Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/262b26-dca1-495e-a7a2-abc9886d96f2/1/2coQ0IzDBpJuVPUwoymYN8CDq88.roa
File: 2coQ0IzDBpJuVPUwoymYN8CDq88.roa (raw, json)
Hash identifier: r8qr7V6HewmipWvJwfrm4YeaQlhXXmf59ZUk/LGRg5Y=
Subject key identifier: D9:CA:10:D0:8C:C3:06:92:6E:54:F5:30:A3:29:98:37:C0:83:AB:CF
Certificate issuer: /CN=b5c2ccf27b3b5824ede2ffc977229987b9b1694c
Certificate serial: 018CC3489EBD9359BCC60FBBAA56A88BC005
Authority key identifier: B5:C2:CC:F2:7B:3B:58:24:ED:E2:FF:C9:77:22:99:87:B9:B1:69:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tcLM8ns7WCTt4v_JdyKZh7mxaUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/262b26-dca1-495e-a7a2-abc9886d96f2/1/2coQ0IzDBpJuVPUwoymYN8CDq88.roa
Signing time: Mon 01 Jan 2024 04:29:25 +0000
ROA not before: Mon 01 Jan 2024 04:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209080
IP address blocks: 185.239.112.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:9e:bd:93:59:bc:c6:0f:bb:aa:56:a8:8b:c0:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5c2ccf27b3b5824ede2ffc977229987b9b1694c
Validity
Not Before: Jan 1 04:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9ca10d08cc306926e54f530a3299837c083abcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d7:5d:0e:71:55:4c:e4:84:73:0c:54:61:2b:
6f:b4:aa:46:36:db:3c:de:b1:9e:81:f8:b5:42:d5:
ef:ae:2a:0a:5a:bd:81:95:03:d1:65:00:eb:55:f4:
fb:4a:38:5c:99:aa:63:71:72:92:2b:20:e6:22:23:
fd:5a:a2:16:bc:ae:35:f5:14:45:16:56:eb:ca:4e:
0f:04:8c:00:a3:e1:8d:10:d1:86:8a:81:04:2b:e7:
a0:48:9e:50:47:53:79:54:9a:f6:a1:93:57:7c:f7:
53:2b:2c:1f:8b:46:1f:2b:8e:26:8f:d0:0a:ac:a5:
a3:da:e0:ab:d6:b8:33:01:1e:5b:ef:1a:2b:ba:48:
ba:75:b7:9e:d3:61:d6:a1:b8:03:05:6b:48:e3:a4:
da:f8:b0:66:e4:20:e9:28:fc:25:8c:6e:e6:ec:5a:
1d:b1:35:48:47:c9:18:f7:27:38:60:da:73:48:cf:
ab:89:b9:56:4f:55:98:fd:2b:30:42:23:48:92:fa:
bd:bb:b0:e0:91:80:0a:71:d9:a2:79:57:22:12:fb:
c5:66:27:88:d9:3c:f6:29:a2:a1:ab:97:ef:0e:eb:
c2:b3:ce:15:54:71:6d:40:54:7f:c5:76:5e:3a:fd:
48:02:16:34:9c:eb:1e:67:6b:8a:67:2b:10:f3:9a:
90:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:CA:10:D0:8C:C3:06:92:6E:54:F5:30:A3:29:98:37:C0:83:AB:CF
X509v3 Authority Key Identifier:
keyid:B5:C2:CC:F2:7B:3B:58:24:ED:E2:FF:C9:77:22:99:87:B9:B1:69:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tcLM8ns7WCTt4v_JdyKZh7mxaUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/262b26-dca1-495e-a7a2-abc9886d96f2/1/2coQ0IzDBpJuVPUwoymYN8CDq88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/262b26-dca1-495e-a7a2-abc9886d96f2/1/tcLM8ns7WCTt4v_JdyKZh7mxaUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.112.0/24
Signature Algorithm: sha256WithRSAEncryption
46:ad:61:bc:70:ca:1b:18:ec:b3:49:4d:36:3a:9b:a4:a7:37:
6c:4d:bf:de:6f:d0:32:c3:a7:48:97:09:c8:05:8a:98:75:8a:
48:66:a5:00:46:0c:15:9c:2a:7d:ec:25:d7:72:62:2a:e0:a2:
c0:02:1b:ef:99:43:53:2c:4e:46:0f:51:35:ba:2d:c6:13:26:
34:44:ad:4b:37:1c:20:3e:9e:34:fb:57:87:64:e2:a0:89:11:
4d:66:55:5e:54:c6:b5:39:37:71:94:a4:2d:47:20:cb:6f:0a:
b2:c9:56:a8:bd:b3:8c:2e:c2:b2:96:5c:47:5a:23:a6:a7:db:
3a:2f:29:b6:8c:19:9c:f9:64:95:a3:1c:26:44:42:86:d6:7c:
53:95:6a:1f:fd:77:fe:0d:58:59:c3:b2:35:18:8e:1a:cb:d2:
bd:cf:22:32:81:78:f4:1e:d6:49:c8:f2:ef:59:fa:4a:5a:9d:
fe:c4:3b:0f:37:11:30:4d:56:a3:d8:26:ae:46:c8:d7:1a:14:
d7:d6:f2:c2:50:e3:96:2c:3c:cb:2b:c6:67:5e:11:df:cf:36:
95:49:4a:7e:4b:2a:6b:ac:c3:e5:2f:37:d5:90:81:13:eb:54:
44:5b:bf:38:fb:5b:dc:9a:38:aa:ea:f5:d0:a2:ce:a7:4f:21:
fc:a2:8d:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSJ69k1m8xg+7qlaoi8AFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YzJjY2YyN2IzYjU4MjRlZGUyZmZjOTc3MjI5OTg3Yjli
MTY5NGMwHhcNMjQwMTAxMDQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWNhMTBkMDhjYzMwNjkyNmU1NGY1MzBhMzI5OTgzN2MwODNhYmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtddDnFVTOSEcwxUYStvtKpGNts8
3rGegfi1QtXvrioKWr2BlQPRZQDrVfT7SjhcmapjcXKSKyDmIiP9WqIWvK419RRF
Flbryk4PBIwAo+GNENGGioEEK+egSJ5QR1N5VJr2oZNXfPdTKywfi0YfK44mj9AK
rKWj2uCr1rgzAR5b7xoruki6dbee02HWobgDBWtI46Ta+LBm5CDpKPwljG7m7Fod
sTVIR8kY9yc4YNpzSM+riblWT1WY/SswQiNIkvq9u7DgkYAKcdmieVciEvvFZieI
2Tz2KaKhq5fvDuvCs84VVHFtQFR/xXZeOv1IAhY0nOseZ2uKZysQ85qQJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNnKENCMwwaSblT1MKMpmDfAg6vPMB8GA1UdIwQY
MBaAFLXCzPJ7O1gk7eL/yXcimYe5sWlMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGNMTThuczdXQ1R0NHZfSmR5S1poN214YVV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8yNjJiMjYtZGNhMS00OTVlLWE3YTIt
YWJjOTg4NmQ5NmYyLzEvMmNvUTBJekRCcEp1VlBVd295bVlOOENEcTg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8yNjJiMjYtZGNhMS00OTVlLWE3YTItYWJjOTg4NmQ5NmYy
LzEvdGNMTThuczdXQ1R0NHZfSmR5S1poN214YVV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAue9wMA0G
CSqGSIb3DQEBCwUAA4IBAQBGrWG8cMobGOyzSU02OpukpzdsTb/eb9Ayw6dIlwnI
BYqYdYpIZqUARgwVnCp97CXXcmIq4KLAAhvvmUNTLE5GD1E1ui3GEyY0RK1LNxwg
Pp40+1eHZOKgiRFNZlVeVMa1OTdxlKQtRyDLbwqyyVaovbOMLsKyllxHWiOmp9s6
Lym2jBmc+WSVoxwmREKG1nxTlWof/Xf+DVhZw7I1GI4ay9K9zyIygXj0HtZJyPLv
WfpKWp3+xDsPNxEwTVaj2CauRsjXGhTX1vLCUOOWLDzLK8ZnXhHfzzaVSUp+Sypr
rMPlLzfVkIET61REW784+1vcmjiq6vXQos6nTyH8oo3K
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:49 2025 by rpki-client