Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/549477-4a82-42bc-839e-4f9840defa1f/1/2sMuB3L4wKNk6KQ1vUkgecapqPs.roa
File: 2sMuB3L4wKNk6KQ1vUkgecapqPs.roa (raw, json)
Hash identifier: a+lo4xla0hStaCSeWZ2tmrm8LUp0PkG7cZXb4aMXUeo=
Subject key identifier: DA:C3:2E:07:72:F8:C0:A3:64:E8:A4:35:BD:49:20:79:C6:A9:A8:FB
Certificate issuer: /CN=d05a85c45bf53c3d88a76695aafebbd4aa77bbc1
Certificate serial: 019422FB81F6B48708868291DDC3C0F1F3C9
Authority key identifier: D0:5A:85:C4:5B:F5:3C:3D:88:A7:66:95:AA:FE:BB:D4:AA:77:BB:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0FqFxFv1PD2Ip2aVqv671Kp3u8E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/549477-4a82-42bc-839e-4f9840defa1f/1/2sMuB3L4wKNk6KQ1vUkgecapqPs.roa
Signing time: Wed 01 Jan 2025 17:48:15 +0000
ROA not before: Wed 01 Jan 2025 17:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41906
IP address blocks: 185.88.116.0/22 maxlen: 22
185.88.116.0/23 maxlen: 23
185.88.118.0/23 maxlen: 23
2a05:ca40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:81:f6:b4:87:08:86:82:91:dd:c3:c0:f1:f3:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d05a85c45bf53c3d88a76695aafebbd4aa77bbc1
Validity
Not Before: Jan 1 17:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dac32e0772f8c0a364e8a435bd492079c6a9a8fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ae:e4:39:64:bd:7f:e5:28:5f:76:42:04:cc:
b7:72:0f:9d:d3:fe:7e:ad:5b:61:0b:50:6f:0a:93:
00:99:7f:a5:3a:13:93:37:73:58:e4:6b:86:6d:8d:
5a:cd:2d:8a:c2:d4:cf:81:a1:47:43:b0:80:dc:6f:
d6:d9:32:b8:bf:57:e9:8e:00:48:ff:56:2e:ee:c1:
e6:a8:30:56:32:aa:2f:cc:f5:03:1c:96:42:5a:24:
56:ed:2c:58:56:3f:c7:7e:69:e3:50:f8:b0:f0:55:
45:2b:bb:49:44:c1:bd:62:0a:27:18:ee:e4:8c:a5:
5c:81:b4:9e:0c:80:20:36:64:21:71:b2:f4:6b:44:
1d:38:86:a5:43:93:55:cd:2a:1e:d0:06:79:0d:a3:
51:f8:1f:eb:b3:3b:c7:01:be:9e:ba:4e:fe:b9:23:
d1:59:11:21:25:08:92:90:62:fe:87:97:da:9e:a7:
71:9c:40:18:a4:39:65:dd:dd:41:49:ef:39:fc:10:
59:ac:0d:70:f4:64:35:44:5a:5c:ad:53:87:a2:46:
d1:36:db:1c:75:09:2b:0a:04:ae:a5:9e:a5:26:47:
53:e8:97:cf:44:59:ac:22:45:3b:26:00:c6:38:0c:
81:42:eb:c0:51:6f:b3:0c:93:e6:3d:3b:56:08:ee:
74:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C3:2E:07:72:F8:C0:A3:64:E8:A4:35:BD:49:20:79:C6:A9:A8:FB
X509v3 Authority Key Identifier:
keyid:D0:5A:85:C4:5B:F5:3C:3D:88:A7:66:95:AA:FE:BB:D4:AA:77:BB:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0FqFxFv1PD2Ip2aVqv671Kp3u8E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/549477-4a82-42bc-839e-4f9840defa1f/1/2sMuB3L4wKNk6KQ1vUkgecapqPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/549477-4a82-42bc-839e-4f9840defa1f/1/0FqFxFv1PD2Ip2aVqv671Kp3u8E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.116.0/22
IPv6:
2a05:ca40::/29
Signature Algorithm: sha256WithRSAEncryption
3c:55:ae:e8:9e:ed:a0:00:fc:3b:82:44:eb:b4:1e:1d:ae:0a:
44:9f:47:99:25:a9:b5:b8:3c:9d:84:6d:34:82:c3:16:af:aa:
c5:0f:e9:7b:af:73:20:df:8b:0b:4f:20:54:8b:44:cd:32:01:
25:d5:8d:92:00:70:ec:50:d8:7e:ad:62:5e:5e:c3:30:ed:88:
c6:21:dd:be:69:89:36:0a:67:f2:07:ae:bd:ab:9c:ba:e6:3a:
3c:11:ff:dd:ab:dc:23:5f:04:82:0d:09:a3:1b:38:26:ef:c9:
39:d7:c3:7a:ea:03:1d:3e:84:5a:98:85:94:2b:a1:1b:16:68:
b8:11:15:a3:1c:97:e9:21:34:02:b1:de:90:b4:a3:ef:e9:44:
47:11:ef:10:3f:37:df:68:d6:26:30:8d:cc:e8:0d:23:2b:73:
2a:cf:74:7f:0d:58:2c:e6:98:e3:c7:75:4d:fe:de:1a:b2:af:
50:e4:b6:98:02:0b:71:75:0d:5e:c7:c4:1a:66:77:2b:5c:76:
c3:58:62:55:f9:d1:69:a1:7e:e2:76:5f:3e:37:cc:ad:98:4e:
87:71:ec:45:00:7f:2c:c6:d5:68:47:bd:82:d3:48:ca:01:8d:
ca:c7:88:79:cb:2a:ac:5a:fe:62:31:79:bc:b3:fb:f2:75:b4:
a4:f0:28:31
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi+4H2tIcIhoKR3cPA8fPJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNWE4NWM0NWJmNTNjM2Q4OGE3NjY5NWFhZmViYmQ0YWE3
N2JiYzEwHhcNMjUwMTAxMTc0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWMzMmUwNzcyZjhjMGEzNjRlOGE0MzViZDQ5MjA3OWM2YTlhOGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz67kOWS9f+UoX3ZCBMy3cg+d0/5+
rVthC1BvCpMAmX+lOhOTN3NY5GuGbY1azS2KwtTPgaFHQ7CA3G/W2TK4v1fpjgBI
/1Yu7sHmqDBWMqovzPUDHJZCWiRW7SxYVj/HfmnjUPiw8FVFK7tJRMG9YgonGO7k
jKVcgbSeDIAgNmQhcbL0a0QdOIalQ5NVzSoe0AZ5DaNR+B/rszvHAb6euk7+uSPR
WREhJQiSkGL+h5fanqdxnEAYpDll3d1BSe85/BBZrA1w9GQ1RFpcrVOHokbRNtsc
dQkrCgSupZ6lJkdT6JfPRFmsIkU7JgDGOAyBQuvAUW+zDJPmPTtWCO50ewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNrDLgdy+MCjZOikNb1JIHnGqaj7MB8GA1UdIwQY
MBaAFNBahcRb9Tw9iKdmlar+u9Sqd7vBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEZxRnhGdjFQRDJJcDJhVnF2NjcxS3AzdThFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81NDk0NzctNGE4Mi00MmJjLTgzOWUt
NGY5ODQwZGVmYTFmLzEvMnNNdUIzTDR3S05rNktRMXZVa2dlY2FwcVBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81NDk0NzctNGE4Mi00MmJjLTgzOWUtNGY5ODQwZGVmYTFm
LzEvMEZxRnhGdjFQRDJJcDJhVnF2NjcxS3AzdThFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVh0MA0E
AgACMAcDBQMqBcpAMA0GCSqGSIb3DQEBCwUAA4IBAQA8Va7onu2gAPw7gkTrtB4d
rgpEn0eZJam1uDydhG00gsMWr6rFD+l7r3Mg34sLTyBUi0TNMgEl1Y2SAHDsUNh+
rWJeXsMw7YjGId2+aYk2CmfyB669q5y65jo8Ef/dq9wjXwSCDQmjGzgm78k518N6
6gMdPoRamIWUK6EbFmi4ERWjHJfpITQCsd6QtKPv6URHEe8QPzffaNYmMI3M6A0j
K3Mqz3R/DVgs5pjjx3VN/t4asq9Q5LaYAgtxdQ1ex8QaZncrXHbDWGJV+dFpoX7i
dl8+N8ytmE6HcexFAH8sxtVoR72C00jKAY3Kx4h5yyqsWv5iMXm8s/vydbSk8Cgx
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:31:05 2025 by rpki-client