Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/d73843-21f4-4d36-9143-1fc7337d462e/1/_0U_tt0MBbbMMY_6uFbHcO2qHII.roa
File: _0U_tt0MBbbMMY_6uFbHcO2qHII.roa (raw, json)
Hash identifier: JdW0n3DtJFmRMK7RNqyRduN2u/9aZTIGnGHf+FPqj/Q=
Subject key identifier: FF:45:3F:B6:DD:0C:05:B6:CC:31:8F:FA:B8:56:C7:70:ED:AA:1C:82
Certificate issuer: /CN=e3daa57a1853db3fb943b9fb0b28819db370b271
Certificate serial: 01857315C39CF1AF5352CEE212B219F5782B
Authority key identifier: E3:DA:A5:7A:18:53:DB:3F:B9:43:B9:FB:0B:28:81:9D:B3:70:B2:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/49qlehhT2z-5Q7n7CyiBnbNwsnE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/d73843-21f4-4d36-9143-1fc7337d462e/1/_0U_tt0MBbbMMY_6uFbHcO2qHII.roa
Signing time: Mon 02 Jan 2023 15:24:43 +0000
ROA not before: Mon 02 Jan 2023 15:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201922
IP address blocks: 185.179.35.0/24 maxlen: 24
2a02:6c20:807::/48 maxlen: 48
2a02:6c20:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:c3:9c:f1:af:53:52:ce:e2:12:b2:19:f5:78:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3daa57a1853db3fb943b9fb0b28819db370b271
Validity
Not Before: Jan 2 15:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff453fb6dd0c05b6cc318ffab856c770edaa1c82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:39:3f:ee:f6:b9:cd:91:fe:a9:7c:9b:86:2f:
73:f1:e7:da:0b:fb:03:c9:b6:0c:e7:a7:7b:24:20:
d5:b0:08:56:c1:72:98:42:02:c3:4c:2e:6e:84:9e:
82:98:a0:89:27:0c:60:e3:e0:ea:aa:6c:2f:0c:e5:
fd:d9:65:c8:57:fd:3a:a1:c7:45:84:dc:3c:42:85:
fe:97:d0:d8:61:5b:75:95:cc:31:50:f3:45:3b:df:
28:b4:ed:49:ba:5b:0b:97:5d:f5:7e:93:47:ec:b1:
c9:b1:0a:2a:42:8d:ef:8a:24:f3:5a:91:29:36:ed:
b1:6d:06:06:36:e0:34:82:d2:48:d3:3b:f1:2c:0a:
84:a6:d9:8f:61:26:aa:4c:ab:29:56:ce:2e:db:8f:
3e:37:0f:37:2b:22:09:a8:6a:b3:8e:82:c2:8f:a6:
17:a1:7c:4d:a9:44:00:6c:03:07:24:97:df:e3:08:
82:0e:b8:6d:a1:8d:ed:a5:f8:24:56:7c:71:ac:bd:
c6:ad:90:67:59:b1:b4:50:03:56:d1:49:da:fc:21:
ea:20:a6:1b:97:24:6a:c2:cc:4b:e8:8f:8c:ea:1b:
9b:7f:1f:8e:5c:6f:4a:6a:7a:18:b6:5e:fb:6f:2d:
33:bc:81:ca:48:1c:fb:7c:c5:54:5a:98:c3:4b:94:
c2:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:45:3F:B6:DD:0C:05:B6:CC:31:8F:FA:B8:56:C7:70:ED:AA:1C:82
X509v3 Authority Key Identifier:
keyid:E3:DA:A5:7A:18:53:DB:3F:B9:43:B9:FB:0B:28:81:9D:B3:70:B2:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/49qlehhT2z-5Q7n7CyiBnbNwsnE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d73843-21f4-4d36-9143-1fc7337d462e/1/_0U_tt0MBbbMMY_6uFbHcO2qHII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d73843-21f4-4d36-9143-1fc7337d462e/1/49qlehhT2z-5Q7n7CyiBnbNwsnE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.179.35.0/24
IPv6:
2a02:6c20:3::/48
2a02:6c20:807::/48
Signature Algorithm: sha256WithRSAEncryption
71:cd:d5:b7:57:c0:d2:aa:00:7a:b6:b0:86:0d:19:ea:93:5b:
bb:50:83:23:d8:17:19:73:aa:09:c6:7e:ca:1d:f1:aa:8d:68:
a7:1f:6e:a5:c5:bf:f6:1d:58:b1:ff:20:07:bf:f8:76:5f:21:
55:b2:fb:a5:a1:27:4e:ee:f3:ae:ab:85:c9:89:8a:35:5f:9b:
90:af:0f:da:51:e2:b7:42:03:ac:de:b6:96:bb:10:d4:c4:b0:
05:6b:47:b5:19:ee:2d:bb:6c:55:47:34:1c:22:26:39:85:10:
0c:b0:94:93:13:72:98:33:12:94:46:fc:4b:7b:e9:d8:61:95:
29:67:69:df:2f:78:a8:ef:15:5d:8d:a1:81:bd:d4:51:c4:8b:
b8:2d:6d:23:06:79:df:6a:13:75:80:2d:eb:aa:35:c1:5a:f9:
15:81:6d:2e:b2:14:5a:4d:67:92:0b:dc:7b:b9:ab:f1:07:81:
72:e4:60:14:e8:d8:bb:97:a0:74:9e:9f:b6:31:fe:d4:b1:99:
55:90:df:9a:b6:e4:31:1c:b5:19:0d:ad:5d:38:51:eb:a6:d5:
38:a0:d5:4b:0d:8f:ad:23:9b:18:e6:20:94:e7:c4:cf:91:ae:
06:a7:9d:30:93:bd:33:b9:76:fe:d5:93:50:06:fa:ee:9b:f0:
f0:b5:6a:75
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVzFcOc8a9TUs7iErIZ9XgrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZGFhNTdhMTg1M2RiM2ZiOTQzYjlmYjBiMjg4MTlkYjM3
MGIyNzEwHhcNMjMwMTAyMTUyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjQ1M2ZiNmRkMGMwNWI2Y2MzMThmZmFiODU2Yzc3MGVkYWExYzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozk/7va5zZH+qXybhi9z8efaC/sD
ybYM56d7JCDVsAhWwXKYQgLDTC5uhJ6CmKCJJwxg4+DqqmwvDOX92WXIV/06ocdF
hNw8QoX+l9DYYVt1lcwxUPNFO98otO1JulsLl131fpNH7LHJsQoqQo3viiTzWpEp
Nu2xbQYGNuA0gtJI0zvxLAqEptmPYSaqTKspVs4u248+Nw83KyIJqGqzjoLCj6YX
oXxNqUQAbAMHJJff4wiCDrhtoY3tpfgkVnxxrL3GrZBnWbG0UANW0Una/CHqIKYb
lyRqwsxL6I+M6hubfx+OXG9KanoYtl77by0zvIHKSBz7fMVUWpjDS5TCGQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFP9FP7bdDAW2zDGP+rhWx3DtqhyCMB8GA1UdIwQY
MBaAFOPapXoYU9s/uUO5+wsogZ2zcLJxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDlxbGVoaFQyei01UTduN0N5aUJuYk53c25FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9kNzM4NDMtMjFmNC00ZDM2LTkxNDMt
MWZjNzMzN2Q0NjJlLzEvXzBVX3R0ME1CYmJNTVlfNnVGYkhjTzJxSElJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9kNzM4NDMtMjFmNC00ZDM2LTkxNDMtMWZjNzMzN2Q0NjJl
LzEvNDlxbGVoaFQyei01UTduN0N5aUJuYk53c25FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAubMjMBgE
AgACMBIDBwAqAmwgAAMDBwAqAmwgCAcwDQYJKoZIhvcNAQELBQADggEBAHHN1bdX
wNKqAHq2sIYNGeqTW7tQgyPYFxlzqgnGfsod8aqNaKcfbqXFv/YdWLH/IAe/+HZf
IVWy+6WhJ07u866rhcmJijVfm5CvD9pR4rdCA6zetpa7ENTEsAVrR7UZ7i27bFVH
NBwiJjmFEAywlJMTcpgzEpRG/Et76dhhlSlnad8veKjvFV2NoYG91FHEi7gtbSMG
ed9qE3WALeuqNcFa+RWBbS6yFFpNZ5IL3Hu5q/EHgXLkYBTo2LuXoHSen7Yx/tSx
mVWQ35q25DEctRkNrV04Ueum1Tig1UsNj60jmxjmIJTnxM+RrgannTCTvTO5dv7V
k1AG+u6b8PC1anU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:06 2025 by rpki-client