Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/bf0a54-0774-4aa5-a91a-bc36edbdfa05/1/GZbp94mcOyKvLov8sgcxhz7d9Nw.roa
File: GZbp94mcOyKvLov8sgcxhz7d9Nw.roa (raw, json)
Hash identifier: SeQLlBJKdHqFVUBNXvG430qZ5MT/zkZQqn9uHXPTjWY=
Subject key identifier: 19:96:E9:F7:89:9C:3B:22:AF:2E:8B:FC:B2:07:31:87:3E:DD:F4:DC
Certificate issuer: /CN=df75b63b3c04abdd0bba9a5b6d4c4c4c4bee357f
Certificate serial: 01856D5D14CDFEEE9F63C33F0A89BAA1D1D3
Authority key identifier: DF:75:B6:3B:3C:04:AB:DD:0B:BA:9A:5B:6D:4C:4C:4C:4B:EE:35:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33W2OzwEq90LuppbbUxMTEvuNX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/bf0a54-0774-4aa5-a91a-bc36edbdfa05/1/GZbp94mcOyKvLov8sgcxhz7d9Nw.roa
Signing time: Sun 01 Jan 2023 12:44:54 +0000
ROA not before: Sun 01 Jan 2023 12:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202692
IP address blocks: 185.156.208.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5d:14:cd:fe:ee:9f:63:c3:3f:0a:89:ba:a1:d1:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df75b63b3c04abdd0bba9a5b6d4c4c4c4bee357f
Validity
Not Before: Jan 1 12:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1996e9f7899c3b22af2e8bfcb20731873eddf4dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:60:34:3c:4c:78:2d:db:12:b5:51:40:d0:23:
d4:25:f7:94:b8:8d:18:cd:74:a9:4c:22:1d:96:ca:
8f:9f:4b:83:4b:cd:72:4a:81:25:15:0c:15:f1:61:
9e:1b:fb:54:7b:e6:6e:91:3d:ac:69:65:55:e9:dc:
6e:19:cd:7b:c6:9a:5b:2a:37:27:50:cc:39:ab:e2:
42:4b:9d:6b:0c:fe:2b:59:84:6e:c9:31:87:64:01:
40:cd:d8:02:c8:99:a0:e3:a7:35:d5:01:28:00:9b:
e6:c4:b8:26:e9:00:90:4b:1d:4c:f9:29:c5:5d:c4:
34:79:49:2f:6b:0a:15:a0:c9:2a:ce:47:f6:c8:96:
b4:32:7a:bd:a7:13:da:fa:67:a9:09:e8:c6:86:7a:
54:cd:a6:f2:84:e2:12:05:85:3c:ec:6c:28:64:bf:
18:d9:2a:d8:d8:8c:52:e8:87:d6:29:59:f6:64:48:
0d:d1:b3:72:48:9a:b4:d8:87:d8:3f:5f:89:39:ca:
41:49:a2:77:8e:e4:a7:8b:27:a0:a5:8c:95:1d:a8:
e7:1c:6b:89:5f:7c:1d:8b:03:bc:ba:df:4a:6e:dd:
4c:d1:51:84:a3:ce:f9:c0:fe:1f:fe:be:6a:24:f4:
45:7a:7b:77:5e:45:8d:2f:03:65:10:d1:86:7b:1e:
47:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:96:E9:F7:89:9C:3B:22:AF:2E:8B:FC:B2:07:31:87:3E:DD:F4:DC
X509v3 Authority Key Identifier:
keyid:DF:75:B6:3B:3C:04:AB:DD:0B:BA:9A:5B:6D:4C:4C:4C:4B:EE:35:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33W2OzwEq90LuppbbUxMTEvuNX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/bf0a54-0774-4aa5-a91a-bc36edbdfa05/1/GZbp94mcOyKvLov8sgcxhz7d9Nw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/bf0a54-0774-4aa5-a91a-bc36edbdfa05/1/33W2OzwEq90LuppbbUxMTEvuNX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.208.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:79:d1:8b:33:da:07:29:3c:be:37:88:5e:96:9e:b1:4a:33:
71:8b:8b:bf:78:bc:31:75:f0:6c:d3:40:a0:a4:27:c9:7a:6b:
87:0e:95:5d:89:10:f4:cf:37:7e:26:85:28:3e:bd:5f:8e:e9:
22:63:8d:08:e2:3c:4a:dd:4d:ef:1c:24:7e:1e:a9:81:0d:9b:
f0:b9:0f:65:8e:d4:2a:b3:dc:39:b2:41:07:bd:25:e9:2c:35:
8d:58:d2:9b:3d:18:89:bc:59:1f:98:1e:9e:28:5c:20:70:ab:
c8:d5:05:74:46:a6:5d:9e:a9:cb:87:d8:c0:d2:db:d7:c8:e0:
f1:88:b3:51:c3:8d:5e:df:01:c0:35:12:1e:7c:27:7e:5d:1a:
b2:60:a5:bb:ab:e3:d6:99:14:89:f8:16:a4:9f:d3:f4:32:fd:
78:72:ae:c9:26:ac:a9:04:27:cf:7a:42:b3:ae:ed:2b:3e:4e:
7b:e4:de:b0:4e:e7:bd:92:e5:69:e8:cb:5f:a8:ae:b9:b1:3a:
11:02:96:3e:e6:d6:8b:73:84:d4:1e:e9:3c:18:a9:3f:e9:77:
c8:c7:14:43:86:39:2e:1f:33:8b:90:bf:45:8f:d8:7d:a4:25:
f3:fe:8d:43:08:72:b4:73:9b:1a:15:81:96:36:b1:61:80:bc:
1b:44:00:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtXRTN/u6fY8M/Com6odHTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmNzViNjNiM2MwNGFiZGQwYmJhOWE1YjZkNGM0YzRjNGJl
ZTM1N2YwHhcNMjMwMTAxMTI0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTk2ZTlmNzg5OWMzYjIyYWYyZThiZmNiMjA3MzE4NzNlZGRmNGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2A0PEx4LdsStVFA0CPUJfeUuI0Y
zXSpTCIdlsqPn0uDS81ySoElFQwV8WGeG/tUe+ZukT2saWVV6dxuGc17xppbKjcn
UMw5q+JCS51rDP4rWYRuyTGHZAFAzdgCyJmg46c11QEoAJvmxLgm6QCQSx1M+SnF
XcQ0eUkvawoVoMkqzkf2yJa0Mnq9pxPa+mepCejGhnpUzabyhOISBYU87GwoZL8Y
2SrY2IxS6IfWKVn2ZEgN0bNySJq02IfYP1+JOcpBSaJ3juSniyegpYyVHajnHGuJ
X3wdiwO8ut9Kbt1M0VGEo875wP4f/r5qJPRFent3XkWNLwNlENGGex5HAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBmW6feJnDsiry6L/LIHMYc+3fTcMB8GA1UdIwQY
MBaAFN91tjs8BKvdC7qaW21MTExL7jV/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzNXMk96d0VxOTBMdXBwYmJVeE1URXZ1Tlg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9iZjBhNTQtMDc3NC00YWE1LWE5MWEt
YmMzNmVkYmRmYTA1LzEvR1picDk0bWNPeUt2TG92OHNnY3hoejdkOU53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9iZjBhNTQtMDc3NC00YWE1LWE5MWEtYmMzNmVkYmRmYTA1
LzEvMzNXMk96d0VxOTBMdXBwYmJVeE1URXZ1Tlg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZzQMA0G
CSqGSIb3DQEBCwUAA4IBAQA/edGLM9oHKTy+N4help6xSjNxi4u/eLwxdfBs00Cg
pCfJemuHDpVdiRD0zzd+JoUoPr1fjukiY40I4jxK3U3vHCR+HqmBDZvwuQ9ljtQq
s9w5skEHvSXpLDWNWNKbPRiJvFkfmB6eKFwgcKvI1QV0RqZdnqnLh9jA0tvXyODx
iLNRw41e3wHANRIefCd+XRqyYKW7q+PWmRSJ+Bakn9P0Mv14cq7JJqypBCfPekKz
ru0rPk575N6wTue9kuVp6MtfqK65sToRApY+5taLc4TUHuk8GKk/6XfIxxRDhjku
HzOLkL9Fj9h9pCXz/o1DCHK0c5saFYGWNrFhgLwbRADm
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:23:14 2025 by rpki-client