Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/aa0164-efd7-433a-9c6b-6a3d3a25d967/1/rX-ekSbRFPt4vZFNbYSroABo4e8.roa
File: rX-ekSbRFPt4vZFNbYSroABo4e8.roa (raw, json)
Hash identifier: l+SBxaVR225UQWfSLWuOfmF+vMJ9vceHdhsB/15PLVY=
Subject key identifier: AD:7F:9E:91:26:D1:14:FB:78:BD:91:4D:6D:84:AB:A0:00:68:E1:EF
Certificate issuer: /CN=ca8f506bbe13bfb830a9991b68e43cecb922c9bc
Certificate serial: 06C18FD2
Authority key identifier: CA:8F:50:6B:BE:13:BF:B8:30:A9:99:1B:68:E4:3C:EC:B9:22:C9:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yo9Qa74Tv7gwqZkbaOQ87Lkiybw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/aa0164-efd7-433a-9c6b-6a3d3a25d967/1/rX-ekSbRFPt4vZFNbYSroABo4e8.roa
Signing time: Sat 01 Jan 2022 11:56:42 +0000
ROA not before: Sat 01 Jan 2022 11:56:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8758
IP address blocks: 194.35.252.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113348562 (0x6c18fd2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca8f506bbe13bfb830a9991b68e43cecb922c9bc
Validity
Not Before: Jan 1 11:56:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ad7f9e9126d114fb78bd914d6d84aba00068e1ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:5b:98:e6:b3:54:29:de:85:0f:6b:3f:a7:b0:
f4:82:0d:8f:1d:d9:4f:3a:d1:2a:7e:a5:1b:99:b4:
9d:57:70:74:07:c6:32:0f:c0:47:5d:ee:cb:34:05:
f0:6c:21:00:ba:19:6a:37:d8:83:84:35:dd:d8:90:
67:bd:32:62:50:58:0f:5d:62:86:f7:54:ed:64:e4:
32:08:a3:1a:9b:cd:86:eb:47:b6:47:55:19:e0:1f:
e2:c0:a4:9a:05:49:86:7d:09:d3:2f:8f:40:b1:de:
51:82:1c:82:89:2a:bc:96:44:d5:48:c6:92:54:2b:
00:34:f9:7a:aa:80:26:5f:ee:28:95:52:ad:68:a9:
d8:37:95:43:0f:10:d6:c0:42:8a:f7:0a:86:3b:34:
4c:b0:61:c2:3c:09:21:89:02:77:b3:35:74:71:17:
f1:83:fb:1a:26:70:bb:56:ae:99:6c:cb:9c:31:c5:
9a:a6:dd:95:69:41:35:7b:2b:21:4b:63:e3:8d:f3:
54:44:ac:00:b9:59:5d:82:37:d6:97:2c:fb:2e:34:
d6:9c:b8:fe:ee:78:f9:f9:a2:c8:4e:fd:c6:80:01:
73:b6:43:96:84:4d:59:59:06:c9:75:e0:fa:ce:92:
2f:2f:48:a7:42:5c:63:eb:0d:5e:4b:21:c9:f4:e0:
c5:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:7F:9E:91:26:D1:14:FB:78:BD:91:4D:6D:84:AB:A0:00:68:E1:EF
X509v3 Authority Key Identifier:
keyid:CA:8F:50:6B:BE:13:BF:B8:30:A9:99:1B:68:E4:3C:EC:B9:22:C9:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yo9Qa74Tv7gwqZkbaOQ87Lkiybw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/aa0164-efd7-433a-9c6b-6a3d3a25d967/1/rX-ekSbRFPt4vZFNbYSroABo4e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/aa0164-efd7-433a-9c6b-6a3d3a25d967/1/yo9Qa74Tv7gwqZkbaOQ87Lkiybw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.35.252.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:9a:51:f1:41:36:35:66:5e:cf:f5:c2:e9:2f:15:aa:74:33:
e9:08:2e:ca:67:bd:07:dc:a7:05:76:6f:ea:83:b3:5d:81:aa:
d3:f9:68:d5:8d:e2:9f:ee:a2:10:6d:10:98:20:a0:3d:a6:34:
93:14:86:3f:e3:5b:d8:13:a9:ba:a8:8b:1d:f3:a3:7e:df:62:
37:4c:00:5d:8a:fe:77:e5:2c:cc:9f:3d:0c:cb:1d:64:0d:74:
4d:09:ca:cf:0d:c6:af:05:c0:41:f0:a0:82:cd:95:f2:51:f6:
9a:a3:cd:ef:49:e0:b4:be:2e:75:54:ec:76:f3:c1:44:32:7f:
8f:0a:e7:c8:5e:73:8b:09:9d:bb:40:ce:87:2a:6e:30:ee:ac:
32:7c:74:a5:44:61:ee:4c:de:5c:88:7a:bd:77:26:c9:29:bb:
c0:c2:06:0e:bf:5a:f6:69:4a:57:2f:d4:cc:ea:e8:b3:ed:22:
f8:50:29:0a:0d:52:e4:40:8a:e5:66:ec:12:46:93:63:ff:e6:
1a:e7:aa:78:1c:ac:32:cf:37:8f:1b:ec:7a:81:4c:14:c9:10:
7d:51:c1:65:9c:f5:2d:98:43:40:6e:64:24:1f:78:9e:ac:49:
56:b8:e0:16:31:1c:41:bb:fe:9c:48:0e:f8:d3:87:31:02:ba:
49:e1:af:32
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBsGP0jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YThmNTA2YmJlMTNiZmI4MzBhOTk5MWI2OGU0M2NlY2I5MjJjOWJjMB4XDTIyMDEw
MTExNTY0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWQ3ZjllOTEyNmQx
MTRmYjc4YmQ5MTRkNmQ4NGFiYTAwMDY4ZTFlZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJRbmOazVCnehQ9rP6ew9IINjx3ZTzrRKn6lG5m0nVdwdAfG
Mg/AR13uyzQF8GwhALoZajfYg4Q13diQZ70yYlBYD11ihvdU7WTkMgijGpvNhutH
tkdVGeAf4sCkmgVJhn0J0y+PQLHeUYIcgokqvJZE1UjGklQrADT5eqqAJl/uKJVS
rWip2DeVQw8Q1sBCivcKhjs0TLBhwjwJIYkCd7M1dHEX8YP7GiZwu1aumWzLnDHF
mqbdlWlBNXsrIUtj443zVESsALlZXYI31pcs+y401py4/u54+fmiyE79xoABc7ZD
loRNWVkGyXXg+s6SLy9Ip0JcY+sNXkshyfTgxccCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBStf56RJtEU+3i9kU1thKugAGjh7zAfBgNVHSMEGDAWgBTKj1BrvhO/uDCp
mRto5DzsuSLJvDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lvOVFhNzRUdjdnd3Faa2JhT1E4N0xraXlidy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvYWEwMTY0LWVmZDctNDMzYS05YzZiLTZhM2QzYTI1ZDk2Ny8x
L3JYLWVrU2JSRlB0NHZaRk5iWVNyb0FCbzRlOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
YWEwMTY0LWVmZDctNDMzYS05YzZiLTZhM2QzYTI1ZDk2Ny8xL3lvOVFhNzRUdjdn
d3Faa2JhT1E4N0xraXlidy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsIj/DANBgkqhkiG9w0BAQsFAAOC
AQEAG5pR8UE2NWZez/XC6S8VqnQz6Qguyme9B9ynBXZv6oOzXYGq0/lo1Y3in+6i
EG0QmCCgPaY0kxSGP+Nb2BOpuqiLHfOjft9iN0wAXYr+d+UszJ89DMsdZA10TQnK
zw3GrwXAQfCggs2V8lH2mqPN70ngtL4udVTsdvPBRDJ/jwrnyF5ziwmdu0DOhypu
MO6sMnx0pURh7kzeXIh6vXcmySm7wMIGDr9a9mlKVy/UzOros+0i+FApCg1S5ECK
5WbsEkaTY//mGueqeBysMs83jxvseoFMFMkQfVHBZZz1LZhDQG5kJB94nqxJVrjg
FjEcQbv+nEgO+NOHMQK6SeGvMg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:31 2025 by rpki-client