Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/358253-41e8-4c13-bfaa-cb3cd0404ab5/1/kgsIk8ju0wKKr0nkwVgHsRJydGg.roa
File: kgsIk8ju0wKKr0nkwVgHsRJydGg.roa (raw, json)
Hash identifier: 22cjkPvdduHGA9XlrCi4AiJihfCCZjAqzu2Hbki4taU=
Subject key identifier: 92:0B:08:93:C8:EE:D3:02:8A:AF:49:E4:C1:58:07:B1:12:72:74:68
Certificate issuer: /CN=15ddd4c9dc23fac35574fce2b4294398add8521c
Certificate serial: 019420D5AD68EE9FF85AA9DCA531D91A78E6
Authority key identifier: 15:DD:D4:C9:DC:23:FA:C3:55:74:FC:E2:B4:29:43:98:AD:D8:52:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fd3Uydwj-sNVdPzitClDmK3YUhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/358253-41e8-4c13-bfaa-cb3cd0404ab5/1/kgsIk8ju0wKKr0nkwVgHsRJydGg.roa
Signing time: Wed 01 Jan 2025 07:47:41 +0000
ROA not before: Wed 01 Jan 2025 07:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 185.183.212.0/22 maxlen: 22
185.183.212.0/23 maxlen: 23
185.183.214.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:ad:68:ee:9f:f8:5a:a9:dc:a5:31:d9:1a:78:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15ddd4c9dc23fac35574fce2b4294398add8521c
Validity
Not Before: Jan 1 07:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=920b0893c8eed3028aaf49e4c15807b112727468
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:37:f7:17:6d:d4:45:e0:0b:e6:1c:6c:8c:33:
0b:63:84:70:fb:69:19:c9:03:61:be:b2:d8:9e:6f:
e9:ad:97:bf:49:9b:de:55:1d:05:76:d7:57:5f:cf:
cc:2f:f1:9c:1b:08:7b:28:52:d6:be:84:c9:b2:12:
8e:0a:d0:7f:46:51:96:9a:6a:f2:8f:75:84:2f:1f:
6e:1c:14:76:27:06:8e:64:3b:75:14:2f:81:cb:9d:
c8:0f:67:c3:1f:ce:ab:b6:d7:97:9a:6f:74:f6:e5:
e9:e1:42:4e:61:2f:4f:66:cf:7c:3b:7f:75:cb:d5:
96:26:37:de:04:92:40:33:03:1b:43:94:99:1f:07:
c0:ca:30:d1:cd:c8:88:8e:09:f1:63:1b:a6:1a:1b:
61:90:da:c8:0f:c9:c5:93:db:72:17:71:9a:64:6e:
d8:8b:4a:05:19:56:70:12:cd:7d:61:3b:7b:9f:a6:
69:67:a8:6a:67:d8:88:5e:27:d6:bd:1a:8b:8c:95:
47:51:e2:c3:b1:64:cf:91:ea:7b:fd:45:ad:91:a4:
25:9d:c8:b0:2b:35:dc:83:48:ad:1f:ad:2a:28:b8:
79:c5:d7:61:47:11:17:d8:67:af:34:56:2c:5a:51:
38:3f:97:d7:06:b6:60:6e:4b:6a:29:06:2f:58:14:
a3:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:0B:08:93:C8:EE:D3:02:8A:AF:49:E4:C1:58:07:B1:12:72:74:68
X509v3 Authority Key Identifier:
keyid:15:DD:D4:C9:DC:23:FA:C3:55:74:FC:E2:B4:29:43:98:AD:D8:52:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fd3Uydwj-sNVdPzitClDmK3YUhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/358253-41e8-4c13-bfaa-cb3cd0404ab5/1/kgsIk8ju0wKKr0nkwVgHsRJydGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/358253-41e8-4c13-bfaa-cb3cd0404ab5/1/Fd3Uydwj-sNVdPzitClDmK3YUhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.183.212.0/22
Signature Algorithm: sha256WithRSAEncryption
47:28:ba:37:c1:36:fa:d5:d0:9e:06:f8:df:ae:06:43:a1:d9:
f2:e8:f0:88:10:bc:70:b0:93:1c:a0:e1:0c:6b:26:69:2c:31:
8c:7d:d0:52:6d:fd:1e:bb:17:12:f2:d7:16:03:a2:85:5d:28:
b0:6f:4d:b0:4e:88:af:ae:dd:7b:c0:5d:3b:bc:69:7c:e6:89:
af:c4:88:a8:f3:42:45:29:66:ee:7d:6b:fb:31:cf:fd:30:22:
32:3a:77:8c:ea:ae:b1:36:52:ad:f0:0f:2b:5e:29:b8:b9:87:
8c:dd:cf:e0:f4:86:5a:f7:9d:3f:cc:93:38:fe:1c:ca:c7:15:
cc:8a:f3:5f:c6:8c:f1:83:14:f3:dc:fa:4d:7d:19:8b:e4:ad:
bd:12:2a:cb:f6:7b:e4:c9:6a:94:ff:38:f5:c9:f0:63:f5:55:
64:47:c4:22:10:19:6f:ea:84:df:63:8a:65:6a:c6:11:47:04:
86:79:a7:4e:b8:6c:74:9b:e2:90:09:e3:24:6e:37:eb:4a:ee:
6f:54:4b:a2:97:98:45:5a:2e:6c:53:e4:b6:93:1a:c1:72:4b:
c0:aa:9e:43:24:45:51:f3:d2:0c:49:92:76:0f:8f:ca:fe:b8:
db:aa:4d:da:a1:c7:69:4c:74:df:14:e3:e0:2f:57:10:53:e0:
f7:0a:fd:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1a1o7p/4WqncpTHZGnjmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZGRkNGM5ZGMyM2ZhYzM1NTc0ZmNlMmI0Mjk0Mzk4YWRk
ODUyMWMwHhcNMjUwMTAxMDc0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjBiMDg5M2M4ZWVkMzAyOGFhZjQ5ZTRjMTU4MDdiMTEyNzI3NDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDf3F23UReAL5hxsjDMLY4Rw+2kZ
yQNhvrLYnm/prZe/SZveVR0FdtdXX8/ML/GcGwh7KFLWvoTJshKOCtB/RlGWmmry
j3WELx9uHBR2JwaOZDt1FC+By53ID2fDH86rtteXmm909uXp4UJOYS9PZs98O391
y9WWJjfeBJJAMwMbQ5SZHwfAyjDRzciIjgnxYxumGhthkNrID8nFk9tyF3GaZG7Y
i0oFGVZwEs19YTt7n6ZpZ6hqZ9iIXifWvRqLjJVHUeLDsWTPkep7/UWtkaQlnciw
KzXcg0itH60qKLh5xddhRxEX2GevNFYsWlE4P5fXBrZgbktqKQYvWBSj9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJILCJPI7tMCiq9J5MFYB7EScnRoMB8GA1UdIwQY
MBaAFBXd1MncI/rDVXT84rQpQ5it2FIcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmQzVXlkd2otc05WZFB6aXRDbERtSzNZVWh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zNTgyNTMtNDFlOC00YzEzLWJmYWEt
Y2IzY2QwNDA0YWI1LzEva2dzSWs4anUwd0tLcjBua3dWZ0hzUkp5ZEdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zNTgyNTMtNDFlOC00YzEzLWJmYWEtY2IzY2QwNDA0YWI1
LzEvRmQzVXlkd2otc05WZFB6aXRDbERtSzNZVWh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubfUMA0G
CSqGSIb3DQEBCwUAA4IBAQBHKLo3wTb61dCeBvjfrgZDodny6PCIELxwsJMcoOEM
ayZpLDGMfdBSbf0euxcS8tcWA6KFXSiwb02wToivrt17wF07vGl85omvxIio80JF
KWbufWv7Mc/9MCIyOneM6q6xNlKt8A8rXim4uYeM3c/g9IZa950/zJM4/hzKxxXM
ivNfxozxgxTz3PpNfRmL5K29EirL9nvkyWqU/zj1yfBj9VVkR8QiEBlv6oTfY4pl
asYRRwSGeadOuGx0m+KQCeMkbjfrSu5vVEuil5hFWi5sU+S2kxrBckvAqp5DJEVR
89IMSZJ2D4/K/rjbqk3aocdpTHTfFOPgL1cQU+D3Cv1J
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:40:27 2025 by rpki-client