Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/4269dc-e8a5-4aa8-9971-e368966dd85f/1/xRxmfUnhI4x__mbPuC0YwktuUhU.roa
File: xRxmfUnhI4x__mbPuC0YwktuUhU.roa (raw, json)
Hash identifier: m6l7tKrKHuBgRpSnccv/rc7SUP8rgAlCEanm0Am9/cI=
Subject key identifier: C5:1C:66:7D:49:E1:23:8C:7F:FE:66:CF:B8:2D:18:C2:4B:6E:52:15
Certificate issuer: /CN=b86611d1d90f0a807b2949f7474d41c3683886dc
Certificate serial: 01856BEEB7562C0D47FA7C2061BC403D2F39
Authority key identifier: B8:66:11:D1:D9:0F:0A:80:7B:29:49:F7:47:4D:41:C3:68:38:86:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uGYR0dkPCoB7KUn3R01Bw2g4htw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/4269dc-e8a5-4aa8-9971-e368966dd85f/1/xRxmfUnhI4x__mbPuC0YwktuUhU.roa
Signing time: Sun 01 Jan 2023 06:04:44 +0000
ROA not before: Sun 01 Jan 2023 06:04:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200507
IP address blocks: 185.98.163.0/24 maxlen: 24
185.98.160.0/22 maxlen: 22
185.98.162.0/24 maxlen: 24
2a01:9200::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ee:b7:56:2c:0d:47:fa:7c:20:61:bc:40:3d:2f:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b86611d1d90f0a807b2949f7474d41c3683886dc
Validity
Not Before: Jan 1 06:04:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c51c667d49e1238c7ffe66cfb82d18c24b6e5215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:01:50:b5:3e:88:e3:1a:14:d9:c9:a0:08:6a:
55:86:2b:0a:1b:78:a5:6d:fe:1f:1c:49:ee:c6:b2:
e4:33:d6:22:4c:5d:87:bc:b0:95:d0:6d:e1:d7:53:
b9:d0:90:ee:76:c4:e7:da:23:0f:b3:d2:d9:66:ab:
ec:6f:d5:f7:4a:d4:38:63:2f:67:8c:93:46:50:05:
d0:4b:0d:e8:fb:73:85:c2:36:82:ab:d9:f3:31:e7:
d0:7c:00:8e:1f:93:52:d7:09:d7:66:99:2c:72:ac:
6a:de:d1:dc:c2:e3:e6:7a:2b:51:f9:58:c8:de:6e:
26:ac:02:dd:58:4b:16:37:a8:08:51:4d:70:59:0f:
5f:ef:d7:45:35:f8:86:9b:04:b1:02:04:f4:03:c2:
ea:f4:87:89:e7:dc:6c:0b:ae:f9:20:19:e7:df:bb:
62:c4:33:72:f6:ff:e5:4a:1c:e3:7f:24:af:aa:1d:
b3:ba:c4:19:bd:55:50:0e:75:83:c2:e0:e0:c7:b7:
ce:db:f9:60:80:2d:66:1a:f6:6e:a2:80:01:74:83:
74:e4:17:72:57:59:bd:bd:62:10:3c:f0:e1:b5:69:
e0:8e:01:6d:63:f7:38:ea:35:04:64:f0:87:9f:23:
30:53:61:71:d4:d3:8d:b1:11:e8:19:b4:f7:4b:ba:
ac:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:1C:66:7D:49:E1:23:8C:7F:FE:66:CF:B8:2D:18:C2:4B:6E:52:15
X509v3 Authority Key Identifier:
keyid:B8:66:11:D1:D9:0F:0A:80:7B:29:49:F7:47:4D:41:C3:68:38:86:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uGYR0dkPCoB7KUn3R01Bw2g4htw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/4269dc-e8a5-4aa8-9971-e368966dd85f/1/xRxmfUnhI4x__mbPuC0YwktuUhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/4269dc-e8a5-4aa8-9971-e368966dd85f/1/uGYR0dkPCoB7KUn3R01Bw2g4htw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.160.0/22
IPv6:
2a01:9200::/32
Signature Algorithm: sha256WithRSAEncryption
00:2f:32:a8:69:a2:73:c7:17:00:8f:32:cb:80:45:34:fb:c5:
b8:1b:e7:f1:ad:79:5b:2e:a9:51:94:5e:58:e4:6a:bf:90:40:
e3:26:7b:fa:2a:26:c6:dd:96:e8:77:ec:9d:c0:63:91:b6:d7:
36:19:d0:bd:d7:63:68:ac:9b:54:29:72:c2:dc:57:8a:20:a5:
a8:05:72:53:13:aa:95:c0:88:56:5f:99:8a:5a:e9:08:6e:b4:
bd:01:bf:14:4a:71:42:de:7e:30:23:e7:c8:2a:44:cd:a7:a7:
33:f7:81:52:fc:5b:ca:1f:7f:ca:33:21:5f:9d:9e:29:95:b2:
f9:60:35:ad:a7:88:ca:97:d1:c0:0d:1e:ec:b9:47:d8:dd:54:
90:31:c7:32:15:5b:55:f3:b7:b5:2e:98:e8:65:0e:52:5e:f7:
c3:cc:6d:df:58:69:51:3c:18:34:04:28:f3:74:ad:b3:ce:b4:
3e:20:18:17:ee:79:3c:5b:71:bc:1b:8d:ad:b6:65:0a:4f:c7:
aa:31:98:14:09:c3:7d:ed:98:37:9b:1d:ec:d9:7f:32:42:cb:
45:b4:09:49:2e:f8:71:d8:1d:1f:34:ab:3b:92:cf:49:fc:9b:
ba:74:e0:59:55:f9:fd:01:a7:31:b2:ad:0d:c6:95:d6:1e:17:
23:82:14:f6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVr7rdWLA1H+nwgYbxAPS85MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NjYxMWQxZDkwZjBhODA3YjI5NDlmNzQ3NGQ0MWMzNjgz
ODg2ZGMwHhcNMjMwMTAxMDYwNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTFjNjY3ZDQ5ZTEyMzhjN2ZmZTY2Y2ZiODJkMThjMjRiNmU1MjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQFQtT6I4xoU2cmgCGpVhisKG3il
bf4fHEnuxrLkM9YiTF2HvLCV0G3h11O50JDudsTn2iMPs9LZZqvsb9X3StQ4Yy9n
jJNGUAXQSw3o+3OFwjaCq9nzMefQfACOH5NS1wnXZpkscqxq3tHcwuPmeitR+VjI
3m4mrALdWEsWN6gIUU1wWQ9f79dFNfiGmwSxAgT0A8Lq9IeJ59xsC675IBnn37ti
xDNy9v/lShzjfySvqh2zusQZvVVQDnWDwuDgx7fO2/lggC1mGvZuooABdIN05Bdy
V1m9vWIQPPDhtWngjgFtY/c46jUEZPCHnyMwU2Fx1NONsRHoGbT3S7qsbQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMUcZn1J4SOMf/5mz7gtGMJLblIVMB8GA1UdIwQY
MBaAFLhmEdHZDwqAeylJ90dNQcNoOIbcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUdZUjBka1BDb0I3S1VuM1IwMUJ3Mmc0aHR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS80MjY5ZGMtZThhNS00YWE4LTk5NzEt
ZTM2ODk2NmRkODVmLzEveFJ4bWZVbmhJNHhfX21iUHVDMFl3a3R1VWhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS80MjY5ZGMtZThhNS00YWE4LTk5NzEtZTM2ODk2NmRkODVm
LzEvdUdZUjBka1BDb0I3S1VuM1IwMUJ3Mmc0aHR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWKgMA0E
AgACMAcDBQAqAZIAMA0GCSqGSIb3DQEBCwUAA4IBAQAALzKoaaJzxxcAjzLLgEU0
+8W4G+fxrXlbLqlRlF5Y5Gq/kEDjJnv6KibG3Zbod+ydwGORttc2GdC912NorJtU
KXLC3FeKIKWoBXJTE6qVwIhWX5mKWukIbrS9Ab8USnFC3n4wI+fIKkTNp6cz94FS
/FvKH3/KMyFfnZ4plbL5YDWtp4jKl9HADR7suUfY3VSQMccyFVtV87e1LpjoZQ5S
XvfDzG3fWGlRPBg0BCjzdK2zzrQ+IBgX7nk8W3G8G42ttmUKT8eqMZgUCcN97Zg3
mx3s2X8yQstFtAlJLvhx2B0fNKs7ks9J/Ju6dOBZVfn9Aacxsq0NxpXWHhcjghT2
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:39:02 2025 by rpki-client