Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/2Ar5wQQPtLZGC-8EdaXCpCrwF14.roa
File: 2Ar5wQQPtLZGC-8EdaXCpCrwF14.roa (raw, json)
Hash identifier: ZiQ1OOzVf6aVYHnoI3t7U1udCMEF5Az3ADMhtL7qSxY=
Subject key identifier: D8:0A:F9:C1:04:0F:B4:B6:46:0B:EF:04:75:A5:C2:A4:2A:F0:17:5E
Certificate issuer: /CN=66634f14586e399cd3802d9c88b1e67d8ddb03a8
Certificate serial: 018663A2788D786F9A19414B6A83DEC36515
Authority key identifier: 66:63:4F:14:58:6E:39:9C:D3:80:2D:9C:88:B1:E6:7D:8D:DB:03:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZmNPFFhuOZzTgC2ciLHmfY3bA6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/2Ar5wQQPtLZGC-8EdaXCpCrwF14.roa
Signing time: Sat 18 Feb 2023 08:27:17 +0000
ROA not before: Sat 18 Feb 2023 08:27:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41354
IP address blocks: 185.208.88.0/22 maxlen: 24
2a0b:32c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:63:a2:78:8d:78:6f:9a:19:41:4b:6a:83:de:c3:65:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66634f14586e399cd3802d9c88b1e67d8ddb03a8
Validity
Not Before: Feb 18 08:27:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d80af9c1040fb4b6460bef0475a5c2a42af0175e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:fb:3c:1e:26:df:c6:ef:a0:6f:d1:bb:05:dd:
91:0a:14:52:f0:01:75:9f:15:e8:e6:53:b2:3a:df:
ab:72:c1:57:39:e6:67:2f:1f:d6:6f:cc:1b:22:e9:
d0:8f:77:6b:0b:dc:ff:53:98:af:4f:8c:9b:e5:7b:
17:14:b7:e8:1a:e4:5f:c2:61:c0:47:69:2d:1b:f3:
e4:00:86:05:c9:e7:d6:75:ac:1b:d3:3d:f7:b0:f6:
aa:a6:d5:ce:ec:22:95:8b:dd:63:6a:fb:1d:15:a0:
5a:d4:76:7c:d0:dc:69:c0:5d:93:00:e8:f0:e3:13:
c5:08:5d:4e:cd:b5:73:32:42:94:9f:6c:5c:ef:c1:
7f:2f:73:dd:47:c3:13:56:e9:c2:d9:1f:65:e2:e4:
7f:90:87:4d:ef:4c:cb:80:55:87:ce:fa:48:25:d4:
25:92:7b:70:fb:30:db:5b:dc:18:18:38:e4:08:36:
77:ba:59:3b:7d:cc:35:f5:0b:f8:e9:e0:59:59:cc:
c7:9f:21:50:c9:fe:f3:7c:d6:a1:8c:5a:65:e0:c9:
70:96:77:d6:52:4c:8f:5d:75:0d:bb:d8:b8:6a:00:
ba:6f:5d:1d:28:7d:5b:5a:6d:6f:1b:e1:d6:ca:f3:
ec:c3:41:02:42:75:e8:52:21:b0:66:c1:1a:61:1b:
9c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:0A:F9:C1:04:0F:B4:B6:46:0B:EF:04:75:A5:C2:A4:2A:F0:17:5E
X509v3 Authority Key Identifier:
keyid:66:63:4F:14:58:6E:39:9C:D3:80:2D:9C:88:B1:E6:7D:8D:DB:03:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZmNPFFhuOZzTgC2ciLHmfY3bA6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/2Ar5wQQPtLZGC-8EdaXCpCrwF14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/ZmNPFFhuOZzTgC2ciLHmfY3bA6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.88.0/22
IPv6:
2a0b:32c0::/29
Signature Algorithm: sha256WithRSAEncryption
09:62:a4:c9:5b:22:5d:63:b4:c8:e5:46:49:52:d8:37:54:4a:
19:d3:96:44:c7:26:5a:a8:c0:cf:84:02:7a:29:b6:e1:d2:37:
62:28:20:47:7e:59:d0:0b:72:42:df:c3:c3:47:a1:81:df:ec:
fe:bf:2b:cd:96:5a:7c:b8:c4:84:7c:a4:e2:c3:1f:65:80:85:
50:ac:9f:b8:c6:29:35:70:5f:7d:8f:11:67:42:89:42:ce:9d:
e4:f1:e3:e2:17:5e:03:d3:b1:61:d0:81:18:8c:d9:4d:d6:c8:
78:a3:72:22:e0:ff:ad:f8:0f:59:4a:b7:76:2d:ab:f1:27:f1:
2f:40:f7:d9:e2:af:ae:07:a8:99:9e:5f:22:a0:52:6a:74:3e:
35:14:14:0d:12:07:bd:3c:e2:02:46:fa:9d:56:c5:b9:9a:d7:
2c:a1:90:e9:71:14:6a:32:f3:df:ec:f5:0f:da:33:6e:ea:47:
5b:24:4d:1e:e8:9e:b9:18:9c:40:e2:42:93:1a:1b:08:af:95:
8b:ce:06:2b:d2:03:18:6a:cf:39:c8:e3:cd:9c:db:ff:a3:2e:
f9:ed:e7:a5:d8:0a:a8:90:a7:a8:cf:9c:ac:4e:e0:4d:e3:c9:
71:41:da:ab:e3:90:b9:57:45:44:d3:97:38:eb:3b:e3:42:f9:
3d:a4:e5:4f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYZjoniNeG+aGUFLaoPew2UVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NjM0ZjE0NTg2ZTM5OWNkMzgwMmQ5Yzg4YjFlNjdkOGRk
YjAzYTgwHhcNMjMwMjE4MDgyNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODBhZjljMTA0MGZiNGI2NDYwYmVmMDQ3NWE1YzJhNDJhZjAxNzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPs8Hibfxu+gb9G7Bd2RChRS8AF1
nxXo5lOyOt+rcsFXOeZnLx/Wb8wbIunQj3drC9z/U5ivT4yb5XsXFLfoGuRfwmHA
R2ktG/PkAIYFyefWdawb0z33sPaqptXO7CKVi91javsdFaBa1HZ80NxpwF2TAOjw
4xPFCF1OzbVzMkKUn2xc78F/L3PdR8MTVunC2R9l4uR/kIdN70zLgFWHzvpIJdQl
kntw+zDbW9wYGDjkCDZ3ulk7fcw19Qv46eBZWczHnyFQyf7zfNahjFpl4MlwlnfW
UkyPXXUNu9i4agC6b10dKH1bWm1vG+HWyvPsw0ECQnXoUiGwZsEaYRucLwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNgK+cEED7S2RgvvBHWlwqQq8BdeMB8GA1UdIwQY
MBaAFGZjTxRYbjmc04AtnIix5n2N2wOoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm1OUEZGaHVPWnpUZ0MyY2lMSG1mWTNiQTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8yYzJkMzMtYTM2Ny00NDliLTljNDct
MTcxZGI0NjkwYzBhLzEvMkFyNXdRUVB0TFpHQy04RWRhWENwQ3J3RjE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8yYzJkMzMtYTM2Ny00NDliLTljNDctMTcxZGI0NjkwYzBh
LzEvWm1OUEZGaHVPWnpUZ0MyY2lMSG1mWTNiQTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudBYMA0E
AgACMAcDBQMqCzLAMA0GCSqGSIb3DQEBCwUAA4IBAQAJYqTJWyJdY7TI5UZJUtg3
VEoZ05ZExyZaqMDPhAJ6Kbbh0jdiKCBHflnQC3JC38PDR6GB3+z+vyvNllp8uMSE
fKTiwx9lgIVQrJ+4xik1cF99jxFnQolCzp3k8ePiF14D07Fh0IEYjNlN1sh4o3Ii
4P+t+A9ZSrd2LavxJ/EvQPfZ4q+uB6iZnl8ioFJqdD41FBQNEge9POICRvqdVsW5
mtcsoZDpcRRqMvPf7PUP2jNu6kdbJE0e6J65GJxA4kKTGhsIr5WLzgYr0gMYas85
yOPNnNv/oy757eel2AqokKeoz5ysTuBN48lxQdqr45C5V0VE05c46zvjQvk9pOVP
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:36 2025 by rpki-client