Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/2476c0-7913-47b7-ac6b-fb4e840df23f/1/lmRWZ6in_4BW7tPbU60jc2RYRQk.roa
File: lmRWZ6in_4BW7tPbU60jc2RYRQk.roa (raw, json)
Hash identifier: iDFN2SjwbRiCVvRdAxH2XsdP6i1VDNMexvLG4TTntmQ=
Subject key identifier: 96:64:56:67:A8:A7:FF:80:56:EE:D3:DB:53:AD:23:73:64:58:45:09
Certificate issuer: /CN=1d2a88acc91238c532751290ccf831270f97f708
Certificate serial: 0185710C20D2A104B717F2FC4E836AF84285
Authority key identifier: 1D:2A:88:AC:C9:12:38:C5:32:75:12:90:CC:F8:31:27:0F:97:F7:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HSqIrMkSOMUydRKQzPgxJw-X9wg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/2476c0-7913-47b7-ac6b-fb4e840df23f/1/lmRWZ6in_4BW7tPbU60jc2RYRQk.roa
Signing time: Mon 02 Jan 2023 05:54:58 +0000
ROA not before: Mon 02 Jan 2023 05:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39455
IP address blocks: 185.85.36.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:20:d2:a1:04:b7:17:f2:fc:4e:83:6a:f8:42:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d2a88acc91238c532751290ccf831270f97f708
Validity
Not Before: Jan 2 05:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96645667a8a7ff8056eed3db53ad237364584509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:64:a3:28:5e:59:38:b7:1c:6a:0d:dd:ac:26:
f0:e5:90:c7:2c:35:be:45:be:3e:32:35:43:6e:13:
80:c6:45:39:8e:d4:23:69:da:bc:c9:08:4f:91:7e:
db:9d:9e:70:03:76:80:04:b1:30:00:ac:09:52:8d:
fa:db:aa:58:43:6b:cd:84:aa:5e:85:b6:96:e9:c6:
fc:d7:fb:6d:c0:ee:59:04:a5:1b:eb:ff:75:48:db:
a8:f5:1c:1d:1d:81:47:e7:e8:90:89:1d:55:fe:1c:
f1:a9:f0:1e:07:f0:ae:b2:20:2c:07:f3:3a:56:ad:
75:c6:d3:0a:00:e1:ea:dc:9c:7e:be:35:9c:09:ed:
8e:64:2e:44:a9:fc:65:c1:df:16:a0:ab:f0:7c:f4:
36:9d:6c:31:41:68:d0:9a:c8:66:b7:36:56:db:82:
1b:48:bb:32:73:36:22:52:8a:83:69:d1:c8:84:41:
dd:0e:ed:70:dc:27:62:da:25:46:ac:6c:5b:4a:bf:
d2:a3:54:3f:76:e0:c5:1a:77:1d:ab:53:11:d8:d3:
05:32:ee:da:78:fe:f4:b1:eb:8a:f9:98:57:bd:da:
80:e8:84:35:78:91:0d:7d:03:e8:b9:14:fe:38:e0:
4f:bf:3a:4d:95:1c:fd:d9:51:1e:da:76:79:a2:8e:
90:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:64:56:67:A8:A7:FF:80:56:EE:D3:DB:53:AD:23:73:64:58:45:09
X509v3 Authority Key Identifier:
keyid:1D:2A:88:AC:C9:12:38:C5:32:75:12:90:CC:F8:31:27:0F:97:F7:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HSqIrMkSOMUydRKQzPgxJw-X9wg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/2476c0-7913-47b7-ac6b-fb4e840df23f/1/lmRWZ6in_4BW7tPbU60jc2RYRQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/2476c0-7913-47b7-ac6b-fb4e840df23f/1/HSqIrMkSOMUydRKQzPgxJw-X9wg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.36.0/22
Signature Algorithm: sha256WithRSAEncryption
b1:41:60:db:1f:0b:5d:49:65:75:a7:24:93:ff:65:2e:74:06:
7d:19:d0:c7:6d:b6:ca:f4:11:5c:0a:79:4d:45:b1:75:37:7e:
2d:be:94:4b:19:bf:16:08:af:cf:e4:e4:21:b7:b7:a5:85:37:
0e:98:c9:d8:08:cc:2f:d0:45:52:75:a0:70:39:6d:ed:e4:1b:
3b:f2:43:12:85:f9:ad:68:f0:d6:5f:dd:ad:0a:d7:24:d8:3c:
f0:63:0f:09:e7:98:57:d3:dc:9e:0e:2d:b3:02:f5:60:97:ef:
e3:58:3c:63:dd:43:2c:95:92:13:9d:70:3d:18:ff:7d:a5:ff:
03:20:52:ad:52:01:cc:bf:cb:1f:23:ee:61:3b:26:40:47:69:
27:a6:b3:ea:fd:e8:9a:32:6a:3a:56:3f:68:55:8c:0d:ed:df:
00:bf:65:3e:af:b2:2d:4e:12:55:9c:5a:19:22:9b:cc:35:38:
90:96:df:95:8b:75:e1:16:b4:1c:69:aa:70:7f:91:4d:4c:7c:
42:77:cd:7b:a2:b0:26:c3:00:14:11:fc:4a:c4:be:03:a6:7d:
0f:e3:7d:9f:91:ab:4d:e0:a4:6d:0e:5b:8f:76:ad:41:d1:1f:
bb:a1:e4:55:ec:27:e8:1e:2b:ef:3a:b6:c1:27:56:96:ee:0f:
1e:f1:37:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxDCDSoQS3F/L8ToNq+EKFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMmE4OGFjYzkxMjM4YzUzMjc1MTI5MGNjZjgzMTI3MGY5
N2Y3MDgwHhcNMjMwMTAyMDU1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjY0NTY2N2E4YTdmZjgwNTZlZWQzZGI1M2FkMjM3MzY0NTg0NTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGSjKF5ZOLccag3drCbw5ZDHLDW+
Rb4+MjVDbhOAxkU5jtQjadq8yQhPkX7bnZ5wA3aABLEwAKwJUo3626pYQ2vNhKpe
hbaW6cb81/ttwO5ZBKUb6/91SNuo9RwdHYFH5+iQiR1V/hzxqfAeB/CusiAsB/M6
Vq11xtMKAOHq3Jx+vjWcCe2OZC5Eqfxlwd8WoKvwfPQ2nWwxQWjQmshmtzZW24Ib
SLsyczYiUoqDadHIhEHdDu1w3Cdi2iVGrGxbSr/So1Q/duDFGncdq1MR2NMFMu7a
eP70seuK+ZhXvdqA6IQ1eJENfQPouRT+OOBPvzpNlRz92VEe2nZ5oo6QZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJZkVmeop/+AVu7T21OtI3NkWEUJMB8GA1UdIwQY
MBaAFB0qiKzJEjjFMnUSkMz4MScPl/cIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFNxSXJNa1NPTVV5ZFJLUXpQZ3hKdy1YOXdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8yNDc2YzAtNzkxMy00N2I3LWFjNmIt
ZmI0ZTg0MGRmMjNmLzEvbG1SV1o2aW5fNEJXN3RQYlU2MGpjMlJZUlFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8yNDc2YzAtNzkxMy00N2I3LWFjNmItZmI0ZTg0MGRmMjNm
LzEvSFNxSXJNa1NPTVV5ZFJLUXpQZ3hKdy1YOXdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVUkMA0G
CSqGSIb3DQEBCwUAA4IBAQCxQWDbHwtdSWV1pyST/2UudAZ9GdDHbbbK9BFcCnlN
RbF1N34tvpRLGb8WCK/P5OQht7elhTcOmMnYCMwv0EVSdaBwOW3t5Bs78kMShfmt
aPDWX92tCtck2DzwYw8J55hX09yeDi2zAvVgl+/jWDxj3UMslZITnXA9GP99pf8D
IFKtUgHMv8sfI+5hOyZAR2knprPq/eiaMmo6Vj9oVYwN7d8Av2U+r7ItThJVnFoZ
IpvMNTiQlt+Vi3XhFrQcaapwf5FNTHxCd817orAmwwAUEfxKxL4Dpn0P432fkatN
4KRtDluPdq1B0R+7oeRV7CfoHivvOrbBJ1aW7g8e8TcH
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:36:33 2025 by rpki-client