Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/p8P0TjBdR4YEmozavjerpF1hBVY.roa
File: p8P0TjBdR4YEmozavjerpF1hBVY.roa (raw, json)
Hash identifier: 7Ir8j+w3ieMzj7tgnMq3o2mWWDqQuUdqKA4OeKalZUM=
Subject key identifier: A7:C3:F4:4E:30:5D:47:86:04:9A:8C:DA:BE:37:AB:A4:5D:61:05:56
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 01856ED4CB4F143633B02CD75ECC2E3D290F
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/p8P0TjBdR4YEmozavjerpF1hBVY.roa
Signing time: Sun 01 Jan 2023 19:35:17 +0000
ROA not before: Sun 01 Jan 2023 19:35:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 10010
IP address blocks: 94.74.184.0/24 maxlen: 24
94.74.185.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:cb:4f:14:36:33:b0:2c:d7:5e:cc:2e:3d:29:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jan 1 19:35:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7c3f44e305d4786049a8cdabe37aba45d610556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:21:3b:ae:0c:fa:cd:f4:eb:e8:62:a4:4d:10:
12:aa:f2:9c:de:62:f3:92:66:ec:91:31:28:ea:fb:
3a:ea:0f:66:3e:25:b5:e3:52:67:63:eb:93:75:66:
84:e4:50:89:4b:40:76:7b:c3:e3:06:53:2a:7a:95:
cb:72:e5:dc:13:fb:d9:eb:11:99:49:4d:14:28:dc:
bb:3f:2f:58:45:bb:87:61:dd:83:9b:61:ad:e2:a8:
4c:85:0f:37:21:c5:49:23:2d:9b:86:61:46:56:c8:
58:e3:29:ee:05:51:39:ee:24:e6:fc:a8:82:6b:61:
e2:6e:05:ef:c8:a2:7b:79:b1:76:37:bc:22:bd:d7:
c8:07:5f:4b:4a:06:ec:f5:c8:fd:40:1a:15:58:dd:
9f:26:28:0e:fa:a0:11:04:ea:6b:65:5b:85:11:7d:
77:de:f5:56:e2:26:69:78:ea:5e:c4:fd:57:d6:83:
a9:02:ca:d4:75:ca:2a:a9:57:ce:33:c9:16:4c:f9:
4b:ec:f5:90:21:fb:27:f9:80:1c:86:d8:29:1c:e6:
d5:ac:0e:5a:07:c2:8b:9d:24:79:74:70:fb:9b:32:
28:68:f5:3b:b2:f0:a2:9b:85:b3:fb:2c:44:8d:85:
ce:8e:3a:65:66:d4:1a:75:42:23:ce:d0:eb:75:83:
0a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:C3:F4:4E:30:5D:47:86:04:9A:8C:DA:BE:37:AB:A4:5D:61:05:56
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/p8P0TjBdR4YEmozavjerpF1hBVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.74.184.0/23
Signature Algorithm: sha256WithRSAEncryption
03:7a:50:85:8a:81:30:ea:94:46:dc:e2:1d:28:8d:0e:c7:19:
e6:f2:04:55:40:0d:9d:fc:b0:23:8a:98:06:92:dc:a7:61:36:
b7:e9:ed:96:cb:48:ef:eb:f8:14:2f:9d:09:e7:9a:ec:da:11:
3a:5d:0e:e6:24:91:3b:fb:a9:f0:24:b5:ef:8d:98:09:13:18:
f3:47:a6:94:43:7f:19:a6:6b:b7:77:37:a9:f2:16:09:7d:fa:
6b:13:af:60:ea:79:c0:1a:dc:1a:44:32:ba:63:6e:5a:c8:ec:
b9:0a:88:57:48:72:72:bc:d3:70:88:95:f2:e2:4b:7c:ad:de:
65:4f:e7:f3:72:40:6d:d7:37:1b:f4:3f:af:f4:5e:a5:39:e3:
7e:ff:e2:c5:7c:a1:75:a0:39:42:d2:54:1f:d5:47:6e:36:c3:
e8:f3:ef:9b:09:cd:a6:e9:da:41:2c:01:3e:b1:84:94:07:54:
a2:d9:f1:84:6c:bc:f0:25:26:be:88:8b:b0:ff:8a:cf:84:7c:
4d:9f:b9:be:5a:4a:b6:30:3e:7e:a1:a5:c5:8d:5f:3d:88:a9:
72:fe:c5:43:6d:18:d4:f5:09:81:dd:76:4c:fd:7d:96:be:46:
27:a9:db:e2:56:05:26:53:71:c7:f6:e8:4c:0b:bc:27:f7:fa:
03:6b:fb:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1MtPFDYzsCzXXswuPSkPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMwMTAxMTkzNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2MzZjQ0ZTMwNWQ0Nzg2MDQ5YThjZGFiZTM3YWJhNDVkNjEwNTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCE7rgz6zfTr6GKkTRASqvKc3mLz
kmbskTEo6vs66g9mPiW141JnY+uTdWaE5FCJS0B2e8PjBlMqepXLcuXcE/vZ6xGZ
SU0UKNy7Py9YRbuHYd2Dm2Gt4qhMhQ83IcVJIy2bhmFGVshY4ynuBVE57iTm/KiC
a2HibgXvyKJ7ebF2N7wivdfIB19LSgbs9cj9QBoVWN2fJigO+qARBOprZVuFEX13
3vVW4iZpeOpexP1X1oOpAsrUdcoqqVfOM8kWTPlL7PWQIfsn+YAchtgpHObVrA5a
B8KLnSR5dHD7mzIoaPU7svCim4Wz+yxEjYXOjjplZtQadUIjztDrdYMKhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKfD9E4wXUeGBJqM2r43q6RdYQVWMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvcDhQMFRqQmRSNFlFbW96YXZqZXJwRjFoQlZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXkq4MA0G
CSqGSIb3DQEBCwUAA4IBAQADelCFioEw6pRG3OIdKI0Oxxnm8gRVQA2d/LAjipgG
ktynYTa36e2Wy0jv6/gUL50J55rs2hE6XQ7mJJE7+6nwJLXvjZgJExjzR6aUQ38Z
pmu3dzep8hYJffprE69g6nnAGtwaRDK6Y25ayOy5CohXSHJyvNNwiJXy4kt8rd5l
T+fzckBt1zcb9D+v9F6lOeN+/+LFfKF1oDlC0lQf1UduNsPo8++bCc2m6dpBLAE+
sYSUB1Si2fGEbLzwJSa+iIuw/4rPhHxNn7m+Wkq2MD5+oaXFjV89iKly/sVDbRjU
9QmB3XZM/X2WvkYnqdviVgUmU3HH9uhMC7wn9/oDa/s7
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:23 2025 by rpki-client