Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/850961-dcfc-456c-bba6-2698f0601bb9/1/u3EpVLaGhR_nJJlMRPiPfNxk5sI.roa
File: u3EpVLaGhR_nJJlMRPiPfNxk5sI.roa (raw, json)
Hash identifier: ZkXQ0Wdq2iiLY+7JQI2P8Pc+rjJGUZ1vEV2ckt7zc28=
Subject key identifier: BB:71:29:54:B6:86:85:1F:E7:24:99:4C:44:F8:8F:7C:DC:64:E6:C2
Certificate issuer: /CN=d617ad35ef270efb14271357f3a675e87566bf3a
Certificate serial: 018570C2E84C88958374B26182D4D970AA0A
Authority key identifier: D6:17:AD:35:EF:27:0E:FB:14:27:13:57:F3:A6:75:E8:75:66:BF:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1hetNe8nDvsUJxNX86Z16HVmvzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/850961-dcfc-456c-bba6-2698f0601bb9/1/u3EpVLaGhR_nJJlMRPiPfNxk5sI.roa
Signing time: Mon 02 Jan 2023 04:34:59 +0000
ROA not before: Mon 02 Jan 2023 04:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47132
IP address blocks: 185.227.90.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:e8:4c:88:95:83:74:b2:61:82:d4:d9:70:aa:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d617ad35ef270efb14271357f3a675e87566bf3a
Validity
Not Before: Jan 2 04:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb712954b686851fe724994c44f88f7cdc64e6c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:0e:e5:fe:f7:a2:2e:d5:03:0c:a6:11:65:77:
fd:a8:8b:8a:98:10:79:88:ab:c2:b4:f6:7a:a5:15:
b5:9e:d1:da:a1:f0:7c:af:5f:69:2a:03:e5:f3:4a:
00:5c:37:6a:b6:55:99:28:48:61:94:7e:f2:8f:9f:
53:8b:2a:11:4d:52:a9:ba:bb:a7:b1:c6:95:20:f4:
8c:0c:99:51:b6:0d:d9:ae:67:d0:c3:3f:11:96:33:
5d:25:ce:66:66:a1:b5:8b:e5:09:55:c5:a8:02:b6:
8f:bf:fc:0c:6b:f9:32:b1:9d:79:1f:f1:c2:10:ba:
c0:2b:51:d4:57:30:57:eb:10:22:7d:b5:6a:ca:43:
75:4e:49:4f:82:d5:57:f6:35:d5:72:64:09:bb:49:
77:41:9c:2e:47:92:13:3b:3f:75:7f:1f:a6:f0:92:
ab:5a:e5:2d:82:54:d3:a6:a1:b9:17:31:f1:2b:af:
a7:72:59:9d:d5:d7:49:78:27:5b:a5:a3:69:77:3d:
97:38:f4:eb:8c:59:46:a3:6e:d6:a6:b7:93:0a:38:
90:33:3f:c3:64:cf:34:de:9b:78:4a:a4:72:f3:cc:
63:a4:a8:c3:c2:d1:2c:33:94:16:a5:89:05:4f:44:
7b:2e:70:a1:47:fc:9c:85:5a:1a:ea:43:97:35:40:
a4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:71:29:54:B6:86:85:1F:E7:24:99:4C:44:F8:8F:7C:DC:64:E6:C2
X509v3 Authority Key Identifier:
keyid:D6:17:AD:35:EF:27:0E:FB:14:27:13:57:F3:A6:75:E8:75:66:BF:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1hetNe8nDvsUJxNX86Z16HVmvzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/850961-dcfc-456c-bba6-2698f0601bb9/1/u3EpVLaGhR_nJJlMRPiPfNxk5sI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/850961-dcfc-456c-bba6-2698f0601bb9/1/1hetNe8nDvsUJxNX86Z16HVmvzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.227.90.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:f2:ae:61:d9:5a:bb:97:72:69:e5:64:83:22:e9:72:d8:26:
09:d3:aa:36:e3:de:46:8f:7c:63:47:a5:f3:f4:30:49:c0:06:
64:fa:f0:77:5e:e6:9f:02:9a:2e:a0:f3:c0:45:6d:90:fb:d6:
e7:9b:ea:10:05:e0:e7:30:e4:f7:ec:79:29:a7:59:ba:58:04:
4c:0a:c3:2b:9d:ba:24:ce:6a:c3:8f:63:df:d4:4f:81:3e:35:
c3:4c:5c:a7:07:be:b5:c0:05:87:6c:5e:7c:97:85:8c:bd:09:
21:5a:d7:71:a9:a2:68:34:64:ca:68:6e:e7:e8:96:1f:70:dd:
1e:53:ee:df:12:d9:1a:1e:ca:20:ee:60:dc:19:6b:cb:ad:b8:
da:13:68:73:ab:75:c8:86:d6:45:07:32:55:d0:20:aa:43:81:
cc:27:e2:dc:e5:d2:54:35:8f:a8:76:98:ae:bc:0a:37:99:db:
8a:e9:69:9e:c4:31:7a:58:9b:7f:0e:c2:6b:16:d9:dd:d1:7d:
31:ba:9f:ce:a7:bc:34:8d:55:c3:c6:d5:3d:1a:1a:9a:e2:9d:
73:38:fd:13:12:75:65:13:bd:56:87:68:4f:28:10:f7:44:fc:
25:bd:08:68:e0:a7:38:1c:aa:11:fb:c9:05:f4:62:8f:c9:38:
5f:60:30:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwwuhMiJWDdLJhgtTZcKoKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MTdhZDM1ZWYyNzBlZmIxNDI3MTM1N2YzYTY3NWU4NzU2
NmJmM2EwHhcNMjMwMTAyMDQzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjcxMjk1NGI2ODY4NTFmZTcyNDk5NGM0NGY4OGY3Y2RjNjRlNmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQ7l/veiLtUDDKYRZXf9qIuKmBB5
iKvCtPZ6pRW1ntHaofB8r19pKgPl80oAXDdqtlWZKEhhlH7yj59TiyoRTVKpurun
scaVIPSMDJlRtg3ZrmfQwz8RljNdJc5mZqG1i+UJVcWoAraPv/wMa/kysZ15H/HC
ELrAK1HUVzBX6xAifbVqykN1TklPgtVX9jXVcmQJu0l3QZwuR5ITOz91fx+m8JKr
WuUtglTTpqG5FzHxK6+nclmd1ddJeCdbpaNpdz2XOPTrjFlGo27WpreTCjiQMz/D
ZM803pt4SqRy88xjpKjDwtEsM5QWpYkFT0R7LnChR/ychVoa6kOXNUCkdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLtxKVS2hoUf5ySZTET4j3zcZObCMB8GA1UdIwQY
MBaAFNYXrTXvJw77FCcTV/Omdeh1Zr86MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWhldE5lOG5EdnNVSnhOWDg2WjE2SFZtdnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84NTA5NjEtZGNmYy00NTZjLWJiYTYt
MjY5OGYwNjAxYmI5LzEvdTNFcFZMYUdoUl9uSkpsTVJQaVBmTnhrNXNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi84NTA5NjEtZGNmYy00NTZjLWJiYTYtMjY5OGYwNjAxYmI5
LzEvMWhldE5lOG5EdnNVSnhOWDg2WjE2SFZtdnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueNaMA0G
CSqGSIb3DQEBCwUAA4IBAQAb8q5h2Vq7l3Jp5WSDIuly2CYJ06o2495Gj3xjR6Xz
9DBJwAZk+vB3XuafApouoPPARW2Q+9bnm+oQBeDnMOT37Hkpp1m6WARMCsMrnbok
zmrDj2Pf1E+BPjXDTFynB761wAWHbF58l4WMvQkhWtdxqaJoNGTKaG7n6JYfcN0e
U+7fEtkaHsog7mDcGWvLrbjaE2hzq3XIhtZFBzJV0CCqQ4HMJ+Lc5dJUNY+odpiu
vAo3mduK6WmexDF6WJt/DsJrFtnd0X0xup/Op7w0jVXDxtU9Ghqa4p1zOP0TEnVl
E71Wh2hPKBD3RPwlvQho4Kc4HKoR+8kF9GKPyThfYDB/
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:57:50 2025 by rpki-client