Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/6758a0-3bb2-475e-a9b8-b909ed202b64/1/a4qoZzyOxfrQE1FiLSBUgkc0L54.roa
File: a4qoZzyOxfrQE1FiLSBUgkc0L54.roa (raw, json)
Hash identifier: 1yPUbA+3o1R5RlmXCRyt7CE/iGn6H28umgGFH50db/U=
Subject key identifier: 6B:8A:A8:67:3C:8E:C5:FA:D0:13:51:62:2D:20:54:82:47:34:2F:9E
Certificate issuer: /CN=8b423e1d72b103070bed579c40597ed20b84c16e
Certificate serial: 01931A43F510617B8FB855B85D56C37F5F19
Authority key identifier: 8B:42:3E:1D:72:B1:03:07:0B:ED:57:9C:40:59:7E:D2:0B:84:C1:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i0I-HXKxAwcL7VecQFl-0guEwW4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/6758a0-3bb2-475e-a9b8-b909ed202b64/1/a4qoZzyOxfrQE1FiLSBUgkc0L54.roa
Signing time: Mon 11 Nov 2024 08:08:01 +0000
ROA not before: Mon 11 Nov 2024 08:08:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214904
IP address blocks: 185.116.148.0/22 maxlen: 22
2a06:7f00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1a:43:f5:10:61:7b:8f:b8:55:b8:5d:56:c3:7f:5f:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b423e1d72b103070bed579c40597ed20b84c16e
Validity
Not Before: Nov 11 08:08:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b8aa8673c8ec5fad01351622d20548247342f9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e9:0f:4f:73:fc:75:01:79:9f:1d:ea:2b:21:
c1:68:00:ea:4f:10:51:45:b3:51:23:bc:60:e9:93:
21:e6:47:6b:f2:f7:aa:1f:59:de:7f:72:23:45:e5:
20:ea:cc:6d:b3:69:2e:49:b0:37:4a:b6:8c:39:58:
13:3b:08:5b:01:6c:0f:56:f6:ff:36:3a:d4:44:95:
1a:22:f3:04:4a:c4:b7:a5:75:91:35:59:b4:70:71:
b8:e5:8d:a1:76:bd:b3:a7:f9:76:f2:e3:32:b1:a2:
f8:9c:4d:76:c1:60:92:da:22:28:c9:c6:90:05:ac:
62:b9:d8:d6:70:3c:c9:bb:3b:01:5d:36:3a:6a:bc:
08:be:df:df:43:4e:53:8c:29:c8:88:da:0e:0b:b7:
2c:5d:45:70:a2:35:17:5d:47:ef:e0:00:bc:92:85:
62:f0:58:ba:42:cd:b4:de:ff:dc:bc:34:57:77:de:
0a:da:20:48:f2:fe:f5:67:93:ae:8e:05:2d:d9:18:
53:56:a5:d4:71:51:93:56:26:fe:83:12:bb:f8:db:
e7:18:e8:33:20:cd:8b:3c:78:69:9c:64:59:b6:a5:
2b:b9:69:b1:41:6e:74:87:46:c6:a9:27:fe:d3:84:
e5:29:10:fa:1d:0c:f8:7c:3a:b6:76:a4:92:22:ea:
76:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:8A:A8:67:3C:8E:C5:FA:D0:13:51:62:2D:20:54:82:47:34:2F:9E
X509v3 Authority Key Identifier:
keyid:8B:42:3E:1D:72:B1:03:07:0B:ED:57:9C:40:59:7E:D2:0B:84:C1:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i0I-HXKxAwcL7VecQFl-0guEwW4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/6758a0-3bb2-475e-a9b8-b909ed202b64/1/a4qoZzyOxfrQE1FiLSBUgkc0L54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/6758a0-3bb2-475e-a9b8-b909ed202b64/1/i0I-HXKxAwcL7VecQFl-0guEwW4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.116.148.0/22
IPv6:
2a06:7f00::/29
Signature Algorithm: sha256WithRSAEncryption
54:13:74:41:c6:a5:e6:3c:38:c2:52:fd:41:44:65:e8:b6:25:
82:c4:6c:0b:76:94:97:1d:3f:e9:ad:35:98:7d:19:45:3a:35:
64:66:90:d6:7a:f3:d6:1b:11:f7:85:3a:fa:c5:11:c7:44:1d:
73:b3:1d:b4:79:3d:64:f9:0f:9e:1c:ea:96:4a:5d:33:7b:39:
cb:37:42:36:49:04:e4:67:13:be:d6:74:a7:45:0e:e1:8f:fb:
76:1c:5d:4c:6b:50:62:4d:b8:cf:34:c6:61:5f:c8:a4:85:9a:
8e:92:d3:0b:94:bb:ec:7e:65:6e:ce:21:4b:a9:57:2c:9a:1b:
9f:6b:e3:40:6e:c9:f8:54:59:0a:9f:37:7f:2f:79:7f:ff:f5:
39:8f:b9:60:d6:92:84:4f:6a:20:5a:8e:c7:b0:7c:bc:08:bc:
78:2d:f2:dc:05:9f:69:fb:a8:59:1f:3a:ba:50:bc:93:4a:6b:
b6:7e:40:00:f1:8d:db:b7:f5:6d:db:9d:d1:58:99:b4:e4:fb:
e0:55:2c:72:b0:ca:7f:27:c8:aa:da:3a:6a:77:36:3d:37:e8:
bf:aa:6d:c1:9d:6f:5e:3c:8b:a8:c6:bf:2f:98:c8:1b:c5:ea:
7c:a2:41:99:6e:8f:49:3f:b7:a8:c4:5c:68:fe:d4:90:f1:2c:
a9:92:ee:b1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZMaQ/UQYXuPuFW4XVbDf18ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNDIzZTFkNzJiMTAzMDcwYmVkNTc5YzQwNTk3ZWQyMGI4
NGMxNmUwHhcNMjQxMTExMDgwODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjhhYTg2NzNjOGVjNWZhZDAxMzUxNjIyZDIwNTQ4MjQ3MzQyZjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+kPT3P8dQF5nx3qKyHBaADqTxBR
RbNRI7xg6ZMh5kdr8veqH1nef3IjReUg6sxts2kuSbA3SraMOVgTOwhbAWwPVvb/
NjrURJUaIvMESsS3pXWRNVm0cHG45Y2hdr2zp/l28uMysaL4nE12wWCS2iIoycaQ
BaxiudjWcDzJuzsBXTY6arwIvt/fQ05TjCnIiNoOC7csXUVwojUXXUfv4AC8koVi
8Fi6Qs203v/cvDRXd94K2iBI8v71Z5OujgUt2RhTVqXUcVGTVib+gxK7+NvnGOgz
IM2LPHhpnGRZtqUruWmxQW50h0bGqSf+04TlKRD6HQz4fDq2dqSSIup2yQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGuKqGc8jsX60BNRYi0gVIJHNC+eMB8GA1UdIwQY
MBaAFItCPh1ysQMHC+1XnEBZftILhMFuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTBJLUhYS3hBd2NMN1ZlY1FGbC0wZ3VFd1c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC82NzU4YTAtM2JiMi00NzVlLWE5Yjgt
YjkwOWVkMjAyYjY0LzEvYTRxb1p6eU94ZnJRRTFGaUxTQlVna2MwTDU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC82NzU4YTAtM2JiMi00NzVlLWE5YjgtYjkwOWVkMjAyYjY0
LzEvaTBJLUhYS3hBd2NMN1ZlY1FGbC0wZ3VFd1c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXSUMA0E
AgACMAcDBQMqBn8AMA0GCSqGSIb3DQEBCwUAA4IBAQBUE3RBxqXmPDjCUv1BRGXo
tiWCxGwLdpSXHT/prTWYfRlFOjVkZpDWevPWGxH3hTr6xRHHRB1zsx20eT1k+Q+e
HOqWSl0zeznLN0I2SQTkZxO+1nSnRQ7hj/t2HF1Ma1BiTbjPNMZhX8ikhZqOktML
lLvsfmVuziFLqVcsmhufa+NAbsn4VFkKnzd/L3l///U5j7lg1pKET2ogWo7HsHy8
CLx4LfLcBZ9p+6hZHzq6ULyTSmu2fkAA8Y3bt/Vt253RWJm05PvgVSxysMp/J8iq
2jpqdzY9N+i/qm3BnW9ePIuoxr8vmMgbxep8okGZbo9JP7eoxFxo/tSQ8Sypku6x
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:44:17 2025 by rpki-client