Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/d32cd4-ba93-4f16-899c-ccdadf7f65f2/1/lQRUgNr26AdoCiVXm-GUqjZ21x4.roa
File: lQRUgNr26AdoCiVXm-GUqjZ21x4.roa (raw, json)
Hash identifier: k+5J8o86/bcjGJ9GCuau0cQUK4KmmV+hdARQ50yhp/g=
Subject key identifier: 95:04:54:80:DA:F6:E8:07:68:0A:25:57:9B:E1:94:AA:36:76:D7:1E
Certificate issuer: /CN=3b3363e47e69ebc5d1c2251ddd5dac7c98989922
Certificate serial: 01856D6F4D1DF59E3F1708E630456B7CA21F
Authority key identifier: 3B:33:63:E4:7E:69:EB:C5:D1:C2:25:1D:DD:5D:AC:7C:98:98:99:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OzNj5H5p68XRwiUd3V2sfJiYmSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/d32cd4-ba93-4f16-899c-ccdadf7f65f2/1/lQRUgNr26AdoCiVXm-GUqjZ21x4.roa
Signing time: Sun 01 Jan 2023 13:04:48 +0000
ROA not before: Sun 01 Jan 2023 13:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206355
IP address blocks: 185.192.136.0/22 maxlen: 22
2a0a:2cc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:4d:1d:f5:9e:3f:17:08:e6:30:45:6b:7c:a2:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b3363e47e69ebc5d1c2251ddd5dac7c98989922
Validity
Not Before: Jan 1 13:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95045480daf6e807680a25579be194aa3676d71e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c2:c9:92:d8:32:08:9d:0d:a0:2b:93:4a:02:
7c:d9:04:1b:ee:e9:1f:d7:34:2c:67:fc:5d:f6:6e:
26:c9:4f:ce:c0:74:38:91:53:22:94:af:c0:48:f8:
bb:00:3d:14:07:f7:2a:87:28:26:40:e5:e8:1a:de:
62:63:d7:f8:b0:41:e5:49:80:40:26:82:76:17:ea:
ad:84:20:79:8b:3e:6d:0d:df:e5:53:e6:c4:2b:02:
81:7a:d8:12:67:18:5f:de:2c:ee:73:fe:3a:00:4b:
a3:c0:ac:4f:e1:6d:40:67:09:10:53:c0:5c:fa:e1:
df:25:51:19:dc:0a:d7:a9:88:2a:ed:d6:73:7e:41:
06:7d:bb:fb:11:12:2f:da:34:af:3a:63:02:08:b6:
7c:8e:d0:70:a6:4c:50:40:2f:e3:19:bb:13:b4:c6:
d0:61:e5:4d:6e:74:74:09:17:53:0d:bf:34:58:af:
21:ff:08:26:1b:a7:e9:23:f3:b9:e3:7c:24:c3:0b:
e6:c9:2c:9f:2b:0f:0a:53:2f:1d:d0:c3:43:ba:16:
6f:c1:40:76:8e:73:23:ba:60:14:04:5b:27:33:90:
6c:02:09:a7:3b:ef:65:1a:c3:7e:82:e2:de:35:a7:
bf:ce:28:95:89:a9:d0:de:5e:cb:05:c2:9b:f2:00:
1d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:04:54:80:DA:F6:E8:07:68:0A:25:57:9B:E1:94:AA:36:76:D7:1E
X509v3 Authority Key Identifier:
keyid:3B:33:63:E4:7E:69:EB:C5:D1:C2:25:1D:DD:5D:AC:7C:98:98:99:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OzNj5H5p68XRwiUd3V2sfJiYmSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/d32cd4-ba93-4f16-899c-ccdadf7f65f2/1/lQRUgNr26AdoCiVXm-GUqjZ21x4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/d32cd4-ba93-4f16-899c-ccdadf7f65f2/1/OzNj5H5p68XRwiUd3V2sfJiYmSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.192.136.0/22
IPv6:
2a0a:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
97:c3:4d:2f:e2:f1:8b:b2:c1:3f:2b:3f:8d:be:09:b6:ca:03:
f2:33:84:96:5c:4e:d7:4d:71:18:26:09:1f:01:53:cf:24:7e:
58:f6:95:da:8b:6c:d7:f5:c9:d8:c2:4d:68:4e:6a:8a:5d:db:
c9:ff:82:ff:de:12:c3:32:f1:02:cf:82:07:1f:db:69:52:f9:
15:db:28:c7:08:3f:a0:0f:bb:ff:c4:66:a9:dc:f0:41:46:a5:
3c:59:16:25:f7:28:70:93:eb:2c:b2:aa:71:16:96:dc:ed:d3:
76:a0:f7:f7:ca:5d:83:be:0c:5b:44:82:e1:eb:97:63:70:a7:
eb:27:1b:2b:03:ad:bd:85:7f:a5:4a:6e:3b:a5:c1:d2:fa:64:
eb:8d:01:b7:72:71:39:15:d6:f1:4e:e3:23:6a:a5:4c:a8:1b:
f5:ed:64:6f:03:f2:a9:a6:2d:0b:a5:b6:14:cf:41:77:f6:72:
f2:23:7b:f3:ac:43:81:0b:6f:cf:f7:37:18:46:51:cf:b2:c8:
30:ee:e1:ba:78:38:b1:89:fa:ce:26:76:d1:e2:32:f2:8c:c0:
57:dc:ab:11:70:4b:0f:00:f5:45:5c:b6:a4:74:e0:99:5c:18:
55:37:ca:6e:9a:de:57:47:ac:5c:41:b0:a0:02:53:64:4e:5f:
0f:03:29:96
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtb00d9Z4/FwjmMEVrfKIfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMzM2M2U0N2U2OWViYzVkMWMyMjUxZGRkNWRhYzdjOTg5
ODk5MjIwHhcNMjMwMTAxMTMwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTA0NTQ4MGRhZjZlODA3NjgwYTI1NTc5YmUxOTRhYTM2NzZkNzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMLJktgyCJ0NoCuTSgJ82QQb7ukf
1zQsZ/xd9m4myU/OwHQ4kVMilK/ASPi7AD0UB/cqhygmQOXoGt5iY9f4sEHlSYBA
JoJ2F+qthCB5iz5tDd/lU+bEKwKBetgSZxhf3izuc/46AEujwKxP4W1AZwkQU8Bc
+uHfJVEZ3ArXqYgq7dZzfkEGfbv7ERIv2jSvOmMCCLZ8jtBwpkxQQC/jGbsTtMbQ
YeVNbnR0CRdTDb80WK8h/wgmG6fpI/O543wkwwvmySyfKw8KUy8d0MNDuhZvwUB2
jnMjumAUBFsnM5BsAgmnO+9lGsN+guLeNae/ziiVianQ3l7LBcKb8gAdMQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJUEVIDa9ugHaAolV5vhlKo2dtceMB8GA1UdIwQY
MBaAFDszY+R+aevF0cIlHd1drHyYmJkiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3pOajVINXA2OFhSd2lVZDNWMnNmSmlZbVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9kMzJjZDQtYmE5My00ZjE2LTg5OWMt
Y2NkYWRmN2Y2NWYyLzEvbFFSVWdOcjI2QWRvQ2lWWG0tR1VxaloyMXg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9kMzJjZDQtYmE5My00ZjE2LTg5OWMtY2NkYWRmN2Y2NWYy
LzEvT3pOajVINXA2OFhSd2lVZDNWMnNmSmlZbVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucCIMA0E
AgACMAcDBQMqCizAMA0GCSqGSIb3DQEBCwUAA4IBAQCXw00v4vGLssE/Kz+Nvgm2
ygPyM4SWXE7XTXEYJgkfAVPPJH5Y9pXai2zX9cnYwk1oTmqKXdvJ/4L/3hLDMvEC
z4IHH9tpUvkV2yjHCD+gD7v/xGap3PBBRqU8WRYl9yhwk+sssqpxFpbc7dN2oPf3
yl2DvgxbRILh65djcKfrJxsrA629hX+lSm47pcHS+mTrjQG3cnE5FdbxTuMjaqVM
qBv17WRvA/Kppi0LpbYUz0F39nLyI3vzrEOBC2/P9zcYRlHPssgw7uG6eDixifrO
JnbR4jLyjMBX3KsRcEsPAPVFXLakdOCZXBhVN8pumt5XR6xcQbCgAlNkTl8PAymW
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:37:51 2025 by rpki-client