Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/4eaca0-8db9-4d0a-ba22-8a9935da0588/1/lU08unvCcfUmoq9nA8rwwc_EGrY.roa
File: lU08unvCcfUmoq9nA8rwwc_EGrY.roa (raw, json)
Hash identifier: r4fF+/jooZGKRffBCLRbLiandhCNSPTtKJ/Y1slqur8=
Subject key identifier: 95:4D:3C:BA:7B:C2:71:F5:26:A2:AF:67:03:CA:F0:C1:CF:C4:1A:B6
Certificate issuer: /CN=f1aaa16ddd8d8a12dfd0e53211703ad952e3b214
Certificate serial: 0194221FA3093899460D26FA322AEBD1AA4F
Authority key identifier: F1:AA:A1:6D:DD:8D:8A:12:DF:D0:E5:32:11:70:3A:D9:52:E3:B2:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8aqhbd2NihLf0OUyEXA62VLjshQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/4eaca0-8db9-4d0a-ba22-8a9935da0588/1/lU08unvCcfUmoq9nA8rwwc_EGrY.roa
Signing time: Wed 01 Jan 2025 13:48:06 +0000
ROA not before: Wed 01 Jan 2025 13:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15404
IP address blocks: 185.201.220.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:a3:09:38:99:46:0d:26:fa:32:2a:eb:d1:aa:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1aaa16ddd8d8a12dfd0e53211703ad952e3b214
Validity
Not Before: Jan 1 13:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=954d3cba7bc271f526a2af6703caf0c1cfc41ab6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:74:6e:91:1c:b2:a5:41:54:02:38:ab:29:cb:
6c:7d:62:9b:4f:b4:0a:e9:a6:51:b9:47:3e:d8:33:
b4:1a:91:ed:8d:d0:37:2f:d9:f0:b2:2c:20:e6:b1:
1e:09:93:7d:42:a0:a4:02:c0:a8:18:85:03:2e:f2:
27:20:ce:76:9d:4e:88:ba:c8:76:6e:d0:14:6a:df:
a4:93:a9:b3:89:a9:a8:30:de:56:0f:28:bd:3c:33:
32:5c:d7:55:26:07:e2:05:40:53:a5:34:4d:13:a8:
9c:67:9c:6d:fa:53:74:d8:5a:7c:f6:ab:33:64:38:
07:2b:3f:0e:e4:1f:82:e5:43:7b:91:f2:b3:2d:cc:
0b:63:b4:58:8c:ff:16:70:31:1f:3e:6b:c6:57:d9:
16:24:71:6c:ab:5e:64:ae:1c:e1:87:00:b5:9a:1f:
dd:20:87:b6:ff:77:e3:c6:bf:a4:51:c8:bf:31:9e:
71:8f:2c:9e:54:c6:fd:1e:b1:91:dd:f9:cf:b7:38:
b8:ec:88:43:d6:96:f1:10:f5:86:4a:ac:9d:4c:aa:
4b:cd:5b:0d:b5:44:8d:d7:66:42:10:a9:af:75:e7:
ad:be:06:02:ce:50:71:0f:6c:1c:9c:cf:41:16:73:
97:9d:50:4b:51:f7:46:a7:90:fa:30:b4:4b:b3:85:
38:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:4D:3C:BA:7B:C2:71:F5:26:A2:AF:67:03:CA:F0:C1:CF:C4:1A:B6
X509v3 Authority Key Identifier:
keyid:F1:AA:A1:6D:DD:8D:8A:12:DF:D0:E5:32:11:70:3A:D9:52:E3:B2:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8aqhbd2NihLf0OUyEXA62VLjshQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/4eaca0-8db9-4d0a-ba22-8a9935da0588/1/lU08unvCcfUmoq9nA8rwwc_EGrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/4eaca0-8db9-4d0a-ba22-8a9935da0588/1/8aqhbd2NihLf0OUyEXA62VLjshQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.220.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:71:ac:48:e5:30:b7:61:4b:3a:ce:65:c6:77:84:5e:d9:4d:
8b:4c:e9:c5:f1:a0:5f:dc:94:75:20:ef:cc:a4:67:81:4a:7c:
94:7d:3c:03:3c:89:4f:d8:2f:23:b3:83:63:e9:15:44:7b:d0:
b8:e8:d7:35:7f:16:1a:83:08:94:20:47:2f:7d:9e:66:59:9e:
84:1b:b2:6c:2b:ab:ec:a3:32:84:53:4f:5f:b0:fc:bf:82:ee:
65:04:ba:3c:92:58:4d:e3:bf:80:16:85:48:94:f9:77:01:79:
07:89:68:48:44:6f:37:7b:74:25:5e:88:92:bb:5d:f5:ce:fa:
62:7a:50:ec:aa:76:c1:af:35:c0:ea:43:66:32:c0:e1:eb:8c:
7a:18:83:07:a9:c0:8a:96:cd:ba:aa:a9:51:9a:36:d1:62:b2:
64:b8:77:9b:af:bf:df:4f:55:ce:71:d1:74:00:f8:6c:a0:cd:
11:36:c2:a2:c4:ce:54:fc:8d:22:69:e1:53:39:ee:5c:0b:be:
56:36:ec:51:98:f4:0f:2a:ee:11:6b:02:e3:78:ec:e2:f8:b1:
0c:b4:bb:35:ce:a1:91:28:8e:a4:9c:00:0f:2e:16:74:fb:ac:
47:96:3d:73:8a:1c:9b:2c:52:50:21:67:d3:1d:cc:5c:62:89:
e7:ae:45:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH6MJOJlGDSb6Mirr0apPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxYWFhMTZkZGQ4ZDhhMTJkZmQwZTUzMjExNzAzYWQ5NTJl
M2IyMTQwHhcNMjUwMTAxMTM0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTRkM2NiYTdiYzI3MWY1MjZhMmFmNjcwM2NhZjBjMWNmYzQxYWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXRukRyypUFUAjirKctsfWKbT7QK
6aZRuUc+2DO0GpHtjdA3L9nwsiwg5rEeCZN9QqCkAsCoGIUDLvInIM52nU6Iush2
btAUat+kk6mziamoMN5WDyi9PDMyXNdVJgfiBUBTpTRNE6icZ5xt+lN02Fp89qsz
ZDgHKz8O5B+C5UN7kfKzLcwLY7RYjP8WcDEfPmvGV9kWJHFsq15krhzhhwC1mh/d
IIe2/3fjxr+kUci/MZ5xjyyeVMb9HrGR3fnPtzi47IhD1pbxEPWGSqydTKpLzVsN
tUSN12ZCEKmvdeetvgYCzlBxD2wcnM9BFnOXnVBLUfdGp5D6MLRLs4U4tQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJVNPLp7wnH1JqKvZwPK8MHPxBq2MB8GA1UdIwQY
MBaAFPGqoW3djYoS39DlMhFwOtlS47IUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGFxaGJkMk5paExmME9VeUVYQTYyVkxqc2hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80ZWFjYTAtOGRiOS00ZDBhLWJhMjIt
OGE5OTM1ZGEwNTg4LzEvbFUwOHVudkNjZlVtb3E5bkE4cnd3Y19FR3JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy80ZWFjYTAtOGRiOS00ZDBhLWJhMjItOGE5OTM1ZGEwNTg4
LzEvOGFxaGJkMk5paExmME9VeUVYQTYyVkxqc2hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucncMA0G
CSqGSIb3DQEBCwUAA4IBAQBacaxI5TC3YUs6zmXGd4Re2U2LTOnF8aBf3JR1IO/M
pGeBSnyUfTwDPIlP2C8js4Nj6RVEe9C46Nc1fxYagwiUIEcvfZ5mWZ6EG7JsK6vs
ozKEU09fsPy/gu5lBLo8klhN47+AFoVIlPl3AXkHiWhIRG83e3QlXoiSu131zvpi
elDsqnbBrzXA6kNmMsDh64x6GIMHqcCKls26qqlRmjbRYrJkuHebr7/fT1XOcdF0
APhsoM0RNsKixM5U/I0iaeFTOe5cC75WNuxRmPQPKu4RawLjeOzi+LEMtLs1zqGR
KI6knAAPLhZ0+6xHlj1zihybLFJQIWfTHcxcYonnrkVC
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:55:16 2025 by rpki-client