Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/8e739f-2079-401f-9e8d-0f4b717ab073/1/sNm36iIyO3FHqSjrP3pE6o0cfwU.roa
File: sNm36iIyO3FHqSjrP3pE6o0cfwU.roa (raw, json)
Hash identifier: xw6/DaL2UR20h4Onyp0g9GNNnZfnvBxXQzIr5//vX6M=
Subject key identifier: B0:D9:B7:EA:22:32:3B:71:47:A9:28:EB:3F:7A:44:EA:8D:1C:7F:05
Certificate issuer: /CN=43931de6e91b40f4b2bb201253e57a86741105a5
Certificate serial: 02D3072C
Authority key identifier: 43:93:1D:E6:E9:1B:40:F4:B2:BB:20:12:53:E5:7A:86:74:11:05:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q5Md5ukbQPSyuyASU-V6hnQRBaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/8e739f-2079-401f-9e8d-0f4b717ab073/1/sNm36iIyO3FHqSjrP3pE6o0cfwU.roa
Signing time: Sat 01 Jan 2022 15:06:38 +0000
ROA not before: Sat 01 Jan 2022 15:06:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43160
IP address blocks: 185.240.164.0/24 maxlen: 24
185.240.89.0/24 maxlen: 24
185.240.88.0/22 maxlen: 24
185.240.88.0/24 maxlen: 24
185.240.90.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47384364 (0x2d3072c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43931de6e91b40f4b2bb201253e57a86741105a5
Validity
Not Before: Jan 1 15:06:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b0d9b7ea22323b7147a928eb3f7a44ea8d1c7f05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ca:4a:8a:da:42:e3:52:8f:20:64:84:79:8f:
dc:33:6a:88:73:2e:1f:41:42:ba:03:f3:7c:fd:07:
d5:87:07:c0:e0:6d:43:8b:4c:c3:1a:09:50:fa:e2:
90:54:ae:9c:c0:b1:b7:73:1b:87:50:bb:2c:d4:8e:
ba:34:b6:3f:c2:7f:aa:0f:a2:26:d3:07:dc:50:ed:
49:6e:07:52:92:c9:ab:e7:56:af:e0:22:90:c6:7b:
19:f2:90:5c:f4:80:4e:6a:9d:33:e7:20:15:c2:c5:
fe:40:a2:6a:52:49:d4:f2:7e:92:71:2a:7a:0c:ac:
17:a6:87:a0:1d:e8:94:24:44:e3:a8:cf:49:02:3f:
0a:cb:73:42:48:e0:b2:65:5e:7c:38:2a:09:00:4c:
43:71:4b:22:c4:a3:70:e9:c0:9c:7c:4d:f7:e6:a3:
c6:03:ea:7c:d0:e8:6d:91:2c:0a:20:63:07:70:6b:
3a:0b:9c:36:a7:36:d1:8b:9c:10:5c:21:fa:5e:20:
26:e9:4b:24:75:3d:c8:bf:ae:8e:df:12:9f:18:41:
56:c9:4c:cf:3d:2e:62:d6:5e:2f:8f:18:57:3e:7b:
78:f6:f9:93:ab:35:5d:b1:c7:e8:24:35:2b:47:73:
f2:ab:60:fc:29:4b:af:2d:47:7e:f4:73:e8:05:4c:
64:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:D9:B7:EA:22:32:3B:71:47:A9:28:EB:3F:7A:44:EA:8D:1C:7F:05
X509v3 Authority Key Identifier:
keyid:43:93:1D:E6:E9:1B:40:F4:B2:BB:20:12:53:E5:7A:86:74:11:05:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5Md5ukbQPSyuyASU-V6hnQRBaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/8e739f-2079-401f-9e8d-0f4b717ab073/1/sNm36iIyO3FHqSjrP3pE6o0cfwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/8e739f-2079-401f-9e8d-0f4b717ab073/1/Q5Md5ukbQPSyuyASU-V6hnQRBaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.88.0/22
185.240.164.0/24
Signature Algorithm: sha256WithRSAEncryption
41:07:1a:68:98:99:90:22:11:f5:0a:6d:2e:38:f0:30:57:f3:
53:61:bb:1e:09:1e:97:8b:75:f1:cb:c4:4c:fa:04:f6:80:4e:
06:41:fb:a4:b4:77:b7:04:b1:ee:90:f5:80:3b:6a:38:50:e3:
a6:7a:14:ad:b7:61:8b:76:18:d8:a0:37:a2:57:f3:0c:cb:5a:
60:a7:cb:2e:9e:6b:3c:57:d6:ee:c1:66:6d:e6:57:8c:6f:23:
85:7d:02:03:35:d1:f0:49:14:be:41:85:f8:4e:9c:65:b3:96:
68:98:60:ff:ba:a5:95:3e:11:ed:f6:7a:61:4b:c4:33:71:ed:
06:b4:2b:12:83:36:af:b9:5f:4a:bb:ec:a0:79:80:c8:12:5f:
de:ca:32:44:b0:30:6c:c9:61:77:14:e6:a4:7a:0b:c4:b5:db:
89:4f:f5:56:86:69:59:9c:46:ea:2e:0a:ef:01:21:44:a3:b8:
63:e2:a4:d8:c9:52:9e:41:4c:f1:64:8c:cb:09:c8:8c:7f:bb:
5a:8e:a2:9a:f3:ed:1b:0f:a7:67:83:d5:15:b2:5e:56:fa:e6:
c5:e5:bf:b7:4d:96:bc:46:0c:fb:69:b3:dc:bd:b0:b8:16:8c:
d4:56:0c:6e:d3:e5:c8:23:79:70:ad:26:fc:57:a0:49:88:78:
0f:79:30:4b
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAtMHLDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MzkzMWRlNmU5MWI0MGY0YjJiYjIwMTI1M2U1N2E4Njc0MTEwNWE1MB4XDTIyMDEw
MTE1MDYzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjBkOWI3ZWEyMjMy
M2I3MTQ3YTkyOGViM2Y3YTQ0ZWE4ZDFjN2YwNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKTKSoraQuNSjyBkhHmP3DNqiHMuH0FCugPzfP0H1YcHwOBt
Q4tMwxoJUPrikFSunMCxt3Mbh1C7LNSOujS2P8J/qg+iJtMH3FDtSW4HUpLJq+dW
r+AikMZ7GfKQXPSATmqdM+cgFcLF/kCialJJ1PJ+knEqegysF6aHoB3olCRE46jP
SQI/CstzQkjgsmVefDgqCQBMQ3FLIsSjcOnAnHxN9+ajxgPqfNDobZEsCiBjB3Br
OgucNqc20YucEFwh+l4gJulLJHU9yL+ujt8SnxhBVslMzz0uYtZeL48YVz57ePb5
k6s1XbHH6CQ1K0dz8qtg/ClLry1HfvRz6AVMZE8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSw2bfqIjI7cUepKOs/ekTqjRx/BTAfBgNVHSMEGDAWgBRDkx3m6RtA9LK7
IBJT5XqGdBEFpTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1E1TWQ1dWtiUVBTeXV5QVNVLVY2aG5RUkJhVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvOGU3MzlmLTIwNzktNDAxZi05ZThkLTBmNGI3MTdhYjA3My8x
L3NObTM2aUl5TzNGSHFTanJQM3BFNm8wY2Z3VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
OGU3MzlmLTIwNzktNDAxZi05ZThkLTBmNGI3MTdhYjA3My8xL1E1TWQ1dWtiUVBT
eXV5QVNVLVY2aG5RUkJhVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArnwWAMEALnwpDANBgkqhkiG9w0B
AQsFAAOCAQEAQQcaaJiZkCIR9QptLjjwMFfzU2G7Hgkel4t18cvETPoE9oBOBkH7
pLR3twSx7pD1gDtqOFDjpnoUrbdhi3YY2KA3olfzDMtaYKfLLp5rPFfW7sFmbeZX
jG8jhX0CAzXR8EkUvkGF+E6cZbOWaJhg/7qllT4R7fZ6YUvEM3HtBrQrEoM2r7lf
SrvsoHmAyBJf3soyRLAwbMlhdxTmpHoLxLXbiU/1VoZpWZxG6i4K7wEhRKO4Y+Kk
2MlSnkFM8WSMywnIjH+7Wo6imvPtGw+nZ4PVFbJeVvrmxeW/t02WvEYM+2mz3L2w
uBaM1FYMbtPlyCN5cK0m/FegSYh4D3kwSw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:41 2025 by rpki-client