Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/3364ed-c5f9-4631-b95c-f26b1551e0f5/1/xTbabCTFqGhJJMktTysCT---KkI.roa
File: xTbabCTFqGhJJMktTysCT---KkI.roa (raw, json)
Hash identifier: GmOWeRIGZN3ASoKZ98jpAGGLt9gWqA34T6Ab1mDM02o=
Subject key identifier: C5:36:DA:6C:24:C5:A8:68:49:24:C9:2D:4F:2B:02:4F:EF:BE:2A:42
Certificate issuer: /CN=2f1e253977bf583e0e420ec977a8ecf4ed154dbe
Certificate serial: 01856EC2212C752B91B7C37ECE0F3219B1F5
Authority key identifier: 2F:1E:25:39:77:BF:58:3E:0E:42:0E:C9:77:A8:EC:F4:ED:15:4D:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lx4lOXe_WD4OQg7Jd6js9O0VTb4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/3364ed-c5f9-4631-b95c-f26b1551e0f5/1/xTbabCTFqGhJJMktTysCT---KkI.roa
Signing time: Sun 01 Jan 2023 19:14:54 +0000
ROA not before: Sun 01 Jan 2023 19:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 4224
IP address blocks: 185.220.103.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:21:2c:75:2b:91:b7:c3:7e:ce:0f:32:19:b1:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f1e253977bf583e0e420ec977a8ecf4ed154dbe
Validity
Not Before: Jan 1 19:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c536da6c24c5a8684924c92d4f2b024fefbe2a42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:31:a4:fe:b1:fd:0d:fa:4a:b6:fa:7f:cc:49:
93:3f:79:67:74:c8:c4:67:53:1a:a6:ea:49:74:80:
24:e3:8c:a3:38:c8:7b:12:a4:27:67:43:30:6c:de:
4f:85:4b:39:23:55:49:c3:48:18:35:75:b1:5c:4e:
90:a1:b7:f2:c8:9f:73:56:57:a4:0b:f8:63:04:b5:
f5:66:7b:07:f1:07:16:47:9c:cb:30:5c:b5:3e:9a:
42:60:18:a5:19:45:70:4a:fd:79:eb:54:68:2f:ef:
fd:47:1e:3c:83:58:fd:29:b3:34:25:72:b4:03:26:
44:34:92:71:10:e8:10:77:68:2e:c3:78:5a:3f:30:
ee:1c:24:d7:03:98:1e:c6:95:69:0a:73:ef:b3:b9:
7d:4a:e9:0a:e0:20:4e:24:c9:75:5d:e1:23:24:eb:
65:8a:23:18:06:d7:a7:c7:6b:63:93:16:f1:fa:f1:
85:d9:07:f4:02:24:c0:78:61:85:7e:9c:95:31:42:
6f:40:49:9a:cc:36:48:38:84:4e:db:6d:6f:8e:a7:
ce:22:5a:b7:3a:04:c3:dd:44:6f:25:b0:72:cb:6b:
4b:32:1c:79:61:12:ae:1c:4c:de:59:09:9f:7d:7b:
42:53:6e:7a:4b:f1:4d:97:d1:b6:fd:91:27:89:88:
cc:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:36:DA:6C:24:C5:A8:68:49:24:C9:2D:4F:2B:02:4F:EF:BE:2A:42
X509v3 Authority Key Identifier:
keyid:2F:1E:25:39:77:BF:58:3E:0E:42:0E:C9:77:A8:EC:F4:ED:15:4D:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lx4lOXe_WD4OQg7Jd6js9O0VTb4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/3364ed-c5f9-4631-b95c-f26b1551e0f5/1/xTbabCTFqGhJJMktTysCT---KkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/3364ed-c5f9-4631-b95c-f26b1551e0f5/1/Lx4lOXe_WD4OQg7Jd6js9O0VTb4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.103.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:e2:72:68:3d:31:cc:80:61:d0:e9:e0:68:5e:74:75:c6:f5:
3f:af:69:4a:de:a5:09:c3:4e:1b:3e:8d:46:27:ad:9b:84:0b:
82:82:35:21:97:c2:0b:34:fe:55:3e:63:cd:6a:37:46:75:bc:
f0:f9:c0:99:f1:0e:5c:d8:d7:ce:b3:56:35:36:f1:6b:c3:13:
e9:be:13:14:f4:c1:1f:bd:0e:96:90:0a:c9:be:9a:05:35:d1:
29:b0:69:1f:a4:f1:fd:6d:6c:8d:9a:ac:94:4f:f4:e4:6f:37:
1e:75:97:2e:ed:9f:2f:1c:65:30:1a:a5:17:cf:61:65:ed:54:
69:19:0b:1e:28:0c:9e:5e:60:b9:26:30:0b:50:44:3b:1d:1d:
13:7e:01:1d:04:c0:c6:a5:7a:cc:1a:53:35:0c:5d:09:94:75:
b7:ae:f3:ea:b5:1e:64:84:8f:1e:09:e3:b9:c5:ea:27:06:2f:
47:1b:fe:87:9e:f8:1f:98:fe:26:f9:ad:2a:ce:d1:3c:f3:da:
b3:3e:16:a5:a4:45:a6:4a:eb:d6:52:3a:e7:c5:a8:1c:67:7d:
f3:f7:fc:0e:cf:0b:70:b3:a6:6b:cb:31:90:76:43:48:96:01:
ca:cb:0a:fc:6b:c6:f0:93:68:3b:39:13:be:b9:11:04:70:af:
33:3a:9a:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwiEsdSuRt8N+zg8yGbH1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMWUyNTM5NzdiZjU4M2UwZTQyMGVjOTc3YThlY2Y0ZWQx
NTRkYmUwHhcNMjMwMTAxMTkxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTM2ZGE2YzI0YzVhODY4NDkyNGM5MmQ0ZjJiMDI0ZmVmYmUyYTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDGk/rH9DfpKtvp/zEmTP3lndMjE
Z1MapupJdIAk44yjOMh7EqQnZ0MwbN5PhUs5I1VJw0gYNXWxXE6QobfyyJ9zVlek
C/hjBLX1ZnsH8QcWR5zLMFy1PppCYBilGUVwSv1561RoL+/9Rx48g1j9KbM0JXK0
AyZENJJxEOgQd2guw3haPzDuHCTXA5gexpVpCnPvs7l9SukK4CBOJMl1XeEjJOtl
iiMYBtenx2tjkxbx+vGF2Qf0AiTAeGGFfpyVMUJvQEmazDZIOIRO221vjqfOIlq3
OgTD3URvJbByy2tLMhx5YRKuHEzeWQmffXtCU256S/FNl9G2/ZEniYjMxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMU22mwkxahoSSTJLU8rAk/vvipCMB8GA1UdIwQY
MBaAFC8eJTl3v1g+DkIOyXeo7PTtFU2+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHg0bE9YZV9XRDRPUWc3SmQ2anM5TzBWVGI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8zMzY0ZWQtYzVmOS00NjMxLWI5NWMt
ZjI2YjE1NTFlMGY1LzEveFRiYWJDVEZxR2hKSk1rdFR5c0NULS0tS2tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8zMzY0ZWQtYzVmOS00NjMxLWI5NWMtZjI2YjE1NTFlMGY1
LzEvTHg0bE9YZV9XRDRPUWc3SmQ2anM5TzBWVGI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudxnMA0G
CSqGSIb3DQEBCwUAA4IBAQAa4nJoPTHMgGHQ6eBoXnR1xvU/r2lK3qUJw04bPo1G
J62bhAuCgjUhl8ILNP5VPmPNajdGdbzw+cCZ8Q5c2NfOs1Y1NvFrwxPpvhMU9MEf
vQ6WkArJvpoFNdEpsGkfpPH9bWyNmqyUT/TkbzcedZcu7Z8vHGUwGqUXz2Fl7VRp
GQseKAyeXmC5JjALUEQ7HR0TfgEdBMDGpXrMGlM1DF0JlHW3rvPqtR5khI8eCeO5
xeonBi9HG/6HnvgfmP4m+a0qztE889qzPhalpEWmSuvWUjrnxagcZ33z9/wOzwtw
s6ZryzGQdkNIlgHKywr8a8bwk2g7ORO+uREEcK8zOpqq
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:21:25 2025 by rpki-client