Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/91dd41-0090-4679-9dbf-ee3b581aaa07/1/Ipl2h63w5AtjZQ37S4aGFJ_SPtc.roa
File: Ipl2h63w5AtjZQ37S4aGFJ_SPtc.roa (raw, json)
Hash identifier: XgvThN5mlGEOyQdM8V/OMoTe/OQjt6VzLOaunCUivk8=
Subject key identifier: 22:99:76:87:AD:F0:E4:0B:63:65:0D:FB:4B:86:86:14:9F:D2:3E:D7
Certificate issuer: /CN=3ab79a94103c03e99b5201a798d338865be63574
Certificate serial: 01856E8B530E395DBFAF7FE6B77C0C9C29AF
Authority key identifier: 3A:B7:9A:94:10:3C:03:E9:9B:52:01:A7:98:D3:38:86:5B:E6:35:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OrealBA8A-mbUgGnmNM4hlvmNXQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/91dd41-0090-4679-9dbf-ee3b581aaa07/1/Ipl2h63w5AtjZQ37S4aGFJ_SPtc.roa
Signing time: Sun 01 Jan 2023 18:15:02 +0000
ROA not before: Sun 01 Jan 2023 18:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398464
IP address blocks: 185.140.173.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:53:0e:39:5d:bf:af:7f:e6:b7:7c:0c:9c:29:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ab79a94103c03e99b5201a798d338865be63574
Validity
Not Before: Jan 1 18:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22997687adf0e40b63650dfb4b8686149fd23ed7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4f:75:5e:98:46:d8:ab:3f:dd:d2:76:af:e6:
4c:7a:e7:f3:5e:ca:9c:1d:9f:b9:34:3d:04:d6:3d:
2f:7f:df:58:89:06:fd:ff:77:61:21:8f:dd:d3:38:
9d:97:84:ce:79:e5:4c:2f:1f:aa:4c:87:08:24:80:
2d:40:60:cb:4c:15:ea:1f:af:00:d8:0f:56:ba:09:
6a:84:e7:e9:e5:60:f7:59:17:82:d6:11:d5:42:1a:
67:c4:ba:97:2c:96:59:fd:ae:2f:e9:37:6b:d0:1f:
a5:ea:d4:0a:8f:a0:d5:19:9f:87:a0:cf:52:6f:f9:
96:51:41:df:68:b3:6a:cb:64:82:a0:ea:f5:f6:e4:
68:7a:50:8c:a5:fa:98:75:8a:28:e2:83:73:b2:8f:
50:0a:22:d2:b5:a3:51:aa:bf:a8:b9:d1:23:0a:50:
9c:03:25:a4:8d:3e:c3:a7:46:e9:16:82:80:2b:c4:
de:1d:64:c1:2c:2b:ea:61:96:76:47:34:5a:4b:ef:
48:bb:27:9f:69:60:ee:d6:94:fa:ca:9e:0d:1a:7d:
d6:e7:53:d3:b5:58:fe:50:7d:13:0f:fe:07:c2:16:
e0:79:0a:7e:b0:28:40:75:76:d4:f5:d5:65:f7:ef:
f7:98:62:a7:e7:fd:34:4a:3f:47:07:65:93:5c:04:
d3:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:99:76:87:AD:F0:E4:0B:63:65:0D:FB:4B:86:86:14:9F:D2:3E:D7
X509v3 Authority Key Identifier:
keyid:3A:B7:9A:94:10:3C:03:E9:9B:52:01:A7:98:D3:38:86:5B:E6:35:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OrealBA8A-mbUgGnmNM4hlvmNXQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/91dd41-0090-4679-9dbf-ee3b581aaa07/1/Ipl2h63w5AtjZQ37S4aGFJ_SPtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/91dd41-0090-4679-9dbf-ee3b581aaa07/1/OrealBA8A-mbUgGnmNM4hlvmNXQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.173.0/24
Signature Algorithm: sha256WithRSAEncryption
43:a0:76:2e:a2:62:58:ad:a3:47:84:d8:23:03:45:c6:fd:31:
60:cc:1a:5c:b5:98:f2:20:a0:00:1c:ac:df:b6:20:88:98:28:
91:19:8f:2f:de:4c:a5:a4:aa:df:b7:0c:fc:f6:c8:f8:33:38:
15:55:f1:0a:c3:b5:19:ff:6c:ed:c8:5a:52:2b:6a:90:24:34:
e3:f5:09:8f:f0:28:99:a8:a7:4b:e5:a3:42:e5:40:c7:46:b5:
b3:cf:c6:aa:13:90:86:ba:ec:b2:75:48:f4:b3:6c:7f:5d:ee:
0b:31:8c:bc:47:bc:03:7f:ae:be:12:df:5e:57:21:ae:ab:bf:
57:f0:27:f7:a8:91:8b:4b:dc:07:61:6f:d9:c5:f9:fb:91:09:
b4:6a:49:76:34:c8:f9:99:df:37:06:f8:01:b3:7a:19:01:c9:
83:5a:fe:44:5b:16:70:e2:1a:26:e4:e4:77:3e:c9:87:22:0e:
55:50:73:eb:9d:2f:7a:70:c6:e8:03:30:25:a9:6b:cd:35:23:
db:19:ba:6c:bb:25:04:f4:7e:16:5d:18:8c:ff:b3:39:96:1b:
f3:4c:11:36:62:60:29:10:d5:dc:89:6e:69:30:95:a1:b4:a0:
71:91:2d:de:bd:3b:b8:96:65:6a:4e:3f:c7:68:b4:0e:3f:d1:
c1:cd:29:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVui1MOOV2/r3/mt3wMnCmvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYjc5YTk0MTAzYzAzZTk5YjUyMDFhNzk4ZDMzODg2NWJl
NjM1NzQwHhcNMjMwMTAxMTgxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjk5NzY4N2FkZjBlNDBiNjM2NTBkZmI0Yjg2ODYxNDlmZDIzZWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApk91XphG2Ks/3dJ2r+ZMeufzXsqc
HZ+5ND0E1j0vf99YiQb9/3dhIY/d0zidl4TOeeVMLx+qTIcIJIAtQGDLTBXqH68A
2A9WuglqhOfp5WD3WReC1hHVQhpnxLqXLJZZ/a4v6Tdr0B+l6tQKj6DVGZ+HoM9S
b/mWUUHfaLNqy2SCoOr19uRoelCMpfqYdYoo4oNzso9QCiLStaNRqr+oudEjClCc
AyWkjT7Dp0bpFoKAK8TeHWTBLCvqYZZ2RzRaS+9IuyefaWDu1pT6yp4NGn3W51PT
tVj+UH0TD/4HwhbgeQp+sChAdXbU9dVl9+/3mGKn5/00Sj9HB2WTXATT2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCKZdoet8OQLY2UN+0uGhhSf0j7XMB8GA1UdIwQY
MBaAFDq3mpQQPAPpm1IBp5jTOIZb5jV0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3JlYWxCQThBLW1iVWdHbm1OTTRobHZtTlhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85MWRkNDEtMDA5MC00Njc5LTlkYmYt
ZWUzYjU4MWFhYTA3LzEvSXBsMmg2M3c1QXRqWlEzN1M0YUdGSl9TUHRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85MWRkNDEtMDA5MC00Njc5LTlkYmYtZWUzYjU4MWFhYTA3
LzEvT3JlYWxCQThBLW1iVWdHbm1OTTRobHZtTlhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYytMA0G
CSqGSIb3DQEBCwUAA4IBAQBDoHYuomJYraNHhNgjA0XG/TFgzBpctZjyIKAAHKzf
tiCImCiRGY8v3kylpKrftwz89sj4MzgVVfEKw7UZ/2ztyFpSK2qQJDTj9QmP8CiZ
qKdL5aNC5UDHRrWzz8aqE5CGuuyydUj0s2x/Xe4LMYy8R7wDf66+Et9eVyGuq79X
8Cf3qJGLS9wHYW/Zxfn7kQm0akl2NMj5md83BvgBs3oZAcmDWv5EWxZw4hom5OR3
PsmHIg5VUHPrnS96cMboAzAlqWvNNSPbGbpsuyUE9H4WXRiM/7M5lhvzTBE2YmAp
ENXciW5pMJWhtKBxkS3evTu4lmVqTj/HaLQOP9HBzSlm
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:48:11 2025 by rpki-client