Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/efa7e1-004f-4bf9-a3a5-0fdf3cf217fc/1/Hb7RSBM23rOOgUlzbL2wGD2DOmY.roa
File: Hb7RSBM23rOOgUlzbL2wGD2DOmY.roa (raw, json)
Hash identifier: o4ekiAO7AZSi+ckxFVHdfZFNZjhFtfAYE/4gdm3P38o=
Subject key identifier: 1D:BE:D1:48:13:36:DE:B3:8E:81:49:73:6C:BD:B0:18:3D:83:3A:66
Certificate issuer: /CN=977778e209bc0e0616590af328c801d0ed9a319a
Certificate serial: 01848192AC7D9C7FEDD86C4C536C17EB3322
Authority key identifier: 97:77:78:E2:09:BC:0E:06:16:59:0A:F3:28:C8:01:D0:ED:9A:31:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l3d44gm8DgYWWQrzKMgB0O2aMZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/efa7e1-004f-4bf9-a3a5-0fdf3cf217fc/1/Hb7RSBM23rOOgUlzbL2wGD2DOmY.roa
Signing time: Wed 16 Nov 2022 17:53:03 +0000
ROA not before: Wed 16 Nov 2022 17:53:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209529
IP address blocks: 185.228.220.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:81:92:ac:7d:9c:7f:ed:d8:6c:4c:53:6c:17:eb:33:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=977778e209bc0e0616590af328c801d0ed9a319a
Validity
Not Before: Nov 16 17:53:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1dbed1481336deb38e8149736cbdb0183d833a66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f3:24:db:28:e7:20:fa:39:0c:e8:56:cb:55:
89:7e:63:c2:41:12:23:63:bd:a9:3f:9b:7c:51:7c:
3e:87:07:fc:8a:ad:41:bf:94:39:88:8e:ab:77:57:
74:e0:78:70:75:27:7f:c0:c3:ca:47:c5:3e:f1:53:
74:ce:32:d7:1b:d0:91:b9:df:33:6f:83:ec:7b:7d:
40:7d:41:71:ca:1b:05:00:56:6b:3f:49:07:ac:e2:
01:b9:49:15:56:1e:fe:89:7a:c4:70:6e:2f:8b:86:
b9:7e:8a:a6:f7:82:1c:af:da:1f:b8:d2:74:0d:63:
69:33:96:a4:cd:36:49:e9:78:10:36:cb:d5:de:db:
5e:a9:d9:bd:83:6c:12:c5:18:34:eb:c9:a9:24:28:
9b:3c:e7:e8:af:08:cf:89:7e:bb:47:98:29:26:36:
3a:97:22:55:6a:97:90:3d:cd:81:1c:b5:6a:b3:58:
a4:57:69:fb:39:30:7a:65:70:52:c8:12:3b:ca:40:
84:aa:46:a2:84:01:5c:28:0f:0f:86:0a:81:47:8f:
72:7a:35:48:43:5e:33:ca:f4:b3:55:1a:8a:d0:6b:
ff:e8:f1:1f:59:ed:13:b9:c3:b0:bf:95:93:69:17:
47:bb:79:3a:0d:40:5a:d2:ee:07:69:ae:47:44:c8:
18:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:BE:D1:48:13:36:DE:B3:8E:81:49:73:6C:BD:B0:18:3D:83:3A:66
X509v3 Authority Key Identifier:
keyid:97:77:78:E2:09:BC:0E:06:16:59:0A:F3:28:C8:01:D0:ED:9A:31:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l3d44gm8DgYWWQrzKMgB0O2aMZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/efa7e1-004f-4bf9-a3a5-0fdf3cf217fc/1/Hb7RSBM23rOOgUlzbL2wGD2DOmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/efa7e1-004f-4bf9-a3a5-0fdf3cf217fc/1/l3d44gm8DgYWWQrzKMgB0O2aMZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.220.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:cf:d9:df:f5:9c:09:a4:71:a1:b5:91:a2:80:1d:b8:77:70:
ae:ed:bd:d8:52:2e:75:40:c8:61:eb:8e:14:a3:6e:88:78:ce:
f6:f4:76:1d:6a:87:12:a5:1d:cf:e1:7b:89:da:77:ed:7a:6e:
d9:a3:cf:25:8d:03:10:b6:64:38:44:a9:0a:b3:c6:29:fb:d8:
b1:bf:9f:7e:96:68:db:b4:0a:e6:26:6c:5a:88:3d:7c:17:05:
6e:a5:76:3b:d5:4a:a0:d5:c2:8d:1b:eb:28:c7:a6:32:b0:7b:
bb:50:6d:59:cc:61:00:a6:3e:a0:89:8b:b0:77:16:ac:e1:d7:
5f:4d:2f:28:33:a0:aa:52:96:cd:58:ed:a5:f6:cc:81:53:c9:
c9:04:c5:0c:c3:d9:a0:42:5b:19:3a:dc:57:9b:a8:54:07:6f:
6b:77:1f:48:2d:2e:6d:74:01:c6:4c:35:a0:0f:c6:69:bf:5b:
ca:58:99:07:b1:15:3f:9b:b7:86:ec:a2:a6:13:a2:30:8f:98:
14:d9:66:48:35:43:9b:44:a4:e3:e3:3d:07:50:6f:66:0d:67:
9e:bf:f5:90:62:75:82:22:47:c1:d7:f5:97:83:02:a6:81:81:
3f:28:9f:94:da:b3:3f:61:99:41:0b:b0:00:ad:8f:02:78:ad:
fb:db:31:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSBkqx9nH/t2GxMU2wX6zMiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3Nzc3OGUyMDliYzBlMDYxNjU5MGFmMzI4YzgwMWQwZWQ5
YTMxOWEwHhcNMjIxMTE2MTc1MzAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGJlZDE0ODEzMzZkZWIzOGU4MTQ5NzM2Y2JkYjAxODNkODMzYTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvMk2yjnIPo5DOhWy1WJfmPCQRIj
Y72pP5t8UXw+hwf8iq1Bv5Q5iI6rd1d04HhwdSd/wMPKR8U+8VN0zjLXG9CRud8z
b4Pse31AfUFxyhsFAFZrP0kHrOIBuUkVVh7+iXrEcG4vi4a5foqm94Icr9ofuNJ0
DWNpM5akzTZJ6XgQNsvV3tteqdm9g2wSxRg068mpJCibPOforwjPiX67R5gpJjY6
lyJVapeQPc2BHLVqs1ikV2n7OTB6ZXBSyBI7ykCEqkaihAFcKA8PhgqBR49yejVI
Q14zyvSzVRqK0Gv/6PEfWe0TucOwv5WTaRdHu3k6DUBa0u4Haa5HRMgYEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB2+0UgTNt6zjoFJc2y9sBg9gzpmMB8GA1UdIwQY
MBaAFJd3eOIJvA4GFlkK8yjIAdDtmjGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDNkNDRnbThEZ1lXV1FyektNZ0IwTzJhTVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9lZmE3ZTEtMDA0Zi00YmY5LWEzYTUt
MGZkZjNjZjIxN2ZjLzEvSGI3UlNCTTIzck9PZ1VsemJMMndHRDJET21ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9lZmE3ZTEtMDA0Zi00YmY5LWEzYTUtMGZkZjNjZjIxN2Zj
LzEvbDNkNDRnbThEZ1lXV1FyektNZ0IwTzJhTVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueTcMA0G
CSqGSIb3DQEBCwUAA4IBAQC3z9nf9ZwJpHGhtZGigB24d3Cu7b3YUi51QMhh644U
o26IeM729HYdaocSpR3P4XuJ2nftem7Zo88ljQMQtmQ4RKkKs8Yp+9ixv59+lmjb
tArmJmxaiD18FwVupXY71Uqg1cKNG+sox6YysHu7UG1ZzGEApj6giYuwdxas4ddf
TS8oM6CqUpbNWO2l9syBU8nJBMUMw9mgQlsZOtxXm6hUB29rdx9ILS5tdAHGTDWg
D8Zpv1vKWJkHsRU/m7eG7KKmE6Iwj5gU2WZINUObRKTj4z0HUG9mDWeev/WQYnWC
IkfB1/WXgwKmgYE/KJ+U2rM/YZlBC7AArY8CeK372zHe
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:30:34 2025 by rpki-client