Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/35c805-f60c-442c-ac5d-0f01b560657c/1/dgAEK4wIhzdNcfF05upWmZfXZZk.roa
File: dgAEK4wIhzdNcfF05upWmZfXZZk.roa (raw, json)
Hash identifier: U/vt5a1C9rZX//TwbwJI8SM4gcB/oWBETRm681WJLz4=
Subject key identifier: 76:00:04:2B:8C:08:87:37:4D:71:F1:74:E6:EA:56:99:97:D7:65:99
Certificate issuer: /CN=467b394cf8a4051c167d468bc7b892a71dee4d03
Certificate serial: 0194228DC25C659D394710C1AC1C139B1A1F
Authority key identifier: 46:7B:39:4C:F8:A4:05:1C:16:7D:46:8B:C7:B8:92:A7:1D:EE:4D:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rns5TPikBRwWfUaLx7iSpx3uTQM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/35c805-f60c-442c-ac5d-0f01b560657c/1/dgAEK4wIhzdNcfF05upWmZfXZZk.roa
Signing time: Wed 01 Jan 2025 15:48:23 +0000
ROA not before: Wed 01 Jan 2025 15:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199635
IP address blocks: 185.8.216.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:c2:5c:65:9d:39:47:10:c1:ac:1c:13:9b:1a:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=467b394cf8a4051c167d468bc7b892a71dee4d03
Validity
Not Before: Jan 1 15:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7600042b8c0887374d71f174e6ea569997d76599
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:d3:ec:f1:84:1f:f9:c2:2f:d6:6b:b4:19:ac:
0b:90:05:d0:ff:41:2d:6b:bb:ef:ce:97:d1:54:1c:
2a:2a:ed:6e:b4:d7:c2:b5:99:c6:f2:45:0f:ec:72:
ba:46:0f:92:3f:ee:45:26:b1:cd:1c:82:4d:88:21:
21:77:ab:3f:20:82:b5:9a:ff:b1:f7:48:42:b8:e9:
8d:c7:07:bf:c2:22:54:e3:50:bc:96:da:72:85:46:
4e:3b:52:15:95:f5:72:4e:12:3c:74:69:bf:e2:10:
8d:74:93:90:db:54:62:cb:dc:d3:a1:df:2a:78:bc:
60:0f:fe:25:bc:60:38:b9:94:cc:6a:84:e6:b7:ba:
40:2d:d4:a3:00:67:da:b9:aa:0d:c8:dc:4d:80:4c:
0e:3c:e1:56:56:ab:9c:50:27:b1:8a:3e:38:dc:c1:
f3:87:6e:f4:02:f3:4c:52:89:19:c1:3f:75:5d:47:
ce:31:de:f6:80:8e:8b:38:48:af:5c:87:b1:7f:62:
4a:2a:98:99:3e:87:9b:d2:50:9f:83:9d:cb:45:9b:
40:f4:d0:71:e9:5f:08:fe:d3:59:ad:89:21:4b:a2:
da:92:1a:ea:91:81:c4:6f:5e:98:73:cb:10:27:e1:
56:5f:32:98:2b:55:e0:81:ad:59:d5:77:bd:8b:32:
2e:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:00:04:2B:8C:08:87:37:4D:71:F1:74:E6:EA:56:99:97:D7:65:99
X509v3 Authority Key Identifier:
keyid:46:7B:39:4C:F8:A4:05:1C:16:7D:46:8B:C7:B8:92:A7:1D:EE:4D:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rns5TPikBRwWfUaLx7iSpx3uTQM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/35c805-f60c-442c-ac5d-0f01b560657c/1/dgAEK4wIhzdNcfF05upWmZfXZZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/35c805-f60c-442c-ac5d-0f01b560657c/1/Rns5TPikBRwWfUaLx7iSpx3uTQM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.8.216.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:e9:38:7b:d3:7a:9a:fb:de:d8:2b:68:f9:32:e8:c2:9a:dc:
43:c0:e6:95:9c:04:f0:25:63:2a:4c:da:31:12:81:4f:31:4f:
dc:ac:0a:bd:c1:98:78:c7:e5:bb:55:b9:f6:c5:69:a0:8d:94:
65:d1:bb:31:0f:5c:95:22:0b:fb:34:a6:e7:92:f4:93:6d:39:
58:46:1d:84:25:61:cc:5d:a3:c4:53:dd:da:14:76:28:09:6c:
c3:ed:54:36:ab:6a:68:4b:d6:01:0b:f5:94:c9:cd:1b:b4:d5:
cc:d2:b2:3c:b8:51:a0:46:cd:13:93:c6:72:f1:8d:9b:20:18:
6b:62:83:01:ce:fa:47:e8:f8:b5:a7:ca:f8:f4:b8:1c:70:a3:
94:23:1a:28:36:8a:98:9a:16:f3:d0:f4:86:be:6b:7d:68:7b:
91:6c:4e:24:3c:09:cb:e2:44:92:58:f8:23:77:ba:2c:46:3d:
8b:0d:3d:2b:3c:78:a7:cd:0b:cd:2b:8a:92:6f:c9:30:ca:82:
d9:b4:a8:54:7f:60:41:91:81:4c:d3:e2:be:28:62:cb:b4:55:
52:2b:4d:50:3e:ac:a5:a0:ae:0f:91:33:e4:a7:bd:18:a2:bb:
cd:2d:c6:6e:a6:da:fc:40:c9:db:84:2b:7e:e6:e4:68:a0:8a:
e8:5a:5d:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijcJcZZ05RxDBrBwTmxofMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2N2IzOTRjZjhhNDA1MWMxNjdkNDY4YmM3Yjg5MmE3MWRl
ZTRkMDMwHhcNMjUwMTAxMTU0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjAwMDQyYjhjMDg4NzM3NGQ3MWYxNzRlNmVhNTY5OTk3ZDc2NTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA79Ps8YQf+cIv1mu0GawLkAXQ/0Et
a7vvzpfRVBwqKu1utNfCtZnG8kUP7HK6Rg+SP+5FJrHNHIJNiCEhd6s/IIK1mv+x
90hCuOmNxwe/wiJU41C8ltpyhUZOO1IVlfVyThI8dGm/4hCNdJOQ21Riy9zTod8q
eLxgD/4lvGA4uZTMaoTmt7pALdSjAGfauaoNyNxNgEwOPOFWVqucUCexij443MHz
h270AvNMUokZwT91XUfOMd72gI6LOEivXIexf2JKKpiZPoeb0lCfg53LRZtA9NBx
6V8I/tNZrYkhS6LakhrqkYHEb16Yc8sQJ+FWXzKYK1Xgga1Z1Xe9izIupwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHYABCuMCIc3TXHxdObqVpmX12WZMB8GA1UdIwQY
MBaAFEZ7OUz4pAUcFn1Gi8e4kqcd7k0DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm5zNVRQaWtCUndXZlVhTHg3aVNweDN1VFFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zNWM4MDUtZjYwYy00NDJjLWFjNWQt
MGYwMWI1NjA2NTdjLzEvZGdBRUs0d0loemROY2ZGMDV1cFdtWmZYWlprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zNWM4MDUtZjYwYy00NDJjLWFjNWQtMGYwMWI1NjA2NTdj
LzEvUm5zNVRQaWtCUndXZlVhTHg3aVNweDN1VFFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQjYMA0G
CSqGSIb3DQEBCwUAA4IBAQCP6Th703qa+97YK2j5MujCmtxDwOaVnATwJWMqTNox
EoFPMU/crAq9wZh4x+W7Vbn2xWmgjZRl0bsxD1yVIgv7NKbnkvSTbTlYRh2EJWHM
XaPEU93aFHYoCWzD7VQ2q2poS9YBC/WUyc0btNXM0rI8uFGgRs0Tk8Zy8Y2bIBhr
YoMBzvpH6Pi1p8r49LgccKOUIxooNoqYmhbz0PSGvmt9aHuRbE4kPAnL4kSSWPgj
d7osRj2LDT0rPHinzQvNK4qSb8kwyoLZtKhUf2BBkYFM0+K+KGLLtFVSK01QPqyl
oK4PkTPkp70YorvNLcZuptr8QMnbhCt+5uRooIroWl2k
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:33:16 2025 by rpki-client