Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/0db829-6ebe-482a-a412-61fd1df95727/1/F3EQQaS0u0Bp8t-nT_FHt0PFgeg.roa
File: F3EQQaS0u0Bp8t-nT_FHt0PFgeg.roa (raw, json)
Hash identifier: yvbEmWncChjDk9U9IcxH9S48aJ0JdVl3/pgLr/MJm2A=
Subject key identifier: 17:71:10:41:A4:B4:BB:40:69:F2:DF:A7:4F:F1:47:B7:43:C5:81:E8
Certificate issuer: /CN=097b6035e5717fc93a83e3e3ec817e6607643844
Certificate serial: 018CC56EDE7190776AF0EBA4AFEBB3702F89
Authority key identifier: 09:7B:60:35:E5:71:7F:C9:3A:83:E3:E3:EC:81:7E:66:07:64:38:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXtgNeVxf8k6g-Pj7IF-ZgdkOEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/0db829-6ebe-482a-a412-61fd1df95727/1/F3EQQaS0u0Bp8t-nT_FHt0PFgeg.roa
Signing time: Mon 01 Jan 2024 14:30:26 +0000
ROA not before: Mon 01 Jan 2024 14:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24904
IP address blocks: 185.238.4.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:de:71:90:77:6a:f0:eb:a4:af:eb:b3:70:2f:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097b6035e5717fc93a83e3e3ec817e6607643844
Validity
Not Before: Jan 1 14:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17711041a4b4bb4069f2dfa74ff147b743c581e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3c:ba:08:40:bc:8b:c9:30:e2:bd:84:11:0a:
ac:de:8d:92:f8:76:f5:64:e9:82:fc:f5:9e:d8:d0:
5a:46:3d:d0:14:aa:22:b7:4d:ea:54:00:6b:b8:98:
cf:a0:05:7d:21:5a:87:e0:28:11:b4:20:97:4d:94:
c3:f4:10:f9:c0:d1:53:40:4b:5f:9f:d2:b5:f2:8c:
b9:4a:f8:92:36:27:04:7d:52:0b:6b:10:a6:c8:a7:
6b:28:8b:61:d9:25:14:49:16:d0:73:44:2a:19:65:
65:8d:1a:78:2c:6f:05:bf:5d:fe:fe:fd:95:e4:93:
af:85:c5:0e:ed:89:48:4e:bb:65:7d:b4:f0:ff:ff:
77:13:50:44:d9:97:0a:dd:7d:fc:d5:2a:46:92:95:
94:ee:39:b6:6d:f1:de:7c:37:b7:df:d7:0d:94:bc:
f9:25:0c:1e:c3:ae:84:d1:d9:b6:94:07:fe:a1:9b:
38:60:b2:1d:0b:31:8b:ab:c6:49:ee:62:1c:85:63:
35:b9:f7:06:29:7e:95:b4:a0:3d:27:1e:e4:ba:03:
70:0f:26:33:23:6e:8e:06:74:ac:08:c6:ac:83:be:
cb:5f:b0:0c:6e:07:95:32:7e:5c:76:b4:3b:09:50:
9a:2b:2c:87:4f:d9:59:cd:8d:6f:87:64:b9:f8:8c:
9e:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:71:10:41:A4:B4:BB:40:69:F2:DF:A7:4F:F1:47:B7:43:C5:81:E8
X509v3 Authority Key Identifier:
keyid:09:7B:60:35:E5:71:7F:C9:3A:83:E3:E3:EC:81:7E:66:07:64:38:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXtgNeVxf8k6g-Pj7IF-ZgdkOEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/0db829-6ebe-482a-a412-61fd1df95727/1/F3EQQaS0u0Bp8t-nT_FHt0PFgeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/0db829-6ebe-482a-a412-61fd1df95727/1/CXtgNeVxf8k6g-Pj7IF-ZgdkOEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.4.0/22
Signature Algorithm: sha256WithRSAEncryption
15:9c:cc:ea:59:a8:79:05:b2:63:9d:fd:19:59:6f:32:c6:e7:
69:a1:99:d3:8a:4a:6e:0b:02:e7:f5:1a:73:c6:17:dc:34:60:
a2:51:ab:59:bd:96:8b:0f:6d:d6:b5:d0:f4:58:6b:ba:d5:e1:
49:e2:4d:44:ab:4c:13:3b:e5:f7:9f:e7:1a:89:45:f1:3f:5a:
76:39:65:23:70:94:67:0a:da:f4:1d:0e:aa:80:8f:67:60:e5:
66:1e:96:a2:51:28:27:15:f9:c7:cf:51:28:db:12:08:18:76:
9f:19:ef:43:6e:67:e3:de:64:6a:ea:61:93:7b:12:34:16:0c:
44:4e:6b:b3:f5:b0:c3:25:d5:d2:59:a3:20:06:03:14:52:61:
87:c8:15:17:02:a2:87:05:05:73:bd:6a:61:8b:9c:28:a6:cf:
5c:eb:af:ef:d0:e3:cf:20:a0:dc:9e:dc:45:c9:77:c0:33:06:
27:d2:e7:aa:85:95:2d:e8:60:fd:72:7b:a0:27:86:64:67:16:
d5:8d:4c:4a:df:39:24:2e:d1:32:f0:90:ec:83:75:b5:ee:3d:
03:3d:13:a7:48:ed:67:8a:5b:fe:e2:73:b7:2b:d3:ed:10:0a:
65:e4:6a:15:ca:8b:c5:64:40:27:7d:37:bc:cb:45:5d:42:95:
51:71:e5:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbt5xkHdq8Oukr+uzcC+JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5N2I2MDM1ZTU3MTdmYzkzYTgzZTNlM2VjODE3ZTY2MDc2
NDM4NDQwHhcNMjQwMTAxMTQzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzcxMTA0MWE0YjRiYjQwNjlmMmRmYTc0ZmYxNDdiNzQzYzU4MWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDy6CEC8i8kw4r2EEQqs3o2S+Hb1
ZOmC/PWe2NBaRj3QFKoit03qVABruJjPoAV9IVqH4CgRtCCXTZTD9BD5wNFTQEtf
n9K18oy5SviSNicEfVILaxCmyKdrKIth2SUUSRbQc0QqGWVljRp4LG8Fv13+/v2V
5JOvhcUO7YlITrtlfbTw//93E1BE2ZcK3X381SpGkpWU7jm2bfHefDe339cNlLz5
JQwew66E0dm2lAf+oZs4YLIdCzGLq8ZJ7mIchWM1ufcGKX6VtKA9Jx7kugNwDyYz
I26OBnSsCMasg77LX7AMbgeVMn5cdrQ7CVCaKyyHT9lZzY1vh2S5+IyexQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBdxEEGktLtAafLfp0/xR7dDxYHoMB8GA1UdIwQY
MBaAFAl7YDXlcX/JOoPj4+yBfmYHZDhEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1h0Z05lVnhmOGs2Zy1QajdJRi1aZ2RrT0VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8wZGI4MjktNmViZS00ODJhLWE0MTIt
NjFmZDFkZjk1NzI3LzEvRjNFUVFhUzB1MEJwOHQtblRfRkh0MFBGZ2VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8wZGI4MjktNmViZS00ODJhLWE0MTItNjFmZDFkZjk1NzI3
LzEvQ1h0Z05lVnhmOGs2Zy1QajdJRi1aZ2RrT0VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCue4EMA0G
CSqGSIb3DQEBCwUAA4IBAQAVnMzqWah5BbJjnf0ZWW8yxudpoZnTikpuCwLn9Rpz
xhfcNGCiUatZvZaLD23WtdD0WGu61eFJ4k1Eq0wTO+X3n+caiUXxP1p2OWUjcJRn
Ctr0HQ6qgI9nYOVmHpaiUSgnFfnHz1Eo2xIIGHafGe9Dbmfj3mRq6mGTexI0FgxE
Tmuz9bDDJdXSWaMgBgMUUmGHyBUXAqKHBQVzvWphi5wops9c66/v0OPPIKDcntxF
yXfAMwYn0ueqhZUt6GD9cnugJ4ZkZxbVjUxK3zkkLtEy8JDsg3W17j0DPROnSO1n
ilv+4nO3K9PtEApl5GoVyovFZEAnfTe8y0VdQpVRceVP
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:23:41 2025 by rpki-client