Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/hoHTl1m6cmbjZsiIQkoEOHjQ3kM.roa
File: hoHTl1m6cmbjZsiIQkoEOHjQ3kM.roa (raw, json)
Hash identifier: EMgS8dpLj+OgSV8heKzcnSRfQm5feZlAq7WF1eCi/CU=
Subject key identifier: 86:81:D3:97:59:BA:72:66:E3:66:C8:88:42:4A:04:38:78:D0:DE:43
Certificate issuer: /CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Certificate serial: 018CC86F4C02250CD48C7A61A6821FDD5763
Authority key identifier: 66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/hoHTl1m6cmbjZsiIQkoEOHjQ3kM.roa
Signing time: Tue 02 Jan 2024 04:29:46 +0000
ROA not before: Tue 02 Jan 2024 04:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61319
IP address blocks: 185.10.252.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:4c:02:25:0c:d4:8c:7a:61:a6:82:1f:dd:57:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Validity
Not Before: Jan 2 04:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8681d39759ba7266e366c888424a043878d0de43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:20:04:65:f8:e6:1e:d8:eb:60:b0:a1:4a:a2:
1a:19:c0:a0:14:77:59:89:6d:b1:bd:79:14:7f:b7:
22:f2:12:ce:59:ba:fe:5a:24:ba:ae:10:66:52:c4:
aa:ea:95:87:a4:3e:4a:87:25:38:ad:9f:bf:e6:73:
dd:26:5b:ed:a8:a1:78:dc:7d:90:bd:c0:a3:67:81:
cb:81:71:c6:1b:23:26:7e:59:48:17:6f:c2:f8:1f:
6d:e8:06:26:b0:a8:db:e3:86:d3:8c:5e:0a:00:32:
35:42:16:bc:b4:14:05:f4:bb:e0:1d:6d:91:88:82:
32:2e:17:f3:71:3a:e2:6a:5a:93:5a:d1:5f:8d:8d:
44:d1:c9:39:74:9b:4d:cb:67:00:75:48:28:7c:70:
fb:a7:92:8d:b6:17:52:bd:ee:7a:10:aa:b8:6e:db:
d1:c3:6c:09:95:a6:49:fb:3f:e6:6d:aa:8a:d5:0d:
db:75:6c:4c:4b:02:5a:6a:9f:8b:cf:f8:11:62:0c:
ce:e4:58:18:a1:53:4d:45:f2:ab:b8:cc:8a:b2:56:
83:83:0c:95:db:ad:af:31:cd:bd:b7:f9:69:43:de:
1a:03:c3:a8:56:ef:63:90:4b:76:16:06:0b:63:ef:
86:d8:63:0a:29:16:d1:c9:de:43:80:8f:30:8b:e2:
1d:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:81:D3:97:59:BA:72:66:E3:66:C8:88:42:4A:04:38:78:D0:DE:43
X509v3 Authority Key Identifier:
keyid:66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/hoHTl1m6cmbjZsiIQkoEOHjQ3kM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.10.252.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:6f:bc:ac:9b:94:6b:c7:b8:2b:c0:29:7e:a7:7e:53:b7:a7:
6c:8b:8f:73:12:d2:89:8c:c4:f8:f8:07:d3:bf:c0:df:c8:eb:
f3:1e:e4:cf:5d:97:39:fb:b3:8d:ce:83:e7:70:aa:ac:6f:de:
79:c9:4d:f3:ee:ab:48:12:9f:b7:17:8c:04:2e:9e:79:7e:21:
4b:53:24:32:90:76:bc:56:8f:96:3a:05:82:3e:6a:1b:86:28:
21:2f:88:f3:e9:d9:62:0f:26:ae:09:c9:14:f1:bd:69:e4:2b:
44:76:18:e0:e2:11:28:b6:53:cc:7f:c9:da:ac:9b:07:b5:55:
e9:69:3a:7f:f5:c7:3a:0c:46:2f:09:cb:aa:dc:f3:e5:01:09:
8e:52:28:ec:10:d3:a2:93:fb:c4:c1:6f:5b:d4:51:51:93:70:
92:32:59:58:11:d8:e3:1c:9a:cb:f6:8e:db:1d:c5:01:1f:13:
1b:c1:61:7d:86:b7:a3:d5:af:9f:78:b0:ae:fd:77:72:fd:c9:
02:c8:59:9f:b7:c4:75:f5:a7:41:c6:84:a1:e1:5a:ce:13:39:
be:73:26:32:76:b1:e0:0d:ca:eb:01:04:cd:28:d1:69:f4:c2:
14:bd:fb:9d:80:40:3f:96:57:96:39:c3:f4:ca:ca:dc:77:b7:
cc:0a:05:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb0wCJQzUjHphpoIf3VdjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGUxZDlkY2RiMjVjMWU1MzJjNWM5YjY5ZGZhNzU3ZTMw
NjIxMGUwHhcNMjQwMTAyMDQyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjgxZDM5NzU5YmE3MjY2ZTM2NmM4ODg0MjRhMDQzODc4ZDBkZTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiAEZfjmHtjrYLChSqIaGcCgFHdZ
iW2xvXkUf7ci8hLOWbr+WiS6rhBmUsSq6pWHpD5KhyU4rZ+/5nPdJlvtqKF43H2Q
vcCjZ4HLgXHGGyMmfllIF2/C+B9t6AYmsKjb44bTjF4KADI1Qha8tBQF9LvgHW2R
iIIyLhfzcTrialqTWtFfjY1E0ck5dJtNy2cAdUgofHD7p5KNthdSve56EKq4btvR
w2wJlaZJ+z/mbaqK1Q3bdWxMSwJaap+Lz/gRYgzO5FgYoVNNRfKruMyKslaDgwyV
262vMc29t/lpQ94aA8OoVu9jkEt2FgYLY++G2GMKKRbRyd5DgI8wi+IdSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIaB05dZunJm42bIiEJKBDh40N5DMB8GA1UdIwQY
MBaAFGbeHZ3NslweUyxcm2nfp1fjBiEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYt
NDA0Nzk4NzA5NzZlLzEvaG9IVGwxbTZjbWJqWnNpSVFrb0VPSGpRM2tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYtNDA0Nzk4NzA5NzZl
LzEvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQr8MA0G
CSqGSIb3DQEBCwUAA4IBAQCPb7ysm5Rrx7grwCl+p35Tt6dsi49zEtKJjMT4+AfT
v8DfyOvzHuTPXZc5+7ONzoPncKqsb955yU3z7qtIEp+3F4wELp55fiFLUyQykHa8
Vo+WOgWCPmobhighL4jz6dliDyauCckU8b1p5CtEdhjg4hEotlPMf8narJsHtVXp
aTp/9cc6DEYvCcuq3PPlAQmOUijsENOik/vEwW9b1FFRk3CSMllYEdjjHJrL9o7b
HcUBHxMbwWF9hrej1a+feLCu/Xdy/ckCyFmft8R19adBxoSh4VrOEzm+cyYydrHg
DcrrAQTNKNFp9MIUvfudgEA/lleWOcP0ysrcd7fMCgUs
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:47:20 2025 by rpki-client