Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/a4ae7b-6963-477b-a47f-e6abfea83043/1/8GP3yKCk2aqRLyF6QHbgr8o-oYM.roa
File: 8GP3yKCk2aqRLyF6QHbgr8o-oYM.roa (raw, json)
Hash identifier: eS0Tjmni+rQ1YuHWLNtCac5t65i9CGpA36avGNsZKfs=
Subject key identifier: F0:63:F7:C8:A0:A4:D9:AA:91:2F:21:7A:40:76:E0:AF:CA:3E:A1:83
Certificate issuer: /CN=829bfa079e9ff9cf102631ea9a2c253576dc2b79
Certificate serial: 018570704D8D8EB3CD33849E1BF0D765C90F
Authority key identifier: 82:9B:FA:07:9E:9F:F9:CF:10:26:31:EA:9A:2C:25:35:76:DC:2B:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gpv6B56f-c8QJjHqmiwlNXbcK3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/a4ae7b-6963-477b-a47f-e6abfea83043/1/8GP3yKCk2aqRLyF6QHbgr8o-oYM.roa
Signing time: Mon 02 Jan 2023 03:04:46 +0000
ROA not before: Mon 02 Jan 2023 03:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198034
IP address blocks: 185.153.30.0/23 maxlen: 23
185.153.28.0/23 maxlen: 23
2a12:9240::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:4d:8d:8e:b3:cd:33:84:9e:1b:f0:d7:65:c9:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=829bfa079e9ff9cf102631ea9a2c253576dc2b79
Validity
Not Before: Jan 2 03:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f063f7c8a0a4d9aa912f217a4076e0afca3ea183
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:82:09:73:57:0f:9d:b5:ce:0d:79:5a:4c:cd:
cf:e3:22:b7:30:28:ee:80:31:30:54:a2:eb:d7:dd:
40:7a:4a:16:d0:ea:12:2c:15:ac:0e:42:4a:35:be:
bf:33:2b:ed:6c:09:4b:6e:b8:48:25:2c:7e:48:dd:
09:45:e0:34:67:08:20:c7:aa:2e:24:2b:ff:56:b8:
0c:b4:69:d9:ff:79:8c:5e:9d:e2:03:b5:41:f7:48:
7b:54:6d:32:d3:ab:06:ca:dd:88:4f:b6:4b:6a:b3:
d2:dc:05:a9:53:f8:9f:1e:a3:94:e5:47:ae:48:ae:
72:77:7f:3d:8f:10:4b:5b:da:90:c2:45:5d:87:3b:
8e:13:58:f2:f9:24:da:39:04:da:a4:3b:81:76:75:
0c:49:31:c2:24:55:35:47:06:91:56:dc:d0:b5:6e:
57:8e:90:ea:d0:30:38:75:b0:77:93:e2:18:66:de:
db:e9:b5:fe:e1:bd:14:da:16:8d:fa:ca:4b:8d:a8:
d0:41:82:6e:c5:3c:aa:46:c1:dd:40:e0:7b:cd:8c:
d8:93:9a:89:2e:7e:51:f5:3e:a4:df:c8:68:4d:9c:
f9:d1:bc:3a:7a:6a:32:73:08:c2:67:9b:19:93:5f:
73:10:3c:b4:f3:67:49:26:8f:f5:ad:d0:11:c2:23:
ac:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:63:F7:C8:A0:A4:D9:AA:91:2F:21:7A:40:76:E0:AF:CA:3E:A1:83
X509v3 Authority Key Identifier:
keyid:82:9B:FA:07:9E:9F:F9:CF:10:26:31:EA:9A:2C:25:35:76:DC:2B:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gpv6B56f-c8QJjHqmiwlNXbcK3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/a4ae7b-6963-477b-a47f-e6abfea83043/1/8GP3yKCk2aqRLyF6QHbgr8o-oYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/a4ae7b-6963-477b-a47f-e6abfea83043/1/gpv6B56f-c8QJjHqmiwlNXbcK3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.28.0/22
IPv6:
2a12:9240::/32
Signature Algorithm: sha256WithRSAEncryption
7e:e4:e0:39:71:c3:90:22:c0:d0:2e:61:59:51:5a:33:69:23:
f1:07:75:ea:d3:93:8f:67:d0:e2:38:d9:67:cb:fa:e6:21:46:
70:19:84:a3:c0:42:c4:21:eb:2e:f2:bf:b8:85:6c:62:d4:69:
e7:45:16:ee:99:a3:c8:b5:5b:bd:26:63:66:f2:7d:15:93:f2:
e2:be:63:6f:09:3e:dd:e8:cb:ed:23:e1:b3:39:72:77:9b:c0:
b3:05:05:6d:a9:06:2d:d5:2a:98:ed:27:9f:80:2b:05:d6:ab:
9f:fb:f0:cc:4c:d5:4f:36:8a:f9:1a:20:c6:bc:0a:4f:fb:57:
53:9a:03:4d:ff:9c:ff:8b:d2:be:a8:6c:19:33:96:bf:25:64:
ac:29:80:f8:c8:ab:3d:f9:c7:8a:31:71:e5:35:2a:a2:6a:01:
89:44:1d:6d:ec:45:2c:84:04:f5:87:5a:4d:64:5c:b0:5e:2a:
00:fc:e7:25:2c:76:fd:a7:b1:00:5d:a7:6a:95:90:2c:64:f0:
f8:e1:db:51:0a:a0:95:72:e1:ed:68:b2:62:2f:66:f9:8b:06:
0e:83:99:f8:13:b5:7d:11:a8:5b:5f:08:03:89:97:89:e3:c2:
8c:63:6a:54:dd:71:29:ce:66:79:2d:50:c7:93:39:04:c8:8a:
86:91:2a:57
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwcE2NjrPNM4SeG/DXZckPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyOWJmYTA3OWU5ZmY5Y2YxMDI2MzFlYTlhMmMyNTM1NzZk
YzJiNzkwHhcNMjMwMTAyMDMwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDYzZjdjOGEwYTRkOWFhOTEyZjIxN2E0MDc2ZTBhZmNhM2VhMTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIIJc1cPnbXODXlaTM3P4yK3MCju
gDEwVKLr191AekoW0OoSLBWsDkJKNb6/MyvtbAlLbrhIJSx+SN0JReA0Zwggx6ou
JCv/VrgMtGnZ/3mMXp3iA7VB90h7VG0y06sGyt2IT7ZLarPS3AWpU/ifHqOU5Ueu
SK5yd389jxBLW9qQwkVdhzuOE1jy+STaOQTapDuBdnUMSTHCJFU1RwaRVtzQtW5X
jpDq0DA4dbB3k+IYZt7b6bX+4b0U2haN+spLjajQQYJuxTyqRsHdQOB7zYzYk5qJ
Ln5R9T6k38hoTZz50bw6emoycwjCZ5sZk19zEDy082dJJo/1rdARwiOsSQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPBj98igpNmqkS8hekB24K/KPqGDMB8GA1UdIwQY
MBaAFIKb+geen/nPECYx6posJTV23Ct5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3B2NkI1NmYtYzhRSmpIcW1pd2xOWGJjSzNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9hNGFlN2ItNjk2My00NzdiLWE0N2Yt
ZTZhYmZlYTgzMDQzLzEvOEdQM3lLQ2syYXFSTHlGNlFIYmdyOG8tb1lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9hNGFlN2ItNjk2My00NzdiLWE0N2YtZTZhYmZlYTgzMDQz
LzEvZ3B2NkI1NmYtYzhRSmpIcW1pd2xOWGJjSzNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZkcMA0E
AgACMAcDBQAqEpJAMA0GCSqGSIb3DQEBCwUAA4IBAQB+5OA5ccOQIsDQLmFZUVoz
aSPxB3Xq05OPZ9DiONlny/rmIUZwGYSjwELEIesu8r+4hWxi1GnnRRbumaPItVu9
JmNm8n0Vk/LivmNvCT7d6MvtI+GzOXJ3m8CzBQVtqQYt1SqY7SefgCsF1quf+/DM
TNVPNor5GiDGvApP+1dTmgNN/5z/i9K+qGwZM5a/JWSsKYD4yKs9+ceKMXHlNSqi
agGJRB1t7EUshAT1h1pNZFywXioA/OclLHb9p7EAXadqlZAsZPD44dtRCqCVcuHt
aLJiL2b5iwYOg5n4E7V9EahbXwgDiZeJ48KMY2pU3XEpzmZ5LVDHkzkEyIqGkSpX
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:07:25 2025 by rpki-client