Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/0f2eb8-9800-4621-b674-3b4d02a61ec2/1/RaM_OWQwVXsafD9lAhumGxuaVJ0.roa
File: RaM_OWQwVXsafD9lAhumGxuaVJ0.roa (raw, json)
Hash identifier: 9wqEU77JRh8FONfv1sMAYtuNvig1s1ZaVt3dre8RnDg=
Subject key identifier: 45:A3:3F:39:64:30:55:7B:1A:7C:3F:65:02:1B:A6:1B:1B:9A:54:9D
Certificate issuer: /CN=ae8355299374297933d281f51eb74ba5c2c91cc1
Certificate serial: 01942143DAC428011B6C1B79A9821E19573A
Authority key identifier: AE:83:55:29:93:74:29:79:33:D2:81:F5:1E:B7:4B:A5:C2:C9:1C:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/roNVKZN0KXkz0oH1HrdLpcLJHME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/0f2eb8-9800-4621-b674-3b4d02a61ec2/1/RaM_OWQwVXsafD9lAhumGxuaVJ0.roa
Signing time: Wed 01 Jan 2025 09:48:02 +0000
ROA not before: Wed 01 Jan 2025 09:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209118
IP address blocks: 185.81.116.0/22 maxlen: 24
2a05:8840::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:da:c4:28:01:1b:6c:1b:79:a9:82:1e:19:57:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae8355299374297933d281f51eb74ba5c2c91cc1
Validity
Not Before: Jan 1 09:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=45a33f396430557b1a7c3f65021ba61b1b9a549d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b6:ea:80:49:b2:cd:a9:99:83:fe:f9:50:51:
ad:22:fe:68:b0:9f:75:5c:91:d5:58:6c:b3:ec:e9:
f3:05:77:a0:83:14:e4:c8:a5:7b:4b:2e:35:26:7d:
70:04:4b:84:cf:a4:a3:cb:05:d7:f2:74:2c:94:25:
51:89:62:42:f3:5c:98:fa:38:34:ec:de:29:d2:8a:
34:2c:20:b5:a7:17:b7:88:56:62:c1:17:65:a0:73:
09:26:4e:50:a0:53:82:63:f7:10:c5:1f:34:a9:8e:
99:73:ef:f5:1d:d9:db:bd:b0:f3:8e:16:f7:38:ca:
c8:cb:9a:82:49:88:25:f7:c4:d7:ff:d7:94:3c:35:
20:16:84:1a:f7:42:c6:a4:a9:b3:c1:41:59:b0:ad:
0e:bf:24:9d:33:72:bd:70:0a:2c:11:bc:fa:da:60:
8b:d7:ac:53:8e:7c:3a:bf:58:f8:67:23:93:09:4a:
df:86:b3:1e:69:a4:40:50:56:3b:89:84:ce:6f:cb:
69:50:ce:44:46:c9:7b:b0:94:ac:7d:f2:31:cd:c9:
b8:72:27:49:3a:41:61:20:0c:90:6c:65:d6:52:ca:
c8:e8:9b:4f:a0:2c:ba:9b:74:9b:32:c9:09:8c:61:
ef:af:35:86:db:0c:cc:b5:f1:e8:b5:32:3c:9f:cf:
07:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:A3:3F:39:64:30:55:7B:1A:7C:3F:65:02:1B:A6:1B:1B:9A:54:9D
X509v3 Authority Key Identifier:
keyid:AE:83:55:29:93:74:29:79:33:D2:81:F5:1E:B7:4B:A5:C2:C9:1C:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/roNVKZN0KXkz0oH1HrdLpcLJHME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0f2eb8-9800-4621-b674-3b4d02a61ec2/1/RaM_OWQwVXsafD9lAhumGxuaVJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0f2eb8-9800-4621-b674-3b4d02a61ec2/1/roNVKZN0KXkz0oH1HrdLpcLJHME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.116.0/22
IPv6:
2a05:8840::/29
Signature Algorithm: sha256WithRSAEncryption
a6:84:2d:60:08:d4:22:84:69:40:a3:08:36:4e:74:e0:bb:e4:
13:fa:66:36:66:f3:0e:3d:2d:93:a4:36:f7:65:fb:42:87:29:
ce:5f:64:58:39:ed:47:5a:d6:22:9d:48:a1:13:3e:d0:e6:ad:
41:9c:8c:67:64:e4:94:ac:6d:58:b6:35:90:20:c9:1b:37:16:
d5:87:66:23:15:84:1e:5c:33:2b:c7:ad:b9:62:4b:57:bd:64:
4a:75:89:41:a2:4c:41:db:ec:bc:f7:7d:25:32:0a:0c:57:cd:
b6:26:57:36:0c:c4:2f:83:f6:50:a3:da:4e:bd:00:30:70:c8:
8a:a7:d4:cd:ed:1a:1d:9a:9b:5b:bd:e5:85:f1:11:f4:c5:75:
29:e5:e9:84:7e:06:e0:9a:fe:7e:37:98:5a:23:fa:6a:f7:20:
b2:b2:6c:f1:2c:85:06:14:27:36:50:a8:6f:40:63:6c:1b:3b:
be:9a:51:19:59:ef:99:bb:cf:c6:9e:da:f7:b7:11:02:1c:fc:
cc:41:94:f9:cb:7b:78:66:3e:3d:05:46:7a:5c:57:b1:18:d6:
c4:ca:4b:8b:b0:34:d8:49:d6:f2:47:ce:65:3d:82:69:1a:54:
39:02:a4:6a:e8:72:76:81:6e:63:ed:46:4d:f2:f0:2d:f9:6e:
96:af:62:0e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhQ9rEKAEbbBt5qYIeGVc6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlODM1NTI5OTM3NDI5NzkzM2QyODFmNTFlYjc0YmE1YzJj
OTFjYzEwHhcNMjUwMTAxMDk0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWEzM2YzOTY0MzA1NTdiMWE3YzNmNjUwMjFiYTYxYjFiOWE1NDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrbqgEmyzamZg/75UFGtIv5osJ91
XJHVWGyz7OnzBXeggxTkyKV7Sy41Jn1wBEuEz6SjywXX8nQslCVRiWJC81yY+jg0
7N4p0oo0LCC1pxe3iFZiwRdloHMJJk5QoFOCY/cQxR80qY6Zc+/1HdnbvbDzjhb3
OMrIy5qCSYgl98TX/9eUPDUgFoQa90LGpKmzwUFZsK0OvySdM3K9cAosEbz62mCL
16xTjnw6v1j4ZyOTCUrfhrMeaaRAUFY7iYTOb8tpUM5ERsl7sJSsffIxzcm4cidJ
OkFhIAyQbGXWUsrI6JtPoCy6m3SbMskJjGHvrzWG2wzMtfHotTI8n88HpwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEWjPzlkMFV7Gnw/ZQIbphsbmlSdMB8GA1UdIwQY
MBaAFK6DVSmTdCl5M9KB9R63S6XCyRzBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm9OVktaTjBLWGt6MG9IMUhyZExwY0xKSE1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8wZjJlYjgtOTgwMC00NjIxLWI2NzQt
M2I0ZDAyYTYxZWMyLzEvUmFNX09XUXdWWHNhZkQ5bEFodW1HeHVhVkowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8wZjJlYjgtOTgwMC00NjIxLWI2NzQtM2I0ZDAyYTYxZWMy
LzEvcm9OVktaTjBLWGt6MG9IMUhyZExwY0xKSE1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVF0MA0E
AgACMAcDBQMqBYhAMA0GCSqGSIb3DQEBCwUAA4IBAQCmhC1gCNQihGlAowg2TnTg
u+QT+mY2ZvMOPS2TpDb3ZftChynOX2RYOe1HWtYinUihEz7Q5q1BnIxnZOSUrG1Y
tjWQIMkbNxbVh2YjFYQeXDMrx625YktXvWRKdYlBokxB2+y8930lMgoMV822Jlc2
DMQvg/ZQo9pOvQAwcMiKp9TN7RodmptbveWF8RH0xXUp5emEfgbgmv5+N5haI/pq
9yCysmzxLIUGFCc2UKhvQGNsGzu+mlEZWe+Zu8/Gntr3txECHPzMQZT5y3t4Zj49
BUZ6XFexGNbEykuLsDTYSdbyR85lPYJpGlQ5AqRq6HJ2gW5j7UZN8vAt+W6Wr2IO
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:53:59 2025 by rpki-client