Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/8ad4e5-d9c9-43e7-be0f-1d9c86416e9b/1/4HxC1YnWdGWm4g8pwWn_Hlow4Qo.roa
File: 4HxC1YnWdGWm4g8pwWn_Hlow4Qo.roa (raw, json)
Hash identifier: qpMp8mE7oIuGxE7UiKhcFCXTbJmQfeSevFyEhmL5FpM=
Subject key identifier: E0:7C:42:D5:89:D6:74:65:A6:E2:0F:29:C1:69:FF:1E:5A:30:E1:0A
Certificate issuer: /CN=4a3c360c364bb66dc63517193568f5ba8517ace8
Certificate serial: 019421B20AABF9AA4B9BE0AFDADA45795B32
Authority key identifier: 4A:3C:36:0C:36:4B:B6:6D:C6:35:17:19:35:68:F5:BA:85:17:AC:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sjw2DDZLtm3GNRcZNWj1uoUXrOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/8ad4e5-d9c9-43e7-be0f-1d9c86416e9b/1/4HxC1YnWdGWm4g8pwWn_Hlow4Qo.roa
Signing time: Wed 01 Jan 2025 11:48:23 +0000
ROA not before: Wed 01 Jan 2025 11:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42487
IP address blocks: 185.173.200.0/22 maxlen: 22
2a0e:e080::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:0a:ab:f9:aa:4b:9b:e0:af:da:da:45:79:5b:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a3c360c364bb66dc63517193568f5ba8517ace8
Validity
Not Before: Jan 1 11:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e07c42d589d67465a6e20f29c169ff1e5a30e10a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:87:97:82:cb:bf:70:46:29:cd:4a:9c:46:31:
ee:56:fa:b6:6a:4d:8d:ac:de:49:b9:f9:43:3c:59:
7c:11:c3:dc:6b:5f:f1:1d:4f:a8:6b:58:76:8a:a9:
2a:73:38:d6:3e:48:c3:f4:82:31:43:c8:e2:74:9a:
90:ef:15:f6:82:ea:a6:69:91:a0:e4:db:75:83:e6:
e6:ea:f8:61:c3:93:5b:bf:90:c8:66:1e:c1:a9:9c:
22:6c:04:28:5b:c5:67:b4:36:c0:4b:52:22:9b:8b:
89:53:93:28:a1:d5:d4:c0:46:88:ef:d3:9f:dc:77:
13:db:36:0a:e5:84:67:0c:6f:b6:45:2e:d9:e7:73:
12:3a:e4:8b:33:38:d3:47:83:d9:7c:c1:97:66:39:
32:5f:b7:40:f7:12:21:1a:23:9c:3f:68:85:05:91:
f8:9a:15:be:d1:a6:bc:b9:2a:eb:6f:6c:91:e4:c8:
53:30:ae:31:71:ef:b1:88:24:fe:18:c0:fe:03:95:
bc:7d:08:cf:37:73:df:b5:94:7a:5e:94:d9:ae:8b:
8c:ae:66:21:32:29:8b:d2:f5:2b:da:ee:e8:b6:78:
0f:9e:9b:4d:46:e9:e8:34:42:08:17:0a:61:9a:99:
da:dc:b5:4d:18:af:3f:3b:bf:91:3b:46:9f:c2:4a:
51:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:7C:42:D5:89:D6:74:65:A6:E2:0F:29:C1:69:FF:1E:5A:30:E1:0A
X509v3 Authority Key Identifier:
keyid:4A:3C:36:0C:36:4B:B6:6D:C6:35:17:19:35:68:F5:BA:85:17:AC:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sjw2DDZLtm3GNRcZNWj1uoUXrOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/8ad4e5-d9c9-43e7-be0f-1d9c86416e9b/1/4HxC1YnWdGWm4g8pwWn_Hlow4Qo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/8ad4e5-d9c9-43e7-be0f-1d9c86416e9b/1/Sjw2DDZLtm3GNRcZNWj1uoUXrOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.200.0/22
IPv6:
2a0e:e080::/32
Signature Algorithm: sha256WithRSAEncryption
8f:5d:0e:3f:ac:8a:1a:8e:23:c4:13:bc:0a:2c:db:1c:fc:54:
ac:df:f5:36:f7:d5:2c:c8:6c:6e:ff:44:c5:2d:9d:32:ac:b8:
8a:e9:c4:6f:b4:7f:80:64:0d:29:a0:ce:3f:16:ef:8a:fc:ff:
c3:99:7c:0f:83:15:11:f4:e2:88:29:67:11:6f:09:fe:89:56:
00:d4:75:ff:fe:01:4e:09:0b:0d:06:4b:26:6a:9a:83:35:82:
e7:a2:ce:1c:cb:73:7a:64:31:66:bb:cc:8b:44:cd:52:ae:e7:
b9:ff:00:8a:73:1a:57:79:c4:40:21:f1:73:28:e8:ea:14:4f:
59:34:2d:ad:92:5b:ce:9c:4a:db:10:c1:f8:f3:67:00:e7:11:
8e:6e:36:c5:9c:35:ed:36:48:36:0c:23:d0:6c:45:0d:f3:24:
dd:fd:a8:a4:bc:33:56:e1:e9:57:17:e0:bc:17:f3:67:19:b8:
26:3b:74:f9:f9:e9:c7:d9:14:0d:85:87:5f:d3:52:d2:9e:1d:
0e:2e:e7:73:ec:82:c3:9c:34:42:f5:43:d7:59:f7:e7:2a:8c:
59:02:ae:fa:b7:97:22:5f:ae:7d:0e:45:66:b7:ec:06:2a:00:
af:29:dd:15:f5:1c:d8:9a:04:89:db:5a:39:d9:ef:f2:2b:ba:
31:05:ad:00
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhsgqr+apLm+Cv2tpFeVsyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhM2MzNjBjMzY0YmI2NmRjNjM1MTcxOTM1NjhmNWJhODUx
N2FjZTgwHhcNMjUwMTAxMTE0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDdjNDJkNTg5ZDY3NDY1YTZlMjBmMjljMTY5ZmYxZTVhMzBlMTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4eXgsu/cEYpzUqcRjHuVvq2ak2N
rN5JuflDPFl8EcPca1/xHU+oa1h2iqkqczjWPkjD9IIxQ8jidJqQ7xX2guqmaZGg
5Nt1g+bm6vhhw5Nbv5DIZh7BqZwibAQoW8VntDbAS1Iim4uJU5MoodXUwEaI79Of
3HcT2zYK5YRnDG+2RS7Z53MSOuSLMzjTR4PZfMGXZjkyX7dA9xIhGiOcP2iFBZH4
mhW+0aa8uSrrb2yR5MhTMK4xce+xiCT+GMD+A5W8fQjPN3PftZR6XpTZrouMrmYh
MimL0vUr2u7otngPnptNRunoNEIIFwphmpna3LVNGK8/O7+RO0afwkpRywIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOB8QtWJ1nRlpuIPKcFp/x5aMOEKMB8GA1UdIwQY
MBaAFEo8Ngw2S7ZtxjUXGTVo9bqFF6zoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2p3MkREWkx0bTNHTlJjWk5XajF1b1VYck9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi84YWQ0ZTUtZDljOS00M2U3LWJlMGYt
MWQ5Yzg2NDE2ZTliLzEvNEh4QzFZbldkR1dtNGc4cHdXbl9IbG93NFFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi84YWQ0ZTUtZDljOS00M2U3LWJlMGYtMWQ5Yzg2NDE2ZTli
LzEvU2p3MkREWkx0bTNHTlJjWk5XajF1b1VYck9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCua3IMA0E
AgACMAcDBQAqDuCAMA0GCSqGSIb3DQEBCwUAA4IBAQCPXQ4/rIoajiPEE7wKLNsc
/FSs3/U299UsyGxu/0TFLZ0yrLiK6cRvtH+AZA0poM4/Fu+K/P/DmXwPgxUR9OKI
KWcRbwn+iVYA1HX//gFOCQsNBksmapqDNYLnos4cy3N6ZDFmu8yLRM1Srue5/wCK
cxpXecRAIfFzKOjqFE9ZNC2tklvOnErbEMH482cA5xGObjbFnDXtNkg2DCPQbEUN
8yTd/aikvDNW4elXF+C8F/NnGbgmO3T5+enH2RQNhYdf01LSnh0OLudz7ILDnDRC
9UPXWffnKoxZAq76t5ciX659DkVmt+wGKgCvKd0V9RzYmgSJ21o52e/yK7oxBa0A
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:17:14 2025 by rpki-client