Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/w-uN_1VCR8_SOj5bY-QHNqktijQ.roa
File: w-uN_1VCR8_SOj5bY-QHNqktijQ.roa (raw, json)
Hash identifier: 0MkMfXtYvuQQQ2rI12rE9KqS+DI9qKcacxegwXpKbvg=
Subject key identifier: C3:EB:8D:FF:55:42:47:CF:D2:3A:3E:5B:63:E4:07:36:A9:2D:8A:34
Certificate issuer: /CN=865122c0e562e407976823d94e19e2a794f8cb62
Certificate serial: 019422FC44C417C5536E9F4D450B8AA395EE
Authority key identifier: 86:51:22:C0:E5:62:E4:07:97:68:23:D9:4E:19:E2:A7:94:F8:CB:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hlEiwOVi5AeXaCPZThnip5T4y2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/w-uN_1VCR8_SOj5bY-QHNqktijQ.roa
Signing time: Wed 01 Jan 2025 17:49:05 +0000
ROA not before: Wed 01 Jan 2025 17:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205068
IP address blocks: 185.166.164.0/22 maxlen: 22
2a0d:3080::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:44:c4:17:c5:53:6e:9f:4d:45:0b:8a:a3:95:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=865122c0e562e407976823d94e19e2a794f8cb62
Validity
Not Before: Jan 1 17:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c3eb8dff554247cfd23a3e5b63e40736a92d8a34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ad:9f:27:3b:fa:9c:c9:60:9a:b5:44:07:89:
30:16:dd:0a:0d:85:c5:66:46:39:c2:61:3c:61:56:
b8:b6:f3:dd:9f:79:0a:64:bb:02:ea:74:c4:bd:ab:
e7:0c:6b:6e:3e:b2:b6:8d:ba:c3:a7:ba:01:15:25:
26:89:05:28:8a:4e:85:6f:e0:e0:d1:21:4d:df:bf:
2b:77:0c:23:b3:fe:6b:50:73:bd:f6:39:fc:96:4e:
4e:ed:39:1a:b1:c2:45:b6:b7:ef:47:4d:0c:f5:ac:
6d:53:d6:7e:d7:25:16:40:9f:f1:0d:73:9a:a8:3c:
94:64:e6:81:37:4b:ec:17:46:dc:d5:86:ab:ab:3a:
0e:38:2a:31:5a:a0:c8:e9:34:20:bc:53:af:23:1b:
a2:27:77:c4:9c:c4:6d:ef:25:2c:dd:cb:fb:1c:98:
00:23:95:ad:46:5f:ed:14:f6:4a:0c:4f:3a:1e:c3:
12:46:11:0b:e9:f8:ee:36:7a:83:dd:ac:28:d2:98:
e2:fe:98:22:53:30:08:ac:8f:c8:12:05:82:9d:7c:
54:4a:5a:66:42:a0:14:3d:15:51:95:dd:5d:88:18:
3c:94:9b:18:29:b0:c6:40:8c:e7:de:f8:fa:a3:df:
8a:55:96:07:15:57:71:64:a7:c8:b6:c9:d2:f4:58:
51:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:EB:8D:FF:55:42:47:CF:D2:3A:3E:5B:63:E4:07:36:A9:2D:8A:34
X509v3 Authority Key Identifier:
keyid:86:51:22:C0:E5:62:E4:07:97:68:23:D9:4E:19:E2:A7:94:F8:CB:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hlEiwOVi5AeXaCPZThnip5T4y2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/w-uN_1VCR8_SOj5bY-QHNqktijQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/hlEiwOVi5AeXaCPZThnip5T4y2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.164.0/22
IPv6:
2a0d:3080::/29
Signature Algorithm: sha256WithRSAEncryption
24:ed:84:62:dd:22:c5:f8:d4:67:4a:4c:01:d9:4f:36:f5:e1:
06:b1:40:39:5e:69:17:15:c9:5a:bb:a6:61:cc:7a:7e:6e:0c:
27:6d:34:e2:68:37:bb:9f:d4:fa:f6:5a:ce:7a:cb:d3:40:7d:
f0:a9:c7:f4:a6:38:71:96:01:bf:b5:74:8b:a8:c4:0c:29:74:
3a:d2:a7:0c:bd:13:62:48:9d:ff:e4:9f:9f:de:10:a8:8a:f0:
ab:b1:02:54:d5:6b:03:c9:cd:6e:a4:52:fe:01:46:dd:46:c0:
24:6c:cc:37:c5:80:ae:d3:cb:08:6f:de:0c:d4:3c:b3:57:b9:
53:7a:5c:8d:99:23:98:8d:aa:af:84:84:8d:fc:52:bb:da:09:
60:02:8f:66:75:08:6e:4c:e1:e6:73:e4:40:0e:50:cc:0f:3e:
91:41:db:d0:41:fa:47:a6:a7:f8:3f:01:98:6c:e0:20:af:b0:
0a:90:87:66:89:2d:27:17:61:73:52:9c:20:18:87:de:79:11:
7e:9f:ae:b5:92:8c:25:ef:c1:37:ad:b2:ca:53:f5:af:38:61:
f8:90:9e:e0:84:94:69:be:4d:5b:87:18:59:cd:2f:d2:48:b9:
fa:bd:06:40:d2:e1:a8:bf:58:36:5f:fa:27:34:b2:4a:e4:0d:
38:68:bb:b1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi/ETEF8VTbp9NRQuKo5XuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NTEyMmMwZTU2MmU0MDc5NzY4MjNkOTRlMTllMmE3OTRm
OGNiNjIwHhcNMjUwMTAxMTc0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2ViOGRmZjU1NDI0N2NmZDIzYTNlNWI2M2U0MDczNmE5MmQ4YTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt62fJzv6nMlgmrVEB4kwFt0KDYXF
ZkY5wmE8YVa4tvPdn3kKZLsC6nTEvavnDGtuPrK2jbrDp7oBFSUmiQUoik6Fb+Dg
0SFN378rdwwjs/5rUHO99jn8lk5O7TkascJFtrfvR00M9axtU9Z+1yUWQJ/xDXOa
qDyUZOaBN0vsF0bc1YarqzoOOCoxWqDI6TQgvFOvIxuiJ3fEnMRt7yUs3cv7HJgA
I5WtRl/tFPZKDE86HsMSRhEL6fjuNnqD3awo0pji/pgiUzAIrI/IEgWCnXxUSlpm
QqAUPRVRld1diBg8lJsYKbDGQIzn3vj6o9+KVZYHFVdxZKfItsnS9FhRNwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMPrjf9VQkfP0jo+W2PkBzapLYo0MB8GA1UdIwQY
MBaAFIZRIsDlYuQHl2gj2U4Z4qeU+MtiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGxFaXdPVmk1QWVYYUNQWlRobmlwNVQ0eTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8wMjhiODItZmUwMy00MDI1LTk3NjUt
YjhkZDE4ZTQ4ZTg2LzEvdy11Tl8xVkNSOF9TT2o1YlktUUhOcWt0aWpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8wMjhiODItZmUwMy00MDI1LTk3NjUtYjhkZDE4ZTQ4ZTg2
LzEvaGxFaXdPVmk1QWVYYUNQWlRobmlwNVQ0eTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaakMA0E
AgACMAcDBQMqDTCAMA0GCSqGSIb3DQEBCwUAA4IBAQAk7YRi3SLF+NRnSkwB2U82
9eEGsUA5XmkXFclau6ZhzHp+bgwnbTTiaDe7n9T69lrOesvTQH3wqcf0pjhxlgG/
tXSLqMQMKXQ60qcMvRNiSJ3/5J+f3hCoivCrsQJU1WsDyc1upFL+AUbdRsAkbMw3
xYCu08sIb94M1DyzV7lTelyNmSOYjaqvhISN/FK72glgAo9mdQhuTOHmc+RADlDM
Dz6RQdvQQfpHpqf4PwGYbOAgr7AKkIdmiS0nF2FzUpwgGIfeeRF+n661kowl78E3
rbLKU/WvOGH4kJ7ghJRpvk1bhxhZzS/SSLn6vQZA0uGov1g2X/onNLJK5A04aLux
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:16:05 2025 by rpki-client