Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/3a8e4c-9217-4b1f-b6fd-842437d27279/1/lIHvPze8MhW65ATICPZrXtfvWLg.roa
File: lIHvPze8MhW65ATICPZrXtfvWLg.roa (raw, json)
Hash identifier: bg+JonT/EML15sUdW/ANznJHTOv/3C3HqVEO6q5ovAs=
Subject key identifier: 94:81:EF:3F:37:BC:32:15:BA:E4:04:C8:08:F6:6B:5E:D7:EF:58:B8
Certificate issuer: /CN=f38627e36a4e16bdc39f0b550d74fd71e442d2c2
Certificate serial: 01942520891F1252EC7CBAA176F95278B713
Authority key identifier: F3:86:27:E3:6A:4E:16:BD:C3:9F:0B:55:0D:74:FD:71:E4:42:D2:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/84Yn42pOFr3DnwtVDXT9ceRC0sI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/3a8e4c-9217-4b1f-b6fd-842437d27279/1/lIHvPze8MhW65ATICPZrXtfvWLg.roa
Signing time: Thu 02 Jan 2025 03:47:56 +0000
ROA not before: Thu 02 Jan 2025 03:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62211
IP address blocks: 185.43.228.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:20:89:1f:12:52:ec:7c:ba:a1:76:f9:52:78:b7:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f38627e36a4e16bdc39f0b550d74fd71e442d2c2
Validity
Not Before: Jan 2 03:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9481ef3f37bc3215bae404c808f66b5ed7ef58b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ed:49:b2:cb:c0:35:0c:cb:7e:ee:db:e1:b6:
7c:f3:a9:a2:ba:8d:9f:f7:78:3d:f2:43:ea:ae:a9:
e8:dc:22:f3:56:67:be:e9:d9:92:ba:b7:5a:8f:36:
fa:1b:80:23:45:2d:5b:c5:96:e0:8a:2d:cd:d9:81:
29:08:34:1c:c6:2d:d4:e6:7a:9d:eb:d8:b5:f8:94:
cf:b5:06:30:d1:f0:e4:b4:8b:db:10:8e:0c:f0:fc:
e5:ed:a1:49:4d:87:94:f3:bf:e9:0d:0f:8b:14:78:
04:93:d7:b9:22:7d:7a:b3:88:fc:bf:df:73:bd:83:
92:f5:84:a2:30:de:6e:37:c9:bd:62:92:43:50:df:
e8:d9:02:0a:0e:e5:53:1f:91:eb:64:5b:af:9d:75:
14:13:29:4b:ee:e3:5f:51:cc:ed:9c:74:f6:57:c3:
4d:8c:8f:ba:15:26:a2:83:18:4c:87:ae:ac:fa:07:
05:92:1f:72:a2:e1:4c:b7:a2:64:c9:e4:30:a3:7c:
a4:8e:ce:30:6b:78:5c:b4:7b:5e:93:60:d5:ba:7e:
05:97:92:c0:07:1c:86:a8:e6:c0:53:2e:59:2f:a8:
a8:4c:01:1f:a8:bc:1c:09:8c:f4:72:23:58:e2:c9:
cb:b9:e8:fd:f6:42:54:46:28:1e:39:fa:5f:52:77:
b7:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:81:EF:3F:37:BC:32:15:BA:E4:04:C8:08:F6:6B:5E:D7:EF:58:B8
X509v3 Authority Key Identifier:
keyid:F3:86:27:E3:6A:4E:16:BD:C3:9F:0B:55:0D:74:FD:71:E4:42:D2:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/84Yn42pOFr3DnwtVDXT9ceRC0sI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3a8e4c-9217-4b1f-b6fd-842437d27279/1/lIHvPze8MhW65ATICPZrXtfvWLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3a8e4c-9217-4b1f-b6fd-842437d27279/1/84Yn42pOFr3DnwtVDXT9ceRC0sI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.228.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:a5:f8:ff:8a:87:90:14:0d:10:fb:39:78:ac:9b:5e:84:91:
3c:14:2f:df:0d:1d:5e:14:58:67:2e:ef:bc:f6:01:93:e9:23:
9c:56:84:51:10:0e:86:04:fb:cb:02:77:01:f9:03:ea:50:7e:
4e:39:f3:5a:62:29:eb:bb:33:cc:6f:e5:13:23:0e:65:2d:3e:
34:28:66:0e:7d:d2:b3:45:19:af:85:71:33:7d:55:8c:a8:b6:
5a:58:1f:0c:94:b2:a4:c5:ea:e8:29:8e:eb:06:04:53:66:73:
fb:5b:4f:e1:10:75:d7:44:c5:d4:f4:d5:b8:35:f5:58:9b:58:
2a:a9:91:af:24:9f:83:ec:f7:97:7d:dc:ca:f2:10:52:de:de:
77:f5:92:f2:45:d8:63:38:81:16:db:4c:fc:2a:ee:05:50:87:
1f:47:7e:dc:1d:56:da:14:d2:2f:3c:b1:ca:10:bb:12:f0:0f:
8e:1e:48:1a:40:30:5e:4d:85:27:84:5b:9b:1a:b9:98:e5:1b:
6b:8c:25:cb:80:b4:f3:1f:6a:bc:f9:37:d6:31:6d:d6:56:c4:
7f:ae:e1:ec:a4:a7:0e:3d:d3:ef:f9:dd:00:97:8f:d7:b9:bb:
47:7b:a7:0f:ba:34:cf:fe:19:6b:e9:86:4a:cc:c7:8f:07:5b:
94:4b:89:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIIkfElLsfLqhdvlSeLcTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzODYyN2UzNmE0ZTE2YmRjMzlmMGI1NTBkNzRmZDcxZTQ0
MmQyYzIwHhcNMjUwMTAyMDM0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDgxZWYzZjM3YmMzMjE1YmFlNDA0YzgwOGY2NmI1ZWQ3ZWY1OGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAou1JssvANQzLfu7b4bZ886miuo2f
93g98kPqrqno3CLzVme+6dmSurdajzb6G4AjRS1bxZbgii3N2YEpCDQcxi3U5nqd
69i1+JTPtQYw0fDktIvbEI4M8Pzl7aFJTYeU87/pDQ+LFHgEk9e5In16s4j8v99z
vYOS9YSiMN5uN8m9YpJDUN/o2QIKDuVTH5HrZFuvnXUUEylL7uNfUcztnHT2V8NN
jI+6FSaigxhMh66s+gcFkh9youFMt6JkyeQwo3ykjs4wa3hctHtek2DVun4Fl5LA
BxyGqObAUy5ZL6ioTAEfqLwcCYz0ciNY4snLuej99kJURigeOfpfUne30wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJSB7z83vDIVuuQEyAj2a17X71i4MB8GA1UdIwQY
MBaAFPOGJ+NqTha9w58LVQ10/XHkQtLCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODRZbjQycE9GcjNEbnd0VkRYVDljZVJDMHNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8zYThlNGMtOTIxNy00YjFmLWI2ZmQt
ODQyNDM3ZDI3Mjc5LzEvbElIdlB6ZThNaFc2NUFUSUNQWnJYdGZ2V0xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8zYThlNGMtOTIxNy00YjFmLWI2ZmQtODQyNDM3ZDI3Mjc5
LzEvODRZbjQycE9GcjNEbnd0VkRYVDljZVJDMHNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSvkMA0G
CSqGSIb3DQEBCwUAA4IBAQAOpfj/ioeQFA0Q+zl4rJtehJE8FC/fDR1eFFhnLu+8
9gGT6SOcVoRREA6GBPvLAncB+QPqUH5OOfNaYinruzPMb+UTIw5lLT40KGYOfdKz
RRmvhXEzfVWMqLZaWB8MlLKkxeroKY7rBgRTZnP7W0/hEHXXRMXU9NW4NfVYm1gq
qZGvJJ+D7PeXfdzK8hBS3t539ZLyRdhjOIEW20z8Ku4FUIcfR37cHVbaFNIvPLHK
ELsS8A+OHkgaQDBeTYUnhFubGrmY5RtrjCXLgLTzH2q8+TfWMW3WVsR/ruHspKcO
PdPv+d0Al4/XubtHe6cPujTP/hlr6YZKzMePB1uUS4ma
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:47 2025 by rpki-client