Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/55ea3e-d7e2-430c-af8a-c321840c1faa/1/SkpuG1SShh_Tu0tEsS_zldokzRY.roa
File: SkpuG1SShh_Tu0tEsS_zldokzRY.roa (raw, json)
Hash identifier: dFYDpE1wahaZPqcUFRinjMxK5eBFUvf/eJm1l8owCY8=
Subject key identifier: 4A:4A:6E:1B:54:92:86:1F:D3:BB:4B:44:B1:2F:F3:95:DA:24:CD:16
Certificate issuer: /CN=388e962840cd3168dd2ea396fe68127628aeac27
Certificate serial: 01942067C2568E8FF9A0897EC4372CF575F9
Authority key identifier: 38:8E:96:28:40:CD:31:68:DD:2E:A3:96:FE:68:12:76:28:AE:AC:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OI6WKEDNMWjdLqOW_mgSdiiurCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/55ea3e-d7e2-430c-af8a-c321840c1faa/1/SkpuG1SShh_Tu0tEsS_zldokzRY.roa
Signing time: Wed 01 Jan 2025 05:47:38 +0000
ROA not before: Wed 01 Jan 2025 05:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 185.144.240.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:c2:56:8e:8f:f9:a0:89:7e:c4:37:2c:f5:75:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=388e962840cd3168dd2ea396fe68127628aeac27
Validity
Not Before: Jan 1 05:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a4a6e1b5492861fd3bb4b44b12ff395da24cd16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ab:02:6e:71:ee:1e:0a:c6:0f:be:7a:33:db:
b3:31:3e:b1:a7:bf:ad:82:11:8b:c9:58:b0:50:6d:
d7:0a:45:4c:eb:01:5b:2b:ef:e8:02:eb:ee:de:55:
a2:fd:94:1d:d4:61:93:27:82:d8:19:e9:e3:ac:1d:
aa:73:8e:07:92:be:92:81:ca:5b:53:dc:97:25:bd:
0a:51:78:ad:d8:e0:be:04:08:32:ec:1e:45:e3:38:
98:5a:c4:e8:a3:05:17:0f:4d:6f:f9:5e:00:81:b6:
60:f0:ea:31:3a:e1:19:f7:c0:6a:2b:11:44:88:21:
70:ac:3a:2a:4b:3b:4e:cd:cb:cd:cf:bc:5b:04:5b:
a8:6c:dd:0e:11:b4:ab:db:09:c8:1e:23:53:79:5c:
ab:3a:d9:1c:de:10:67:4d:db:16:b2:e7:79:37:98:
eb:f0:7a:84:b3:42:43:94:fb:59:41:91:fb:11:89:
8f:f7:35:c7:a6:2f:93:4c:ed:5e:ce:ed:a0:8a:80:
bd:f8:81:1a:bc:6f:d2:0a:f6:3c:8f:ec:4b:9b:47:
2c:a2:60:23:08:a2:71:96:eb:dc:c7:86:f1:70:74:
d3:c9:d2:b6:5f:be:24:e3:5a:cc:b1:72:eb:76:96:
b4:76:ce:70:25:b0:dd:84:08:85:04:c9:e4:9a:87:
98:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:4A:6E:1B:54:92:86:1F:D3:BB:4B:44:B1:2F:F3:95:DA:24:CD:16
X509v3 Authority Key Identifier:
keyid:38:8E:96:28:40:CD:31:68:DD:2E:A3:96:FE:68:12:76:28:AE:AC:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OI6WKEDNMWjdLqOW_mgSdiiurCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/55ea3e-d7e2-430c-af8a-c321840c1faa/1/SkpuG1SShh_Tu0tEsS_zldokzRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/55ea3e-d7e2-430c-af8a-c321840c1faa/1/OI6WKEDNMWjdLqOW_mgSdiiurCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.240.0/22
Signature Algorithm: sha256WithRSAEncryption
32:54:af:6c:0a:5d:14:a2:9d:92:f5:71:61:90:16:fb:e3:77:
1c:e7:5d:61:6b:2b:97:81:df:02:cf:b0:cf:ed:61:5e:85:4f:
12:90:ed:ec:1d:15:21:04:6d:ef:0d:84:8f:39:b5:e3:d8:21:
d7:83:0c:a9:4e:c0:d1:93:83:ee:47:f2:d1:9c:0c:08:ba:11:
2c:9e:13:31:43:08:e2:a2:57:21:41:77:82:84:10:4b:c9:0c:
1e:6e:41:f4:17:74:8f:cb:57:93:01:9e:91:e2:9d:d5:e8:8e:
65:84:e8:40:1c:99:eb:96:16:bb:25:81:4d:29:da:15:92:c2:
fa:4b:04:95:ab:53:53:af:cc:eb:9d:05:87:9e:4d:0c:50:de:
ae:be:72:e5:f4:4d:aa:d8:ca:22:41:b6:81:ec:b2:ac:20:8a:
da:77:a2:63:ec:b4:87:23:66:70:ba:87:4a:9f:7a:9c:d3:4d:
15:4c:22:da:22:8f:05:43:64:4c:a6:ac:18:be:db:1d:14:fe:
1a:ae:43:a5:08:aa:a7:e4:26:5f:73:e2:e7:04:52:79:22:2a:
7f:a7:f0:9c:27:91:5a:0e:14:5f:3b:bb:18:0b:b6:d0:82:c3:
cc:07:46:17:f6:35:09:74:46:2b:01:21:fb:f4:99:56:0b:65:
35:b5:3d:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ8JWjo/5oIl+xDcs9XX5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OGU5NjI4NDBjZDMxNjhkZDJlYTM5NmZlNjgxMjc2Mjhh
ZWFjMjcwHhcNMjUwMTAxMDU0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTRhNmUxYjU0OTI4NjFmZDNiYjRiNDRiMTJmZjM5NWRhMjRjZDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuasCbnHuHgrGD756M9uzMT6xp7+t
ghGLyViwUG3XCkVM6wFbK+/oAuvu3lWi/ZQd1GGTJ4LYGenjrB2qc44Hkr6Sgcpb
U9yXJb0KUXit2OC+BAgy7B5F4ziYWsToowUXD01v+V4AgbZg8OoxOuEZ98BqKxFE
iCFwrDoqSztOzcvNz7xbBFuobN0OEbSr2wnIHiNTeVyrOtkc3hBnTdsWsud5N5jr
8HqEs0JDlPtZQZH7EYmP9zXHpi+TTO1ezu2gioC9+IEavG/SCvY8j+xLm0csomAj
CKJxluvcx4bxcHTTydK2X74k41rMsXLrdpa0ds5wJbDdhAiFBMnkmoeY1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEpKbhtUkoYf07tLRLEv85XaJM0WMB8GA1UdIwQY
MBaAFDiOlihAzTFo3S6jlv5oEnYorqwnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0k2V0tFRE5NV2pkTHFPV19tZ1NkaWl1ckNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC81NWVhM2UtZDdlMi00MzBjLWFmOGEt
YzMyMTg0MGMxZmFhLzEvU2twdUcxU1NoaF9UdTB0RXNTX3psZG9relJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC81NWVhM2UtZDdlMi00MzBjLWFmOGEtYzMyMTg0MGMxZmFh
LzEvT0k2V0tFRE5NV2pkTHFPV19tZ1NkaWl1ckNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZDwMA0G
CSqGSIb3DQEBCwUAA4IBAQAyVK9sCl0Uop2S9XFhkBb743cc511hayuXgd8Cz7DP
7WFehU8SkO3sHRUhBG3vDYSPObXj2CHXgwypTsDRk4PuR/LRnAwIuhEsnhMxQwji
olchQXeChBBLyQwebkH0F3SPy1eTAZ6R4p3V6I5lhOhAHJnrlha7JYFNKdoVksL6
SwSVq1NTr8zrnQWHnk0MUN6uvnLl9E2q2MoiQbaB7LKsIIrad6Jj7LSHI2ZwuodK
n3qc000VTCLaIo8FQ2RMpqwYvtsdFP4arkOlCKqn5CZfc+LnBFJ5Iip/p/CcJ5Fa
DhRfO7sYC7bQgsPMB0YX9jUJdEYrASH79JlWC2U1tT1o
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:40:06 2025 by rpki-client