Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/IhFmVxbE3gn_IPAxvOuH1Dxlo9o.roa
File: IhFmVxbE3gn_IPAxvOuH1Dxlo9o.roa (raw, json)
Hash identifier: oKXrmB0pSBgjznKzRYUFbiw4D9My9SBHtgqoNaUCBKA=
Subject key identifier: 22:11:66:57:16:C4:DE:09:FF:20:F0:31:BC:EB:87:D4:3C:65:A3:DA
Certificate issuer: /CN=ad2d38e20f24d0e30b86ccd8261ac0017f17a5a4
Certificate serial: 019420D62F0CEC13E8E423CEB8C8D9F626F8
Authority key identifier: AD:2D:38:E2:0F:24:D0:E3:0B:86:CC:D8:26:1A:C0:01:7F:17:A5:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rS044g8k0OMLhszYJhrAAX8XpaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/IhFmVxbE3gn_IPAxvOuH1Dxlo9o.roa
Signing time: Wed 01 Jan 2025 07:48:15 +0000
ROA not before: Wed 01 Jan 2025 07:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211769
IP address blocks: 185.142.144.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:2f:0c:ec:13:e8:e4:23:ce:b8:c8:d9:f6:26:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad2d38e20f24d0e30b86ccd8261ac0017f17a5a4
Validity
Not Before: Jan 1 07:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2211665716c4de09ff20f031bceb87d43c65a3da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:15:32:ad:c5:18:8a:df:84:a9:f8:15:65:89:
de:10:68:ed:d2:11:79:ab:d2:a3:54:b2:d3:c2:4b:
74:85:c5:15:ab:a7:cc:43:ab:eb:ae:b0:8d:73:4e:
61:d3:30:6c:95:ae:a3:1b:8b:6a:80:78:85:da:76:
b9:1f:bb:28:b8:06:49:77:90:f1:35:ed:f9:f6:66:
84:cc:64:52:c6:11:e0:8b:c4:51:2e:8a:b7:22:40:
93:b5:6b:0b:1b:35:e5:b7:85:95:f5:76:30:72:14:
f4:42:d3:b8:51:5a:0f:53:ad:58:56:8c:23:97:34:
ca:1d:79:79:43:eb:5b:ee:fc:9a:d8:d2:be:e1:5a:
7a:55:97:31:76:d2:59:eb:ac:52:fe:bd:22:ec:f0:
f5:b4:03:ca:15:c0:b3:a4:3e:8c:b1:96:1b:9e:20:
ca:d9:6f:20:17:08:60:8a:3b:ef:a5:c1:f9:30:1d:
af:c6:76:62:7c:a5:05:a2:95:46:25:97:90:1f:9c:
f7:c0:a2:22:5b:36:da:1d:35:98:62:b9:8a:b7:a6:
40:b1:60:79:65:3e:6b:00:e9:ae:9d:6f:8f:0f:08:
28:54:5a:38:5a:f8:fc:6e:ff:c7:35:a8:57:87:47:
c3:96:7e:ba:10:6a:13:b4:c4:36:39:5e:f1:e3:ee:
f4:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:11:66:57:16:C4:DE:09:FF:20:F0:31:BC:EB:87:D4:3C:65:A3:DA
X509v3 Authority Key Identifier:
keyid:AD:2D:38:E2:0F:24:D0:E3:0B:86:CC:D8:26:1A:C0:01:7F:17:A5:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rS044g8k0OMLhszYJhrAAX8XpaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/IhFmVxbE3gn_IPAxvOuH1Dxlo9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/rS044g8k0OMLhszYJhrAAX8XpaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.142.144.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:c0:a0:51:8e:09:ca:8b:72:bd:29:50:0e:bb:97:39:55:5b:
ed:09:c2:2c:c2:ad:d7:48:a7:c1:65:a0:da:0a:83:45:6f:db:
05:84:bc:98:03:43:1f:be:ff:5b:d1:da:74:18:b6:06:ef:c5:
fb:c9:54:16:7c:5a:ef:c1:f9:8b:2b:1d:6a:61:93:ad:e2:2d:
67:ad:3b:d8:39:95:0b:db:19:55:7a:23:40:7e:03:03:16:9e:
af:97:ce:f6:a1:46:1e:45:d3:36:f8:56:8a:2f:73:a4:4f:e8:
52:52:56:75:94:e4:d6:1d:bc:bd:a1:00:a6:ca:2c:e8:87:cc:
8d:ae:5e:13:e2:9d:0c:2e:e1:35:72:2d:e6:ab:60:fc:4b:ee:
2f:23:8c:f8:dd:37:b3:db:6c:ea:ad:ac:98:96:87:5a:9e:df:
56:6b:4d:1b:c4:6f:c1:6c:48:d6:65:64:cb:07:2c:88:a9:59:
4d:83:be:df:79:f7:75:14:a5:8b:9a:50:60:d1:6b:2d:cb:c2:
a9:ec:64:b7:ee:57:06:bc:ee:7b:5c:10:4d:1a:e1:ed:46:c9:
66:c6:91:61:f2:30:a7:f6:50:87:68:8a:77:42:ac:82:b1:0d:
65:9e:d1:9b:0e:4c:64:bb:cc:d5:fb:ce:d2:5f:04:aa:c7:e3:
f7:f1:1a:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1i8M7BPo5CPOuMjZ9ib4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMmQzOGUyMGYyNGQwZTMwYjg2Y2NkODI2MWFjMDAxN2Yx
N2E1YTQwHhcNMjUwMTAxMDc0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjExNjY1NzE2YzRkZTA5ZmYyMGYwMzFiY2ViODdkNDNjNjVhM2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBUyrcUYit+EqfgVZYneEGjt0hF5
q9KjVLLTwkt0hcUVq6fMQ6vrrrCNc05h0zBsla6jG4tqgHiF2na5H7souAZJd5Dx
Ne359maEzGRSxhHgi8RRLoq3IkCTtWsLGzXlt4WV9XYwchT0QtO4UVoPU61YVowj
lzTKHXl5Q+tb7vya2NK+4Vp6VZcxdtJZ66xS/r0i7PD1tAPKFcCzpD6MsZYbniDK
2W8gFwhgijvvpcH5MB2vxnZifKUFopVGJZeQH5z3wKIiWzbaHTWYYrmKt6ZAsWB5
ZT5rAOmunW+PDwgoVFo4Wvj8bv/HNahXh0fDln66EGoTtMQ2OV7x4+70jQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCIRZlcWxN4J/yDwMbzrh9Q8ZaPaMB8GA1UdIwQY
MBaAFK0tOOIPJNDjC4bM2CYawAF/F6WkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclMwNDRnOGswT01MaHN6WUpockFBWDhYcGFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yZDg3NjEtMjI5Zi00YTM3LTg3YjEt
NDI5OTUzMjNjMDNkLzEvSWhGbVZ4YkUzZ25fSVBBeHZPdUgxRHhsbzlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yZDg3NjEtMjI5Zi00YTM3LTg3YjEtNDI5OTUzMjNjMDNk
LzEvclMwNDRnOGswT01MaHN6WUpockFBWDhYcGFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuY6QMA0G
CSqGSIb3DQEBCwUAA4IBAQCnwKBRjgnKi3K9KVAOu5c5VVvtCcIswq3XSKfBZaDa
CoNFb9sFhLyYA0Mfvv9b0dp0GLYG78X7yVQWfFrvwfmLKx1qYZOt4i1nrTvYOZUL
2xlVeiNAfgMDFp6vl872oUYeRdM2+FaKL3OkT+hSUlZ1lOTWHby9oQCmyizoh8yN
rl4T4p0MLuE1ci3mq2D8S+4vI4z43Tez22zqrayYlodant9Wa00bxG/BbEjWZWTL
ByyIqVlNg77fefd1FKWLmlBg0Wsty8Kp7GS37lcGvO57XBBNGuHtRslmxpFh8jCn
9lCHaIp3QqyCsQ1lntGbDkxku8zV+87SXwSqx+P38Rpc
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:56:15 2025 by rpki-client