Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/edf795-ec92-40d6-b46d-afb1d85c95a8/1/r2R5T3wDgQqFXXmGOP9fsHezkq8.roa
File: r2R5T3wDgQqFXXmGOP9fsHezkq8.roa (raw, json)
Hash identifier: UEpLQrDQm7yadLcsP+81YUZ5BgMMbDS0STohV0WonHQ=
Subject key identifier: AF:64:79:4F:7C:03:81:0A:85:5D:79:86:38:FF:5F:B0:77:B3:92:AF
Certificate issuer: /CN=056647750bf52f77a9c91c2d6864e871c1aafa9f
Certificate serial: 01863AF89982DE045E4F39E9C4D16EED71E4
Authority key identifier: 05:66:47:75:0B:F5:2F:77:A9:C9:1C:2D:68:64:E8:71:C1:AA:FA:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWZHdQv1L3epyRwtaGToccGq-p8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/edf795-ec92-40d6-b46d-afb1d85c95a8/1/r2R5T3wDgQqFXXmGOP9fsHezkq8.roa
Signing time: Fri 10 Feb 2023 10:56:56 +0000
ROA not before: Fri 10 Feb 2023 10:56:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209529
IP address blocks: 185.228.220.0/22 maxlen: 24
185.228.221.0/24 maxlen: 24
185.228.222.0/23 maxlen: 24
185.228.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3a:f8:99:82:de:04:5e:4f:39:e9:c4:d1:6e:ed:71:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=056647750bf52f77a9c91c2d6864e871c1aafa9f
Validity
Not Before: Feb 10 10:56:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af64794f7c03810a855d798638ff5fb077b392af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:60:4c:47:61:42:37:a2:56:69:ff:2c:c9:e4:
92:df:d3:39:9f:bb:71:64:a9:c3:9c:e3:fb:71:0a:
e7:8e:bc:aa:7c:68:5c:3d:91:d4:de:49:ef:72:0d:
66:87:75:5f:36:91:a3:ba:7d:ca:d7:43:f3:08:e8:
4e:58:4c:87:15:bc:fa:b3:28:e9:2b:de:3b:bf:cb:
79:92:1a:63:24:04:a5:19:a6:1a:ef:3a:cb:81:65:
fa:43:9c:6c:fa:af:14:17:ae:1b:4f:a1:b1:e6:b2:
8d:90:a9:54:0c:95:9d:bd:d5:48:54:ba:74:33:2b:
1f:1c:66:6f:70:27:1b:a0:12:3e:da:75:91:6f:cf:
48:ef:54:90:34:6e:9d:f4:48:4f:12:ab:2f:c1:ef:
9d:de:2c:06:12:b6:b3:2f:c0:c9:4c:7d:4c:3a:6e:
6e:49:ed:e5:71:69:d3:4e:28:93:66:4c:e5:72:96:
6a:03:ff:f0:46:7c:92:ca:03:d3:99:28:1e:20:5d:
b0:10:35:0f:de:38:1c:c6:e0:b1:09:5b:29:ca:68:
e9:17:ff:9e:63:72:eb:5b:0a:fc:27:d2:20:57:16:
d1:7f:93:ce:54:c9:70:54:f0:47:a8:a1:98:c5:6d:
3e:01:71:69:cd:2c:59:8e:fd:33:41:1b:21:28:26:
e3:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:64:79:4F:7C:03:81:0A:85:5D:79:86:38:FF:5F:B0:77:B3:92:AF
X509v3 Authority Key Identifier:
keyid:05:66:47:75:0B:F5:2F:77:A9:C9:1C:2D:68:64:E8:71:C1:AA:FA:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWZHdQv1L3epyRwtaGToccGq-p8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/edf795-ec92-40d6-b46d-afb1d85c95a8/1/r2R5T3wDgQqFXXmGOP9fsHezkq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/edf795-ec92-40d6-b46d-afb1d85c95a8/1/BWZHdQv1L3epyRwtaGToccGq-p8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.220.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:e8:4f:4a:29:e8:64:0b:a3:f7:fd:d3:f5:4d:f9:34:01:49:
9b:7c:fe:7b:66:fb:71:53:b2:a8:29:08:12:6f:8a:39:f7:61:
7b:bd:8a:62:96:53:16:b1:ce:f4:ec:00:1e:7b:58:05:5e:83:
bc:99:42:be:11:16:6e:4f:18:5b:08:f9:cc:14:76:18:c5:ae:
1d:e0:e2:bd:bb:e7:21:9d:e0:6d:8c:7e:f7:18:d7:0b:ec:76:
a9:8b:5e:a5:c4:e4:40:52:94:ec:24:84:59:38:2a:4b:0b:00:
7a:68:a6:ae:01:67:38:70:00:25:6f:ab:36:3a:40:9c:47:e3:
23:75:8b:f0:10:a0:17:0b:2c:a8:05:d0:8d:ac:a8:69:a9:97:
8d:a6:95:a6:27:8f:7d:a2:18:b7:e9:53:c7:e2:43:06:9e:64:
4a:7e:ce:0c:52:40:e6:e7:34:58:85:e7:49:17:9a:4c:d4:7c:
ef:05:b6:3b:7b:22:5c:13:29:9c:12:57:0b:c1:49:34:5d:1c:
f6:99:66:e5:d7:08:a4:8d:9d:61:2c:b3:12:6a:00:79:14:d7:
5d:1d:0f:b1:6c:ab:fc:5a:13:ed:cf:63:4a:63:b5:fb:c1:8d:
b0:2e:3a:f3:73:e0:44:dc:f3:06:88:9a:1f:31:6f:13:b8:78:
72:be:ea:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYY6+JmC3gReTznpxNFu7XHkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NjY0Nzc1MGJmNTJmNzdhOWM5MWMyZDY4NjRlODcxYzFh
YWZhOWYwHhcNMjMwMjEwMTA1NjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjY0Nzk0ZjdjMDM4MTBhODU1ZDc5ODYzOGZmNWZiMDc3YjM5MmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWBMR2FCN6JWaf8syeSS39M5n7tx
ZKnDnOP7cQrnjryqfGhcPZHU3knvcg1mh3VfNpGjun3K10PzCOhOWEyHFbz6syjp
K947v8t5khpjJASlGaYa7zrLgWX6Q5xs+q8UF64bT6Gx5rKNkKlUDJWdvdVIVLp0
MysfHGZvcCcboBI+2nWRb89I71SQNG6d9EhPEqsvwe+d3iwGErazL8DJTH1MOm5u
Se3lcWnTTiiTZkzlcpZqA//wRnySygPTmSgeIF2wEDUP3jgcxuCxCVspymjpF/+e
Y3LrWwr8J9IgVxbRf5POVMlwVPBHqKGYxW0+AXFpzSxZjv0zQRshKCbj9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK9keU98A4EKhV15hjj/X7B3s5KvMB8GA1UdIwQY
MBaAFAVmR3UL9S93qckcLWhk6HHBqvqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldaSGRRdjFMM2VweVJ3dGFHVG9jY0dxLXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9lZGY3OTUtZWM5Mi00MGQ2LWI0NmQt
YWZiMWQ4NWM5NWE4LzEvcjJSNVQzd0RnUXFGWFhtR09QOWZzSGV6a3E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9lZGY3OTUtZWM5Mi00MGQ2LWI0NmQtYWZiMWQ4NWM5NWE4
LzEvQldaSGRRdjFMM2VweVJ3dGFHVG9jY0dxLXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueTcMA0G
CSqGSIb3DQEBCwUAA4IBAQBL6E9KKehkC6P3/dP1Tfk0AUmbfP57ZvtxU7KoKQgS
b4o592F7vYpillMWsc707AAee1gFXoO8mUK+ERZuTxhbCPnMFHYYxa4d4OK9u+ch
neBtjH73GNcL7Hapi16lxORAUpTsJIRZOCpLCwB6aKauAWc4cAAlb6s2OkCcR+Mj
dYvwEKAXCyyoBdCNrKhpqZeNppWmJ499ohi36VPH4kMGnmRKfs4MUkDm5zRYhedJ
F5pM1HzvBbY7eyJcEymcElcLwUk0XRz2mWbl1wikjZ1hLLMSagB5FNddHQ+xbKv8
WhPtz2NKY7X7wY2wLjrzc+BE3PMGiJofMW8TuHhyvuqz
-----END CERTIFICATE-----
Generated at Fri Apr 18 04:28:00 2025 by rpki-client