Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/9ce60b-cbc4-40d9-98ad-1cd506070bb5/1/SaS1SkjaTF7O1j4kXJFbXEYp8rs.roa
File: SaS1SkjaTF7O1j4kXJFbXEYp8rs.roa (raw, json)
Hash identifier: Bgx4Pc3YNVPJEhfnbxEzlo6b9U7OMYEy2ojr8v4w/mQ=
Subject key identifier: 49:A4:B5:4A:48:DA:4C:5E:CE:D6:3E:24:5C:91:5B:5C:46:29:F2:BB
Certificate issuer: /CN=351652b838ff2d9672ac8ca66ba660dd4e45d699
Certificate serial: 01856FDDCE97076587FCD0E64E92842D08FD
Authority key identifier: 35:16:52:B8:38:FF:2D:96:72:AC:8C:A6:6B:A6:60:DD:4E:45:D6:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRZSuDj_LZZyrIyma6Zg3U5F1pk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/9ce60b-cbc4-40d9-98ad-1cd506070bb5/1/SaS1SkjaTF7O1j4kXJFbXEYp8rs.roa
Signing time: Mon 02 Jan 2023 00:24:45 +0000
ROA not before: Mon 02 Jan 2023 00:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8075
IP address blocks: 185.222.140.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:dd:ce:97:07:65:87:fc:d0:e6:4e:92:84:2d:08:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351652b838ff2d9672ac8ca66ba660dd4e45d699
Validity
Not Before: Jan 2 00:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49a4b54a48da4c5eced63e245c915b5c4629f2bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:7a:38:1c:3e:4e:98:f1:0b:9f:89:70:97:ac:
f2:1a:35:21:36:c2:9b:50:ff:3a:7a:3b:8b:56:15:
74:9d:de:3d:36:6f:1a:ae:18:ca:47:7c:0c:e1:62:
49:72:82:46:dd:5b:41:36:6a:bc:ac:5a:bc:c0:aa:
a5:67:98:ad:ca:dd:bd:5a:e6:d5:18:bd:90:01:dd:
96:7d:85:d0:3e:ae:82:fe:fa:f4:4f:d0:73:4a:8d:
1f:8d:dc:03:87:51:a5:82:46:48:3c:a2:10:b9:f7:
34:56:46:6a:7b:03:04:49:47:b3:ff:9c:67:af:41:
71:24:3c:5a:23:ec:80:4b:46:1e:e6:db:ba:e1:d9:
86:83:ec:63:a3:cd:45:40:8d:e7:bf:c5:96:e2:9c:
6d:46:92:5a:65:98:fd:a7:87:01:6f:ae:eb:cf:7d:
de:e6:36:92:03:35:75:8f:6e:8c:fc:80:b1:1c:99:
64:87:71:bc:99:87:2a:a9:44:84:c3:d3:7e:73:8f:
39:dd:a7:a9:64:3b:d6:45:6c:74:8b:cd:7c:94:e1:
99:45:7d:a4:23:7b:a8:7e:b8:8e:db:c0:86:c3:47:
1e:96:0a:59:65:fe:e0:7a:f2:6a:ee:bb:40:ee:81:
82:ba:f6:9c:4d:49:16:67:6f:34:50:44:57:b9:3c:
78:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:A4:B5:4A:48:DA:4C:5E:CE:D6:3E:24:5C:91:5B:5C:46:29:F2:BB
X509v3 Authority Key Identifier:
keyid:35:16:52:B8:38:FF:2D:96:72:AC:8C:A6:6B:A6:60:DD:4E:45:D6:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRZSuDj_LZZyrIyma6Zg3U5F1pk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/9ce60b-cbc4-40d9-98ad-1cd506070bb5/1/SaS1SkjaTF7O1j4kXJFbXEYp8rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/9ce60b-cbc4-40d9-98ad-1cd506070bb5/1/NRZSuDj_LZZyrIyma6Zg3U5F1pk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.140.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:ce:07:9e:04:2e:ec:c1:9b:17:81:5f:ee:da:ec:52:6a:c7:
70:48:ec:66:06:49:bc:82:1f:c6:ea:13:83:c9:65:a1:33:6e:
d7:e8:c3:be:fa:b6:b1:40:af:94:e1:66:c4:4a:b4:c7:d8:c6:
65:71:e2:47:57:33:7c:75:96:31:d3:0d:96:b3:f5:fc:9e:1e:
d3:9c:12:d5:e8:ad:dc:b9:4a:f3:9d:ae:78:5b:bf:41:53:d5:
15:91:25:00:6b:11:5f:98:ae:ff:1a:83:69:ee:e7:2e:9f:a4:
05:61:48:31:c0:f8:75:e7:f4:d8:78:06:e2:f2:b6:d2:1c:cc:
07:75:b8:a1:0b:cb:d0:ac:b9:e6:85:10:e0:92:71:59:09:90:
42:d1:f1:9c:51:d6:b2:12:7f:bc:bb:ad:04:25:a3:14:02:48:
c4:89:80:82:32:87:be:30:0e:18:0c:2a:41:4b:6d:03:dc:ed:
80:35:f4:7d:c2:31:45:91:6f:9a:f2:2e:ea:02:30:57:54:dc:
99:93:1b:51:81:0c:f7:48:7f:e4:34:18:5d:5a:c3:d1:b8:9a:
90:fb:fa:71:53:22:92:45:1a:eb:11:bf:ce:fc:6e:cf:10:62:
ea:32:9f:fe:cf:4f:6a:17:5f:10:f8:b6:19:1a:37:0e:61:a8:
c7:4f:10:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv3c6XB2WH/NDmTpKELQj9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTY1MmI4MzhmZjJkOTY3MmFjOGNhNjZiYTY2MGRkNGU0
NWQ2OTkwHhcNMjMwMTAyMDAyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWE0YjU0YTQ4ZGE0YzVlY2VkNjNlMjQ1YzkxNWI1YzQ2MjlmMmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXo4HD5OmPELn4lwl6zyGjUhNsKb
UP86ejuLVhV0nd49Nm8arhjKR3wM4WJJcoJG3VtBNmq8rFq8wKqlZ5ityt29WubV
GL2QAd2WfYXQPq6C/vr0T9BzSo0fjdwDh1GlgkZIPKIQufc0VkZqewMESUez/5xn
r0FxJDxaI+yAS0Ye5tu64dmGg+xjo81FQI3nv8WW4pxtRpJaZZj9p4cBb67rz33e
5jaSAzV1j26M/ICxHJlkh3G8mYcqqUSEw9N+c4853aepZDvWRWx0i818lOGZRX2k
I3uofriO28CGw0celgpZZf7gevJq7rtA7oGCuvacTUkWZ280UERXuTx4wQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEmktUpI2kxeztY+JFyRW1xGKfK7MB8GA1UdIwQY
MBaAFDUWUrg4/y2WcqyMpmumYN1ORdaZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJaU3VEal9MWlp5ckl5bWE2WmczVTVGMXBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi85Y2U2MGItY2JjNC00MGQ5LTk4YWQt
MWNkNTA2MDcwYmI1LzEvU2FTMVNramFURjdPMWo0a1hKRmJYRVlwOHJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi85Y2U2MGItY2JjNC00MGQ5LTk4YWQtMWNkNTA2MDcwYmI1
LzEvTlJaU3VEal9MWlp5ckl5bWE2WmczVTVGMXBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCud6MMA0G
CSqGSIb3DQEBCwUAA4IBAQBMzgeeBC7swZsXgV/u2uxSasdwSOxmBkm8gh/G6hOD
yWWhM27X6MO++raxQK+U4WbESrTH2MZlceJHVzN8dZYx0w2Ws/X8nh7TnBLV6K3c
uUrzna54W79BU9UVkSUAaxFfmK7/GoNp7ucun6QFYUgxwPh15/TYeAbi8rbSHMwH
dbihC8vQrLnmhRDgknFZCZBC0fGcUdayEn+8u60EJaMUAkjEiYCCMoe+MA4YDCpB
S20D3O2ANfR9wjFFkW+a8i7qAjBXVNyZkxtRgQz3SH/kNBhdWsPRuJqQ+/pxUyKS
RRrrEb/O/G7PEGLqMp/+z09qF18Q+LYZGjcOYajHTxDc
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:20 2025 by rpki-client