Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/_Bhg_0oqoTNSpwMzEcCpFnd46nA.roa
File: _Bhg_0oqoTNSpwMzEcCpFnd46nA.roa (raw, json)
Hash identifier: AG0x4xC1l+R6ZCFoLMsVQeQ9AoJqN1cWLKxqvQ0rMIY=
Subject key identifier: FC:18:60:FF:4A:2A:A1:33:52:A7:03:33:11:C0:A9:16:77:78:EA:70
Certificate issuer: /CN=76f311ef1581a00e437cd704b6281ac8621afc56
Certificate serial: 01941F8C76A6EC80675A1BFF55214369A0C6
Authority key identifier: 76:F3:11:EF:15:81:A0:0E:43:7C:D7:04:B6:28:1A:C8:62:1A:FC:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dvMR7xWBoA5DfNcEtigayGIa_FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/_Bhg_0oqoTNSpwMzEcCpFnd46nA.roa
Signing time: Wed 01 Jan 2025 01:48:06 +0000
ROA not before: Wed 01 Jan 2025 01:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8361
IP address blocks: 185.38.20.0/22 maxlen: 24
194.2.155.0/24 maxlen: 24
194.169.249.0/24 maxlen: 24
195.22.144.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:76:a6:ec:80:67:5a:1b:ff:55:21:43:69:a0:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76f311ef1581a00e437cd704b6281ac8621afc56
Validity
Not Before: Jan 1 01:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fc1860ff4a2aa13352a7033311c0a9167778ea70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b7:cf:52:9f:09:1b:94:41:91:37:6f:87:57:
57:cc:f9:ff:88:a1:09:d7:d3:6a:37:86:f0:fb:f4:
36:17:ff:54:7a:80:93:62:bd:2a:10:54:45:ce:7d:
6d:12:66:52:7c:98:d3:9a:06:f5:56:b7:75:04:11:
35:ed:32:d9:bb:53:1e:01:69:7b:22:76:e5:c7:8a:
60:1d:54:10:61:15:40:d4:9f:6a:7e:52:0f:46:c9:
2c:a2:09:fc:4c:f0:76:68:5e:6b:90:c4:d0:93:5f:
e4:e0:c3:ee:90:d3:48:05:e4:b5:55:0a:9b:4e:69:
c8:4e:d6:74:f1:70:12:9a:1f:ba:b0:53:09:89:fb:
b6:21:7b:ec:8f:13:51:cb:82:6a:42:55:8f:5b:5a:
97:d4:1f:91:e1:bb:f9:77:8d:69:f7:e9:95:01:52:
96:41:51:1b:9a:c4:40:08:c4:c5:45:24:fb:46:f9:
c6:99:90:8c:8c:c5:73:d8:86:c1:03:2c:2f:cf:4d:
3e:d2:38:b2:43:f6:48:e2:e8:f2:22:66:23:5f:d2:
f1:48:92:a1:45:d1:46:3a:c2:33:7e:2f:14:a6:ea:
7c:4f:8e:b7:f8:72:7d:02:db:20:c7:b4:81:a6:91:
13:7c:64:ec:2f:1c:e2:a5:ff:8c:fb:90:09:b1:18:
93:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:18:60:FF:4A:2A:A1:33:52:A7:03:33:11:C0:A9:16:77:78:EA:70
X509v3 Authority Key Identifier:
keyid:76:F3:11:EF:15:81:A0:0E:43:7C:D7:04:B6:28:1A:C8:62:1A:FC:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dvMR7xWBoA5DfNcEtigayGIa_FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/_Bhg_0oqoTNSpwMzEcCpFnd46nA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/dvMR7xWBoA5DfNcEtigayGIa_FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.20.0/22
194.2.155.0/24
194.169.249.0/24
195.22.144.0/23
Signature Algorithm: sha256WithRSAEncryption
04:c5:fe:da:ca:66:7c:11:d9:10:df:57:77:05:e3:0f:04:31:
89:69:87:9f:40:8c:6d:f2:f8:92:95:b6:be:da:b4:26:e6:f5:
f0:76:e3:43:e9:45:03:f6:94:7c:8b:a0:f4:94:25:f7:e7:30:
d7:cc:94:0c:03:79:e6:e3:b7:35:f8:18:d2:63:1c:26:70:cd:
fb:5c:e1:23:30:0a:d4:e2:ab:86:a4:5d:f4:cf:bf:a7:4f:75:
7c:e2:9b:17:99:50:31:03:df:39:4b:45:06:00:e4:4e:07:b2:
73:82:fa:4a:d0:0f:86:d0:63:56:d7:1e:a1:ad:90:49:1b:1c:
48:2e:92:c3:36:87:cf:cd:7d:f3:b5:6a:30:ac:82:a7:bf:71:
b2:d1:94:42:11:c8:43:55:f8:f2:10:3d:92:27:31:96:6f:26:
1c:bb:d7:d4:46:d7:59:b0:5d:fc:cb:f7:50:65:86:b3:99:25:
bb:bb:49:48:a6:fd:fe:7d:c6:f4:15:1b:91:63:65:44:f9:6d:
c0:13:4e:5c:c4:ca:d1:de:95:82:a5:20:cd:f3:d3:cf:d0:f0:
3a:82:71:fb:b5:1c:ac:40:1b:12:8a:5a:e9:c2:8d:17:82:ba:
ad:a1:d4:0e:45:3b:1d:1c:ec:5f:35:f0:c2:d1:51:c8:21:55:
f2:68:5f:29
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQfjHam7IBnWhv/VSFDaaDGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZjMxMWVmMTU4MWEwMGU0MzdjZDcwNGI2MjgxYWM4NjIx
YWZjNTYwHhcNMjUwMTAxMDE0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzE4NjBmZjRhMmFhMTMzNTJhNzAzMzMxMWMwYTkxNjc3NzhlYTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7fPUp8JG5RBkTdvh1dXzPn/iKEJ
19NqN4bw+/Q2F/9UeoCTYr0qEFRFzn1tEmZSfJjTmgb1Vrd1BBE17TLZu1MeAWl7
Inblx4pgHVQQYRVA1J9qflIPRsksogn8TPB2aF5rkMTQk1/k4MPukNNIBeS1VQqb
TmnITtZ08XASmh+6sFMJifu2IXvsjxNRy4JqQlWPW1qX1B+R4bv5d41p9+mVAVKW
QVEbmsRACMTFRST7RvnGmZCMjMVz2IbBAywvz00+0jiyQ/ZI4ujyImYjX9LxSJKh
RdFGOsIzfi8Upup8T463+HJ9Atsgx7SBppETfGTsLxzipf+M+5AJsRiTCwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPwYYP9KKqEzUqcDMxHAqRZ3eOpwMB8GA1UdIwQY
MBaAFHbzEe8VgaAOQ3zXBLYoGshiGvxWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHZNUjd4V0JvQTVEZk5jRXRpZ2F5R0lhX0ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS81MjUyMjQtNzhlYS00OWU0LTk3NDkt
MTY5NDMxMjk2YzU5LzEvX0JoZ18wb3FvVE5TcHdNekVjQ3BGbmQ0Nm5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS81MjUyMjQtNzhlYS00OWU0LTk3NDktMTY5NDMxMjk2YzU5
LzEvZHZNUjd4V0JvQTVEZk5jRXRpZ2F5R0lhX0ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuSYUAwQA
wgKbAwQAwqn5AwQBwxaQMA0GCSqGSIb3DQEBCwUAA4IBAQAExf7aymZ8EdkQ31d3
BeMPBDGJaYefQIxt8viSlba+2rQm5vXwduND6UUD9pR8i6D0lCX35zDXzJQMA3nm
47c1+BjSYxwmcM37XOEjMArU4quGpF30z7+nT3V84psXmVAxA985S0UGAOROB7Jz
gvpK0A+G0GNW1x6hrZBJGxxILpLDNofPzX3ztWowrIKnv3Gy0ZRCEchDVfjyED2S
JzGWbyYcu9fURtdZsF38y/dQZYazmSW7u0lIpv3+fcb0FRuRY2VE+W3AE05cxMrR
3pWCpSDN89PP0PA6gnH7tRysQBsSilrpwo0XgrqtodQORTsdHOxfNfDC0VHIIVXy
aF8p
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:44:53 2025 by rpki-client