Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/15c74c-f8b8-4f53-a131-64e431f74eea/1/_2OGEM_D_78-8AFmka2dBCf3QXc.roa
File: _2OGEM_D_78-8AFmka2dBCf3QXc.roa (raw, json)
Hash identifier: R9DtsYL8SQ8hAHjU2Eqx30WmC21tW/lAK/MKTt6hbH8=
Subject key identifier: FF:63:86:10:CF:C3:FF:BF:3E:F0:01:66:91:AD:9D:04:27:F7:41:77
Certificate issuer: /CN=d8ae1d7cc68b78c494c530eaa4a0f7559e25a4ef
Certificate serial: 01856F4B8F9149F7F032809889FC34FB4101
Authority key identifier: D8:AE:1D:7C:C6:8B:78:C4:94:C5:30:EA:A4:A0:F7:55:9E:25:A4:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2K4dfMaLeMSUxTDqpKD3VZ4lpO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/15c74c-f8b8-4f53-a131-64e431f74eea/1/_2OGEM_D_78-8AFmka2dBCf3QXc.roa
Signing time: Sun 01 Jan 2023 21:45:00 +0000
ROA not before: Sun 01 Jan 2023 21:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212426
IP address blocks: 185.75.242.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:8f:91:49:f7:f0:32:80:98:89:fc:34:fb:41:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8ae1d7cc68b78c494c530eaa4a0f7559e25a4ef
Validity
Not Before: Jan 1 21:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff638610cfc3ffbf3ef0016691ad9d0427f74177
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ee:5b:18:6c:34:68:20:ba:20:f6:b3:fc:cc:
55:93:d9:3c:ea:52:ac:31:8a:72:32:05:47:b5:22:
e4:fb:2c:d3:41:43:06:e1:d7:79:40:e3:cd:0a:f9:
1f:8f:24:4b:9f:56:be:81:2d:2a:55:05:be:1d:f4:
60:44:60:9a:54:00:82:24:c8:b0:2d:aa:3c:ba:c7:
6a:49:8a:c6:9e:a8:61:cc:07:50:e2:c0:11:f5:45:
07:4c:e0:f1:f0:7e:7f:4a:d8:ed:dc:f0:9d:14:0d:
7d:0c:f3:67:8e:04:9d:a6:9f:03:a9:f9:84:73:ec:
d0:d4:b1:eb:b5:cc:7b:75:10:8a:bc:81:26:23:63:
22:02:40:b1:bf:f6:d4:f2:1f:13:b4:8c:5d:5b:da:
52:1c:3d:8a:82:46:9f:d9:de:e4:7b:86:d3:30:fe:
1f:14:ea:ae:9f:e2:c3:8c:7e:af:29:c6:d1:93:04:
54:11:af:20:88:98:5f:b5:e5:38:0a:1f:6f:68:2b:
8e:e9:91:48:8d:cb:73:0a:95:b1:ff:cb:4e:4e:f3:
dc:81:b4:b0:e5:7a:7b:7c:88:ca:3d:3c:b0:9d:59:
82:5b:75:77:c4:d2:dc:3f:d6:9b:d4:75:d1:a3:b8:
09:ca:bc:38:60:b1:2b:ac:3f:d6:f1:a9:de:10:19:
11:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:63:86:10:CF:C3:FF:BF:3E:F0:01:66:91:AD:9D:04:27:F7:41:77
X509v3 Authority Key Identifier:
keyid:D8:AE:1D:7C:C6:8B:78:C4:94:C5:30:EA:A4:A0:F7:55:9E:25:A4:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2K4dfMaLeMSUxTDqpKD3VZ4lpO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/15c74c-f8b8-4f53-a131-64e431f74eea/1/_2OGEM_D_78-8AFmka2dBCf3QXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/15c74c-f8b8-4f53-a131-64e431f74eea/1/2K4dfMaLeMSUxTDqpKD3VZ4lpO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.242.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:4b:1c:b3:8c:fd:d1:2c:b1:be:4e:75:f0:45:c5:11:42:cb:
c8:59:5f:f5:08:1d:0e:c5:33:6b:02:cb:7f:16:e6:46:81:c5:
4d:6d:88:ed:bf:a0:0a:84:f6:0e:b3:65:43:c9:1e:b9:2e:7f:
00:9f:b9:6d:8d:28:a5:59:41:86:76:04:d4:7d:49:aa:0f:70:
45:4a:f3:ab:8f:c9:db:5a:0f:e8:13:f7:32:71:cd:e8:fd:3a:
72:b9:c1:e4:0b:cd:52:90:77:d6:6d:19:69:f7:20:9d:72:56:
9f:c8:6c:c6:ab:0b:b6:cd:00:c6:0a:8f:bd:6d:99:72:59:dd:
4e:b1:c7:c3:ae:79:01:90:2e:54:83:a5:05:d3:0c:ba:b1:ab:
cf:53:41:45:c4:7f:88:83:b7:9c:76:c6:9f:42:6f:4b:ff:b5:
bf:75:dd:d1:b9:80:57:b7:b2:89:c2:b3:dd:56:a9:19:48:6a:
b3:1a:d6:18:63:3c:78:83:db:c4:5e:64:ab:60:f3:bc:9c:be:
78:f0:e9:b0:3f:d9:c0:f0:3b:1f:4b:5f:2b:e1:db:93:a7:b3:
25:a4:8a:25:17:19:cf:56:e8:3d:7b:97:88:15:91:d3:70:0b:
f7:e3:45:cb:2e:8c:96:10:d3:b3:bf:e9:b1:fe:82:92:e3:96:
99:0f:81:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvS4+RSffwMoCYifw0+0EBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YWUxZDdjYzY4Yjc4YzQ5NGM1MzBlYWE0YTBmNzU1OWUy
NWE0ZWYwHhcNMjMwMTAxMjE0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjYzODYxMGNmYzNmZmJmM2VmMDAxNjY5MWFkOWQwNDI3Zjc0MTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+5bGGw0aCC6IPaz/MxVk9k86lKs
MYpyMgVHtSLk+yzTQUMG4dd5QOPNCvkfjyRLn1a+gS0qVQW+HfRgRGCaVACCJMiw
Lao8usdqSYrGnqhhzAdQ4sAR9UUHTODx8H5/Stjt3PCdFA19DPNnjgSdpp8DqfmE
c+zQ1LHrtcx7dRCKvIEmI2MiAkCxv/bU8h8TtIxdW9pSHD2Kgkaf2d7ke4bTMP4f
FOqun+LDjH6vKcbRkwRUEa8giJhfteU4Ch9vaCuO6ZFIjctzCpWx/8tOTvPcgbSw
5Xp7fIjKPTywnVmCW3V3xNLcP9ab1HXRo7gJyrw4YLErrD/W8aneEBkRGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP9jhhDPw/+/PvABZpGtnQQn90F3MB8GA1UdIwQY
MBaAFNiuHXzGi3jElMUw6qSg91WeJaTvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMks0ZGZNYUxlTVNVeFREcXBLRDNWWjRscE84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xNWM3NGMtZjhiOC00ZjUzLWExMzEt
NjRlNDMxZjc0ZWVhLzEvXzJPR0VNX0RfNzgtOEFGbWthMmRCQ2YzUVhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xNWM3NGMtZjhiOC00ZjUzLWExMzEtNjRlNDMxZjc0ZWVh
LzEvMks0ZGZNYUxlTVNVeFREcXBLRDNWWjRscE84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuUvyMA0G
CSqGSIb3DQEBCwUAA4IBAQCOSxyzjP3RLLG+TnXwRcURQsvIWV/1CB0OxTNrAst/
FuZGgcVNbYjtv6AKhPYOs2VDyR65Ln8An7ltjSilWUGGdgTUfUmqD3BFSvOrj8nb
Wg/oE/cycc3o/TpyucHkC81SkHfWbRlp9yCdclafyGzGqwu2zQDGCo+9bZlyWd1O
scfDrnkBkC5Ug6UF0wy6savPU0FFxH+Ig7ecdsafQm9L/7W/dd3RuYBXt7KJwrPd
VqkZSGqzGtYYYzx4g9vEXmSrYPO8nL548OmwP9nA8DsfS18r4duTp7MlpIolFxnP
Vug9e5eIFZHTcAv340XLLoyWENOzv+mx/oKS45aZD4HQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:55 2025 by rpki-client