Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/f8bb1b-d6fd-49a1-9653-ff157bef0621/1/tUl8P-y5bOzYwqJaDIXUJLGVtRQ.roa
File: tUl8P-y5bOzYwqJaDIXUJLGVtRQ.roa (raw, json)
Hash identifier: Kubo4xEqQpoXiwJGXVdm0S6bfnbCHgv2XkC42u1QVQ4=
Subject key identifier: B5:49:7C:3F:EC:B9:6C:EC:D8:C2:A2:5A:0C:85:D4:24:B1:95:B5:14
Certificate issuer: /CN=dd82de4f1304339fde527ba06033ca9e511171bd
Certificate serial: 018BC1D3619D5E2F29583C37586B6EEB42A8
Authority key identifier: DD:82:DE:4F:13:04:33:9F:DE:52:7B:A0:60:33:CA:9E:51:11:71:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3YLeTxMEM5_eUnugYDPKnlERcb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/f8bb1b-d6fd-49a1-9653-ff157bef0621/1/tUl8P-y5bOzYwqJaDIXUJLGVtRQ.roa
Signing time: Sun 12 Nov 2023 04:38:57 +0000
ROA not before: Sun 12 Nov 2023 04:38:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48944
IP address blocks: 185.86.183.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c1:d3:61:9d:5e:2f:29:58:3c:37:58:6b:6e:eb:42:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd82de4f1304339fde527ba06033ca9e511171bd
Validity
Not Before: Nov 12 04:38:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5497c3fecb96cecd8c2a25a0c85d424b195b514
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:4e:0c:82:38:8e:a6:e6:9b:7f:41:8b:fd:7a:
b1:57:7d:70:ef:de:58:90:06:d8:0c:31:b2:3d:2d:
40:ff:f9:d2:8c:c1:d7:b0:f9:76:60:88:d6:3d:bf:
81:2e:d6:b7:f8:f3:c2:0b:80:c9:d8:ea:f1:a4:ba:
37:1a:38:af:dc:18:fe:1a:fc:3b:02:d1:b9:2e:ea:
52:43:3f:21:1d:e9:e2:80:4f:c9:d5:25:18:42:79:
ad:b8:fb:91:4e:20:1a:fc:2c:c0:79:76:97:00:ea:
0a:b3:91:0a:fd:b5:62:b7:32:7b:4f:4d:90:49:5f:
dc:5c:4a:09:84:4c:ea:e1:1a:2b:8a:99:4a:1c:a2:
15:db:3e:d5:8d:d8:5a:2c:59:3c:50:96:4e:37:d6:
53:2e:61:c9:c4:76:a1:86:56:56:4d:80:cc:4e:8c:
6a:a4:1b:44:16:22:47:21:af:78:19:5f:9a:72:8e:
fb:dc:53:24:6c:36:8f:b8:24:79:d7:3b:ab:65:a6:
e1:86:d5:c7:ab:c3:d2:83:dc:2e:23:84:5f:91:14:
25:2e:53:b6:5b:82:a7:c2:5d:4a:c1:5c:15:81:3e:
68:7c:bb:bd:a4:ed:3f:77:36:8d:e5:07:2a:dc:c7:
0f:21:18:f0:c5:e1:bf:96:57:48:21:b4:5b:91:29:
fe:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:49:7C:3F:EC:B9:6C:EC:D8:C2:A2:5A:0C:85:D4:24:B1:95:B5:14
X509v3 Authority Key Identifier:
keyid:DD:82:DE:4F:13:04:33:9F:DE:52:7B:A0:60:33:CA:9E:51:11:71:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3YLeTxMEM5_eUnugYDPKnlERcb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f8bb1b-d6fd-49a1-9653-ff157bef0621/1/tUl8P-y5bOzYwqJaDIXUJLGVtRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f8bb1b-d6fd-49a1-9653-ff157bef0621/1/3YLeTxMEM5_eUnugYDPKnlERcb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.183.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:47:73:32:88:36:27:38:d1:52:1a:98:e3:9c:63:f3:34:52:
cd:e8:06:3a:ab:29:61:59:95:73:7d:5a:21:44:c6:a2:e7:a8:
31:9f:75:d2:5e:0c:11:ff:69:3c:26:c6:0c:41:90:d6:79:e5:
e5:8a:92:88:94:a2:fd:38:d9:fd:a0:59:9c:3e:47:59:ef:1f:
fc:b3:95:5d:51:aa:17:18:96:8a:62:f4:81:b0:74:00:a3:59:
c3:2e:66:8c:9c:7d:8d:90:f0:45:1a:ea:6a:a0:f9:e5:8c:a1:
64:7a:d0:f0:c5:1b:d0:cc:a8:d7:53:fd:5d:8c:9a:d1:31:0e:
d0:78:c9:27:4a:4d:5f:7a:dd:ab:c1:09:e4:3e:9d:bf:46:18:
29:86:d8:3e:fc:0e:7d:e8:5a:8e:4b:de:82:b6:04:01:96:46:
a0:cd:ca:c4:54:fd:07:b1:0f:52:97:4a:a0:f3:88:2f:d2:24:
2a:01:09:e3:87:93:a3:c7:2a:8a:d6:06:7c:ce:63:cc:29:53:
57:a9:e0:1d:6d:f1:40:4f:19:94:68:49:7c:57:93:10:b4:8f:
38:cc:ac:d3:dc:00:f8:fd:59:2d:60:36:7c:26:4c:8c:33:bf:
b4:db:0e:73:da:ed:02:1e:f1:0f:25:66:2f:23:46:25:04:36:
0b:ce:36:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvB02GdXi8pWDw3WGtu60KoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkODJkZTRmMTMwNDMzOWZkZTUyN2JhMDYwMzNjYTllNTEx
MTcxYmQwHhcNMjMxMTEyMDQzODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTQ5N2MzZmVjYjk2Y2VjZDhjMmEyNWEwYzg1ZDQyNGIxOTViNTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhk4MgjiOpuabf0GL/XqxV31w795Y
kAbYDDGyPS1A//nSjMHXsPl2YIjWPb+BLta3+PPCC4DJ2OrxpLo3Gjiv3Bj+Gvw7
AtG5LupSQz8hHenigE/J1SUYQnmtuPuRTiAa/CzAeXaXAOoKs5EK/bVitzJ7T02Q
SV/cXEoJhEzq4RoriplKHKIV2z7VjdhaLFk8UJZON9ZTLmHJxHahhlZWTYDMToxq
pBtEFiJHIa94GV+aco773FMkbDaPuCR51zurZabhhtXHq8PSg9wuI4RfkRQlLlO2
W4Knwl1KwVwVgT5ofLu9pO0/dzaN5Qcq3McPIRjwxeG/lldIIbRbkSn+WQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLVJfD/suWzs2MKiWgyF1CSxlbUUMB8GA1UdIwQY
MBaAFN2C3k8TBDOf3lJ7oGAzyp5REXG9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1lMZVR4TUVNNV9lVW51Z1lEUEtubEVSY2IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9mOGJiMWItZDZmZC00OWExLTk2NTMt
ZmYxNTdiZWYwNjIxLzEvdFVsOFAteTViT3pZd3FKYURJWFVKTEdWdFJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9mOGJiMWItZDZmZC00OWExLTk2NTMtZmYxNTdiZWYwNjIx
LzEvM1lMZVR4TUVNNV9lVW51Z1lEUEtubEVSY2IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVa3MA0G
CSqGSIb3DQEBCwUAA4IBAQAuR3MyiDYnONFSGpjjnGPzNFLN6AY6qylhWZVzfVoh
RMai56gxn3XSXgwR/2k8JsYMQZDWeeXlipKIlKL9ONn9oFmcPkdZ7x/8s5VdUaoX
GJaKYvSBsHQAo1nDLmaMnH2NkPBFGupqoPnljKFketDwxRvQzKjXU/1djJrRMQ7Q
eMknSk1fet2rwQnkPp2/Rhgphtg+/A596FqOS96CtgQBlkagzcrEVP0HsQ9Sl0qg
84gv0iQqAQnjh5OjxyqK1gZ8zmPMKVNXqeAdbfFATxmUaEl8V5MQtI84zKzT3AD4
/VktYDZ8JkyMM7+02w5z2u0CHvEPJWYvI0YlBDYLzja1
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:28:48 2025 by rpki-client