Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b9a283-5c8d-4628-80bc-ee7ba0e9f7ca/1/G5DYwyb2Qn_C8XTDytZwlEgHi3g.roa
File: G5DYwyb2Qn_C8XTDytZwlEgHi3g.roa (raw, json)
Hash identifier: zBXafmoSVMmW+G27utAJOH3AlMbAMN3S+TUTsSVvX2s=
Subject key identifier: 1B:90:D8:C3:26:F6:42:7F:C2:F1:74:C3:CA:D6:70:94:48:07:8B:78
Certificate issuer: /CN=aff4242c10e438537e169ab002bf6be81fa2a5ed
Certificate serial: 0185730CCC8C0A7DACE95216568C7A796408
Authority key identifier: AF:F4:24:2C:10:E4:38:53:7E:16:9A:B0:02:BF:6B:E8:1F:A2:A5:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_QkLBDkOFN-FpqwAr9r6B-ipe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b9a283-5c8d-4628-80bc-ee7ba0e9f7ca/1/G5DYwyb2Qn_C8XTDytZwlEgHi3g.roa
Signing time: Mon 02 Jan 2023 15:14:56 +0000
ROA not before: Mon 02 Jan 2023 15:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42926
IP address blocks: 185.135.221.0/24 maxlen: 24
185.135.223.0/24 maxlen: 24
185.135.220.0/24 maxlen: 24
185.135.222.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:0c:cc:8c:0a:7d:ac:e9:52:16:56:8c:7a:79:64:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aff4242c10e438537e169ab002bf6be81fa2a5ed
Validity
Not Before: Jan 2 15:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b90d8c326f6427fc2f174c3cad6709448078b78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:db:6f:d5:20:d3:cc:40:79:81:e9:b7:7f:d5:
27:d1:ff:57:73:23:90:06:5d:d4:42:60:37:08:95:
3a:e7:f9:1a:dd:95:fd:5b:cf:9d:9b:c2:e2:c3:a5:
02:10:23:5e:ee:80:97:f9:31:9f:53:23:ce:3d:0f:
84:f4:24:ec:7a:d2:8e:ce:16:65:56:d3:46:13:88:
e5:73:3a:11:2c:51:45:b0:9c:d5:41:2d:56:6f:60:
7e:63:02:3b:32:3e:3a:3e:94:e5:67:8b:b4:69:0e:
0f:9a:7e:00:f1:0e:9e:b1:c3:a8:9a:9b:fc:24:ce:
d1:a1:eb:fe:dd:0f:1d:b3:4b:d6:97:a9:2a:e0:96:
a2:89:7e:a0:4b:88:b4:0d:0d:07:f0:bc:2e:d2:1c:
13:a7:87:55:29:9f:cd:b6:6f:53:46:65:9d:77:cb:
a9:47:99:2b:1b:a8:8e:39:31:d8:ec:2e:57:3a:1f:
0f:c1:37:8e:2a:a0:62:83:09:d8:1e:7c:9b:28:a8:
ff:11:80:98:3c:fb:c8:36:86:a8:a6:c7:7a:58:68:
9e:99:8c:d8:e0:ad:d7:5a:f2:7c:e0:bc:ec:36:dd:
57:80:49:b5:e6:6f:98:0c:f9:06:fe:1d:f6:90:4a:
80:bb:87:4b:ba:d3:16:3f:13:bd:ca:04:30:71:69:
a7:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:90:D8:C3:26:F6:42:7F:C2:F1:74:C3:CA:D6:70:94:48:07:8B:78
X509v3 Authority Key Identifier:
keyid:AF:F4:24:2C:10:E4:38:53:7E:16:9A:B0:02:BF:6B:E8:1F:A2:A5:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_QkLBDkOFN-FpqwAr9r6B-ipe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b9a283-5c8d-4628-80bc-ee7ba0e9f7ca/1/G5DYwyb2Qn_C8XTDytZwlEgHi3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b9a283-5c8d-4628-80bc-ee7ba0e9f7ca/1/r_QkLBDkOFN-FpqwAr9r6B-ipe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.220.0/22
Signature Algorithm: sha256WithRSAEncryption
85:69:c3:bb:b9:7c:d6:f5:d4:18:2e:0c:54:d9:dc:43:01:8e:
eb:aa:0e:0c:8f:54:f1:a2:de:40:88:ed:24:81:7b:5f:37:91:
98:1f:98:a9:3b:90:53:06:59:c3:5f:98:66:99:db:e1:cc:89:
c7:b9:50:20:4e:6d:70:51:12:ec:92:ba:35:a5:68:dd:8c:e1:
e1:b4:91:ef:c5:17:1e:98:96:05:c6:fa:19:7d:9d:6b:7b:44:
8f:99:cc:14:82:73:cd:6b:7f:f1:37:b6:65:a4:e0:2e:39:c9:
06:58:15:ed:99:09:c9:34:f0:61:7c:5f:bc:a9:91:9b:fe:c8:
5a:22:c9:74:a4:41:d5:53:4a:8d:a6:2f:00:06:33:ae:d3:6f:
47:01:90:87:e9:1a:c9:65:73:8e:11:e1:b4:1f:58:30:29:2f:
ab:f4:81:4b:6c:31:c3:52:85:ac:89:18:fb:fb:af:69:cb:44:
0c:d5:a2:0c:35:5c:9e:90:20:d6:46:ff:f6:49:31:6a:ea:b9:
fe:5c:a4:91:3d:3d:cb:40:f5:67:17:ae:bf:f3:47:89:53:29:
de:89:0c:4a:86:ea:75:19:d8:71:e8:4a:59:31:ce:8a:9a:ac:
d6:5d:00:57:ea:63:df:49:5a:e0:75:15:de:08:fd:1a:1b:73:
d6:14:79:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzDMyMCn2s6VIWVox6eWQIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZjQyNDJjMTBlNDM4NTM3ZTE2OWFiMDAyYmY2YmU4MWZh
MmE1ZWQwHhcNMjMwMTAyMTUxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjkwZDhjMzI2ZjY0MjdmYzJmMTc0YzNjYWQ2NzA5NDQ4MDc4Yjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdtv1SDTzEB5gem3f9Un0f9XcyOQ
Bl3UQmA3CJU65/ka3ZX9W8+dm8Liw6UCECNe7oCX+TGfUyPOPQ+E9CTsetKOzhZl
VtNGE4jlczoRLFFFsJzVQS1Wb2B+YwI7Mj46PpTlZ4u0aQ4Pmn4A8Q6escOompv8
JM7Roev+3Q8ds0vWl6kq4JaiiX6gS4i0DQ0H8Lwu0hwTp4dVKZ/Ntm9TRmWdd8up
R5krG6iOOTHY7C5XOh8PwTeOKqBigwnYHnybKKj/EYCYPPvINoaopsd6WGiemYzY
4K3XWvJ84LzsNt1XgEm15m+YDPkG/h32kEqAu4dLutMWPxO9ygQwcWmnNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBuQ2MMm9kJ/wvF0w8rWcJRIB4t4MB8GA1UdIwQY
MBaAFK/0JCwQ5DhTfhaasAK/a+gfoqXtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9Ra0xCRGtPRk4tRnBxd0FyOXI2Qi1pcGUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iOWEyODMtNWM4ZC00NjI4LTgwYmMt
ZWU3YmEwZTlmN2NhLzEvRzVEWXd5YjJRbl9DOFhURHl0WndsRWdIaTNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iOWEyODMtNWM4ZC00NjI4LTgwYmMtZWU3YmEwZTlmN2Nh
LzEvcl9Ra0xCRGtPRk4tRnBxd0FyOXI2Qi1pcGUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYfcMA0G
CSqGSIb3DQEBCwUAA4IBAQCFacO7uXzW9dQYLgxU2dxDAY7rqg4Mj1Txot5AiO0k
gXtfN5GYH5ipO5BTBlnDX5hmmdvhzInHuVAgTm1wURLskro1pWjdjOHhtJHvxRce
mJYFxvoZfZ1re0SPmcwUgnPNa3/xN7ZlpOAuOckGWBXtmQnJNPBhfF+8qZGb/sha
Isl0pEHVU0qNpi8ABjOu029HAZCH6RrJZXOOEeG0H1gwKS+r9IFLbDHDUoWsiRj7
+69py0QM1aIMNVyekCDWRv/2STFq6rn+XKSRPT3LQPVnF66/80eJUyneiQxKhup1
Gdhx6EpZMc6KmqzWXQBX6mPfSVrgdRXeCP0aG3PWFHkW
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:18:49 2025 by rpki-client