Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/b55c02-347b-42a8-96ae-d179053d8434/1/u_SNgmhpowraxWoRmNIzcFAEDwQ.roa
File: u_SNgmhpowraxWoRmNIzcFAEDwQ.roa (raw, json)
Hash identifier: 7vKgOvo/gJWKeMJHbaOsoVJoqjXHa92kE0J609O5IXU=
Subject key identifier: BB:F4:8D:82:68:69:A3:0A:DA:C5:6A:11:98:D2:33:70:50:04:0F:04
Certificate issuer: /CN=6f0d7a0eb5ca549590a406bc693df1e8d2cbae04
Certificate serial: 01856F0B3B76EBEF90A147488DBDDF7C1712
Authority key identifier: 6F:0D:7A:0E:B5:CA:54:95:90:A4:06:BC:69:3D:F1:E8:D2:CB:AE:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bw16DrXKVJWQpAa8aT3x6NLLrgQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/b55c02-347b-42a8-96ae-d179053d8434/1/u_SNgmhpowraxWoRmNIzcFAEDwQ.roa
Signing time: Sun 01 Jan 2023 20:34:45 +0000
ROA not before: Sun 01 Jan 2023 20:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.99.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:3b:76:eb:ef:90:a1:47:48:8d:bd:df:7c:17:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f0d7a0eb5ca549590a406bc693df1e8d2cbae04
Validity
Not Before: Jan 1 20:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbf48d826869a30adac56a1198d2337050040f04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:cb:6e:54:d2:7d:29:32:a0:88:bd:49:20:9a:
08:68:df:4a:d9:6b:8e:e1:b4:7f:a0:0d:64:44:1e:
be:1a:6b:88:13:47:b8:3d:20:8a:ed:b0:30:6c:97:
51:a4:e9:0e:42:62:a0:da:3d:af:1c:8b:d6:96:cc:
52:48:62:4f:52:34:96:2a:4f:1c:90:ed:5f:e7:4f:
5c:4e:26:5a:f6:ea:75:84:e7:d6:fa:cc:d6:f3:ac:
7c:4e:4e:f5:73:22:70:7e:ff:9f:34:b7:1e:5c:ad:
f3:36:73:8a:53:cf:07:0b:42:b1:78:7f:37:84:8e:
7c:ab:76:14:d4:11:be:60:c3:ec:be:ad:2b:a3:7c:
09:58:24:f4:f2:4b:2d:07:0a:42:e7:1f:05:e6:6a:
d2:94:cb:d3:ee:df:82:28:98:3f:93:9f:68:55:27:
9f:99:d5:cd:32:a5:e8:4e:0f:3e:ea:5a:49:d8:81:
3c:b1:02:57:78:c6:1b:78:1e:ab:de:e3:35:bc:0d:
6f:d9:48:4d:75:38:97:67:18:8d:aa:1b:31:93:11:
47:88:d1:75:ad:3e:c3:87:9f:c3:c3:c1:05:29:4f:
d9:74:72:81:7d:4d:1a:1d:41:c7:24:18:41:98:9a:
7e:d8:45:d1:b1:4d:61:1d:ab:e5:a3:15:91:18:2e:
0a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:F4:8D:82:68:69:A3:0A:DA:C5:6A:11:98:D2:33:70:50:04:0F:04
X509v3 Authority Key Identifier:
keyid:6F:0D:7A:0E:B5:CA:54:95:90:A4:06:BC:69:3D:F1:E8:D2:CB:AE:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bw16DrXKVJWQpAa8aT3x6NLLrgQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b55c02-347b-42a8-96ae-d179053d8434/1/u_SNgmhpowraxWoRmNIzcFAEDwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b55c02-347b-42a8-96ae-d179053d8434/1/bw16DrXKVJWQpAa8aT3x6NLLrgQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.20.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:0b:7f:90:f1:cd:79:00:23:1f:6d:af:f2:c9:e9:2d:58:69:
92:a1:1d:55:e4:58:56:e0:d9:89:c7:26:bb:de:75:93:9d:75:
63:bf:d7:4b:cc:8e:5e:c6:f6:f7:ed:4f:94:cb:e7:f8:6e:9e:
ee:ad:7b:d4:2d:64:43:16:a0:7d:45:53:01:46:79:29:10:50:
ad:87:c1:64:c0:b9:10:40:4c:e7:d8:03:fd:7c:46:f8:75:b1:
bc:fe:97:f1:97:8f:fa:d9:f8:79:17:8d:d5:e2:ce:a3:19:40:
2c:1f:92:9d:6b:ae:0e:51:c1:a3:cc:b6:20:28:76:52:7c:c1:
27:9b:33:ed:ea:2f:4e:ab:62:25:a8:d6:4a:42:04:4a:e3:4f:
7e:16:51:b5:07:1a:4b:1f:e6:e5:c7:95:3d:f9:13:bb:76:95:
d8:36:9c:d4:51:68:11:eb:5b:96:ab:db:06:2a:0d:68:85:1a:
fa:98:77:78:47:ef:79:18:52:ce:14:68:bf:df:f8:37:d6:e3:
b3:a0:8e:74:70:f6:f6:21:6f:f8:b9:a5:8a:22:74:10:60:76:
0f:35:f6:f7:73:78:c6:f7:e7:1d:d4:ff:ad:56:a9:da:48:13:
49:bf:0b:75:e2:dd:6f:37:a3:8d:39:86:e2:d2:96:af:d5:53:
3d:87:f9:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvCzt26++QoUdIjb3ffBcSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMGQ3YTBlYjVjYTU0OTU5MGE0MDZiYzY5M2RmMWU4ZDJj
YmFlMDQwHhcNMjMwMTAxMjAzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmY0OGQ4MjY4NjlhMzBhZGFjNTZhMTE5OGQyMzM3MDUwMDQwZjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMtuVNJ9KTKgiL1JIJoIaN9K2WuO
4bR/oA1kRB6+GmuIE0e4PSCK7bAwbJdRpOkOQmKg2j2vHIvWlsxSSGJPUjSWKk8c
kO1f509cTiZa9up1hOfW+szW86x8Tk71cyJwfv+fNLceXK3zNnOKU88HC0KxeH83
hI58q3YU1BG+YMPsvq0ro3wJWCT08kstBwpC5x8F5mrSlMvT7t+CKJg/k59oVSef
mdXNMqXoTg8+6lpJ2IE8sQJXeMYbeB6r3uM1vA1v2UhNdTiXZxiNqhsxkxFHiNF1
rT7Dh5/Dw8EFKU/ZdHKBfU0aHUHHJBhBmJp+2EXRsU1hHavloxWRGC4KwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLv0jYJoaaMK2sVqEZjSM3BQBA8EMB8GA1UdIwQY
MBaAFG8Neg61ylSVkKQGvGk98ejSy64EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYncxNkRyWEtWSldRcEFhOGFUM3g2TkxMcmdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9iNTVjMDItMzQ3Yi00MmE4LTk2YWUt
ZDE3OTA1M2Q4NDM0LzEvdV9TTmdtaHBvd3JheFdvUm1OSXpjRkFFRHdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9iNTVjMDItMzQ3Yi00MmE4LTk2YWUtZDE3OTA1M2Q4NDM0
LzEvYncxNkRyWEtWSldRcEFhOGFUM3g2TkxMcmdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWMUMA0G
CSqGSIb3DQEBCwUAA4IBAQCmC3+Q8c15ACMfba/yyektWGmSoR1V5FhW4NmJxya7
3nWTnXVjv9dLzI5exvb37U+Uy+f4bp7urXvULWRDFqB9RVMBRnkpEFCth8FkwLkQ
QEzn2AP9fEb4dbG8/pfxl4/62fh5F43V4s6jGUAsH5Kda64OUcGjzLYgKHZSfMEn
mzPt6i9Oq2IlqNZKQgRK409+FlG1BxpLH+blx5U9+RO7dpXYNpzUUWgR61uWq9sG
Kg1ohRr6mHd4R+95GFLOFGi/3/g31uOzoI50cPb2IW/4uaWKInQQYHYPNfb3c3jG
9+cd1P+tVqnaSBNJvwt14t1vN6ONOYbi0pav1VM9h/kx
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:09 2025 by rpki-client