Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/02cb5f-c669-4fb0-92e5-4836bad61ba2/1/IMit99-c4kzRShCuJ147YO5UWo0.roa
File: IMit99-c4kzRShCuJ147YO5UWo0.roa (raw, json)
Hash identifier: 9dapAZJCQhzMt/78oYZ3JZ9gCHzFZUtkwamw9T+crFQ=
Subject key identifier: 20:C8:AD:F7:DF:9C:E2:4C:D1:4A:10:AE:27:5E:3B:60:EE:54:5A:8D
Certificate issuer: /CN=caf44942a29fac612cd44f83ad317a1c0f5b8eea
Certificate serial: 018746A75A0CCC68A5AC3F41E94425DA4355
Authority key identifier: CA:F4:49:42:A2:9F:AC:61:2C:D4:4F:83:AD:31:7A:1C:0F:5B:8E:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yvRJQqKfrGEs1E-DrTF6HA9bjuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/02cb5f-c669-4fb0-92e5-4836bad61ba2/1/IMit99-c4kzRShCuJ147YO5UWo0.roa
Signing time: Mon 03 Apr 2023 10:26:25 +0000
ROA not before: Mon 03 Apr 2023 10:26:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212835
IP address blocks: 185.136.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:46:a7:5a:0c:cc:68:a5:ac:3f:41:e9:44:25:da:43:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caf44942a29fac612cd44f83ad317a1c0f5b8eea
Validity
Not Before: Apr 3 10:26:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20c8adf7df9ce24cd14a10ae275e3b60ee545a8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:9f:d7:ec:f0:89:14:38:66:1b:7d:42:3b:0e:
91:88:70:d3:1c:7b:34:eb:f2:2b:e9:1d:8f:02:94:
ce:0b:fb:a2:9c:ff:5b:e1:c3:22:c1:05:de:31:91:
b8:8f:98:f7:37:89:2f:89:58:3c:e5:17:41:79:1a:
66:96:34:2f:ae:a9:27:d9:42:d0:ad:eb:8d:8b:34:
f3:ef:ec:8c:6b:56:d6:bc:60:6f:48:13:f9:a7:32:
4e:32:85:00:8d:be:e0:dd:fa:19:c7:3e:fc:50:39:
f0:03:75:78:c5:0f:fc:20:a3:e7:03:b1:03:54:ef:
50:f2:e9:c8:9b:3b:8a:fc:c6:cd:8f:79:e4:ff:21:
81:e9:fa:a3:92:5c:86:34:a8:67:ad:9a:21:97:cc:
08:bd:55:9b:96:a9:d0:e8:6b:53:57:5f:ff:1b:f4:
82:4b:ff:26:57:84:0d:63:a5:b0:19:37:61:d0:b6:
bf:d4:60:d8:05:27:83:dc:c5:7d:42:f5:c7:0b:53:
28:d9:3b:5d:4a:67:4c:d0:1a:22:28:75:46:09:d8:
71:bf:e7:b5:1e:47:bf:78:f3:c4:41:1f:9c:a3:ff:
cb:30:69:0f:a8:88:75:ef:17:f4:1c:8a:d7:7e:02:
23:ed:d3:be:cb:9a:4c:59:9d:dc:2c:7c:2e:25:8f:
f4:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:C8:AD:F7:DF:9C:E2:4C:D1:4A:10:AE:27:5E:3B:60:EE:54:5A:8D
X509v3 Authority Key Identifier:
keyid:CA:F4:49:42:A2:9F:AC:61:2C:D4:4F:83:AD:31:7A:1C:0F:5B:8E:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yvRJQqKfrGEs1E-DrTF6HA9bjuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/02cb5f-c669-4fb0-92e5-4836bad61ba2/1/IMit99-c4kzRShCuJ147YO5UWo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/02cb5f-c669-4fb0-92e5-4836bad61ba2/1/yvRJQqKfrGEs1E-DrTF6HA9bjuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.135.0/24
Signature Algorithm: sha256WithRSAEncryption
17:54:e1:bb:a5:82:a8:c6:51:a4:66:5a:cb:4e:ba:61:a0:6b:
e8:ea:65:51:d8:b8:21:b8:90:9e:34:d3:d6:3f:1f:d3:9a:cc:
54:50:18:59:32:7a:0a:cf:4a:ac:e3:5d:59:7d:8f:02:98:01:
e6:34:35:0f:2b:83:22:91:fe:37:da:64:2c:fc:e3:96:ac:be:
d3:44:95:77:d8:e3:fc:ea:f7:c7:90:df:5a:38:66:3c:de:84:
25:b5:97:f7:a5:69:fa:6b:d4:d8:0a:40:bf:1a:fb:d2:b5:86:
59:b4:22:8a:47:a4:02:d7:58:ed:59:61:d1:3b:90:97:29:5d:
0b:4f:db:35:6b:b3:30:4e:ce:05:b0:3b:a1:b6:7c:ac:e7:59:
1e:5c:4b:ee:f6:9f:4c:11:a1:fb:4f:18:c5:8b:e0:2a:bc:f1:
31:79:74:7a:82:2f:e6:dc:8b:c7:c2:be:8b:bb:9f:59:4e:e9:
1e:45:25:5a:87:dd:20:a6:4a:b1:ab:e4:00:5e:78:5b:30:c9:
f8:00:75:e7:0e:44:a8:3c:9f:1e:3e:d4:56:45:d3:02:7c:f0:
b6:cc:69:7c:d4:75:1b:27:91:ff:da:ea:42:2d:f3:84:43:e6:
da:91:19:41:ef:1e:f4:5a:06:fd:5f:47:6d:d2:56:94:a0:2f:
f2:50:a8:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdGp1oMzGilrD9B6UQl2kNVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZjQ0OTQyYTI5ZmFjNjEyY2Q0NGY4M2FkMzE3YTFjMGY1
YjhlZWEwHhcNMjMwNDAzMTAyNjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGM4YWRmN2RmOWNlMjRjZDE0YTEwYWUyNzVlM2I2MGVlNTQ1YThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5/X7PCJFDhmG31COw6RiHDTHHs0
6/Ir6R2PApTOC/uinP9b4cMiwQXeMZG4j5j3N4kviVg85RdBeRpmljQvrqkn2ULQ
reuNizTz7+yMa1bWvGBvSBP5pzJOMoUAjb7g3foZxz78UDnwA3V4xQ/8IKPnA7ED
VO9Q8unImzuK/MbNj3nk/yGB6fqjklyGNKhnrZohl8wIvVWblqnQ6GtTV1//G/SC
S/8mV4QNY6WwGTdh0La/1GDYBSeD3MV9QvXHC1Mo2TtdSmdM0BoiKHVGCdhxv+e1
Hke/ePPEQR+co//LMGkPqIh17xf0HIrXfgIj7dO+y5pMWZ3cLHwuJY/0RwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCDIrfffnOJM0UoQrideO2DuVFqNMB8GA1UdIwQY
MBaAFMr0SUKin6xhLNRPg60xehwPW47qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXZSSlFxS2ZyR0VzMUUtRHJURjZIQTlianVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8wMmNiNWYtYzY2OS00ZmIwLTkyZTUt
NDgzNmJhZDYxYmEyLzEvSU1pdDk5LWM0a3pSU2hDdUoxNDdZTzVVV28wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8wMmNiNWYtYzY2OS00ZmIwLTkyZTUtNDgzNmJhZDYxYmEy
LzEveXZSSlFxS2ZyR0VzMUUtRHJURjZIQTlianVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYiHMA0G
CSqGSIb3DQEBCwUAA4IBAQAXVOG7pYKoxlGkZlrLTrphoGvo6mVR2LghuJCeNNPW
Px/TmsxUUBhZMnoKz0qs411ZfY8CmAHmNDUPK4Mikf432mQs/OOWrL7TRJV32OP8
6vfHkN9aOGY83oQltZf3pWn6a9TYCkC/GvvStYZZtCKKR6QC11jtWWHRO5CXKV0L
T9s1a7MwTs4FsDuhtnys51keXEvu9p9MEaH7TxjFi+AqvPExeXR6gi/m3IvHwr6L
u59ZTukeRSVah90gpkqxq+QAXnhbMMn4AHXnDkSoPJ8ePtRWRdMCfPC2zGl81HUb
J5H/2upCLfOEQ+bakRlB7x70Wgb9X0dt0laUoC/yUKjl
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:16 2025 by rpki-client