Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/768112-8bc2-49a0-9ebc-67dd78c70d96/1/aOyhx8fMDR0yl9n6kU4yBtzehB4.roa
File: aOyhx8fMDR0yl9n6kU4yBtzehB4.roa (raw, json)
Hash identifier: tqJEzvRhRVduRnu6V+0qFD4PQH6MwO7Xic1JrR/xINs=
Subject key identifier: 68:EC:A1:C7:C7:CC:0D:1D:32:97:D9:FA:91:4E:32:06:DC:DE:84:1E
Certificate issuer: /CN=afc3a4192a980054603f66bddceed69eafc43970
Certificate serial: 011A41
Authority key identifier: AF:C3:A4:19:2A:98:00:54:60:3F:66:BD:DC:EE:D6:9E:AF:C4:39:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r8OkGSqYAFRgP2a93O7Wnq_EOXA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/768112-8bc2-49a0-9ebc-67dd78c70d96/1/aOyhx8fMDR0yl9n6kU4yBtzehB4.roa
Signing time: Sun 17 Apr 2022 12:43:03 +0000
ROA not before: Sun 17 Apr 2022 12:43:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8849
IP address blocks: 185.147.53.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72257 (0x11a41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afc3a4192a980054603f66bddceed69eafc43970
Validity
Not Before: Apr 17 12:43:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68eca1c7c7cc0d1d3297d9fa914e3206dcde841e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:58:d1:cd:39:d6:b7:66:ff:42:82:07:0a:8b:
f1:24:e2:ee:23:d0:ed:33:af:2c:16:9e:2c:8a:c7:
b9:af:9f:b5:c3:ea:c3:27:6b:6b:1a:40:e8:71:aa:
44:c7:1b:68:6b:0d:30:7b:ba:2c:2f:97:57:5a:3e:
3c:20:26:db:51:a2:12:14:10:b2:6a:fd:32:47:97:
59:03:33:28:b0:46:79:44:6a:e7:4e:8e:ca:71:69:
2d:03:fa:14:63:1e:38:c4:2d:f5:cc:7a:ec:2e:de:
ad:fb:65:fe:bd:4f:23:86:7a:97:c3:14:e4:cc:f7:
bb:2a:22:da:8b:c5:18:63:70:69:b7:2c:f7:0e:82:
f3:2f:cc:75:7a:b2:88:83:fc:07:13:c3:7e:5b:09:
e2:ae:57:34:a4:c2:08:15:db:01:68:40:a2:d9:b2:
c2:62:b6:8e:e3:52:a9:ee:04:ae:33:11:88:2d:ee:
6b:d8:a5:30:9f:ae:89:12:cf:2b:00:0a:e1:51:f7:
d8:d5:63:ab:a7:1b:04:3e:73:4e:c9:fc:17:3f:dd:
c5:ba:18:9a:cd:c8:f1:39:1d:bd:b3:c2:88:3d:89:
fa:c4:17:4a:01:f4:a0:d2:59:56:2f:34:97:fd:3e:
0b:04:07:21:a4:f9:3e:87:0c:b3:61:8f:15:03:16:
9f:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:EC:A1:C7:C7:CC:0D:1D:32:97:D9:FA:91:4E:32:06:DC:DE:84:1E
X509v3 Authority Key Identifier:
keyid:AF:C3:A4:19:2A:98:00:54:60:3F:66:BD:DC:EE:D6:9E:AF:C4:39:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r8OkGSqYAFRgP2a93O7Wnq_EOXA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/768112-8bc2-49a0-9ebc-67dd78c70d96/1/aOyhx8fMDR0yl9n6kU4yBtzehB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/768112-8bc2-49a0-9ebc-67dd78c70d96/1/r8OkGSqYAFRgP2a93O7Wnq_EOXA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.147.53.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:65:49:11:51:ad:0f:49:af:da:c6:61:59:5a:2b:52:6c:f8:
5e:43:ad:c0:e4:67:73:7b:44:00:6c:72:f4:d7:01:11:4d:e8:
22:86:a0:51:bc:5a:91:f0:68:64:44:95:f1:94:45:12:05:32:
dd:67:c0:03:c7:0f:70:46:b6:a5:27:67:55:8b:0e:e2:6e:9b:
a9:23:f9:8e:50:22:99:99:7a:e4:64:0d:1d:78:1f:f9:cf:81:
34:71:4d:07:10:57:12:6d:84:15:b1:e2:72:dd:1c:ad:48:52:
80:49:0d:ba:1f:3f:8d:6b:ab:b0:2b:db:f3:d5:1b:79:35:6e:
61:5f:8a:5b:51:ce:de:78:6a:1a:43:1e:5c:31:44:db:c9:35:
43:3f:79:57:5e:7c:da:f1:6c:8b:17:83:c4:e5:6e:40:0d:c7:
ac:8f:47:55:f6:1d:c2:30:77:54:ff:93:f7:fd:c8:da:e1:ab:
4f:08:cf:c5:46:28:44:c4:a2:78:8e:b9:64:70:34:e9:9d:c9:
91:7f:08:2a:d0:15:76:dd:55:fc:89:f2:bd:93:6b:07:98:7a:
82:0b:58:03:dd:ba:bb:63:10:f3:94:29:51:91:30:1f:82:a1:
1a:e0:2d:60:3d:ec:d7:a7:57:57:00:ae:9e:60:ee:43:93:d0:
d9:6c:6f:86
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDARpBMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGFm
YzNhNDE5MmE5ODAwNTQ2MDNmNjZiZGRjZWVkNjllYWZjNDM5NzAwHhcNMjIwNDE3
MTI0MzAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2OGVjYTFjN2M3Y2Mw
ZDFkMzI5N2Q5ZmE5MTRlMzIwNmRjZGU4NDFlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAvFjRzTnWt2b/QoIHCovxJOLuI9DtM68sFp4sise5r5+1w+rD
J2trGkDocapExxtoaw0we7osL5dXWj48ICbbUaISFBCyav0yR5dZAzMosEZ5RGrn
To7KcWktA/oUYx44xC31zHrsLt6t+2X+vU8jhnqXwxTkzPe7KiLai8UYY3Bptyz3
DoLzL8x1erKIg/wHE8N+Wwnirlc0pMIIFdsBaECi2bLCYraO41Kp7gSuMxGILe5r
2KUwn66JEs8rAArhUffY1WOrpxsEPnNOyfwXP93FuhiazcjxOR29s8KIPYn6xBdK
AfSg0llWLzSX/T4LBAchpPk+hwyzYY8VAxafmwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFGjsocfHzA0dMpfZ+pFOMgbc3oQeMB8GA1UdIwQYMBaAFK/DpBkqmABUYD9m
vdzu1p6vxDlwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cjhPa0dTcVlBRlJnUDJhOTNPN1ducV9FT1hBLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80ZS83NjgxMTItOGJjMi00OWEwLTllYmMtNjdkZDc4YzcwZDk2LzEv
YU95aHg4Zk1EUjB5bDluNmtVNHlCdHplaEI0LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS83
NjgxMTItOGJjMi00OWEwLTllYmMtNjdkZDc4YzcwZDk2LzEvcjhPa0dTcVlBRlJn
UDJhOTNPN1ducV9FT1hBLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZM1MA0GCSqGSIb3DQEBCwUAA4IB
AQA/ZUkRUa0PSa/axmFZWitSbPheQ63A5Gdze0QAbHL01wERTegihqBRvFqR8Ghk
RJXxlEUSBTLdZ8ADxw9wRralJ2dViw7ibpupI/mOUCKZmXrkZA0deB/5z4E0cU0H
EFcSbYQVseJy3RytSFKASQ26Hz+Na6uwK9vz1Rt5NW5hX4pbUc7eeGoaQx5cMUTb
yTVDP3lXXnza8WyLF4PE5W5ADcesj0dV9h3CMHdU/5P3/cja4atPCM/FRihExKJ4
jrlkcDTpncmRfwgq0BV23VX8ifK9k2sHmHqCC1gD3bq7YxDzlClRkTAfgqEa4C1g
PezXp1dXAK6eYO5Dk9DZbG+G
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:57:28 2025 by rpki-client