Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/1I8OPnDk25KUaKP9KE9gSOqXVLI.roa
File: 1I8OPnDk25KUaKP9KE9gSOqXVLI.roa (raw, json)
Hash identifier: 0yrI/7HXUwwqDrYf/yalYH7CLKdk023DF4KCFCOKOCc=
Subject key identifier: D4:8F:0E:3E:70:E4:DB:92:94:68:A3:FD:28:4F:60:48:EA:97:54:B2
Certificate issuer: /CN=fc282a794b3f7ab4cd6feb6c5fd6b3d256afc461
Certificate serial: 019422FBDCBD53B4FCE99B6913966F1FB8B8
Authority key identifier: FC:28:2A:79:4B:3F:7A:B4:CD:6F:EB:6C:5F:D6:B3:D2:56:AF:C4:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_CgqeUs_erTNb-tsX9az0lavxGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/1I8OPnDk25KUaKP9KE9gSOqXVLI.roa
Signing time: Wed 01 Jan 2025 17:48:38 +0000
ROA not before: Wed 01 Jan 2025 17:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.144.236.0/22 maxlen: 24
2a07:4407::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:dc:bd:53:b4:fc:e9:9b:69:13:96:6f:1f:b8:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc282a794b3f7ab4cd6feb6c5fd6b3d256afc461
Validity
Not Before: Jan 1 17:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d48f0e3e70e4db929468a3fd284f6048ea9754b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fc:18:94:b1:a8:14:95:08:34:b4:bf:b0:91:
2e:57:1c:71:99:04:0e:6b:0d:87:4e:14:f1:47:64:
d4:b9:72:79:95:c3:47:43:d9:b5:9a:7a:5c:e4:bc:
24:72:8e:92:44:7d:7d:ee:8a:63:5a:eb:51:f7:16:
ee:ca:ed:73:f1:7e:42:8d:2e:11:c0:70:f5:65:7e:
8c:ae:07:e6:40:db:47:77:a9:95:aa:55:07:85:a7:
6d:cc:7c:ad:b2:9d:e1:26:f2:32:a4:ee:77:15:b7:
25:fa:9f:1e:98:49:51:17:26:a2:7f:8e:06:8e:f6:
aa:d5:fc:2c:18:37:a3:b5:03:f8:e2:f2:b3:bd:e8:
2e:64:94:d0:46:78:18:dc:65:4a:63:37:30:5d:63:
9e:70:f9:50:f4:47:7a:07:2b:59:bc:03:e8:88:a1:
e3:e7:ee:b4:9a:b9:ea:f9:1b:7a:f1:af:7a:51:f0:
e2:40:e3:50:af:92:5e:54:b6:1e:e0:be:24:d1:e5:
45:61:8c:2a:7c:95:70:62:0d:93:61:e0:da:36:a7:
2e:ae:0c:1b:29:7e:fa:6f:04:29:da:92:5f:24:0b:
34:54:fe:8c:11:0b:60:34:24:2f:8a:a4:d8:ba:3f:
82:6c:59:72:b9:79:9d:16:e9:04:bc:f2:46:db:0b:
c9:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:8F:0E:3E:70:E4:DB:92:94:68:A3:FD:28:4F:60:48:EA:97:54:B2
X509v3 Authority Key Identifier:
keyid:FC:28:2A:79:4B:3F:7A:B4:CD:6F:EB:6C:5F:D6:B3:D2:56:AF:C4:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_CgqeUs_erTNb-tsX9az0lavxGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/1I8OPnDk25KUaKP9KE9gSOqXVLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/_CgqeUs_erTNb-tsX9az0lavxGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.236.0/22
IPv6:
2a07:4407::/32
Signature Algorithm: sha256WithRSAEncryption
d5:55:50:bf:61:23:5d:86:39:7c:7b:f6:2a:ee:5d:46:9a:b7:
d2:a1:fe:06:2d:89:0b:5f:ec:07:14:3f:6a:99:b3:77:45:1b:
40:26:18:ff:3f:7c:3d:04:42:e4:06:4d:7d:fb:32:37:83:9e:
8c:2b:df:fa:ec:5e:60:2d:bb:52:ac:d3:ef:c2:c1:88:9f:1f:
d8:39:74:4f:2d:8d:df:b0:36:76:87:df:b5:c1:9d:83:d8:a8:
69:82:63:79:2c:84:da:8b:ea:9b:96:19:9d:4b:48:21:11:a7:
5b:eb:fd:a0:77:20:b6:a4:e3:c7:2c:1f:f0:e7:6d:76:24:5e:
6d:e6:1e:bc:74:a4:73:1c:fc:f9:67:63:c4:c4:74:1f:67:04:
ad:dd:1a:dc:a5:52:17:24:55:40:4d:0d:48:b2:93:d0:f0:ed:
0e:9e:c5:83:15:5f:f4:79:2f:2d:26:aa:d8:5c:82:cf:59:2a:
91:95:8a:39:a7:56:d2:d4:8f:83:91:4c:28:bc:c7:a8:f2:cc:
72:1f:80:7f:bf:38:5c:0e:6e:80:eb:40:eb:16:d0:88:5c:f3:
b9:56:13:d8:e3:12:7f:dc:bb:5b:f9:30:99:ee:cc:ef:98:d4:
d4:90:6a:d1:a4:82:ea:84:d4:bd:f1:fc:83:ca:ce:de:c3:ee:
88:8c:fd:77
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi+9y9U7T86ZtpE5ZvH7i4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMjgyYTc5NGIzZjdhYjRjZDZmZWI2YzVmZDZiM2QyNTZh
ZmM0NjEwHhcNMjUwMTAxMTc0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDhmMGUzZTcwZTRkYjkyOTQ2OGEzZmQyODRmNjA0OGVhOTc1NGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvwYlLGoFJUINLS/sJEuVxxxmQQO
aw2HThTxR2TUuXJ5lcNHQ9m1mnpc5Lwkco6SRH197opjWutR9xbuyu1z8X5CjS4R
wHD1ZX6MrgfmQNtHd6mVqlUHhadtzHytsp3hJvIypO53Fbcl+p8emElRFyaif44G
jvaq1fwsGDejtQP44vKzveguZJTQRngY3GVKYzcwXWOecPlQ9Ed6BytZvAPoiKHj
5+60mrnq+Rt68a96UfDiQONQr5JeVLYe4L4k0eVFYYwqfJVwYg2TYeDaNqcurgwb
KX76bwQp2pJfJAs0VP6MEQtgNCQviqTYuj+CbFlyuXmdFukEvPJG2wvJtwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNSPDj5w5NuSlGij/ShPYEjql1SyMB8GA1UdIwQY
MBaAFPwoKnlLP3q0zW/rbF/Ws9JWr8RhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0NncWVVc19lclROYi10c1g5YXowbGF2eEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9lNDg1ZTEtYTY1Zi00M2Q0LWI1NzIt
ZDMzMjZjNTliY2QyLzEvMUk4T1BuRGsyNUtVYUtQOUtFOWdTT3FYVkxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9lNDg1ZTEtYTY1Zi00M2Q0LWI1NzItZDMzMjZjNTliY2Qy
LzEvX0NncWVVc19lclROYi10c1g5YXowbGF2eEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZDsMA0E
AgACMAcDBQAqB0QHMA0GCSqGSIb3DQEBCwUAA4IBAQDVVVC/YSNdhjl8e/Yq7l1G
mrfSof4GLYkLX+wHFD9qmbN3RRtAJhj/P3w9BELkBk19+zI3g56MK9/67F5gLbtS
rNPvwsGInx/YOXRPLY3fsDZ2h9+1wZ2D2KhpgmN5LITai+qblhmdS0ghEadb6/2g
dyC2pOPHLB/w5212JF5t5h68dKRzHPz5Z2PExHQfZwSt3RrcpVIXJFVATQ1IspPQ
8O0OnsWDFV/0eS8tJqrYXILPWSqRlYo5p1bS1I+DkUwovMeo8sxyH4B/vzhcDm6A
60DrFtCIXPO5VhPY4xJ/3Ltb+TCZ7szvmNTUkGrRpILqhNS98fyDys7ew+6IjP13
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:09:11 2025 by rpki-client