Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/1bda7c-9858-43f5-8659-69fc056b2625/1/agNsQzZTBEDdq0mHA6pXoAWEjSs.roa
File: agNsQzZTBEDdq0mHA6pXoAWEjSs.roa (raw, json)
Hash identifier: yo1IjtD18rgfcLanBgul3ssnQbteSiIRgX1ViQ27+PY=
Subject key identifier: 6A:03:6C:43:36:53:04:40:DD:AB:49:87:03:AA:57:A0:05:84:8D:2B
Certificate issuer: /CN=2c94d70cfb7e69019a2e01c87d0a5d545a599b52
Certificate serial: 0194228D4EE0654F95B0EAF9BDADED087FE5
Authority key identifier: 2C:94:D7:0C:FB:7E:69:01:9A:2E:01:C8:7D:0A:5D:54:5A:59:9B:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LJTXDPt-aQGaLgHIfQpdVFpZm1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/1bda7c-9858-43f5-8659-69fc056b2625/1/agNsQzZTBEDdq0mHA6pXoAWEjSs.roa
Signing time: Wed 01 Jan 2025 15:47:53 +0000
ROA not before: Wed 01 Jan 2025 15:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43013
IP address blocks: 185.88.56.0/22 maxlen: 22
188.65.96.0/21 maxlen: 21
2a02:60c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:4e:e0:65:4f:95:b0:ea:f9:bd:ad:ed:08:7f:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c94d70cfb7e69019a2e01c87d0a5d545a599b52
Validity
Not Before: Jan 1 15:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a036c4336530440ddab498703aa57a005848d2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:50:47:96:03:3b:54:f5:f1:84:2d:4f:64:6d:
72:d2:05:3c:7f:e7:cb:b2:95:af:71:af:9f:2f:83:
96:94:93:1c:0a:43:f3:8c:d3:e7:8b:e0:5a:12:c4:
87:0c:36:23:91:a8:89:df:a5:c3:0d:bf:37:7a:e1:
17:5c:55:65:a2:01:a7:49:60:4e:d1:1f:86:11:a8:
b9:6a:b8:3b:fe:93:4c:67:f0:4e:bf:df:ec:a0:99:
ed:f4:67:4f:d0:76:08:b6:f3:8a:f1:4d:22:a5:fd:
57:f8:42:81:b9:93:ff:a1:57:3d:36:56:bf:ba:a2:
55:66:11:d2:a3:4c:4e:ea:83:1f:79:e1:f5:68:ba:
6b:f8:8e:14:ec:64:38:df:51:ca:36:2d:be:ac:0a:
16:e4:9c:37:71:81:2b:cd:1d:85:bb:fa:06:49:8d:
b5:6f:01:bb:28:5d:a0:0f:93:84:2e:7d:33:e5:23:
89:52:36:fb:ff:c3:9b:b5:19:d1:a4:e3:e7:ed:4a:
23:bd:4e:69:d0:5d:6c:57:b6:60:b5:aa:4b:c0:95:
9b:4e:17:f4:99:68:6a:43:fc:c9:07:75:e1:6f:09:
a0:10:88:b3:05:22:98:23:1a:51:46:e3:b1:7d:21:
91:17:2f:1d:07:76:be:ec:8c:c9:dc:d0:08:8e:d0:
ea:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:03:6C:43:36:53:04:40:DD:AB:49:87:03:AA:57:A0:05:84:8D:2B
X509v3 Authority Key Identifier:
keyid:2C:94:D7:0C:FB:7E:69:01:9A:2E:01:C8:7D:0A:5D:54:5A:59:9B:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJTXDPt-aQGaLgHIfQpdVFpZm1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1bda7c-9858-43f5-8659-69fc056b2625/1/agNsQzZTBEDdq0mHA6pXoAWEjSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1bda7c-9858-43f5-8659-69fc056b2625/1/LJTXDPt-aQGaLgHIfQpdVFpZm1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.56.0/22
188.65.96.0/21
IPv6:
2a02:60c0::/32
Signature Algorithm: sha256WithRSAEncryption
18:09:3a:7f:77:41:cd:64:da:b4:e7:45:ec:b6:5b:ab:63:02:
7f:bc:b6:6f:23:94:ce:89:7d:9d:7c:08:f3:13:d4:8e:53:90:
cb:8c:75:95:b8:ee:f0:4e:92:ca:f6:49:cb:17:a1:78:9c:76:
4d:4f:57:c0:2f:2a:bd:59:8c:d5:a1:64:18:86:57:89:79:5a:
c6:58:f6:22:b8:fa:69:5f:e9:0e:b4:73:81:cc:51:7d:bd:43:
96:92:0e:d4:3f:b7:56:45:33:85:50:82:9a:de:a9:2f:12:b3:
f7:a1:f1:9b:01:f0:6a:29:5b:f3:4c:38:9c:38:fe:08:c1:c2:
de:e8:da:9f:81:fb:23:12:71:e2:ad:21:7b:98:16:1c:3e:a6:
8e:a7:37:8f:6c:e7:99:68:09:a8:16:c9:38:d1:3f:1b:b7:d1:
6b:ab:56:9b:e9:ba:92:74:b9:85:a9:72:dd:71:6f:cd:bd:ed:
7a:0c:16:b9:7c:62:ee:65:77:92:cb:88:09:7e:53:ea:db:38:
74:55:f1:c7:3f:68:e7:ac:f0:1c:c1:86:bd:de:61:40:b4:2a:
ab:35:2c:9a:52:f9:af:73:ee:19:7a:4a:a9:b8:60:c5:63:d2:
ea:1f:92:05:af:8a:f2:a5:61:df:78:c6:16:87:66:db:c9:bf:
1a:a4:5d:45
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQijU7gZU+VsOr5va3tCH/lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjOTRkNzBjZmI3ZTY5MDE5YTJlMDFjODdkMGE1ZDU0NWE1
OTliNTIwHhcNMjUwMTAxMTU0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTAzNmM0MzM2NTMwNDQwZGRhYjQ5ODcwM2FhNTdhMDA1ODQ4ZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVBHlgM7VPXxhC1PZG1y0gU8f+fL
spWvca+fL4OWlJMcCkPzjNPni+BaEsSHDDYjkaiJ36XDDb83euEXXFVlogGnSWBO
0R+GEai5arg7/pNMZ/BOv9/soJnt9GdP0HYItvOK8U0ipf1X+EKBuZP/oVc9Nla/
uqJVZhHSo0xO6oMfeeH1aLpr+I4U7GQ431HKNi2+rAoW5Jw3cYErzR2Fu/oGSY21
bwG7KF2gD5OELn0z5SOJUjb7/8ObtRnRpOPn7UojvU5p0F1sV7ZgtapLwJWbThf0
mWhqQ/zJB3XhbwmgEIizBSKYIxpRRuOxfSGRFy8dB3a+7IzJ3NAIjtDq+QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGoDbEM2UwRA3atJhwOqV6AFhI0rMB8GA1UdIwQY
MBaAFCyU1wz7fmkBmi4ByH0KXVRaWZtSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEpUWERQdC1hUUdhTGdISWZRcGRWRnBabTFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8xYmRhN2MtOTg1OC00M2Y1LTg2NTkt
NjlmYzA1NmIyNjI1LzEvYWdOc1F6WlRCRURkcTBtSEE2cFhvQVdFalNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8xYmRhN2MtOTg1OC00M2Y1LTg2NTktNjlmYzA1NmIyNjI1
LzEvTEpUWERQdC1hUUdhTGdISWZRcGRWRnBabTFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuVg4AwQD
vEFgMA0EAgACMAcDBQAqAmDAMA0GCSqGSIb3DQEBCwUAA4IBAQAYCTp/d0HNZNq0
50XstlurYwJ/vLZvI5TOiX2dfAjzE9SOU5DLjHWVuO7wTpLK9knLF6F4nHZNT1fA
Lyq9WYzVoWQYhleJeVrGWPYiuPppX+kOtHOBzFF9vUOWkg7UP7dWRTOFUIKa3qkv
ErP3ofGbAfBqKVvzTDicOP4IwcLe6NqfgfsjEnHirSF7mBYcPqaOpzePbOeZaAmo
Fsk40T8bt9Frq1ab6bqSdLmFqXLdcW/Nve16DBa5fGLuZXeSy4gJflPq2zh0VfHH
P2jnrPAcwYa93mFAtCqrNSyaUvmvc+4ZekqpuGDFY9LqH5IFr4rypWHfeMYWh2bb
yb8apF1F
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:47 2025 by rpki-client