:dc:67:f8:c1:57:07:8f:d3:56:
ab:07:8a:9c:d0:0b:dc:eb:fd:59:25:4b:a9:0b:f0:bc:b5:a2:
59:59:ac:c1:73:96:b1:9e:40:0c:86:46:d2:9c:7d:d7:24:70:
4f:44:a7:3a:46:84:76:f3:b2:4e:ef:b1:89:f3:1a:5c:41:18:
6a:82:48:cc:8c:39:89:30:30:14:92:c4:eb:e1:e6:2d:5b:00:
88:3f:9c:18:ee:18:89:ab:bf:05:90:de:b3:38:ac:a2:6b:cd:
a2:d6:6e:51:b4:ec:8e:a9:16:05:a7:30:58:06:1a:f3:70:39:
e5:d9:7c:3e:8e:df:f9:be:30:24:2d:65:54:3f:0c:84:0e:54:
fa:73:69:61:06:46:70:c8:44:61:dd:df:d1:5f:a3:fe:1f:b5:
11:a7:3a:17:80:cf:33:ab:8e:21:46:fc:49:04:11:6c:cd:b1:
56:c6:19:b0:11:53:dd:81:c7:11:17:cb:e8:5d:17:84:57:01:
90:1f:fd:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmhtxaHHWYY1x0WEYfCeOIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNzg0NGFiZWY3MTFjMjMyYzg0ZjgzYzgwN2E0MjBhZjM4
MDQ3MjgwHhcNMjUwMTAyMTAxOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjVkODJiOGMyM2M3NWE1ZmY1MzJmZjRmOWQ4NTVmZTM2MDg4ZTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTOv66eq6QrWJVfx5GYoadbRdz1O
juKzD40srzacDUVjYARk6yhfwyXAsxNOlLTmkc5PCYpq+TSU6tn1tdSohbzWcMDZ
QIiWVS02YStlGeXI+XicblKEtCNb30x3vxH36OUR0bbLk0GKLRRdpzkFo6s6b7wK
HmIHt1PQIWQOCgWJ0LiWTmcLx/mKfeMDXThKJhkoKHZgl7xPtdpNH2piLVq2XuXN
EwZPLlsTQUWN/XHNLjWUI/tPRqPFv3AAM4cPYGd0Z0u+a2P1HlFMngOeXjy4GSTI
r7tbvNYedWnxoryNCRaW8RpUJnnmDw/L/u9aFtk1iR6VMPIpvHuCmgTjRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLZdgrjCPHWl/1Mv9PnYVf42CI6JMB8GA1UdIwQY
MBaAFEx4RKvvcRwjLIT4PIB6QgrzgEcoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgt
ZGFiNmI4M2NmN2VjLzEvdGwyQ3VNSThkYVhfVXlfMC1kaFZfallJam9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgtZGFiNmI4M2NmN2Vj
LzEvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuY1YMA0G
CSqGSIb3DQEBCwUAA4IBAQDdlUkicI5kqPtmo+6rFHp5T/+43r6upf2qWWMeJqAL
YiiLuofCYe/JfZDLjHn0SoYQhUU4L7bjQR2uuxTNoXncZ/jBVweP01arB4qc0Avc
6/1ZJUupC/C8taJZWazBc5axnkAMhkbSnH3XJHBPRKc6RoR287JO77GJ8xpcQRhq
gkjMjDmJMDAUksTr4eYtWwCIP5wY7hiJq78FkN6zOKyia82i1m5RtOyOqRYFpzBY
BhrzcDnl2Xw+jt/5vjAkLWVUPwyEDlT6c2lhBkZwyERh3d/RX6P+H7URpzoXgM8z
q44hRvxJBBFszbFWxhmwEVPdgccRF8voXReEVwGQH/1h
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:45 2025 by rpki-client