Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/2f2fb0-8658-45ce-b4bb-5bfb21c397a8/1/PsM_OJ_YjVWYykPL60IMaPUgVrI.roa
File: PsM_OJ_YjVWYykPL60IMaPUgVrI.roa (raw, json)
Hash identifier: xvMWdZDCXzbUr4RKK+EZg+DuIVbaRyCMxh9MhqtwOj4=
Subject key identifier: 3E:C3:3F:38:9F:D8:8D:55:98:CA:43:CB:EB:42:0C:68:F5:20:56:B2
Certificate issuer: /CN=85acea27e1a37d6d5b5e1791b2250b87fd907eff
Certificate serial: 03F8A789
Authority key identifier: 85:AC:EA:27:E1:A3:7D:6D:5B:5E:17:91:B2:25:0B:87:FD:90:7E:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hazqJ-GjfW1bXheRsiULh_2Qfv8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/2f2fb0-8658-45ce-b4bb-5bfb21c397a8/1/PsM_OJ_YjVWYykPL60IMaPUgVrI.roa
Signing time: Sat 01 Jan 2022 01:01:02 +0000
ROA not before: Sat 01 Jan 2022 01:01:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212773
IP address blocks: 185.160.156.0/22 maxlen: 22
2a07:be80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66627465 (0x3f8a789)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85acea27e1a37d6d5b5e1791b2250b87fd907eff
Validity
Not Before: Jan 1 01:01:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ec33f389fd88d5598ca43cbeb420c68f52056b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:31:59:41:64:e2:cd:c5:d0:87:0e:c2:bc:44:
08:c9:3e:94:7a:88:3e:0c:24:c5:4a:50:2d:a2:84:
31:16:2d:d3:16:6c:b3:a5:35:ad:7a:93:8f:6a:8d:
f0:53:7b:6c:6f:1b:4d:4f:52:1c:ae:4e:e4:cb:da:
09:fc:b3:38:a0:b6:14:b2:16:f0:69:72:1f:9b:55:
fd:26:52:70:44:bd:9f:27:8f:d2:9e:61:9b:dd:d8:
96:e8:33:d9:01:aa:e6:f0:bf:f3:b2:66:6a:22:b1:
ae:b2:c6:ed:ce:2b:72:5a:cf:bc:16:d1:a8:bb:de:
58:ec:2b:c5:01:00:89:00:ba:c3:6c:8b:f1:6e:da:
16:41:82:b1:2f:2d:dc:64:bd:70:cf:53:0b:5a:69:
21:5b:54:1d:55:de:d2:55:58:39:1d:5e:c1:32:96:
d8:bb:54:d7:97:af:a9:72:a7:c7:82:76:e5:f5:93:
b3:67:22:4f:f9:47:a3:45:d3:8e:1b:63:e3:8b:3a:
b3:3c:70:88:e9:4d:6f:e9:75:d1:0d:23:7f:8c:52:
2b:28:23:5d:f3:f9:61:90:5e:d9:0b:a0:04:08:89:
4a:d2:50:df:ec:e9:86:02:72:68:fe:b3:32:c1:38:
19:4d:01:3f:cd:b6:98:2c:8c:c1:cf:1b:bf:be:df:
d8:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:C3:3F:38:9F:D8:8D:55:98:CA:43:CB:EB:42:0C:68:F5:20:56:B2
X509v3 Authority Key Identifier:
keyid:85:AC:EA:27:E1:A3:7D:6D:5B:5E:17:91:B2:25:0B:87:FD:90:7E:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hazqJ-GjfW1bXheRsiULh_2Qfv8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2f2fb0-8658-45ce-b4bb-5bfb21c397a8/1/PsM_OJ_YjVWYykPL60IMaPUgVrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2f2fb0-8658-45ce-b4bb-5bfb21c397a8/1/hazqJ-GjfW1bXheRsiULh_2Qfv8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.156.0/22
IPv6:
2a07:be80::/29
Signature Algorithm: sha256WithRSAEncryption
6f:d8:58:37:e0:d1:78:b0:32:78:64:97:fe:55:fb:a4:bd:6c:
b0:c2:5b:8f:47:ec:fe:de:7f:a5:03:17:4e:0c:49:f5:bf:2f:
6f:ac:f2:ba:ce:ad:6c:10:18:55:85:c2:af:cc:d8:85:bd:21:
92:8c:4c:44:c9:e4:cc:f5:97:59:1d:b2:4f:9a:02:17:9b:ac:
00:08:fa:21:84:2e:64:56:cf:26:98:e4:15:e1:e8:0c:c6:eb:
cc:4a:d0:08:66:3f:ce:ba:27:22:6a:32:1c:5d:6f:f7:d9:44:
1e:f4:0c:de:86:4d:fa:1b:50:e9:9f:2e:bd:6e:f8:f8:68:a7:
47:66:6d:88:71:e7:62:7e:6d:8c:2f:12:03:5d:65:dd:eb:e8:
3f:a7:0c:57:db:bc:bf:37:ac:b2:12:3c:cb:44:d7:8f:80:12:
2f:a0:06:a6:b1:03:26:c4:ca:0d:5d:eb:55:00:f1:08:f4:78:
48:d5:f7:cf:5d:e2:39:f3:58:8d:8e:8e:cf:83:5d:a5:ac:a5:
c7:7e:5b:bc:65:e7:2b:f4:6a:ad:d5:e4:4a:a9:53:9f:35:7f:
45:d6:71:80:20:f8:54:98:27:c4:f9:76:d2:18:9f:06:da:a3:
c6:eb:8d:16:0d:aa:18:36:1e:06:0b:a3:32:1b:ce:02:59:31:
90:2c:11:43
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEA/iniTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NWFjZWEyN2UxYTM3ZDZkNWI1ZTE3OTFiMjI1MGI4N2ZkOTA3ZWZmMB4XDTIyMDEw
MTAxMDEwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2VjMzNmMzg5ZmQ4
OGQ1NTk4Y2E0M2NiZWI0MjBjNjhmNTIwNTZiMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI4xWUFk4s3F0IcOwrxECMk+lHqIPgwkxUpQLaKEMRYt0xZs
s6U1rXqTj2qN8FN7bG8bTU9SHK5O5MvaCfyzOKC2FLIW8GlyH5tV/SZScES9nyeP
0p5hm93Ylugz2QGq5vC/87JmaiKxrrLG7c4rclrPvBbRqLveWOwrxQEAiQC6w2yL
8W7aFkGCsS8t3GS9cM9TC1ppIVtUHVXe0lVYOR1ewTKW2LtU15evqXKnx4J25fWT
s2ciT/lHo0XTjhtj44s6szxwiOlNb+l10Q0jf4xSKygjXfP5YZBe2QugBAiJStJQ
3+zphgJyaP6zMsE4GU0BP822mCyMwc8bv77f2DMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQ+wz84n9iNVZjKQ8vrQgxo9SBWsjAfBgNVHSMEGDAWgBSFrOon4aN9bVte
F5GyJQuH/ZB+/zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hhenFKLUdqZlcxYlhoZVJzaVVMaF8yUWZ2OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODIvMmYyZmIwLTg2NTgtNDVjZS1iNGJiLTViZmIyMWMzOTdhOC8x
L1BzTV9PSl9ZalZXWXlrUEw2MElNYVBVZ1ZySS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIv
MmYyZmIwLTg2NTgtNDVjZS1iNGJiLTViZmIyMWMzOTdhOC8xL2hhenFKLUdqZlcx
YlhoZVJzaVVMaF8yUWZ2OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmgnDANBAIAAjAHAwUDKge+gDAN
BgkqhkiG9w0BAQsFAAOCAQEAb9hYN+DReLAyeGSX/lX7pL1ssMJbj0fs/t5/pQMX
TgxJ9b8vb6zyus6tbBAYVYXCr8zYhb0hkoxMRMnkzPWXWR2yT5oCF5usAAj6IYQu
ZFbPJpjkFeHoDMbrzErQCGY/zronImoyHF1v99lEHvQM3oZN+htQ6Z8uvW74+Gin
R2ZtiHHnYn5tjC8SA11l3evoP6cMV9u8vzesshI8y0TXj4ASL6AGprEDJsTKDV3r
VQDxCPR4SNX3z13iOfNYjY6Oz4Ndpaylx35bvGXnK/RqrdXkSqlTnzV/RdZxgCD4
VJgnxPl20hifBtqjxuuNFg2qGDYeBgujMhvOAlkxkCwRQw==
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:10:15 2025 by rpki-client