Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/94ac03-8404-4926-bd48-cf99baa4a09b/1/jFVKXxMMKLy2L8hEmxn5-WvHpVw.roa
File: jFVKXxMMKLy2L8hEmxn5-WvHpVw.roa (raw, json)
Hash identifier: bXTBoYidLUVABD+VmTOEhO8uafli3LBPSjzI4XEDVmw=
Subject key identifier: 8C:55:4A:5F:13:0C:28:BC:B6:2F:C8:44:9B:19:F9:F9:6B:C7:A5:5C
Certificate issuer: /CN=e4bd042ef1c9e868ac901a127fd789eb519e00f1
Certificate serial: 01856F42C8DE7552E6E458AB7C2BA2B49C89
Authority key identifier: E4:BD:04:2E:F1:C9:E8:68:AC:90:1A:12:7F:D7:89:EB:51:9E:00:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5L0ELvHJ6GiskBoSf9eJ61GeAPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/94ac03-8404-4926-bd48-cf99baa4a09b/1/jFVKXxMMKLy2L8hEmxn5-WvHpVw.roa
Signing time: Sun 01 Jan 2023 21:35:25 +0000
ROA not before: Sun 01 Jan 2023 21:35:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207037
IP address blocks: 185.161.84.0/22 maxlen: 22
2a0b:6c00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:c8:de:75:52:e6:e4:58:ab:7c:2b:a2:b4:9c:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4bd042ef1c9e868ac901a127fd789eb519e00f1
Validity
Not Before: Jan 1 21:35:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c554a5f130c28bcb62fc8449b19f9f96bc7a55c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a4:24:b7:af:fc:74:e0:9d:a3:bb:f1:7e:b6:
02:3d:f0:04:de:de:12:0a:c9:e7:85:bd:0e:bb:2d:
b6:27:bc:3d:fd:c5:2a:05:7a:c8:de:bf:24:2f:74:
9b:a8:46:cf:86:f2:20:77:c8:8d:7c:b2:7a:bc:42:
a7:37:f8:75:c8:80:36:c9:a6:aa:f4:9c:a6:40:13:
22:92:d9:ad:f9:06:f3:f1:ac:f0:85:59:81:ab:79:
7f:9c:7e:aa:ed:65:d3:b8:06:24:7b:76:81:ce:f2:
b6:66:63:bc:8f:50:e4:e2:72:a1:5f:29:8c:2e:3e:
75:d3:91:f3:b7:31:e2:3c:fa:dd:3e:4b:76:73:6f:
a8:a8:eb:de:a9:f0:27:14:47:6a:f6:81:db:3c:95:
f6:a0:46:eb:b3:08:6d:e0:73:b8:de:65:92:e6:84:
24:3c:5f:06:37:b6:6c:47:fb:71:cb:30:a4:74:54:
99:1a:54:05:92:32:83:62:6e:5d:d1:f4:c1:af:a6:
4a:e7:ed:1f:56:ff:67:09:cc:59:a2:79:de:5d:22:
80:59:8d:89:a5:93:a2:80:36:a0:a6:5a:e2:c5:b1:
70:13:8c:1d:ff:95:c4:c0:0e:29:d0:8e:95:93:c4:
5c:4a:60:e6:c5:0d:f4:0f:46:ec:2f:6d:20:00:08:
83:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:55:4A:5F:13:0C:28:BC:B6:2F:C8:44:9B:19:F9:F9:6B:C7:A5:5C
X509v3 Authority Key Identifier:
keyid:E4:BD:04:2E:F1:C9:E8:68:AC:90:1A:12:7F:D7:89:EB:51:9E:00:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5L0ELvHJ6GiskBoSf9eJ61GeAPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/94ac03-8404-4926-bd48-cf99baa4a09b/1/jFVKXxMMKLy2L8hEmxn5-WvHpVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/94ac03-8404-4926-bd48-cf99baa4a09b/1/5L0ELvHJ6GiskBoSf9eJ61GeAPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.84.0/22
IPv6:
2a0b:6c00::/29
Signature Algorithm: sha256WithRSAEncryption
30:5a:24:97:8e:b3:8b:68:35:0b:1d:5e:39:e4:7f:d9:92:a5:
79:83:82:5b:21:f6:3c:9a:25:b2:73:17:9d:b3:9f:45:76:43:
91:a0:3e:3e:7d:d6:87:88:52:f8:0f:7f:88:0a:13:59:bc:47:
16:a5:95:4b:fb:28:2e:94:70:45:58:c8:79:7b:d1:b6:cd:37:
5b:5c:35:51:e7:3a:11:60:d4:25:42:ae:51:d6:4e:cd:db:39:
a7:22:61:78:25:b4:a6:f6:79:f5:4c:b0:9e:71:43:f6:36:4a:
5e:41:7f:a0:3d:e7:4d:c5:8e:65:fb:85:f8:7e:c9:54:25:f2:
c0:92:29:a8:f0:19:68:75:06:45:9b:5d:9d:57:bd:e9:b1:f1:
35:67:12:38:b9:0b:a3:5b:9e:18:82:80:93:a3:3c:90:e4:e7:
62:40:e2:0e:1e:4d:98:38:92:c4:ae:20:61:d0:71:09:72:f3:
ca:1b:ea:01:81:9c:c3:b7:15:11:7e:47:7d:d4:cd:56:9a:6f:
35:e3:d5:19:5c:7e:82:58:91:03:b6:2f:80:07:91:9a:09:46:
6b:fa:56:6c:2b:a4:40:9a:a9:4f:9c:46:6f:24:8d:6f:39:89:
4a:2c:63:fd:00:65:f3:84:e2:c9:62:c7:dc:a0:fd:b0:4c:b9:
a8:06:a2:51
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvQsjedVLm5FirfCuitJyJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YmQwNDJlZjFjOWU4NjhhYzkwMWExMjdmZDc4OWViNTE5
ZTAwZjEwHhcNMjMwMTAxMjEzNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzU1NGE1ZjEzMGMyOGJjYjYyZmM4NDQ5YjE5ZjlmOTZiYzdhNTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqQkt6/8dOCdo7vxfrYCPfAE3t4S
Csnnhb0Ouy22J7w9/cUqBXrI3r8kL3SbqEbPhvIgd8iNfLJ6vEKnN/h1yIA2yaaq
9JymQBMiktmt+Qbz8azwhVmBq3l/nH6q7WXTuAYke3aBzvK2ZmO8j1Dk4nKhXymM
Lj5105HztzHiPPrdPkt2c2+oqOveqfAnFEdq9oHbPJX2oEbrswht4HO43mWS5oQk
PF8GN7ZsR/txyzCkdFSZGlQFkjKDYm5d0fTBr6ZK5+0fVv9nCcxZonneXSKAWY2J
pZOigDagplrixbFwE4wd/5XEwA4p0I6Vk8RcSmDmxQ30D0bsL20gAAiDFwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIxVSl8TDCi8ti/IRJsZ+flrx6VcMB8GA1UdIwQY
MBaAFOS9BC7xyehorJAaEn/XietRngDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUwwRUx2SEo2R2lza0JvU2Y5ZUo2MUdlQVBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85NGFjMDMtODQwNC00OTI2LWJkNDgt
Y2Y5OWJhYTRhMDliLzEvakZWS1h4TU1LTHkyTDhoRW14bjUtV3ZIcFZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85NGFjMDMtODQwNC00OTI2LWJkNDgtY2Y5OWJhYTRhMDli
LzEvNUwwRUx2SEo2R2lza0JvU2Y5ZUo2MUdlQVBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaFUMA0E
AgACMAcDBQMqC2wAMA0GCSqGSIb3DQEBCwUAA4IBAQAwWiSXjrOLaDULHV455H/Z
kqV5g4JbIfY8miWycxeds59FdkORoD4+fdaHiFL4D3+IChNZvEcWpZVL+ygulHBF
WMh5e9G2zTdbXDVR5zoRYNQlQq5R1k7N2zmnImF4JbSm9nn1TLCecUP2NkpeQX+g
PedNxY5l+4X4fslUJfLAkimo8BlodQZFm12dV73psfE1ZxI4uQujW54YgoCTozyQ
5OdiQOIOHk2YOJLEriBh0HEJcvPKG+oBgZzDtxURfkd91M1Wmm8149UZXH6CWJED
ti+AB5GaCUZr+lZsK6RAmqlPnEZvJI1vOYlKLGP9AGXzhOLJYsfcoP2wTLmoBqJR
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:51:47 2025 by rpki-client