Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/127292-2be7-4e24-b26b-fa30dd19d02a/1/pgfz8QcbI7b2alW-GXdJyC-96xg.roa
File: pgfz8QcbI7b2alW-GXdJyC-96xg.roa (raw, json)
Hash identifier: C7gm5BhoAwFx+2dYnrJGDOgWjFGgE5zm+df4wrckK34=
Subject key identifier: A6:07:F3:F1:07:1B:23:B6:F6:6A:55:BE:19:77:49:C8:2F:BD:EB:18
Certificate issuer: /CN=7f052b8d34abd1a6ac7d6b838b5ff041ebc3d4a9
Certificate serial: 01857139F1525F779E9A4DD7DB935C9F9AEE
Authority key identifier: 7F:05:2B:8D:34:AB:D1:A6:AC:7D:6B:83:8B:5F:F0:41:EB:C3:D4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fwUrjTSr0aasfWuDi1_wQevD1Kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/127292-2be7-4e24-b26b-fa30dd19d02a/1/pgfz8QcbI7b2alW-GXdJyC-96xg.roa
Signing time: Mon 02 Jan 2023 06:45:00 +0000
ROA not before: Mon 02 Jan 2023 06:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206576
IP address blocks: 185.90.0.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:f1:52:5f:77:9e:9a:4d:d7:db:93:5c:9f:9a:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f052b8d34abd1a6ac7d6b838b5ff041ebc3d4a9
Validity
Not Before: Jan 2 06:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a607f3f1071b23b6f66a55be197749c82fbdeb18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d0:98:68:fe:ce:40:3a:91:41:e6:ec:cb:18:
28:b9:55:ef:d9:e9:83:38:fa:38:d5:33:01:27:bd:
da:ee:07:ac:ba:f6:bd:4f:0c:d4:35:36:69:fe:7f:
f6:10:7c:1e:1b:6e:0a:72:63:ef:f7:de:87:a1:26:
bb:28:84:90:5b:0f:c0:28:aa:76:dd:89:35:1d:b1:
0e:7d:ac:a8:70:dc:8b:e7:9a:db:1b:bd:90:b3:69:
5d:2a:37:32:6c:0d:90:ae:87:94:1c:e7:fc:b7:02:
7e:d8:4f:44:a6:c6:dd:29:37:5d:69:b1:04:84:9f:
eb:d6:2a:1a:29:63:cf:e2:b2:1e:7d:d2:7a:cb:79:
f7:36:73:10:66:2a:6f:ac:75:a8:e6:f4:07:9b:32:
2c:89:b5:f1:76:19:e7:72:b3:8d:d0:26:22:e0:5d:
39:24:8e:9f:1d:c2:9e:43:04:59:f9:b0:35:6e:8e:
81:5f:7c:2b:6a:9e:59:c0:a8:1d:63:83:f4:2e:70:
4a:62:92:55:d2:c9:fb:6c:31:ab:6f:c6:71:02:f9:
3b:7c:1b:ef:d6:c6:20:18:ec:ae:8b:d1:a3:e8:14:
6d:28:7e:35:2a:0d:e7:0b:aa:0b:5e:3c:57:6b:16:
00:73:de:2d:b3:53:c0:72:1a:e6:82:c9:6e:c4:2d:
cf:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:07:F3:F1:07:1B:23:B6:F6:6A:55:BE:19:77:49:C8:2F:BD:EB:18
X509v3 Authority Key Identifier:
keyid:7F:05:2B:8D:34:AB:D1:A6:AC:7D:6B:83:8B:5F:F0:41:EB:C3:D4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fwUrjTSr0aasfWuDi1_wQevD1Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/127292-2be7-4e24-b26b-fa30dd19d02a/1/pgfz8QcbI7b2alW-GXdJyC-96xg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/127292-2be7-4e24-b26b-fa30dd19d02a/1/fwUrjTSr0aasfWuDi1_wQevD1Kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.90.0.0/22
Signature Algorithm: sha256WithRSAEncryption
82:51:1f:17:a8:3e:0a:f0:79:01:c8:89:56:d0:2e:c8:9a:22:
03:5f:e7:ce:49:93:cd:2a:92:6e:8c:4a:1b:00:0f:54:2c:82:
35:70:4a:d4:de:54:ba:d4:47:df:0a:2d:29:ad:f5:d0:33:7d:
b2:9f:14:fb:7e:01:90:cb:ba:5a:c7:e4:b3:81:56:18:7b:20:
03:77:5a:ba:6a:87:3f:f1:69:34:62:eb:af:f6:48:17:de:f7:
9c:22:b7:86:39:a7:45:fe:7e:57:72:65:90:61:c5:5d:66:c3:
22:5c:69:00:cd:7d:d2:89:bb:25:3b:00:6b:f7:2d:42:5e:8f:
3e:d6:f0:0e:ea:66:27:b7:48:73:d4:99:2d:9a:bd:f4:6e:1c:
3e:ff:8f:5c:40:20:12:f2:99:97:90:49:46:a0:84:86:f0:48:
7f:48:8d:e9:95:38:c2:33:c6:3e:7e:9a:b4:17:e5:86:d7:38:
18:54:e8:1f:53:4f:cc:74:8d:b2:2d:36:d6:c7:88:11:c8:2e:
73:fe:1a:c9:ed:2d:74:f4:db:5f:5d:78:89:31:53:bc:8c:08:
4b:54:c5:b9:79:d0:1d:0b:4d:ee:8d:58:f0:fa:5d:af:fd:5b:
ad:56:df:12:79:ee:28:d6:e2:dd:aa:50:2b:4b:76:f5:ba:de:
62:eb:6f:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxOfFSX3eemk3X25Ncn5ruMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmMDUyYjhkMzRhYmQxYTZhYzdkNmI4MzhiNWZmMDQxZWJj
M2Q0YTkwHhcNMjMwMTAyMDY0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjA3ZjNmMTA3MWIyM2I2ZjY2YTU1YmUxOTc3NDljODJmYmRlYjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptCYaP7OQDqRQebsyxgouVXv2emD
OPo41TMBJ73a7gesuva9TwzUNTZp/n/2EHweG24KcmPv996HoSa7KISQWw/AKKp2
3Yk1HbEOfayocNyL55rbG72Qs2ldKjcybA2QroeUHOf8twJ+2E9EpsbdKTddabEE
hJ/r1ioaKWPP4rIefdJ6y3n3NnMQZipvrHWo5vQHmzIsibXxdhnncrON0CYi4F05
JI6fHcKeQwRZ+bA1bo6BX3wrap5ZwKgdY4P0LnBKYpJV0sn7bDGrb8ZxAvk7fBvv
1sYgGOyui9Gj6BRtKH41Kg3nC6oLXjxXaxYAc94ts1PAchrmgsluxC3P/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKYH8/EHGyO29mpVvhl3ScgvvesYMB8GA1UdIwQY
MBaAFH8FK400q9GmrH1rg4tf8EHrw9SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZndVcmpUU3IwYWFzZld1RGkxX3dRZXZEMUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8xMjcyOTItMmJlNy00ZTI0LWIyNmIt
ZmEzMGRkMTlkMDJhLzEvcGdmejhRY2JJN2IyYWxXLUdYZEp5Qy05NnhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8xMjcyOTItMmJlNy00ZTI0LWIyNmItZmEzMGRkMTlkMDJh
LzEvZndVcmpUU3IwYWFzZld1RGkxX3dRZXZEMUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVoAMA0G
CSqGSIb3DQEBCwUAA4IBAQCCUR8XqD4K8HkByIlW0C7ImiIDX+fOSZPNKpJujEob
AA9ULII1cErU3lS61EffCi0prfXQM32ynxT7fgGQy7pax+SzgVYYeyADd1q6aoc/
8Wk0Yuuv9kgX3vecIreGOadF/n5XcmWQYcVdZsMiXGkAzX3SibslOwBr9y1CXo8+
1vAO6mYnt0hz1Jktmr30bhw+/49cQCAS8pmXkElGoISG8Eh/SI3plTjCM8Y+fpq0
F+WG1zgYVOgfU0/MdI2yLTbWx4gRyC5z/hrJ7S109NtfXXiJMVO8jAhLVMW5edAd
C03ujVjw+l2v/VutVt8See4o1uLdqlArS3b1ut5i629w
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:43 2025 by rpki-client