Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/708b4d-a63f-439d-9cce-148abff919ad/1/iYDvO_CxOabMqCcfEa0r8BMtHpU.roa
File: iYDvO_CxOabMqCcfEa0r8BMtHpU.roa (raw, json)
Hash identifier: POiNU0IVFhdJe+lo4mKSkn/IjKP+LDXZw9kMlQlR8C4=
Subject key identifier: 89:80:EF:3B:F0:B1:39:A6:CC:A8:27:1F:11:AD:2B:F0:13:2D:1E:95
Certificate issuer: /CN=1bfc7738cd0fd0e0447f9d749ce6a39047fdcbac
Certificate serial: 018989DC5A7B3A2B4668E02959E05A86FD90
Authority key identifier: 1B:FC:77:38:CD:0F:D0:E0:44:7F:9D:74:9C:E6:A3:90:47:FD:CB:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G_x3OM0P0OBEf510nOajkEf9y6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/708b4d-a63f-439d-9cce-148abff919ad/1/iYDvO_CxOabMqCcfEa0r8BMtHpU.roa
Signing time: Mon 24 Jul 2023 21:44:26 +0000
ROA not before: Mon 24 Jul 2023 21:44:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204694
IP address blocks: 185.243.72.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:89:dc:5a:7b:3a:2b:46:68:e0:29:59:e0:5a:86:fd:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bfc7738cd0fd0e0447f9d749ce6a39047fdcbac
Validity
Not Before: Jul 24 21:44:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8980ef3bf0b139a6cca8271f11ad2bf0132d1e95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:a6:9b:c2:1b:2e:44:4e:ce:29:02:aa:7b:b0:
77:de:b6:05:81:90:88:02:c7:8a:3c:59:0e:79:b1:
e6:1f:98:a7:3e:86:c4:68:d7:4f:5c:87:e0:a5:e2:
d5:81:66:98:3d:8e:61:ff:fd:f9:6d:5c:54:d2:37:
a9:ed:d1:6d:52:8e:00:56:b2:85:44:a0:c5:7b:26:
fd:70:48:e0:e3:87:55:6c:66:ae:f8:11:14:27:9f:
17:74:c3:10:9d:b2:0d:9e:e0:dc:f2:de:d3:c8:d9:
19:87:93:dd:65:c4:12:42:4a:2e:84:1b:a1:3f:50:
8e:6d:9f:62:d6:55:b1:a2:ff:fa:d8:6d:f7:b9:1b:
25:0c:cd:89:f7:cf:3b:21:85:39:80:43:c7:d6:1d:
7b:b6:5e:cb:21:72:80:3d:ec:71:3d:ec:12:b3:a8:
71:b8:d5:67:54:bb:6e:b9:de:ab:ed:65:33:d4:d0:
f2:3f:58:47:d8:29:77:61:b1:79:ef:0a:2f:08:b8:
01:96:31:b3:11:05:c6:2a:00:5c:a8:b0:76:48:5b:
56:14:a1:db:b8:ba:04:28:30:7c:22:75:f7:f8:13:
9a:d7:96:31:ee:da:e6:e5:09:b0:8e:8c:f5:0d:5d:
2d:11:33:e0:81:0d:b4:4f:c4:18:20:2c:97:dd:af:
4d:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:80:EF:3B:F0:B1:39:A6:CC:A8:27:1F:11:AD:2B:F0:13:2D:1E:95
X509v3 Authority Key Identifier:
keyid:1B:FC:77:38:CD:0F:D0:E0:44:7F:9D:74:9C:E6:A3:90:47:FD:CB:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_x3OM0P0OBEf510nOajkEf9y6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/708b4d-a63f-439d-9cce-148abff919ad/1/iYDvO_CxOabMqCcfEa0r8BMtHpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/708b4d-a63f-439d-9cce-148abff919ad/1/G_x3OM0P0OBEf510nOajkEf9y6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.72.0/22
Signature Algorithm: sha256WithRSAEncryption
27:f0:57:e7:3a:93:84:b4:cc:1b:12:a4:45:46:63:d4:a7:b1:
c3:03:c7:b5:f5:20:ba:9a:8a:fa:cb:52:6b:69:e7:35:5f:46:
9b:0d:d1:f8:b9:49:60:dd:e2:65:d9:37:b7:fe:fd:e6:55:b1:
b6:6f:54:eb:dc:33:3f:56:e3:fd:8d:f3:db:5a:cf:ad:b9:0d:
9f:f5:51:34:f8:00:4d:f3:d1:68:bd:76:e2:ee:37:34:ff:6c:
a5:80:1e:b2:b7:5f:64:71:03:30:11:2d:c3:fa:f3:bc:40:79:
0d:0a:9b:58:65:ac:a8:09:27:d8:12:ab:6c:c1:ff:ce:6e:41:
3a:98:5f:d6:1e:8d:82:48:ef:9c:99:b2:0e:ab:d6:1c:66:a2:
5f:f3:61:69:ab:51:df:75:d6:a7:f6:b7:37:7b:b9:eb:8f:49:
1f:79:33:b6:1d:90:51:0a:b7:2f:e3:44:2b:66:c5:48:7f:1d:
17:02:58:b7:9b:fd:85:47:b8:dd:83:c6:98:15:57:6c:dd:90:
0d:13:e7:16:a2:fe:75:83:7f:82:90:8f:44:68:1f:19:d4:96:
04:a6:ee:52:05:22:0a:98:1e:df:03:27:92:a1:92:64:ec:2e:
21:ce:ee:51:18:2e:f0:0c:f7:9f:6c:95:42:5a:57:58:82:46:
11:e3:cf:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmJ3Fp7OitGaOApWeBahv2QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZmM3NzM4Y2QwZmQwZTA0NDdmOWQ3NDljZTZhMzkwNDdm
ZGNiYWMwHhcNMjMwNzI0MjE0NDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTgwZWYzYmYwYjEzOWE2Y2NhODI3MWYxMWFkMmJmMDEzMmQxZTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqabwhsuRE7OKQKqe7B33rYFgZCI
AseKPFkOebHmH5inPobEaNdPXIfgpeLVgWaYPY5h//35bVxU0jep7dFtUo4AVrKF
RKDFeyb9cEjg44dVbGau+BEUJ58XdMMQnbINnuDc8t7TyNkZh5PdZcQSQkouhBuh
P1CObZ9i1lWxov/62G33uRslDM2J9887IYU5gEPH1h17tl7LIXKAPexxPewSs6hx
uNVnVLtuud6r7WUz1NDyP1hH2Cl3YbF57wovCLgBljGzEQXGKgBcqLB2SFtWFKHb
uLoEKDB8InX3+BOa15Yx7trm5Qmwjoz1DV0tETPggQ20T8QYICyX3a9NBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFImA7zvwsTmmzKgnHxGtK/ATLR6VMB8GA1UdIwQY
MBaAFBv8dzjND9DgRH+ddJzmo5BH/cusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR194M09NMFAwT0JFZjUxMG5PYWprRWY5eTZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS83MDhiNGQtYTYzZi00MzlkLTljY2Ut
MTQ4YWJmZjkxOWFkLzEvaVlEdk9fQ3hPYWJNcUNjZkVhMHI4Qk10SHBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS83MDhiNGQtYTYzZi00MzlkLTljY2UtMTQ4YWJmZjkxOWFk
LzEvR194M09NMFAwT0JFZjUxMG5PYWprRWY5eTZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufNIMA0G
CSqGSIb3DQEBCwUAA4IBAQAn8FfnOpOEtMwbEqRFRmPUp7HDA8e19SC6mor6y1Jr
aec1X0abDdH4uUlg3eJl2Te3/v3mVbG2b1Tr3DM/VuP9jfPbWs+tuQ2f9VE0+ABN
89FovXbi7jc0/2ylgB6yt19kcQMwES3D+vO8QHkNCptYZayoCSfYEqtswf/ObkE6
mF/WHo2CSO+cmbIOq9YcZqJf82Fpq1Hfddan9rc3e7nrj0kfeTO2HZBRCrcv40Qr
ZsVIfx0XAli3m/2FR7jdg8aYFVds3ZANE+cWov51g3+CkI9EaB8Z1JYEpu5SBSIK
mB7fAyeSoZJk7C4hzu5RGC7wDPefbJVCWldYgkYR48+B
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:28:40 2025 by rpki-client