Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b9a283-5c8d-4628-80bc-ee7ba0e9f7ca/1/1-j92Xx0AMTrXePTvRPjMHaE-j3U.roa
File: 1-j92Xx0AMTrXePTvRPjMHaE-j3U.roa (raw, json)
Hash identifier: +kE6+fCXphiacNfwhPB/rD2b9Ij4stdoCkUgk1c1RqM=
Subject key identifier: FA:3F:76:5F:1D:00:31:3A:D7:78:F4:EF:44:F8:CC:1D:A1:3E:8F:75
Certificate issuer: /CN=aff4242c10e438537e169ab002bf6be81fa2a5ed
Certificate serial: 018E7F2449877AE716D731138BF99FA7B40C
Authority key identifier: AF:F4:24:2C:10:E4:38:53:7E:16:9A:B0:02:BF:6B:E8:1F:A2:A5:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_QkLBDkOFN-FpqwAr9r6B-ipe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b9a283-5c8d-4628-80bc-ee7ba0e9f7ca/1/1-j92Xx0AMTrXePTvRPjMHaE-j3U.roa
Signing time: Wed 27 Mar 2024 09:01:08 +0000
ROA not before: Wed 27 Mar 2024 09:01:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57152
IP address blocks: 185.135.220.0/24 maxlen: 24
185.135.221.0/24 maxlen: 24
185.135.222.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7f:24:49:87:7a:e7:16:d7:31:13:8b:f9:9f:a7:b4:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aff4242c10e438537e169ab002bf6be81fa2a5ed
Validity
Not Before: Mar 27 09:01:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa3f765f1d00313ad778f4ef44f8cc1da13e8f75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d8:07:14:da:f2:83:4b:8b:fc:47:fe:55:61:
c0:43:7d:05:35:35:c8:0d:29:44:c9:90:1c:61:3f:
db:d5:84:68:67:0b:4f:c0:68:65:12:e4:a1:02:ce:
74:16:ce:1c:33:58:e4:ef:81:ff:f5:c4:da:c5:a5:
18:af:e7:26:91:f6:be:69:fc:a2:d1:8f:62:52:d4:
5c:80:d8:b0:44:7c:eb:45:05:f4:28:aa:ba:fb:2b:
04:5e:f0:b7:f8:a5:9f:a0:24:de:a9:75:03:45:67:
83:75:8d:af:61:18:06:c0:08:29:1c:46:5a:4e:d1:
b4:f6:0b:36:58:da:bd:5b:3d:30:87:08:35:38:42:
14:9a:2f:3f:5c:87:ff:8e:9a:42:ff:dd:ba:7e:76:
dd:ca:12:1b:8d:d5:b3:7a:22:1f:79:d0:45:b5:d0:
aa:1e:57:8d:91:10:6d:25:39:9f:58:51:d9:c6:77:
f1:37:1c:98:96:93:b4:26:a6:c7:e9:18:a9:25:12:
b1:84:3f:37:ed:0a:c6:bc:00:a1:ef:42:8c:ba:b8:
1f:2d:31:ed:c0:97:31:89:89:de:78:5c:69:b2:c3:
5f:20:e7:0a:03:09:2b:ab:1a:aa:1f:c0:6f:82:80:
29:2e:87:cf:ea:60:87:82:c7:8a:1a:68:14:9a:97:
d2:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:3F:76:5F:1D:00:31:3A:D7:78:F4:EF:44:F8:CC:1D:A1:3E:8F:75
X509v3 Authority Key Identifier:
keyid:AF:F4:24:2C:10:E4:38:53:7E:16:9A:B0:02:BF:6B:E8:1F:A2:A5:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_QkLBDkOFN-FpqwAr9r6B-ipe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b9a283-5c8d-4628-80bc-ee7ba0e9f7ca/1/1-j92Xx0AMTrXePTvRPjMHaE-j3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b9a283-5c8d-4628-80bc-ee7ba0e9f7ca/1/r_QkLBDkOFN-FpqwAr9r6B-ipe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.220.0-185.135.222.255
Signature Algorithm: sha256WithRSAEncryption
7f:ee:a9:fa:9f:4d:d7:ec:40:8e:60:c0:02:96:aa:1a:a1:5e:
21:d8:a3:b9:ca:79:29:62:ce:52:1a:ee:1e:70:9b:45:a4:e0:
df:23:28:7b:9f:25:4d:eb:9e:ff:74:63:77:5e:db:22:fb:dd:
7b:f2:2c:e6:85:e7:fa:b5:05:9a:2b:29:db:13:bc:3d:3d:19:
d9:46:28:92:ca:ad:e7:e3:27:55:11:7b:d9:f3:a6:29:c2:ce:
13:5e:28:15:97:5f:ec:0a:5e:42:38:f7:04:35:d7:32:80:29:
83:a9:5a:0f:32:2a:0b:39:5f:2c:87:39:61:b9:c4:4e:20:27:
d5:21:31:00:b8:07:99:72:05:60:4c:64:83:c9:9b:48:ee:0c:
26:c1:0c:38:33:c2:dd:a3:ea:79:87:95:f1:4f:98:63:70:0b:
63:e6:59:c6:17:03:92:ef:0c:8d:2b:80:d3:bb:6e:54:90:a7:
1f:dc:6a:06:a6:8e:c2:f2:e6:6c:bf:85:16:ae:64:14:0a:3e:
d5:2c:82:a9:bb:80:21:39:c4:14:34:c1:9d:a6:54:74:21:c6:
00:05:86:b1:5b:96:cd:1d:fe:c3:3e:e9:35:2b:57:b0:ee:53:
bc:a9:2c:9d:d8:46:7e:c1:38:89:8d:dd:ba:19:13:95:c8:96:
77:e7:ad:6f
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAY5/JEmHeucW1zETi/mfp7QMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZjQyNDJjMTBlNDM4NTM3ZTE2OWFiMDAyYmY2YmU4MWZh
MmE1ZWQwHhcNMjQwMzI3MDkwMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTNmNzY1ZjFkMDAzMTNhZDc3OGY0ZWY0NGY4Y2MxZGExM2U4Zjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9gHFNryg0uL/Ef+VWHAQ30FNTXI
DSlEyZAcYT/b1YRoZwtPwGhlEuShAs50Fs4cM1jk74H/9cTaxaUYr+cmkfa+afyi
0Y9iUtRcgNiwRHzrRQX0KKq6+ysEXvC3+KWfoCTeqXUDRWeDdY2vYRgGwAgpHEZa
TtG09gs2WNq9Wz0whwg1OEIUmi8/XIf/jppC/926fnbdyhIbjdWzeiIfedBFtdCq
HleNkRBtJTmfWFHZxnfxNxyYlpO0JqbH6RipJRKxhD837QrGvACh70KMurgfLTHt
wJcxiYneeFxpssNfIOcKAwkrqxqqH8BvgoApLofP6mCHgseKGmgUmpfSCQIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFPo/dl8dADE613j070T4zB2hPo91MB8GA1UdIwQY
MBaAFK/0JCwQ5DhTfhaasAK/a+gfoqXtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9Ra0xCRGtPRk4tRnBxd0FyOXI2Qi1pcGUwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iOWEyODMtNWM4ZC00NjI4LTgwYmMt
ZWU3YmEwZTlmN2NhLzEvMS1qOTJYeDBBTVRyWGVQVHZSUGpNSGFFLWozVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTAvYjlhMjgzLTVjOGQtNDYyOC04MGJjLWVlN2JhMGU5Zjdj
YS8xL3JfUWtMQkRrT0ZOLUZwcXdBcjlyNkItaXBlMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQCuYfc
AwQAuYfeMA0GCSqGSIb3DQEBCwUAA4IBAQB/7qn6n03X7ECOYMAClqoaoV4h2KO5
ynkpYs5SGu4ecJtFpODfIyh7nyVN657/dGN3Xtsi+9178izmhef6tQWaKynbE7w9
PRnZRiiSyq3n4ydVEXvZ86Ypws4TXigVl1/sCl5COPcENdcygCmDqVoPMioLOV8s
hzlhucROICfVITEAuAeZcgVgTGSDyZtI7gwmwQw4M8Ldo+p5h5XxT5hjcAtj5lnG
FwOS7wyNK4DTu25UkKcf3GoGpo7C8uZsv4UWrmQUCj7VLIKpu4AhOcQUNMGdplR0
IcYABYaxW5bNHf7DPuk1K1ew7lO8qSyd2EZ+wTiJjd26GROVyJZ3561v
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:01:06 2025 by rpki-client