Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/d2c9db-3615-466e-a34a-b109ed9ea8c0/1/0P-Z-FtEXEm_BZqmcgDWHla5Mq4.roa
File: 0P-Z-FtEXEm_BZqmcgDWHla5Mq4.roa (raw, json)
Hash identifier: tqJy7jjg1BvqXr5tNIHNPSAqpyf2+U5y8yv+nSgzb5Y=
Subject key identifier: D0:FF:99:F8:5B:44:5C:49:BF:05:9A:A6:72:00:D6:1E:56:B9:32:AE
Certificate issuer: /CN=88ff3ba6b60d39ad105ff85c269d626c8157655f
Certificate serial: 01856D941F0C074207B9DB6A66A408E9DFB2
Authority key identifier: 88:FF:3B:A6:B6:0D:39:AD:10:5F:F8:5C:26:9D:62:6C:81:57:65:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iP87prYNOa0QX_hcJp1ibIFXZV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/d2c9db-3615-466e-a34a-b109ed9ea8c0/1/0P-Z-FtEXEm_BZqmcgDWHla5Mq4.roa
Signing time: Sun 01 Jan 2023 13:45:01 +0000
ROA not before: Sun 01 Jan 2023 13:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202803
IP address blocks: 185.154.44.0/22 maxlen: 24
2a0b:5ac0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:94:1f:0c:07:42:07:b9:db:6a:66:a4:08:e9:df:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88ff3ba6b60d39ad105ff85c269d626c8157655f
Validity
Not Before: Jan 1 13:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0ff99f85b445c49bf059aa67200d61e56b932ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:36:00:8a:1d:8a:c2:04:70:bf:18:c2:ed:fc:
b1:d5:65:03:93:5f:85:73:60:3b:24:a4:20:46:fc:
ba:8c:a2:73:ba:05:e5:fd:a8:f8:f8:1e:be:bc:44:
dd:6b:99:3f:1f:70:bc:c7:df:31:12:c9:12:3e:15:
92:9c:1f:26:06:65:5f:48:44:53:d8:f4:72:d0:73:
9b:20:4f:4e:f0:09:25:b5:c3:57:d6:ce:52:b2:e5:
5c:98:97:fe:24:fc:e3:e1:e1:83:ec:ff:a3:96:34:
e6:92:b3:47:27:fa:5e:73:39:ff:8e:be:d5:b6:8c:
cc:3f:32:2c:0e:45:b9:5b:e1:57:77:b4:0d:be:fc:
8a:a0:74:ee:fd:26:03:f0:a9:f4:34:97:03:0f:a1:
c4:ad:40:d4:33:01:7b:ce:33:ba:2a:70:fb:31:de:
f9:3a:73:fb:6b:8a:39:7a:ae:64:c0:0b:64:29:9e:
2e:a5:9e:16:8f:e9:8c:94:ee:30:c5:7b:5d:9a:19:
db:13:74:b9:ab:da:8d:02:03:5c:3b:45:d8:23:41:
dd:3e:fb:5d:7e:f6:3a:d9:85:8c:37:f7:ea:2b:56:
d1:f6:46:26:91:6e:4e:c2:bb:b5:4e:10:8f:bb:b0:
fc:e7:a9:7e:37:50:79:cc:92:ee:c5:69:27:e0:39:
20:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:FF:99:F8:5B:44:5C:49:BF:05:9A:A6:72:00:D6:1E:56:B9:32:AE
X509v3 Authority Key Identifier:
keyid:88:FF:3B:A6:B6:0D:39:AD:10:5F:F8:5C:26:9D:62:6C:81:57:65:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iP87prYNOa0QX_hcJp1ibIFXZV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d2c9db-3615-466e-a34a-b109ed9ea8c0/1/0P-Z-FtEXEm_BZqmcgDWHla5Mq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d2c9db-3615-466e-a34a-b109ed9ea8c0/1/iP87prYNOa0QX_hcJp1ibIFXZV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.44.0/22
IPv6:
2a0b:5ac0::/29
Signature Algorithm: sha256WithRSAEncryption
1f:f6:65:11:11:d6:ae:eb:22:45:3d:4b:af:5f:a8:05:f1:10:
f1:04:05:69:f1:60:47:1a:6a:36:c2:9f:d2:f6:20:75:91:01:
52:9a:27:57:fd:71:9e:66:01:ef:64:29:2e:44:ea:ca:97:23:
ae:85:9e:c9:9c:f6:11:e1:19:46:59:da:c3:c8:da:0a:f9:1b:
a8:3e:0d:64:0d:07:1b:33:e5:a6:4e:79:82:b7:9e:ae:28:6f:
e4:fd:b9:dc:1d:4e:e0:f2:c8:2e:23:40:d5:f9:84:ca:42:43:
ae:62:74:80:ca:c1:a7:a0:33:62:3b:b1:31:9b:19:e9:f5:b7:
38:e7:41:2e:36:95:ca:1f:00:9d:b3:84:02:0a:15:28:25:43:
58:fa:a9:ef:fc:3c:39:22:f9:a8:70:11:8b:bb:24:f0:2a:50:
5e:fb:2c:95:9a:39:b4:92:d4:c0:55:c0:99:6d:da:18:9b:1c:
4a:e8:c8:1b:fe:c4:00:99:39:58:d7:13:b0:16:a8:e4:6c:a3:
f2:68:42:66:27:7b:d0:26:99:cc:f0:0b:f8:67:4a:25:f1:7e:
d5:7e:26:6c:59:dc:fa:c9:3f:a8:52:0a:14:97:b2:89:7a:65:
8b:d4:f2:44:03:9a:b5:81:78:9d:47:b4:4b:53:a1:cb:fe:36:
9b:1a:9e:8d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtlB8MB0IHudtqZqQI6d+yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZmYzYmE2YjYwZDM5YWQxMDVmZjg1YzI2OWQ2MjZjODE1
NzY1NWYwHhcNMjMwMTAxMTM0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGZmOTlmODViNDQ1YzQ5YmYwNTlhYTY3MjAwZDYxZTU2YjkzMmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zYAih2KwgRwvxjC7fyx1WUDk1+F
c2A7JKQgRvy6jKJzugXl/aj4+B6+vETda5k/H3C8x98xEskSPhWSnB8mBmVfSERT
2PRy0HObIE9O8AkltcNX1s5SsuVcmJf+JPzj4eGD7P+jljTmkrNHJ/peczn/jr7V
tozMPzIsDkW5W+FXd7QNvvyKoHTu/SYD8Kn0NJcDD6HErUDUMwF7zjO6KnD7Md75
OnP7a4o5eq5kwAtkKZ4upZ4Wj+mMlO4wxXtdmhnbE3S5q9qNAgNcO0XYI0HdPvtd
fvY62YWMN/fqK1bR9kYmkW5Owru1ThCPu7D856l+N1B5zJLuxWkn4DkgEQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFND/mfhbRFxJvwWapnIA1h5WuTKuMB8GA1UdIwQY
MBaAFIj/O6a2DTmtEF/4XCadYmyBV2VfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVA4N3ByWU5PYTBRWF9oY0pwMWliSUZYWlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9kMmM5ZGItMzYxNS00NjZlLWEzNGEt
YjEwOWVkOWVhOGMwLzEvMFAtWi1GdEVYRW1fQlpxbWNnRFdIbGE1TXE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9kMmM5ZGItMzYxNS00NjZlLWEzNGEtYjEwOWVkOWVhOGMw
LzEvaVA4N3ByWU5PYTBRWF9oY0pwMWliSUZYWlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZosMA0E
AgACMAcDBQMqC1rAMA0GCSqGSIb3DQEBCwUAA4IBAQAf9mUREdau6yJFPUuvX6gF
8RDxBAVp8WBHGmo2wp/S9iB1kQFSmidX/XGeZgHvZCkuROrKlyOuhZ7JnPYR4RlG
WdrDyNoK+RuoPg1kDQcbM+WmTnmCt56uKG/k/bncHU7g8sguI0DV+YTKQkOuYnSA
ysGnoDNiO7Exmxnp9bc450EuNpXKHwCds4QCChUoJUNY+qnv/Dw5IvmocBGLuyTw
KlBe+yyVmjm0ktTAVcCZbdoYmxxK6Mgb/sQAmTlY1xOwFqjkbKPyaEJmJ3vQJpnM
8Av4Z0ol8X7VfiZsWdz6yT+oUgoUl7KJemWL1PJEA5q1gXidR7RLU6HL/jabGp6N
-----END CERTIFICATE-----
Generated at Wed Apr 23 03:26:57 2025 by rpki-client