Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/b55c02-347b-42a8-96ae-d179053d8434/1/iXktWjoVbeki7LVoHWOUG35rBao.roa
File: iXktWjoVbeki7LVoHWOUG35rBao.roa (raw, json)
Hash identifier: ymnwWlpLu+E3kh/lirVQ08OMifF27nsoeTeEGAHewfo=
Subject key identifier: 89:79:2D:5A:3A:15:6D:E9:22:EC:B5:68:1D:63:94:1B:7E:6B:05:AA
Certificate issuer: /CN=6f0d7a0eb5ca549590a406bc693df1e8d2cbae04
Certificate serial: 018617BC1E45578631124EAE0991781DD0D3
Authority key identifier: 6F:0D:7A:0E:B5:CA:54:95:90:A4:06:BC:69:3D:F1:E8:D2:CB:AE:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bw16DrXKVJWQpAa8aT3x6NLLrgQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/b55c02-347b-42a8-96ae-d179053d8434/1/iXktWjoVbeki7LVoHWOUG35rBao.roa
Signing time: Fri 03 Feb 2023 14:44:09 +0000
ROA not before: Fri 03 Feb 2023 14:44:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51765
IP address blocks: 185.99.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:17:bc:1e:45:57:86:31:12:4e:ae:09:91:78:1d:d0:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f0d7a0eb5ca549590a406bc693df1e8d2cbae04
Validity
Not Before: Feb 3 14:44:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89792d5a3a156de922ecb5681d63941b7e6b05aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f1:a8:fb:6e:f7:6e:22:02:66:8b:61:f2:8c:
a2:32:cc:41:0b:e9:0d:9a:7c:7b:c2:6b:e5:64:14:
bf:27:4b:3c:83:a2:c7:f6:83:e5:73:96:e8:e7:bc:
0e:21:7b:ba:3d:0b:4f:14:72:eb:65:f6:a8:87:06:
0e:9e:74:2b:27:9a:92:80:7f:40:b0:31:d0:5e:21:
68:f8:7f:53:f1:4b:c3:da:f4:04:35:20:51:fc:24:
42:e1:f3:b0:6e:79:73:1a:a6:ca:67:98:75:34:7d:
5c:01:40:55:3c:a2:10:41:34:5f:cc:cf:9e:52:d4:
7a:3b:8b:1d:54:c4:44:93:81:aa:cb:f6:8f:ab:77:
1b:ad:d8:a4:98:e5:32:76:8c:18:e9:ec:af:ce:a2:
8a:b9:e9:7d:dd:0b:d1:49:5a:05:9e:3d:c7:9c:2c:
93:5a:de:43:cd:3b:1f:8f:5c:15:9b:78:5c:69:fa:
d2:9d:a3:f1:7e:ba:be:d8:59:4e:05:ab:7a:08:d3:
30:d7:72:b9:5b:2c:c0:b6:86:ec:45:c4:77:7e:80:
60:3a:21:12:7a:81:48:cf:5f:6c:a6:65:00:ca:01:
d6:b1:75:19:22:9f:ce:e0:d5:65:77:a4:71:0b:06:
fa:14:37:3e:e8:d8:4f:07:3a:8e:c7:ff:92:d6:e6:
87:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:79:2D:5A:3A:15:6D:E9:22:EC:B5:68:1D:63:94:1B:7E:6B:05:AA
X509v3 Authority Key Identifier:
keyid:6F:0D:7A:0E:B5:CA:54:95:90:A4:06:BC:69:3D:F1:E8:D2:CB:AE:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bw16DrXKVJWQpAa8aT3x6NLLrgQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b55c02-347b-42a8-96ae-d179053d8434/1/iXktWjoVbeki7LVoHWOUG35rBao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b55c02-347b-42a8-96ae-d179053d8434/1/bw16DrXKVJWQpAa8aT3x6NLLrgQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.20.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:90:3c:c9:ec:59:05:6f:61:e1:4c:5d:6b:c6:2e:a7:d8:4a:
0c:1e:29:a3:49:ab:4b:18:ac:7e:22:88:93:b1:4d:9a:c5:57:
9a:88:a9:83:65:64:56:9b:31:45:93:e5:8c:3d:be:76:e4:be:
14:91:58:9f:e6:b9:b4:f6:51:39:7c:0c:0e:4d:b4:a3:85:fb:
f8:d6:14:fa:af:ef:77:8b:10:2f:73:5c:ee:c4:b8:e1:0a:da:
12:ad:83:a6:8a:b7:a2:4d:b5:49:6b:2e:ce:f8:03:dd:e9:96:
1e:e8:14:c5:4b:1b:ad:a4:88:b5:7a:d9:e7:3e:84:8a:56:db:
99:a0:a4:ce:4c:a1:b4:fc:60:4c:fe:f2:6e:48:59:5f:f1:f2:
18:57:79:11:19:98:15:0c:18:88:69:77:20:6f:b4:be:97:d1:
fe:a0:bb:8c:a6:5f:be:40:d3:4d:31:72:f2:f0:7a:87:c4:c6:
3e:d9:e6:bc:fe:29:1d:af:57:1a:11:ba:29:1b:b0:32:f0:d3:
7a:f3:43:9e:ed:a4:5e:8d:9c:48:51:73:93:8a:18:39:02:70:
b5:db:51:6d:93:a4:c8:9c:8e:64:58:d8:5e:89:d1:49:13:64:
7d:63:f7:e4:0e:e1:b0:dc:ed:a4:42:48:e4:79:18:fa:e6:cd:
f4:4f:03:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYXvB5FV4YxEk6uCZF4HdDTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMGQ3YTBlYjVjYTU0OTU5MGE0MDZiYzY5M2RmMWU4ZDJj
YmFlMDQwHhcNMjMwMjAzMTQ0NDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTc5MmQ1YTNhMTU2ZGU5MjJlY2I1NjgxZDYzOTQxYjdlNmIwNWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofGo+273biICZoth8oyiMsxBC+kN
mnx7wmvlZBS/J0s8g6LH9oPlc5bo57wOIXu6PQtPFHLrZfaohwYOnnQrJ5qSgH9A
sDHQXiFo+H9T8UvD2vQENSBR/CRC4fOwbnlzGqbKZ5h1NH1cAUBVPKIQQTRfzM+e
UtR6O4sdVMREk4Gqy/aPq3cbrdikmOUydowY6eyvzqKKuel93QvRSVoFnj3HnCyT
Wt5DzTsfj1wVm3hcafrSnaPxfrq+2FlOBat6CNMw13K5WyzAtobsRcR3foBgOiES
eoFIz19spmUAygHWsXUZIp/O4NVld6RxCwb6FDc+6NhPBzqOx/+S1uaHswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIl5LVo6FW3pIuy1aB1jlBt+awWqMB8GA1UdIwQY
MBaAFG8Neg61ylSVkKQGvGk98ejSy64EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYncxNkRyWEtWSldRcEFhOGFUM3g2TkxMcmdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9iNTVjMDItMzQ3Yi00MmE4LTk2YWUt
ZDE3OTA1M2Q4NDM0LzEvaVhrdFdqb1ZiZWtpN0xWb0hXT1VHMzVyQmFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9iNTVjMDItMzQ3Yi00MmE4LTk2YWUtZDE3OTA1M2Q4NDM0
LzEvYncxNkRyWEtWSldRcEFhOGFUM3g2TkxMcmdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWMUMA0G
CSqGSIb3DQEBCwUAA4IBAQC5kDzJ7FkFb2HhTF1rxi6n2EoMHimjSatLGKx+IoiT
sU2axVeaiKmDZWRWmzFFk+WMPb525L4UkVif5rm09lE5fAwOTbSjhfv41hT6r+93
ixAvc1zuxLjhCtoSrYOmireiTbVJay7O+APd6ZYe6BTFSxutpIi1etnnPoSKVtuZ
oKTOTKG0/GBM/vJuSFlf8fIYV3kRGZgVDBiIaXcgb7S+l9H+oLuMpl++QNNNMXLy
8HqHxMY+2ea8/ikdr1caEbopG7Ay8NN680Oe7aRejZxIUXOTihg5AnC121Ftk6TI
nI5kWNheidFJE2R9Y/fkDuGw3O2kQkjkeRj65s30TwNd
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:11 2025 by rpki-client