Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/b919ce-0f83-4fb4-8dd8-de0412eb3bcc/1/7X6Q1qqDJrHLgKHjUKSqp8cfd1g.roa
File: 7X6Q1qqDJrHLgKHjUKSqp8cfd1g.roa (raw, json)
Hash identifier: lGIzmgNLFfaeqZvHgjju0vSqmZcbQ4MamlAPJuU8Ldg=
Subject key identifier: ED:7E:90:D6:AA:83:26:B1:CB:80:A1:E3:50:A4:AA:A7:C7:1F:77:58
Certificate issuer: /CN=9ee76113dbf320386f73e1935ac9ac943e81b58c
Certificate serial: 018DCC44F72D164F34C2B7E72EE5B8E809D1
Authority key identifier: 9E:E7:61:13:DB:F3:20:38:6F:73:E1:93:5A:C9:AC:94:3E:81:B5:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nudhE9vzIDhvc-GTWsmslD6BtYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/b919ce-0f83-4fb4-8dd8-de0412eb3bcc/1/7X6Q1qqDJrHLgKHjUKSqp8cfd1g.roa
Signing time: Wed 21 Feb 2024 15:24:48 +0000
ROA not before: Wed 21 Feb 2024 15:24:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20986
IP address blocks: 185.111.52.0/22 maxlen: 22
185.111.56.0/22 maxlen: 22
185.112.16.0/22 maxlen: 22
2a06:5940::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cc:44:f7:2d:16:4f:34:c2:b7:e7:2e:e5:b8:e8:09:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ee76113dbf320386f73e1935ac9ac943e81b58c
Validity
Not Before: Feb 21 15:24:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed7e90d6aa8326b1cb80a1e350a4aaa7c71f7758
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f7:41:5a:68:91:52:68:7f:3a:59:58:8b:c4:
bc:f4:14:2f:a1:a3:d9:62:bf:07:8a:a1:0a:0a:0a:
88:3a:92:a2:fd:35:72:6f:4f:26:c6:26:4e:4c:95:
2f:3b:7f:41:fd:2d:e8:cc:48:ca:c7:9d:46:63:7b:
b2:ad:92:22:3e:c2:22:ad:69:00:e5:6c:12:79:e6:
9a:ee:3b:f3:ea:2d:88:bf:12:16:0c:70:40:66:25:
da:ab:1c:c0:80:e6:92:4c:26:fa:e1:25:ec:c0:3d:
08:91:ad:31:8d:27:1c:23:2e:bf:19:2b:c6:8c:e0:
1b:ba:eb:52:22:da:ff:de:8d:b0:29:db:f8:63:3d:
be:69:06:02:a3:1a:36:03:61:5e:43:ae:86:d5:5c:
c9:27:df:9a:9c:a6:07:a8:db:a5:5f:cd:b7:09:0c:
30:31:f7:c8:91:73:5d:e3:ef:70:16:c8:c9:f3:d0:
a4:c4:19:23:36:de:e2:73:46:5c:91:9b:11:70:68:
bb:62:da:5e:30:ac:96:e9:ce:81:81:57:b0:ff:11:
6b:86:80:20:ef:80:71:17:b5:70:86:3f:10:da:01:
b4:87:e0:62:56:3d:11:ca:38:15:27:36:71:2d:f5:
bf:f8:7f:0a:14:09:61:33:41:b9:73:df:f7:2c:68:
f9:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:7E:90:D6:AA:83:26:B1:CB:80:A1:E3:50:A4:AA:A7:C7:1F:77:58
X509v3 Authority Key Identifier:
keyid:9E:E7:61:13:DB:F3:20:38:6F:73:E1:93:5A:C9:AC:94:3E:81:B5:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nudhE9vzIDhvc-GTWsmslD6BtYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/b919ce-0f83-4fb4-8dd8-de0412eb3bcc/1/7X6Q1qqDJrHLgKHjUKSqp8cfd1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/b919ce-0f83-4fb4-8dd8-de0412eb3bcc/1/nudhE9vzIDhvc-GTWsmslD6BtYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.52.0-185.111.59.255
185.112.16.0/22
IPv6:
2a06:5940::/29
Signature Algorithm: sha256WithRSAEncryption
91:16:c0:1d:b0:71:f7:3a:14:75:3d:9f:99:d4:c9:28:69:93:
83:86:cf:b5:52:5b:6c:18:e5:d2:92:08:66:df:a1:b0:11:47:
d2:4a:dc:0d:89:1d:36:8f:f0:2b:60:f4:18:38:bc:8a:63:c4:
17:96:3d:35:c2:27:2d:24:f3:42:8a:ad:af:fe:9a:ba:84:20:
f9:a2:65:24:23:66:1b:4d:d7:fe:b6:b7:48:38:ae:78:87:db:
56:4b:cf:b1:a5:5f:26:7b:dd:69:0b:4e:8a:01:6b:8e:71:23:
1e:9a:91:3a:43:09:ab:7a:da:63:25:b5:c4:95:11:09:ad:0f:
b8:3c:77:72:3f:0d:1a:24:18:cb:f2:07:e0:0d:84:0c:9f:0c:
27:b2:8a:c5:15:ae:0b:3c:df:cf:59:aa:78:78:07:b8:55:b3:
f3:01:fd:80:e7:f6:70:91:e2:e5:d1:b2:ca:e9:3f:26:61:e7:
d5:61:be:cc:6e:e8:d5:33:8c:92:1b:f0:44:15:03:b4:39:09:
ba:c8:7f:6e:64:69:c3:9d:c6:d7:a1:a8:39:8d:2e:c2:75:b9:
df:9e:b7:00:6b:12:75:c4:14:a7:cc:9d:71:6f:2b:3c:12:c5:
9a:d3:04:f2:c9:ca:de:c9:2e:11:6f:f9:8b:47:bc:07:0c:ca:
cf:a7:f3:99
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY3MRPctFk80wrfnLuW46AnRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZTc2MTEzZGJmMzIwMzg2ZjczZTE5MzVhYzlhYzk0M2U4
MWI1OGMwHhcNMjQwMjIxMTUyNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDdlOTBkNmFhODMyNmIxY2I4MGExZTM1MGE0YWFhN2M3MWY3NzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvdBWmiRUmh/OllYi8S89BQvoaPZ
Yr8HiqEKCgqIOpKi/TVyb08mxiZOTJUvO39B/S3ozEjKx51GY3uyrZIiPsIirWkA
5WwSeeaa7jvz6i2IvxIWDHBAZiXaqxzAgOaSTCb64SXswD0Ika0xjSccIy6/GSvG
jOAbuutSItr/3o2wKdv4Yz2+aQYCoxo2A2FeQ66G1VzJJ9+anKYHqNulX823CQww
MffIkXNd4+9wFsjJ89CkxBkjNt7ic0ZckZsRcGi7YtpeMKyW6c6BgVew/xFrhoAg
74BxF7Vwhj8Q2gG0h+BiVj0RyjgVJzZxLfW/+H8KFAlhM0G5c9/3LGj5cwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFO1+kNaqgyaxy4Ch41CkqqfHH3dYMB8GA1UdIwQY
MBaAFJ7nYRPb8yA4b3Phk1rJrJQ+gbWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnVkaEU5dnpJRGh2Yy1HVFdzbXNsRDZCdFl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9iOTE5Y2UtMGY4My00ZmI0LThkZDgt
ZGUwNDEyZWIzYmNjLzEvN1g2UTFxcURKckhMZ0tIalVLU3FwOGNmZDFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9iOTE5Y2UtMGY4My00ZmI0LThkZDgtZGUwNDEyZWIzYmNj
LzEvbnVkaEU5dnpJRGh2Yy1HVFdzbXNsRDZCdFl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAK5bzQD
BAK5bzgDBAK5cBAwDQQCAAIwBwMFAyoGWUAwDQYJKoZIhvcNAQELBQADggEBAJEW
wB2wcfc6FHU9n5nUyShpk4OGz7VSW2wY5dKSCGbfobARR9JK3A2JHTaP8Ctg9Bg4
vIpjxBeWPTXCJy0k80KKra/+mrqEIPmiZSQjZhtN1/62t0g4rniH21ZLz7GlXyZ7
3WkLTooBa45xIx6akTpDCat62mMltcSVEQmtD7g8d3I/DRokGMvyB+ANhAyfDCey
isUVrgs8389Zqnh4B7hVs/MB/YDn9nCR4uXRssrpPyZh59Vhvsxu6NUzjJIb8EQV
A7Q5CbrIf25kacOdxtehqDmNLsJ1ud+etwBrEnXEFKfMnXFvKzwSxZrTBPLJyt7J
LhFv+YtHvAcMys+n85k=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:53 2025 by rpki-client