Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/DW3f2fkvh86bdDqXJEH2UCdrjrk.roa
File: DW3f2fkvh86bdDqXJEH2UCdrjrk.roa (raw, json)
Hash identifier: 1/Z1oUBcSpqfRoLyjOCQIIwZfbtd+KIAxAr+lNHElaI=
Subject key identifier: 0D:6D:DF:D9:F9:2F:87:CE:9B:74:3A:97:24:41:F6:50:27:6B:8E:B9
Certificate issuer: /CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4
Certificate serial: 018C26369A073E9EB0788BDB75C4AE44617F
Authority key identifier: 87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/DW3f2fkvh86bdDqXJEH2UCdrjrk.roa
Signing time: Fri 01 Dec 2023 16:29:21 +0000
ROA not before: Fri 01 Dec 2023 16:29:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 82.146.16.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:26:36:9a:07:3e:9e:b0:78:8b:db:75:c4:ae:44:61:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4
Validity
Not Before: Dec 1 16:29:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d6ddfd9f92f87ce9b743a972441f650276b8eb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:eb:e4:0d:78:fc:ba:61:8e:6d:c6:c5:22:e4:
b1:87:75:4e:7c:57:02:28:d6:e3:31:74:a9:a1:1a:
80:8c:b3:c8:ab:b2:89:e7:70:7c:fd:66:e2:f6:30:
01:5f:75:62:e3:d5:68:4b:e8:a3:f9:db:be:75:68:
57:95:31:6c:2f:a4:c7:a2:d1:55:15:da:e0:a2:87:
fc:a7:ae:44:28:d3:54:02:fb:00:b9:7a:b3:7a:a9:
cb:aa:a4:92:8c:2f:39:39:18:d9:b8:0a:12:c7:04:
34:4b:44:49:10:e4:29:d9:29:ee:5d:7d:5b:fe:ad:
8c:8d:fd:3b:b2:66:0c:0b:af:ac:e1:3b:e2:33:10:
1f:b1:87:91:21:15:45:8f:b0:e1:33:60:7f:2b:40:
74:c0:cb:d2:b8:36:49:e4:20:4c:b9:49:a5:2a:5b:
f7:2d:c2:85:4c:89:8d:b7:b9:02:1d:db:25:4c:13:
5a:7a:8d:a9:30:db:ac:47:12:66:32:5a:c8:c8:5e:
68:08:74:11:3f:ec:ad:ec:54:49:a9:b8:40:2f:cc:
b3:e7:78:e8:11:46:98:d9:92:ed:96:b9:af:6e:b8:
1c:12:af:e4:ce:8d:b8:6d:00:ff:80:3a:66:44:7d:
99:7f:bc:50:da:be:bd:aa:a8:1d:8a:18:20:0b:f9:
19:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:6D:DF:D9:F9:2F:87:CE:9B:74:3A:97:24:41:F6:50:27:6B:8E:B9
X509v3 Authority Key Identifier:
keyid:87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/DW3f2fkvh86bdDqXJEH2UCdrjrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.146.16.0/22
Signature Algorithm: sha256WithRSAEncryption
14:f1:a8:f2:ee:6b:70:28:ee:1c:71:84:09:5d:22:cc:0c:ca:
e4:ea:7d:7f:51:1e:c4:1e:f9:45:2a:d6:15:be:d7:96:50:65:
2d:bc:4d:ad:d3:ff:2a:13:6b:20:54:25:86:1e:18:f8:55:49:
26:a8:c4:3f:b0:74:25:fb:f4:4b:a3:c1:24:3b:0f:67:30:a6:
06:02:d4:33:e9:65:95:e1:ce:8c:da:50:ee:80:38:67:e1:0d:
a6:47:12:c6:ee:fe:b0:2b:b0:20:a0:b3:1e:cc:1b:d6:ad:32:
b2:fa:62:98:f4:84:5c:1b:ae:ea:61:88:ba:05:c3:da:f6:b5:
03:05:12:e6:f9:d8:ab:49:61:78:64:e6:78:5a:1d:4f:9e:e8:
65:cb:e2:51:bf:c2:43:91:70:f7:ca:ae:9b:8c:1a:c8:83:48:
f9:2f:11:0f:09:47:1b:34:63:c0:a3:69:b5:54:e2:1b:2b:c5:
76:e1:c9:b0:f1:f9:1f:d5:f6:08:dc:23:57:2c:bb:3a:44:0d:
3b:2a:0e:6c:76:7e:16:a5:42:d7:86:68:e3:18:e1:b0:95:77:
d2:55:d8:1a:58:87:19:ee:c5:d8:4b:df:eb:41:27:8a:0a:d5:
84:8f:3c:ca:ec:03:20:44:98:bc:03:9e:20:1f:11:9d:66:45:
44:6f:f2:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwmNpoHPp6weIvbdcSuRGF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NTZkMjc3NjhlMTFkOTRhMGJiY2RmYjNmYmNkNzQwZDQ1
YTAwZjQwHhcNMjMxMjAxMTYyOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDZkZGZkOWY5MmY4N2NlOWI3NDNhOTcyNDQxZjY1MDI3NmI4ZWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhevkDXj8umGObcbFIuSxh3VOfFcC
KNbjMXSpoRqAjLPIq7KJ53B8/Wbi9jABX3Vi49VoS+ij+du+dWhXlTFsL6THotFV
Fdrgoof8p65EKNNUAvsAuXqzeqnLqqSSjC85ORjZuAoSxwQ0S0RJEOQp2SnuXX1b
/q2Mjf07smYMC6+s4TviMxAfsYeRIRVFj7DhM2B/K0B0wMvSuDZJ5CBMuUmlKlv3
LcKFTImNt7kCHdslTBNaeo2pMNusRxJmMlrIyF5oCHQRP+yt7FRJqbhAL8yz53jo
EUaY2ZLtlrmvbrgcEq/kzo24bQD/gDpmRH2Zf7xQ2r69qqgdihggC/kZsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA1t39n5L4fOm3Q6lyRB9lAna465MB8GA1UdIwQY
MBaAFIdW0ndo4R2UoLvN+z+810DUWgD0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMt
YzNhMDJkN2MwNjk3LzEvRFczZjJma3ZoODZiZERxWEpFSDJVQ2RyanJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMtYzNhMDJkN2MwNjk3
LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUpIQMA0G
CSqGSIb3DQEBCwUAA4IBAQAU8ajy7mtwKO4ccYQJXSLMDMrk6n1/UR7EHvlFKtYV
vteWUGUtvE2t0/8qE2sgVCWGHhj4VUkmqMQ/sHQl+/RLo8EkOw9nMKYGAtQz6WWV
4c6M2lDugDhn4Q2mRxLG7v6wK7AgoLMezBvWrTKy+mKY9IRcG67qYYi6BcPa9rUD
BRLm+dirSWF4ZOZ4Wh1Pnuhly+JRv8JDkXD3yq6bjBrIg0j5LxEPCUcbNGPAo2m1
VOIbK8V24cmw8fkf1fYI3CNXLLs6RA07Kg5sdn4WpULXhmjjGOGwlXfSVdgaWIcZ
7sXYS9/rQSeKCtWEjzzK7AMgRJi8A54gHxGdZkVEb/Jc
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:35:08 2025 by rpki-client