Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/cd05d5-373a-45ff-84ba-404c00adec91/1/OD0jkooTt-P7t7BlTbmc9G6p2E8.roa
File: OD0jkooTt-P7t7BlTbmc9G6p2E8.roa (raw, json)
Hash identifier: zbAOD5sSJjX87MUBAhgkP6j8BupFaS+qr687qgYxv14=
Subject key identifier: 38:3D:23:92:8A:13:B7:E3:FB:B7:B0:65:4D:B9:9C:F4:6E:A9:D8:4F
Certificate issuer: /CN=c8a627e6a67f7b697d8fbaf2c9b075e7c72eab0b
Certificate serial: 3E985C
Authority key identifier: C8:A6:27:E6:A6:7F:7B:69:7D:8F:BA:F2:C9:B0:75:E7:C7:2E:AB:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yKYn5qZ_e2l9j7ryybB158cuqws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/cd05d5-373a-45ff-84ba-404c00adec91/1/OD0jkooTt-P7t7BlTbmc9G6p2E8.roa
Signing time: Sat 12 Mar 2022 11:54:14 +0000
ROA not before: Sat 12 Mar 2022 11:54:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207626
IP address blocks: 185.92.208.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4102236 (0x3e985c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8a627e6a67f7b697d8fbaf2c9b075e7c72eab0b
Validity
Not Before: Mar 12 11:54:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=383d23928a13b7e3fbb7b0654db99cf46ea9d84f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d7:df:8d:7e:7c:64:75:01:aa:5c:d1:a8:10:
01:a4:cf:bf:95:94:fc:43:ef:f1:02:69:0d:31:dd:
a4:51:34:03:df:47:96:8e:c6:64:a9:59:f2:21:98:
d9:f3:9e:ed:9e:b8:35:ef:bd:9c:e3:e5:95:35:bd:
cc:74:30:d1:31:ca:e7:16:75:a2:c6:c7:c5:a8:80:
bd:c7:65:33:f7:f3:81:4f:cc:dc:47:47:5b:69:d0:
1e:d0:aa:f6:97:08:0a:ea:f4:8e:92:35:a0:9c:6b:
b3:45:82:aa:76:11:af:d3:c4:0a:23:eb:19:9b:03:
28:4c:59:33:59:84:4c:39:88:b1:6b:d5:f3:7e:f7:
ec:8e:bf:ef:d7:62:59:93:fe:a3:59:6c:46:f4:d4:
dd:23:66:54:2c:42:9d:a0:ee:8f:b9:4b:59:1c:3f:
5c:0f:a8:f6:4a:c2:db:d2:4a:52:a2:eb:b0:ae:75:
d4:60:b3:16:8f:e6:1f:4e:8f:50:5e:99:f4:e6:46:
de:e5:ef:9d:25:25:74:38:75:20:02:49:83:74:45:
4c:a5:d7:72:76:bb:32:bc:16:8b:69:a4:d8:d1:05:
38:62:2d:8b:30:28:d7:11:fb:5d:e3:f2:57:3f:91:
42:7f:45:70:99:72:88:f5:e8:ce:17:83:dc:c7:93:
8f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:3D:23:92:8A:13:B7:E3:FB:B7:B0:65:4D:B9:9C:F4:6E:A9:D8:4F
X509v3 Authority Key Identifier:
keyid:C8:A6:27:E6:A6:7F:7B:69:7D:8F:BA:F2:C9:B0:75:E7:C7:2E:AB:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKYn5qZ_e2l9j7ryybB158cuqws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/cd05d5-373a-45ff-84ba-404c00adec91/1/OD0jkooTt-P7t7BlTbmc9G6p2E8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/cd05d5-373a-45ff-84ba-404c00adec91/1/yKYn5qZ_e2l9j7ryybB158cuqws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.92.208.0/24
Signature Algorithm: sha256WithRSAEncryption
95:f7:e8:21:a9:4e:2a:4a:e8:2c:f1:c7:63:e1:7c:48:f2:2e:
65:a5:7a:4b:73:cb:e9:10:60:7a:77:24:60:9c:fe:29:36:24:
95:6a:bb:b9:77:8e:5a:25:74:94:3b:cf:2a:a5:3f:b1:c8:50:
97:e8:70:63:bb:ea:45:b3:92:cb:88:71:7e:09:d6:6c:d8:82:
1c:96:da:b4:c9:ba:08:37:43:24:91:cf:07:70:67:83:0b:ab:
ff:d0:5a:56:2d:a4:45:94:df:38:f5:f2:c6:98:ae:26:59:8d:
52:65:a2:66:38:6d:02:55:29:ac:c2:c6:2a:78:f9:5c:bb:ee:
96:87:44:ee:b3:ae:f8:52:0a:1c:40:be:3f:be:20:38:22:d7:
dc:6e:8e:2f:35:b3:5f:d0:11:3a:61:ba:18:d9:14:1e:8c:a3:
d5:b6:3a:cd:83:a7:17:16:b1:cb:6d:05:ea:b8:5d:28:ba:a6:
25:86:16:1a:61:c8:3b:67:46:cd:49:54:84:a4:46:e9:b1:ca:
5e:4f:85:ae:86:cf:5c:9f:bb:bf:21:af:73:a6:fb:62:5c:03:
49:e7:ad:45:0e:c4:7e:3c:b5:e7:ab:84:c9:62:c0:73:ee:83:
81:5c:00:61:a0:02:88:50:50:26:86:e8:63:01:c4:13:f2:9a:
af:3a:14:39
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDPphcMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM4
YTYyN2U2YTY3ZjdiNjk3ZDhmYmFmMmM5YjA3NWU3YzcyZWFiMGIwHhcNMjIwMzEy
MTE1NDE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzODNkMjM5MjhhMTNi
N2UzZmJiN2IwNjU0ZGI5OWNmNDZlYTlkODRmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAx9ffjX58ZHUBqlzRqBABpM+/lZT8Q+/xAmkNMd2kUTQD30eW
jsZkqVnyIZjZ857tnrg1772c4+WVNb3MdDDRMcrnFnWixsfFqIC9x2Uz9/OBT8zc
R0dbadAe0Kr2lwgK6vSOkjWgnGuzRYKqdhGv08QKI+sZmwMoTFkzWYRMOYixa9Xz
fvfsjr/v12JZk/6jWWxG9NTdI2ZULEKdoO6PuUtZHD9cD6j2SsLb0kpSouuwrnXU
YLMWj+YfTo9QXpn05kbe5e+dJSV0OHUgAkmDdEVMpddydrsyvBaLaaTY0QU4Yi2L
MCjXEftd4/JXP5FCf0VwmXKI9ejOF4Pcx5OPuwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFDg9I5KKE7fj+7ewZU25nPRuqdhPMB8GA1UdIwQYMBaAFMimJ+amf3tpfY+6
8smwdefHLqsLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
eUtZbjVxWl9lMmw5ajdyeXliQjE1OGN1cXdzLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC82MC9jZDA1ZDUtMzczYS00NWZmLTg0YmEtNDA0YzAwYWRlYzkxLzEv
T0Qwamtvb1R0LVA3dDdCbFRibWM5RzZwMkU4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9j
ZDA1ZDUtMzczYS00NWZmLTg0YmEtNDA0YzAwYWRlYzkxLzEveUtZbjVxWl9lMmw5
ajdyeXliQjE1OGN1cXdzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVzQMA0GCSqGSIb3DQEBCwUAA4IB
AQCV9+ghqU4qSugs8cdj4XxI8i5lpXpLc8vpEGB6dyRgnP4pNiSVaru5d45aJXSU
O88qpT+xyFCX6HBju+pFs5LLiHF+CdZs2IIcltq0yboIN0Mkkc8HcGeDC6v/0FpW
LaRFlN849fLGmK4mWY1SZaJmOG0CVSmswsYqePlcu+6Wh0Tus674UgocQL4/viA4
Itfcbo4vNbNf0BE6YboY2RQejKPVtjrNg6cXFrHLbQXquF0ouqYlhhYaYcg7Z0bN
SVSEpEbpscpeT4Wuhs9cn7u/Ia9zpvtiXANJ561FDsR+PLXnq4TJYsBz7oOBXABh
oAKIUFAmhuhjAcQT8pqvOhQ5
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:17:28 2025 by rpki-client