Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/xRf22QQPMBqs3zMgGERV9-C7ZR8.roa
File: xRf22QQPMBqs3zMgGERV9-C7ZR8.roa (raw, json)
Hash identifier: a9DERSFc1wZrob/Eyq/aUgR0Z604dxbQueraG+KUBXM=
Subject key identifier: C5:17:F6:D9:04:0F:30:1A:AC:DF:33:20:18:44:55:F7:E0:BB:65:1F
Certificate issuer: /CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a
Certificate serial: 022407E1
Authority key identifier: 3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/xRf22QQPMBqs3zMgGERV9-C7ZR8.roa
Signing time: Sat 01 Jan 2022 12:54:56 +0000
ROA not before: Sat 01 Jan 2022 12:54:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31027
IP address blocks: 185.197.136.0/22 maxlen: 22
2a0a:7a40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35915745 (0x22407e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a
Validity
Not Before: Jan 1 12:54:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c517f6d9040f301aacdf3320184455f7e0bb651f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c2:77:9b:61:3f:45:68:d9:fb:e6:25:9a:b1:
21:58:a3:e4:51:39:e1:61:b8:7f:fe:ca:d2:3a:4b:
69:ec:33:24:6c:d9:94:59:1a:9c:78:d8:a4:35:11:
5c:ff:df:bb:10:53:56:7a:f8:b6:01:0f:f1:c1:5b:
5c:d4:36:1e:f6:f1:ec:b1:79:2a:bd:b4:de:03:a5:
55:e7:b4:f0:a8:2c:0d:01:81:7e:c5:95:44:84:b4:
4d:cc:ca:4a:6c:47:9a:32:f3:c3:bd:a3:64:0c:c6:
ae:a5:90:ad:ea:53:c5:48:4e:86:5c:c7:5e:97:0a:
fb:de:e4:ba:f4:61:f9:c4:72:9d:2f:7f:c1:ae:30:
b9:78:59:e6:b2:42:7e:46:14:3c:1e:aa:87:b8:d0:
12:b9:59:22:13:b2:98:a4:aa:f1:8f:32:e8:43:5e:
cb:21:a3:ad:0f:3c:09:d7:4f:e3:e4:f0:06:8e:6c:
cb:49:87:c8:af:72:12:13:01:94:53:d0:eb:f8:6d:
0e:31:f0:50:24:e0:f9:95:ba:1d:cb:37:da:7d:a6:
be:97:d2:93:2f:40:03:6a:8e:a6:a7:bc:e6:21:09:
cc:82:8f:6c:52:49:a3:77:f0:df:54:40:52:10:2d:
69:a6:42:bb:2e:4e:4c:3f:c3:0a:23:3c:8b:df:e1:
df:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:17:F6:D9:04:0F:30:1A:AC:DF:33:20:18:44:55:F7:E0:BB:65:1F
X509v3 Authority Key Identifier:
keyid:3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/xRf22QQPMBqs3zMgGERV9-C7ZR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.136.0/22
IPv6:
2a0a:7a40::/29
Signature Algorithm: sha256WithRSAEncryption
3a:fa:65:2d:c8:a8:71:1d:81:3b:d5:05:7f:0f:d8:ca:84:c2:
38:4b:a0:46:08:ae:5c:41:d6:a4:b8:18:31:b2:3b:f2:7b:c6:
43:84:29:80:b6:80:9d:9d:15:8e:63:5f:3a:2e:dc:8e:29:a9:
91:89:2c:1b:a8:cb:3f:a6:f5:a9:9f:ba:24:07:3d:b1:37:0b:
61:6e:4e:6b:d8:ad:8c:8a:46:13:b5:65:aa:9d:e9:17:aa:83:
88:2f:4d:54:fb:6c:dd:14:ce:00:89:21:5c:b3:6f:9f:54:3c:
fd:fa:e8:ad:0e:47:1c:b9:83:8b:2a:98:c8:ae:d6:5d:8d:8a:
6a:8e:39:5b:72:d2:70:31:6a:40:80:4e:ec:4d:7d:20:29:4b:
74:8a:8e:d6:80:7f:66:ae:6d:d2:df:51:b7:8c:d6:e8:f5:fb:
c8:55:0c:89:9e:72:50:6e:3b:89:57:9e:23:86:ef:20:9e:12:
01:56:da:5d:07:cd:d7:45:65:27:6e:df:55:3a:08:5a:f6:1a:
bd:47:b1:10:3d:e6:8b:20:2d:f6:0f:77:7c:b4:27:d5:ba:b0:
02:78:43:18:ad:cb:e8:9c:11:e4:9f:c1:ae:3e:7c:1a:09:29:
39:b2:1d:64:94:67:84:28:d6:aa:a7:6c:89:a3:d2:5e:46:4a:
55:c6:09:b9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAiQH4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YTQxYjE1NWFhYjZkMTIyOWZkMzQ4ZWFhMDNkMGY3OTAzZjEyNjdhMB4XDTIyMDEw
MTEyNTQ1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzUxN2Y2ZDkwNDBm
MzAxYWFjZGYzMzIwMTg0NDU1ZjdlMGJiNjUxZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALnCd5thP0Vo2fvmJZqxIVij5FE54WG4f/7K0jpLaewzJGzZ
lFkanHjYpDURXP/fuxBTVnr4tgEP8cFbXNQ2Hvbx7LF5Kr203gOlVee08KgsDQGB
fsWVRIS0TczKSmxHmjLzw72jZAzGrqWQrepTxUhOhlzHXpcK+97kuvRh+cRynS9/
wa4wuXhZ5rJCfkYUPB6qh7jQErlZIhOymKSq8Y8y6ENeyyGjrQ88CddP4+TwBo5s
y0mHyK9yEhMBlFPQ6/htDjHwUCTg+ZW6Hcs32n2mvpfSky9AA2qOpqe85iEJzIKP
bFJJo3fw31RAUhAtaaZCuy5OTD/DCiM8i9/h36MCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTFF/bZBA8wGqzfMyAYRFX34LtlHzAfBgNVHSMEGDAWgBQ6QbFVqrbRIp/T
SOqgPQ95A/EmejAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09rR3hWYXEyMFNLZjAwanFvRDBQZVFQeEpuby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjcvYmNjYWVhLTY4Y2UtNDIyNC05N2E1LTJiM2I0Yzc4MDQxOS8x
L3hSZjIyUVFQTUJxczN6TWdHRVJWOS1DN1pSOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjcv
YmNjYWVhLTY4Y2UtNDIyNC05N2E1LTJiM2I0Yzc4MDQxOS8xL09rR3hWYXEyMFNL
ZjAwanFvRDBQZVFQeEpuby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArnFiDANBAIAAjAHAwUDKgp6QDAN
BgkqhkiG9w0BAQsFAAOCAQEAOvplLciocR2BO9UFfw/YyoTCOEugRgiuXEHWpLgY
MbI78nvGQ4QpgLaAnZ0VjmNfOi7cjimpkYksG6jLP6b1qZ+6JAc9sTcLYW5Oa9it
jIpGE7Vlqp3pF6qDiC9NVPts3RTOAIkhXLNvn1Q8/frorQ5HHLmDiyqYyK7WXY2K
ao45W3LScDFqQIBO7E19IClLdIqO1oB/Zq5t0t9Rt4zW6PX7yFUMiZ5yUG47iVee
I4bvIJ4SAVbaXQfN10VlJ27fVToIWvYavUexED3miyAt9g93fLQn1bqwAnhDGK3L
6JwR5J/Brj58GgkpObIdZJRnhCjWqqdsiaPSXkZKVcYJuQ==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:18:41 2025 by rpki-client