Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/4Ri9aqWQNtGRe1scHPoV4-c4j2E.roa
File: 4Ri9aqWQNtGRe1scHPoV4-c4j2E.roa (raw, json)
Hash identifier: sx40THP9DY3W+MaAj2uYgK71l4rRcfc/Zzkth2MCT0E=
Subject key identifier: E1:18:BD:6A:A5:90:36:D1:91:7B:5B:1C:1C:FA:15:E3:E7:38:8F:61
Certificate issuer: /CN=28164a5757fdd5725a60844f2ae7ef73b107a4c0
Certificate serial: 0185714C10C86E9545AF20C65A5732276FF2
Authority key identifier: 28:16:4A:57:57:FD:D5:72:5A:60:84:4F:2A:E7:EF:73:B1:07:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/4Ri9aqWQNtGRe1scHPoV4-c4j2E.roa
Signing time: Mon 02 Jan 2023 07:04:48 +0000
ROA not before: Mon 02 Jan 2023 07:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206288
IP address blocks: 185.178.180.0/22 maxlen: 22
2a0a:6780::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:10:c8:6e:95:45:af:20:c6:5a:57:32:27:6f:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28164a5757fdd5725a60844f2ae7ef73b107a4c0
Validity
Not Before: Jan 2 07:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e118bd6aa59036d1917b5b1c1cfa15e3e7388f61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:9c:89:2c:dd:53:bb:7c:76:96:7e:67:f5:71:
85:6d:a6:c2:f4:91:1d:38:14:0f:77:e7:64:83:5d:
53:80:95:cd:fd:36:db:f8:b3:02:1b:72:90:5d:be:
a3:ef:10:b2:cd:3e:b4:8c:4b:aa:d5:6c:35:5d:34:
4c:52:fb:58:18:2b:a9:25:74:47:91:61:52:c6:9e:
be:07:b8:8b:25:ce:73:c2:9c:7d:f9:c2:a4:ec:89:
5c:ce:9b:a6:47:f8:0a:d6:01:d2:f1:d8:cd:98:0f:
3d:21:6d:ad:1d:d1:bf:1d:65:b7:4b:e4:82:f3:1d:
ac:34:75:2d:d7:d6:d7:61:ba:db:0b:ce:ec:8d:4c:
9d:eb:d4:07:58:e0:2b:ab:92:f5:e7:9c:f3:84:4c:
9f:9e:b8:79:51:e0:77:5e:72:d1:2c:3e:2f:6b:be:
44:f5:03:f3:85:97:53:90:8d:22:a9:96:3c:0b:5b:
7e:b7:40:58:91:29:88:9f:23:bf:e9:64:25:aa:a7:
12:b2:1f:1d:37:20:29:ce:8b:01:2c:1b:e5:49:19:
46:66:cd:ab:7a:f4:ff:ce:9f:6b:67:6f:e7:03:cb:
82:87:aa:a9:ac:e5:56:ba:6b:28:93:32:cc:1c:9b:
ca:52:be:71:9d:1e:bf:0b:c4:c2:ab:ac:b6:53:fa:
e3:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:18:BD:6A:A5:90:36:D1:91:7B:5B:1C:1C:FA:15:E3:E7:38:8F:61
X509v3 Authority Key Identifier:
keyid:28:16:4A:57:57:FD:D5:72:5A:60:84:4F:2A:E7:EF:73:B1:07:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/4Ri9aqWQNtGRe1scHPoV4-c4j2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.180.0/22
IPv6:
2a0a:6780::/29
Signature Algorithm: sha256WithRSAEncryption
10:a5:a6:e5:25:6f:f1:84:10:ef:24:72:97:54:cb:25:ae:78:
9a:d9:0f:ad:42:a9:de:86:42:2d:af:c9:0d:ac:af:7a:c4:13:
d4:7f:5c:8c:49:b3:ec:ad:12:61:e2:f3:e8:b8:61:4f:78:32:
84:4d:dd:d5:1a:36:7c:ae:33:20:d7:fc:da:e6:03:d2:2f:fe:
44:37:78:4d:c9:fe:0a:75:97:cd:ac:1e:61:ba:ac:ed:ef:a5:
e7:7f:93:ca:0c:13:c6:5d:ec:70:e0:ff:b6:06:bc:a8:2a:57:
b5:77:05:79:48:4c:b5:21:21:b7:1a:13:3a:06:f5:64:02:23:
d1:a3:5c:43:ca:31:ac:e8:f7:74:63:fb:e1:d6:b0:52:34:a6:
d6:dd:1b:01:51:2c:2e:95:dc:9a:db:81:3d:56:30:3f:41:64:
5e:d7:10:23:1f:5f:f9:2c:07:15:e7:f4:3e:34:b7:e1:b5:5a:
c3:c1:0b:a7:8c:03:2f:f5:46:64:ee:f6:2f:1a:e6:8d:fd:ec:
c3:b6:62:93:2a:49:62:1b:72:12:34:b7:1e:6e:ef:e9:e3:2b:
42:82:99:47:8f:d4:46:12:a9:1e:cd:76:a5:82:77:4f:87:ca:
66:32:b5:60:62:b9:ce:1f:f3:a8:b2:bd:43:3d:e6:c6:34:be:
c6:f5:71:5f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxTBDIbpVFryDGWlcyJ2/yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTY0YTU3NTdmZGQ1NzI1YTYwODQ0ZjJhZTdlZjczYjEw
N2E0YzAwHhcNMjMwMTAyMDcwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTE4YmQ2YWE1OTAzNmQxOTE3YjViMWMxY2ZhMTVlM2U3Mzg4ZjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZyJLN1Tu3x2ln5n9XGFbabC9JEd
OBQPd+dkg11TgJXN/Tbb+LMCG3KQXb6j7xCyzT60jEuq1Ww1XTRMUvtYGCupJXRH
kWFSxp6+B7iLJc5zwpx9+cKk7IlczpumR/gK1gHS8djNmA89IW2tHdG/HWW3S+SC
8x2sNHUt19bXYbrbC87sjUyd69QHWOArq5L155zzhEyfnrh5UeB3XnLRLD4va75E
9QPzhZdTkI0iqZY8C1t+t0BYkSmInyO/6WQlqqcSsh8dNyApzosBLBvlSRlGZs2r
evT/zp9rZ2/nA8uCh6qprOVWumsokzLMHJvKUr5xnR6/C8TCq6y2U/rj/wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOEYvWqlkDbRkXtbHBz6FePnOI9hMB8GA1UdIwQY
MBaAFCgWSldX/dVyWmCETyrn73OxB6TAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NTUzNWItZTYzMC00NTdmLThhMDEt
YWVhZTViYmMzOTIwLzEvNFJpOWFxV1FOdEdSZTFzY0hQb1Y0LWM0ajJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85NTUzNWItZTYzMC00NTdmLThhMDEtYWVhZTViYmMzOTIw
LzEvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubK0MA0E
AgACMAcDBQMqCmeAMA0GCSqGSIb3DQEBCwUAA4IBAQAQpablJW/xhBDvJHKXVMsl
rnia2Q+tQqnehkItr8kNrK96xBPUf1yMSbPsrRJh4vPouGFPeDKETd3VGjZ8rjMg
1/za5gPSL/5EN3hNyf4KdZfNrB5huqzt76Xnf5PKDBPGXexw4P+2BryoKle1dwV5
SEy1ISG3GhM6BvVkAiPRo1xDyjGs6Pd0Y/vh1rBSNKbW3RsBUSwuldya24E9VjA/
QWRe1xAjH1/5LAcV5/Q+NLfhtVrDwQunjAMv9UZk7vYvGuaN/ezDtmKTKkliG3IS
NLcebu/p4ytCgplHj9RGEqkezXalgndPh8pmMrVgYrnOH/Oosr1DPebGNL7G9XFf
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:10 2025 by rpki-client