Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/b8b557-1c44-45cc-97b8-dd872c6204ac/1/1-lMeOSQr3lpF-gLiv7A8g5ay04k.roa
File: 1-lMeOSQr3lpF-gLiv7A8g5ay04k.roa (raw, json)
Hash identifier: sG8tgq/zzWNzht4LP2JiVPnDrLyVgU9NWXDaVDXuza4=
Subject key identifier: FA:53:1E:39:24:2B:DE:5A:45:FA:02:E2:BF:B0:3C:83:96:B2:D3:89
Certificate issuer: /CN=ddff067294eaaa45051beab56c6ff31d4a3c8b4d
Certificate serial: 0181F465F208B0E13A0ED0F4EEF736799817
Authority key identifier: DD:FF:06:72:94:EA:AA:45:05:1B:EA:B5:6C:6F:F3:1D:4A:3C:8B:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3f8GcpTqqkUFG-q1bG_zHUo8i00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/b8b557-1c44-45cc-97b8-dd872c6204ac/1/1-lMeOSQr3lpF-gLiv7A8g5ay04k.roa
Signing time: Tue 12 Jul 2022 21:52:10 +0000
ROA not before: Tue 12 Jul 2022 21:52:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58061
IP address blocks: 185.252.208.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f4:65:f2:08:b0:e1:3a:0e:d0:f4:ee:f7:36:79:98:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddff067294eaaa45051beab56c6ff31d4a3c8b4d
Validity
Not Before: Jul 12 21:52:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa531e39242bde5a45fa02e2bfb03c8396b2d389
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b3:58:52:ee:00:37:34:14:ae:35:1a:94:42:
09:af:02:aa:09:b7:ea:64:22:ac:aa:1d:52:0d:e7:
3d:1b:18:ab:d4:25:13:8b:cb:63:00:cb:67:3e:fc:
89:3a:e6:00:8d:7b:94:38:cc:f3:08:58:86:d7:6e:
0a:23:8d:7b:01:72:ef:3c:66:d6:eb:75:a1:b0:cb:
83:61:49:ee:0c:20:6a:1f:66:d5:b0:a6:55:13:91:
3f:e0:3d:19:eb:b4:ec:00:8a:40:68:0b:8e:b3:ff:
fc:7d:0e:59:4a:48:e7:35:e4:eb:1d:bd:98:7a:ad:
22:ac:85:87:ec:78:09:78:67:d6:b7:81:4f:ef:b7:
d5:d6:93:c5:2e:4e:4c:6a:f3:68:8a:8c:0d:ac:ed:
20:7a:1b:7c:a2:3d:29:28:41:d2:2e:d6:a9:c3:10:
a8:db:c5:11:b0:61:cc:18:ae:b5:5e:1f:b1:99:9c:
27:67:fa:19:88:3f:f0:f1:9d:a6:33:93:70:37:6f:
12:77:a4:a1:fc:db:9c:53:1e:bb:7f:e4:21:d5:df:
47:22:76:57:d5:be:dc:26:b3:90:69:f0:45:2b:82:
9a:52:9a:11:aa:24:d4:fa:a1:3b:5e:4d:5e:c3:92:
a4:f2:c6:7d:30:2a:e1:f0:48:6f:55:75:eb:e3:2f:
c7:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:53:1E:39:24:2B:DE:5A:45:FA:02:E2:BF:B0:3C:83:96:B2:D3:89
X509v3 Authority Key Identifier:
keyid:DD:FF:06:72:94:EA:AA:45:05:1B:EA:B5:6C:6F:F3:1D:4A:3C:8B:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f8GcpTqqkUFG-q1bG_zHUo8i00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/b8b557-1c44-45cc-97b8-dd872c6204ac/1/1-lMeOSQr3lpF-gLiv7A8g5ay04k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/b8b557-1c44-45cc-97b8-dd872c6204ac/1/3f8GcpTqqkUFG-q1bG_zHUo8i00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.208.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:45:70:53:0e:ce:b9:05:b9:c0:00:8b:71:e1:17:c3:a9:f0:
0a:39:61:69:e8:a7:70:88:08:40:39:c5:69:94:44:57:39:ea:
14:7b:45:f3:a6:a4:e9:c4:62:8a:d5:38:1b:7d:56:dc:b4:b8:
65:13:f6:a1:14:c6:03:17:57:db:88:e7:e3:04:05:fa:47:21:
d9:f0:c7:0b:fe:7b:d7:54:20:ca:6b:02:4a:cc:5d:80:45:e5:
ee:7b:39:98:2f:69:b5:00:0c:2c:f1:9e:ed:8b:31:e8:b3:78:
9d:ea:75:eb:7c:f3:5c:5f:71:8d:2e:80:9e:ac:52:56:63:21:
39:d2:b6:da:59:0c:71:2a:d4:b1:cd:ad:5b:32:49:8d:31:4c:
4d:bc:75:c6:93:25:e1:43:ce:c4:51:74:ae:9e:82:00:46:8a:
95:bd:60:d8:82:39:db:0a:40:bc:73:49:93:92:33:64:b0:98:
ee:9c:cf:f4:00:ac:e6:39:fe:f4:6f:44:cb:a5:90:a6:66:27:
7f:08:10:b6:11:de:55:d3:42:64:e3:c6:e9:7f:88:b6:cb:5a:
0f:37:88:f7:99:d0:4d:ca:4a:8f:75:0f:7f:89:9a:b5:d9:56:
06:5e:a3:6c:32:c0:25:15:ef:72:1e:12:f6:58:1e:8c:67:9f:
d1:2f:63:50
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYH0ZfIIsOE6DtD07vc2eZgXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZmYwNjcyOTRlYWFhNDUwNTFiZWFiNTZjNmZmMzFkNGEz
YzhiNGQwHhcNMjIwNzEyMjE1MjEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTUzMWUzOTI0MmJkZTVhNDVmYTAyZTJiZmIwM2M4Mzk2YjJkMzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrNYUu4ANzQUrjUalEIJrwKqCbfq
ZCKsqh1SDec9Gxir1CUTi8tjAMtnPvyJOuYAjXuUOMzzCFiG124KI417AXLvPGbW
63WhsMuDYUnuDCBqH2bVsKZVE5E/4D0Z67TsAIpAaAuOs//8fQ5ZSkjnNeTrHb2Y
eq0irIWH7HgJeGfWt4FP77fV1pPFLk5MavNoiowNrO0geht8oj0pKEHSLtapwxCo
28URsGHMGK61Xh+xmZwnZ/oZiD/w8Z2mM5NwN28Sd6Sh/NucUx67f+Qh1d9HInZX
1b7cJrOQafBFK4KaUpoRqiTU+qE7Xk1ew5Kk8sZ9MCrh8EhvVXXr4y/H8QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPpTHjkkK95aRfoC4r+wPIOWstOJMB8GA1UdIwQY
MBaAFN3/BnKU6qpFBRvqtWxv8x1KPItNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2Y4R2NwVHFxa1VGRy1xMWJHX3pIVW84aTAwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9iOGI1NTctMWM0NC00NWNjLTk3Yjgt
ZGQ4NzJjNjIwNGFjLzEvMS1sTWVPU1FyM2xwRi1nTGl2N0E4ZzVheTA0ay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzkvYjhiNTU3LTFjNDQtNDVjYy05N2I4LWRkODcyYzYyMDRh
Yy8xLzNmOEdjcFRxcWtVRkctcTFiR196SFVvOGkwMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALn80DAN
BgkqhkiG9w0BAQsFAAOCAQEAqkVwUw7OuQW5wACLceEXw6nwCjlhaeincIgIQDnF
aZREVznqFHtF86ak6cRiitU4G31W3LS4ZRP2oRTGAxdX24jn4wQF+kch2fDHC/57
11QgymsCSsxdgEXl7ns5mC9ptQAMLPGe7Ysx6LN4nep163zzXF9xjS6AnqxSVmMh
OdK22lkMcSrUsc2tWzJJjTFMTbx1xpMl4UPOxFF0rp6CAEaKlb1g2II52wpAvHNJ
k5IzZLCY7pzP9ACs5jn+9G9Ey6WQpmYnfwgQthHeVdNCZOPG6X+ItstaDzeI95nQ
TcpKj3UPf4matdlWBl6jbDLAJRXvch4S9lgejGef0S9jUA==
-----END CERTIFICATE-----
Generated at Fri Apr 18 03:05:26 2025 by rpki-client