Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/98c609-07fa-4e2b-b476-6a29bc9f8a78/1/hnNizGmD5_kLKz6dLya2VuA4UIw.roa
File: hnNizGmD5_kLKz6dLya2VuA4UIw.roa (raw, json)
Hash identifier: jIIE53bnDtwqS2dFWJrfKRkElyY5vTQ/kFSnuPVB9e8=
Subject key identifier: 86:73:62:CC:69:83:E7:F9:0B:2B:3E:9D:2F:26:B6:56:E0:38:50:8C
Certificate issuer: /CN=a6a88b0887c32de5966f81ff915d6b5ff31532dd
Certificate serial: 019427B68DA4813A0D39CC98935B29ED4D37
Authority key identifier: A6:A8:8B:08:87:C3:2D:E5:96:6F:81:FF:91:5D:6B:5F:F3:15:32:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pqiLCIfDLeWWb4H_kV1rX_MVMt0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/98c609-07fa-4e2b-b476-6a29bc9f8a78/1/hnNizGmD5_kLKz6dLya2VuA4UIw.roa
Signing time: Thu 02 Jan 2025 15:51:02 +0000
ROA not before: Thu 02 Jan 2025 15:51:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206730
IP address blocks: 185.166.48.0/22 maxlen: 22
2a0a:8a00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:8d:a4:81:3a:0d:39:cc:98:93:5b:29:ed:4d:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6a88b0887c32de5966f81ff915d6b5ff31532dd
Validity
Not Before: Jan 2 15:51:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=867362cc6983e7f90b2b3e9d2f26b656e038508c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a6:10:ec:7d:94:e8:18:25:2b:4a:b0:62:c8:
c3:ae:6e:e8:66:44:18:cd:d7:e3:54:66:68:40:c3:
b7:8f:a0:14:c8:07:5f:b9:5a:91:c3:ce:98:53:25:
5a:35:da:fa:cb:87:00:d0:53:f0:56:60:31:26:8d:
cf:00:0c:57:8c:fd:85:20:92:53:f5:b3:ad:5f:10:
cc:7e:60:32:21:fe:06:fe:0c:c2:88:fe:7d:40:4f:
06:2f:2f:03:f7:04:23:1f:a6:c4:31:83:2c:19:4e:
f1:f8:58:7f:8d:b0:59:5b:1d:91:19:21:77:a8:0e:
76:24:58:5f:4f:47:12:59:7e:28:3a:57:32:fa:4f:
01:ee:b4:a9:63:db:c5:5f:82:63:07:37:f4:8a:91:
97:8f:16:ca:5b:28:48:39:85:65:b7:b4:8d:9e:a1:
c3:d2:ff:10:f8:d0:ac:20:f6:8b:71:8d:ed:2c:73:
f7:b7:7a:f5:df:c8:ff:fd:14:54:a5:71:21:43:01:
05:11:e4:ab:de:df:54:c4:76:51:14:34:24:c8:8e:
e5:b5:d1:42:25:07:c9:08:4d:11:14:d4:13:24:17:
4b:e0:43:eb:bb:be:64:32:0f:a6:db:a0:b6:fa:a6:
65:ed:b7:23:78:2f:33:57:01:8c:f7:c9:ca:16:3a:
f3:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:73:62:CC:69:83:E7:F9:0B:2B:3E:9D:2F:26:B6:56:E0:38:50:8C
X509v3 Authority Key Identifier:
keyid:A6:A8:8B:08:87:C3:2D:E5:96:6F:81:FF:91:5D:6B:5F:F3:15:32:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pqiLCIfDLeWWb4H_kV1rX_MVMt0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/98c609-07fa-4e2b-b476-6a29bc9f8a78/1/hnNizGmD5_kLKz6dLya2VuA4UIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/98c609-07fa-4e2b-b476-6a29bc9f8a78/1/pqiLCIfDLeWWb4H_kV1rX_MVMt0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.48.0/22
IPv6:
2a0a:8a00::/32
Signature Algorithm: sha256WithRSAEncryption
5e:60:6f:5d:0e:83:21:48:fd:9c:e2:df:90:34:8f:88:2f:81:
89:6b:9f:3a:50:dc:cd:ca:59:b7:1b:00:82:81:1a:32:79:9b:
93:5e:8e:f6:88:9e:5e:fb:06:cc:04:17:79:cf:30:29:8a:be:
6a:7e:19:4d:7d:68:91:74:26:90:a8:6c:94:1c:a3:1f:59:0d:
a4:59:76:42:8d:68:4f:a2:ae:21:2e:fb:a4:67:04:f0:82:c5:
7d:7b:7b:d8:47:04:87:78:88:45:68:f9:83:01:54:b1:02:7f:
b5:3f:46:0b:b1:8e:ad:f9:ab:29:41:66:7e:52:94:1d:e1:a5:
7d:65:13:00:0f:41:31:b4:d9:ef:d1:7d:25:a1:c1:98:eb:df:
2e:a2:75:16:f5:54:3a:aa:0f:e7:79:5c:b3:0f:da:a7:5b:78:
d1:bc:6c:31:d5:0e:f1:3c:5e:92:8e:c5:d4:a4:01:06:f4:fe:
bf:da:5e:44:95:e0:2a:c9:51:3d:59:2d:41:44:6e:14:d2:7d:
2e:d0:74:6c:1b:ca:56:45:0a:7e:e7:54:a8:aa:c3:29:15:49:
84:ec:89:57:c0:0f:63:a5:a0:62:15:90:fc:ce:29:e5:93:43:
99:db:2d:af:35:0e:92:16:e7:00:cd:8c:87:5f:17:50:f4:e2:
5e:0f:34:28
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnto2kgToNOcyYk1sp7U03MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2YTg4YjA4ODdjMzJkZTU5NjZmODFmZjkxNWQ2YjVmZjMx
NTMyZGQwHhcNMjUwMTAyMTU1MTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjczNjJjYzY5ODNlN2Y5MGIyYjNlOWQyZjI2YjY1NmUwMzg1MDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKYQ7H2U6BglK0qwYsjDrm7oZkQY
zdfjVGZoQMO3j6AUyAdfuVqRw86YUyVaNdr6y4cA0FPwVmAxJo3PAAxXjP2FIJJT
9bOtXxDMfmAyIf4G/gzCiP59QE8GLy8D9wQjH6bEMYMsGU7x+Fh/jbBZWx2RGSF3
qA52JFhfT0cSWX4oOlcy+k8B7rSpY9vFX4JjBzf0ipGXjxbKWyhIOYVlt7SNnqHD
0v8Q+NCsIPaLcY3tLHP3t3r138j//RRUpXEhQwEFEeSr3t9UxHZRFDQkyI7ltdFC
JQfJCE0RFNQTJBdL4EPru75kMg+m26C2+qZl7bcjeC8zVwGM98nKFjrzrQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIZzYsxpg+f5Cys+nS8mtlbgOFCMMB8GA1UdIwQY
MBaAFKaoiwiHwy3llm+B/5Fda1/zFTLdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHFpTENJZkRMZVdXYjRIX2tWMXJYX01WTXQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi85OGM2MDktMDdmYS00ZTJiLWI0NzYt
NmEyOWJjOWY4YTc4LzEvaG5OaXpHbUQ1X2tMS3o2ZEx5YTJWdUE0VUl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi85OGM2MDktMDdmYS00ZTJiLWI0NzYtNmEyOWJjOWY4YTc4
LzEvcHFpTENJZkRMZVdXYjRIX2tWMXJYX01WTXQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaYwMA0E
AgACMAcDBQAqCooAMA0GCSqGSIb3DQEBCwUAA4IBAQBeYG9dDoMhSP2c4t+QNI+I
L4GJa586UNzNylm3GwCCgRoyeZuTXo72iJ5e+wbMBBd5zzApir5qfhlNfWiRdCaQ
qGyUHKMfWQ2kWXZCjWhPoq4hLvukZwTwgsV9e3vYRwSHeIhFaPmDAVSxAn+1P0YL
sY6t+aspQWZ+UpQd4aV9ZRMAD0ExtNnv0X0locGY698uonUW9VQ6qg/neVyzD9qn
W3jRvGwx1Q7xPF6SjsXUpAEG9P6/2l5EleAqyVE9WS1BRG4U0n0u0HRsG8pWRQp+
51SoqsMpFUmE7IlXwA9jpaBiFZD8zinlk0OZ2y2vNQ6SFucAzYyHXxdQ9OJeDzQo
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:35:08 2025 by rpki-client