Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/654968-d18e-4dc9-a50e-67521fea4ddd/1/US2aP4Nc5GZN9E-CFYgCC0uXHCM.roa
File: US2aP4Nc5GZN9E-CFYgCC0uXHCM.roa (raw, json)
Hash identifier: bznKVnBbh+bSJ6e/BpboZOSwer/EPKGkM/3Xbe3WUFA=
Subject key identifier: 51:2D:9A:3F:83:5C:E4:66:4D:F4:4F:82:15:88:02:0B:4B:97:1C:23
Certificate issuer: /CN=42353f86149491271024582d461ef55cad776166
Certificate serial: 03C7CA6C
Authority key identifier: 42:35:3F:86:14:94:91:27:10:24:58:2D:46:1E:F5:5C:AD:77:61:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QjU_hhSUkScQJFgtRh71XK13YWY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/654968-d18e-4dc9-a50e-67521fea4ddd/1/US2aP4Nc5GZN9E-CFYgCC0uXHCM.roa
Signing time: Sat 01 Jan 2022 07:58:22 +0000
ROA not before: Sat 01 Jan 2022 07:58:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8220
IP address blocks: 185.138.136.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63425132 (0x3c7ca6c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42353f86149491271024582d461ef55cad776166
Validity
Not Before: Jan 1 07:58:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=512d9a3f835ce4664df44f821588020b4b971c23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c1:6e:7b:61:c0:5d:59:e3:64:c8:92:f0:be:
74:f9:e1:10:4f:87:ed:16:26:35:14:8b:fe:14:2d:
c2:0c:ad:83:b1:7b:58:28:72:73:46:29:36:7d:67:
2a:8e:a8:93:1e:79:52:ec:eb:9c:0b:29:16:ba:23:
a8:c6:53:05:96:cc:9c:2a:99:b0:25:b9:7a:86:56:
ad:23:df:8c:6d:4d:98:9f:71:02:2e:ce:65:bf:9e:
9f:dd:57:3c:88:02:0a:4e:fb:63:2d:ca:44:1c:59:
fc:ad:65:a3:4b:cd:88:21:24:df:19:ff:82:ee:b7:
52:37:38:81:6f:24:9a:29:b8:91:b6:bf:01:9d:e5:
06:41:ee:6e:cc:da:b4:f2:33:cd:05:32:72:cb:af:
2f:ff:80:d7:23:28:ce:d9:c0:18:6a:ac:bb:d5:c3:
ed:47:56:04:36:81:ff:76:e1:fb:bf:60:0d:a1:7a:
bf:1b:0c:3f:6a:4e:39:b0:d3:ec:20:71:79:96:0d:
53:8e:6f:b0:78:e9:ef:1c:56:07:ef:e5:cf:61:8e:
41:fc:7d:2f:fe:d0:4d:bd:a9:e4:87:27:66:ce:ad:
2a:c7:bc:41:b6:e9:ba:82:59:7a:13:ff:39:de:67:
be:7d:d8:e5:ce:b1:14:d6:ff:3f:34:52:6a:4f:4a:
b4:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:2D:9A:3F:83:5C:E4:66:4D:F4:4F:82:15:88:02:0B:4B:97:1C:23
X509v3 Authority Key Identifier:
keyid:42:35:3F:86:14:94:91:27:10:24:58:2D:46:1E:F5:5C:AD:77:61:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QjU_hhSUkScQJFgtRh71XK13YWY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/654968-d18e-4dc9-a50e-67521fea4ddd/1/US2aP4Nc5GZN9E-CFYgCC0uXHCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/654968-d18e-4dc9-a50e-67521fea4ddd/1/QjU_hhSUkScQJFgtRh71XK13YWY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.136.0/22
Signature Algorithm: sha256WithRSAEncryption
12:43:4b:21:e1:f5:b5:f3:8a:99:cb:ee:ce:a3:88:94:13:17:
8f:3f:8c:cf:e4:78:4e:ff:11:77:d3:cb:66:86:9b:43:eb:f9:
6c:de:a8:8a:1e:1b:86:a2:b8:7d:2d:ad:d2:e5:e1:22:9a:52:
5f:2c:7f:b0:77:e5:d1:1a:41:e4:60:3a:d3:84:de:7d:03:69:
84:9d:82:b2:86:0d:7a:c5:0d:69:7e:7a:41:fe:51:35:98:3e:
e0:6e:b7:b1:03:fc:c2:0a:2d:21:1a:e4:1a:19:e9:fd:4b:13:
24:3a:d1:36:e1:8c:7b:36:e6:47:cf:5c:ee:0f:3d:d2:3a:a1:
7c:e3:89:fd:4c:bb:85:f7:fd:b8:09:43:90:98:de:ee:20:a3:
2e:e7:b9:2e:94:66:06:bd:ca:e9:49:79:44:3d:57:2a:0b:56:
de:0f:8b:33:c1:95:be:b6:63:8c:0d:16:1b:79:5f:be:b3:9e:
ed:10:d6:ec:83:a7:e2:73:23:65:b6:59:d9:6f:ab:44:24:f0:
04:b8:27:55:a3:29:c2:4f:99:d4:cd:ae:1e:75:77:4e:7d:3c:
4a:3c:72:00:52:ba:fb:60:c9:08:5b:04:9d:4f:0f:e2:e3:97:
43:a0:05:dd:c0:ce:69:35:5f:0a:96:2f:01:af:d1:fb:c4:c2:
84:60:26:7f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA8fKbDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MjM1M2Y4NjE0OTQ5MTI3MTAyNDU4MmQ0NjFlZjU1Y2FkNzc2MTY2MB4XDTIyMDEw
MTA3NTgyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTEyZDlhM2Y4MzVj
ZTQ2NjRkZjQ0ZjgyMTU4ODAyMGI0Yjk3MWMyMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKjBbnthwF1Z42TIkvC+dPnhEE+H7RYmNRSL/hQtwgytg7F7
WChyc0YpNn1nKo6okx55UuzrnAspFrojqMZTBZbMnCqZsCW5eoZWrSPfjG1NmJ9x
Ai7OZb+en91XPIgCCk77Yy3KRBxZ/K1lo0vNiCEk3xn/gu63Ujc4gW8kmim4kba/
AZ3lBkHubszatPIzzQUycsuvL/+A1yMoztnAGGqsu9XD7UdWBDaB/3bh+79gDaF6
vxsMP2pOObDT7CBxeZYNU45vsHjp7xxWB+/lz2GOQfx9L/7QTb2p5IcnZs6tKse8
QbbpuoJZehP/Od5nvn3Y5c6xFNb/PzRSak9KtIsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRRLZo/g1zkZk30T4IViAILS5ccIzAfBgNVHSMEGDAWgBRCNT+GFJSRJxAk
WC1GHvVcrXdhZjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FqVV9oaFNVa1NjUUpGZ3RSaDcxWEsxM1lXWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvNjU0OTY4LWQxOGUtNGRjOS1hNTBlLTY3NTIxZmVhNGRkZC8x
L1VTMmFQNE5jNUdaTjlFLUNGWWdDQzB1WEhDTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
NjU0OTY4LWQxOGUtNGRjOS1hNTBlLTY3NTIxZmVhNGRkZC8xL1FqVV9oaFNVa1Nj
UUpGZ3RSaDcxWEsxM1lXWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmKiDANBgkqhkiG9w0BAQsFAAOC
AQEAEkNLIeH1tfOKmcvuzqOIlBMXjz+Mz+R4Tv8Rd9PLZoabQ+v5bN6oih4bhqK4
fS2t0uXhIppSXyx/sHfl0RpB5GA604TefQNphJ2CsoYNesUNaX56Qf5RNZg+4G63
sQP8wgotIRrkGhnp/UsTJDrRNuGMezbmR89c7g890jqhfOOJ/Uy7hff9uAlDkJje
7iCjLue5LpRmBr3K6Ul5RD1XKgtW3g+LM8GVvrZjjA0WG3lfvrOe7RDW7IOn4nMj
ZbZZ2W+rRCTwBLgnVaMpwk+Z1M2uHnV3Tn08SjxyAFK6+2DJCFsEnU8P4uOXQ6AF
3cDOaTVfCpYvAa/R+8TChGAmfw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:37 2025 by rpki-client