Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/2c2e61-7279-483c-8475-9bf19d84220f/1/GBHgZs5smXIHM4FYLqRTdebAY54.roa
File: GBHgZs5smXIHM4FYLqRTdebAY54.roa (raw, json)
Hash identifier: 8eoGRtWR94CvV+AUeQO0MQrawByEe9oxj8H6brsnZqU=
Subject key identifier: 18:11:E0:66:CE:6C:99:72:07:33:81:58:2E:A4:53:75:E6:C0:63:9E
Certificate issuer: /CN=f899aea56f50ff8f4342cbee2af2f288a168c930
Certificate serial: 0194E55685EE201D8E0EC4E978F962176C34
Authority key identifier: F8:99:AE:A5:6F:50:FF:8F:43:42:CB:EE:2A:F2:F2:88:A1:68:C9:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-JmupW9Q_49DQsvuKvLyiKFoyTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/2c2e61-7279-483c-8475-9bf19d84220f/1/GBHgZs5smXIHM4FYLqRTdebAY54.roa
Signing time: Sat 08 Feb 2025 11:34:00 +0000
ROA not before: Sat 08 Feb 2025 11:34:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214123
IP address blocks: 185.183.220.0/24 maxlen: 24
2a0f:4f00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:e5:56:85:ee:20:1d:8e:0e:c4:e9:78:f9:62:17:6c:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f899aea56f50ff8f4342cbee2af2f288a168c930
Validity
Not Before: Feb 8 11:34:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1811e066ce6c9972073381582ea45375e6c0639e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c4:f9:56:94:4e:df:d7:ea:c1:b3:36:b7:01:
c0:c5:6e:b4:2f:67:4a:1b:91:35:d9:08:47:cf:d9:
aa:b5:37:8c:48:03:8b:15:cb:6f:13:05:95:4f:86:
11:7d:17:44:fd:3a:a2:72:b5:dc:6f:74:21:70:66:
87:85:39:77:3e:7d:1f:37:55:26:9d:7f:58:e9:46:
dc:62:23:b2:45:1c:87:7d:32:60:34:3f:97:c7:51:
49:60:90:6d:54:3c:d3:f5:39:3e:c0:a9:35:99:99:
c7:12:23:b5:a5:1b:de:b1:ca:46:c8:53:73:76:61:
2e:2b:4d:08:3b:ca:93:7e:e5:a9:e4:05:cc:62:84:
20:9c:22:65:26:bf:52:2f:07:da:29:82:64:87:de:
68:39:3f:07:cb:1d:88:ee:ce:09:b2:65:d6:22:e5:
a7:79:2b:84:d0:aa:85:b9:5f:ff:7d:d8:73:85:e5:
72:ac:58:28:f4:3e:07:ae:c4:e8:7f:1f:a1:50:bd:
e1:41:f4:6a:0b:3d:cc:c6:61:93:a0:f3:4a:e3:91:
da:42:0e:cf:b9:75:46:b2:05:6a:d4:c3:18:ab:37:
55:58:22:39:82:c6:e0:bd:e3:28:b4:d8:37:6e:cf:
b8:14:8b:6b:97:dd:ef:fd:1c:f1:a4:ef:68:64:95:
83:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:11:E0:66:CE:6C:99:72:07:33:81:58:2E:A4:53:75:E6:C0:63:9E
X509v3 Authority Key Identifier:
keyid:F8:99:AE:A5:6F:50:FF:8F:43:42:CB:EE:2A:F2:F2:88:A1:68:C9:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-JmupW9Q_49DQsvuKvLyiKFoyTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/2c2e61-7279-483c-8475-9bf19d84220f/1/GBHgZs5smXIHM4FYLqRTdebAY54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/2c2e61-7279-483c-8475-9bf19d84220f/1/1-JmupW9Q_49DQsvuKvLyiKFoyTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.183.220.0/24
IPv6:
2a0f:4f00::/29
Signature Algorithm: sha256WithRSAEncryption
36:14:a4:45:e6:79:61:de:4b:7f:45:ca:c2:25:68:0b:c9:27:
5b:b9:d8:ab:ae:9b:11:02:80:46:05:1a:fb:eb:ca:f5:00:af:
45:85:25:b6:28:68:38:b3:3f:28:59:da:44:b1:03:a0:a9:c5:
d4:a4:8c:d3:e3:a6:47:0e:88:c0:4e:bc:bf:73:5b:b3:35:60:
4f:ff:86:3c:89:05:9d:b7:bb:39:49:54:02:2b:61:6f:94:e8:
0b:a3:8d:d6:1a:ee:90:90:e2:01:17:f1:7f:f3:14:52:68:3f:
ed:be:04:88:f1:0d:d1:82:f7:39:b8:17:53:dd:fc:6a:91:68:
1b:52:3a:0b:ea:6f:c8:e0:21:53:ef:bb:3b:f5:00:3b:3e:96:
b8:92:e7:24:03:93:1b:ac:c2:d6:bc:d5:af:49:88:51:bc:59:
b9:21:1a:a5:c8:84:ea:98:d1:2c:db:7b:9e:41:9c:a7:2a:2a:
c8:7f:a7:7c:65:21:63:4e:e7:1e:e2:cf:45:cb:11:d1:ac:a0:
fd:c5:1a:12:9b:6e:99:fb:39:9a:42:21:af:3b:e2:81:49:b6:
f6:ea:31:f0:4e:7d:26:5a:06:fb:10:f2:af:26:64:14:84:43:
d6:bb:34:14:9a:dd:3e:76:25:90:33:6e:4f:a1:22:47:77:1a:
c8:7a:19:3d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZTlVoXuIB2ODsTpePliF2w0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4OTlhZWE1NmY1MGZmOGY0MzQyY2JlZTJhZjJmMjg4YTE2
OGM5MzAwHhcNMjUwMjA4MTEzNDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODExZTA2NmNlNmM5OTcyMDczMzgxNTgyZWE0NTM3NWU2YzA2MzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcT5VpRO39fqwbM2twHAxW60L2dK
G5E12QhHz9mqtTeMSAOLFctvEwWVT4YRfRdE/TqicrXcb3QhcGaHhTl3Pn0fN1Um
nX9Y6UbcYiOyRRyHfTJgND+Xx1FJYJBtVDzT9Tk+wKk1mZnHEiO1pRvescpGyFNz
dmEuK00IO8qTfuWp5AXMYoQgnCJlJr9SLwfaKYJkh95oOT8Hyx2I7s4JsmXWIuWn
eSuE0KqFuV//fdhzheVyrFgo9D4HrsTofx+hUL3hQfRqCz3MxmGToPNK45HaQg7P
uXVGsgVq1MMYqzdVWCI5gsbgveMotNg3bs+4FItrl93v/RzxpO9oZJWDfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBgR4GbObJlyBzOBWC6kU3XmwGOeMB8GA1UdIwQY
MBaAFPiZrqVvUP+PQ0LL7iry8oihaMkwMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1KbXVwVzlRXzQ5RFFzdnVLdkx5aUtGb3lUQS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYvMmMyZTYxLTcyNzktNDgzYy04NDc1
LTliZjE5ZDg0MjIwZi8xL0dCSGdaczVzbVhJSE00RllMcVJUZGViQVk1NC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDYvMmMyZTYxLTcyNzktNDgzYy04NDc1LTliZjE5ZDg0MjIw
Zi8xLzEtSm11cFc5UV80OURRc3Z1S3ZMeWlLRm95VEEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAC5t9ww
DQQCAAIwBwMFAyoPTwAwDQYJKoZIhvcNAQELBQADggEBADYUpEXmeWHeS39FysIl
aAvJJ1u52KuumxECgEYFGvvryvUAr0WFJbYoaDizPyhZ2kSxA6CpxdSkjNPjpkcO
iMBOvL9zW7M1YE//hjyJBZ23uzlJVAIrYW+U6AujjdYa7pCQ4gEX8X/zFFJoP+2+
BIjxDdGC9zm4F1Pd/GqRaBtSOgvqb8jgIVPvuzv1ADs+lriS5yQDkxuswta81a9J
iFG8WbkhGqXIhOqY0Szbe55BnKcqKsh/p3xlIWNO5x7iz0XLEdGsoP3FGhKbbpn7
OZpCIa874oFJtvbqMfBOfSZaBvsQ8q8mZBSEQ9a7NBSa3T52JZAzbk+hIkd3Gsh6
GT0=
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:50:33 2025 by rpki-client