Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/a88dcf-13e7-4874-9828-48db3ffca1f6/1/OY4rSXrmYagmWkF80J3fYT9FTE0.roa
File: OY4rSXrmYagmWkF80J3fYT9FTE0.roa (raw, json)
Hash identifier: 8r2GxHqurfeS7/ZiaoqgFPPq88XfUPsSSOf2pYTVQr8=
Subject key identifier: 39:8E:2B:49:7A:E6:61:A8:26:5A:41:7C:D0:9D:DF:61:3F:45:4C:4D
Certificate issuer: /CN=40b4a498f5ef48b76ad988bd3622dd8a7f57e2bd
Certificate serial: 019367CCB8C223A4EF4525C581657E940AA5
Authority key identifier: 40:B4:A4:98:F5:EF:48:B7:6A:D9:88:BD:36:22:DD:8A:7F:57:E2:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLSkmPXvSLdq2Yi9NiLdin9X4r0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/a88dcf-13e7-4874-9828-48db3ffca1f6/1/OY4rSXrmYagmWkF80J3fYT9FTE0.roa
Signing time: Tue 26 Nov 2024 09:28:09 +0000
ROA not before: Tue 26 Nov 2024 09:28:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34380
IP address blocks: 185.162.148.0/22 maxlen: 22
185.162.148.0/24 maxlen: 24
185.162.149.0/24 maxlen: 24
185.162.150.0/24 maxlen: 24
185.162.151.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:67:cc:b8:c2:23:a4:ef:45:25:c5:81:65:7e:94:0a:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b4a498f5ef48b76ad988bd3622dd8a7f57e2bd
Validity
Not Before: Nov 26 09:28:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=398e2b497ae661a8265a417cd09ddf613f454c4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:af:da:a2:cd:0e:00:f3:3b:cc:18:08:95:7a:
df:a2:40:e0:57:35:d6:57:ee:1f:42:51:2a:3e:4b:
91:17:25:31:ab:de:22:9f:19:a1:e3:61:e5:d9:04:
55:50:89:6f:92:06:2b:c2:9f:79:b4:e5:2b:02:54:
d0:c0:47:f9:20:e7:a7:9a:58:74:4a:fa:d2:b1:6e:
99:b4:9e:72:0d:7f:53:8f:91:17:7a:7f:e9:01:c8:
12:9a:29:59:66:40:fc:d9:f6:07:05:4c:dc:0c:9f:
8b:05:5a:84:7b:6b:76:eb:21:d1:2c:96:83:46:ee:
9c:17:f8:3a:f0:4b:05:6c:fa:ae:8e:74:d8:e9:7f:
4b:65:f2:8f:75:b5:2e:c9:05:20:e5:82:ae:f1:3f:
ed:b4:81:1a:b8:c7:34:e4:37:0e:c9:9a:38:70:d7:
04:0a:b6:87:13:14:c1:b6:37:42:75:64:93:7d:eb:
a1:54:3e:38:f6:df:ad:1a:31:a7:6c:d8:2c:f6:09:
6a:c2:52:aa:7e:1d:ca:64:ba:07:e8:cd:a4:a9:ad:
33:d0:66:93:71:22:8c:6b:13:5c:1c:b1:c2:ad:c4:
54:e0:97:e4:cd:ad:e6:69:0a:36:5a:62:6b:b7:0b:
83:b0:b0:75:8b:ae:e9:ef:51:93:00:f9:00:de:c9:
59:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:8E:2B:49:7A:E6:61:A8:26:5A:41:7C:D0:9D:DF:61:3F:45:4C:4D
X509v3 Authority Key Identifier:
keyid:40:B4:A4:98:F5:EF:48:B7:6A:D9:88:BD:36:22:DD:8A:7F:57:E2:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLSkmPXvSLdq2Yi9NiLdin9X4r0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/a88dcf-13e7-4874-9828-48db3ffca1f6/1/OY4rSXrmYagmWkF80J3fYT9FTE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/a88dcf-13e7-4874-9828-48db3ffca1f6/1/QLSkmPXvSLdq2Yi9NiLdin9X4r0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.148.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:2e:3f:13:cd:f9:0c:cb:1e:18:34:e4:11:60:d3:de:98:71:
6b:fb:0c:d8:ea:fb:b7:54:b2:f0:9d:5d:d8:3e:1a:2d:4a:74:
35:a2:4e:84:1a:03:5a:3e:c8:e0:f0:da:31:c7:89:63:3d:7b:
9f:eb:5b:b9:87:ab:37:71:98:37:da:7d:56:8c:f3:ed:d9:08:
d1:bb:72:2a:69:3e:89:d5:a8:99:16:fa:0f:fe:18:12:df:14:
8e:cb:f9:8b:14:32:bf:58:5d:24:18:62:74:91:44:97:1d:f9:
8b:63:b6:91:c9:fc:d6:0a:75:a1:a5:e0:63:4a:99:1e:fb:dd:
e5:0f:6e:5b:62:40:14:3f:e4:2e:98:75:72:84:1a:4b:3f:bf:
2e:eb:a9:53:92:e3:0d:d0:1a:fd:46:e6:0f:56:bb:35:96:5e:
69:d8:0b:e2:2a:e1:3a:2b:d8:1d:29:b7:c8:9e:06:b5:81:66:
dd:1e:53:cb:62:79:1c:49:72:10:88:aa:eb:bd:65:54:4a:f8:
9f:62:0f:0e:28:10:52:a9:0a:43:15:67:dc:37:bd:eb:3c:69:
ee:b7:3d:e9:fd:d0:49:8c:6e:c9:dc:07:7a:81:54:a4:02:27:
f1:2b:a4:87:19:77:8e:13:64:82:c4:85:fb:ca:68:17:0e:4e:
22:c2:96:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNnzLjCI6TvRSXFgWV+lAqlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjRhNDk4ZjVlZjQ4Yjc2YWQ5ODhiZDM2MjJkZDhhN2Y1
N2UyYmQwHhcNMjQxMTI2MDkyODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOThlMmI0OTdhZTY2MWE4MjY1YTQxN2NkMDlkZGY2MTNmNDU0YzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvq/aos0OAPM7zBgIlXrfokDgVzXW
V+4fQlEqPkuRFyUxq94inxmh42Hl2QRVUIlvkgYrwp95tOUrAlTQwEf5IOenmlh0
SvrSsW6ZtJ5yDX9Tj5EXen/pAcgSmilZZkD82fYHBUzcDJ+LBVqEe2t26yHRLJaD
Ru6cF/g68EsFbPqujnTY6X9LZfKPdbUuyQUg5YKu8T/ttIEauMc05DcOyZo4cNcE
CraHExTBtjdCdWSTfeuhVD449t+tGjGnbNgs9glqwlKqfh3KZLoH6M2kqa0z0GaT
cSKMaxNcHLHCrcRU4Jfkza3maQo2WmJrtwuDsLB1i67p71GTAPkA3slZQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDmOK0l65mGoJlpBfNCd32E/RUxNMB8GA1UdIwQY
MBaAFEC0pJj170i3atmIvTYi3Yp/V+K9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxTa21QWHZTTGRxMllpOU5pTGRpbjlYNHIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9hODhkY2YtMTNlNy00ODc0LTk4Mjgt
NDhkYjNmZmNhMWY2LzEvT1k0clNYcm1ZYWdtV2tGODBKM2ZZVDlGVEUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9hODhkY2YtMTNlNy00ODc0LTk4MjgtNDhkYjNmZmNhMWY2
LzEvUUxTa21QWHZTTGRxMllpOU5pTGRpbjlYNHIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaKUMA0G
CSqGSIb3DQEBCwUAA4IBAQAuLj8TzfkMyx4YNOQRYNPemHFr+wzY6vu3VLLwnV3Y
PhotSnQ1ok6EGgNaPsjg8Noxx4ljPXuf61u5h6s3cZg32n1WjPPt2QjRu3IqaT6J
1aiZFvoP/hgS3xSOy/mLFDK/WF0kGGJ0kUSXHfmLY7aRyfzWCnWhpeBjSpke+93l
D25bYkAUP+QumHVyhBpLP78u66lTkuMN0Br9RuYPVrs1ll5p2AviKuE6K9gdKbfI
nga1gWbdHlPLYnkcSXIQiKrrvWVUSvifYg8OKBBSqQpDFWfcN73rPGnutz3p/dBJ
jG7J3Ad6gVSkAifxK6SHGXeOE2SCxIX7ymgXDk4iwpaY
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:25:28 2025 by rpki-client