Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/dOzFI9F2tNDiR4rnI68EYDa5kw0.roa
File: dOzFI9F2tNDiR4rnI68EYDa5kw0.roa (raw, json)
Hash identifier: I6W+hFCaJD7/uPTXVqi2Okz9xDO6pp1hLAP9d/PuYT4=
Subject key identifier: 74:EC:C5:23:D1:76:B4:D0:E2:47:8A:E7:23:AF:04:60:36:B9:93:0D
Certificate issuer: /CN=8aa1fe9a4c03d015aec974e2d29709a979eb82f1
Certificate serial: 018570707225D16B307C2F8813A66978DDB2
Authority key identifier: 8A:A1:FE:9A:4C:03:D0:15:AE:C9:74:E2:D2:97:09:A9:79:EB:82:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iqH-mkwD0BWuyXTi0pcJqXnrgvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/dOzFI9F2tNDiR4rnI68EYDa5kw0.roa
Signing time: Mon 02 Jan 2023 03:04:55 +0000
ROA not before: Mon 02 Jan 2023 03:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396982
IP address blocks: 185.241.47.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:72:25:d1:6b:30:7c:2f:88:13:a6:69:78:dd:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8aa1fe9a4c03d015aec974e2d29709a979eb82f1
Validity
Not Before: Jan 2 03:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74ecc523d176b4d0e2478ae723af046036b9930d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0b:2f:4c:88:2b:2f:95:4c:02:c8:55:77:b7:
fb:81:da:fe:41:5c:e3:46:10:52:25:53:7b:62:b4:
92:98:ae:c5:7a:bc:2e:b1:12:94:21:55:bd:8d:b9:
0d:70:7d:a9:43:58:80:6e:dd:bc:e3:3e:7b:7a:c4:
20:25:7c:8c:46:51:b1:ac:c7:13:14:a0:3f:6b:91:
09:d1:60:fc:75:6a:47:ad:74:4b:0b:bb:aa:b2:65:
22:4d:c7:0f:da:65:f2:34:6b:60:f9:05:26:f0:b8:
c3:89:e7:23:8a:21:1c:47:d1:c8:16:d0:66:29:4a:
09:41:f4:21:3f:c8:e5:6f:99:1a:5e:1f:3b:9e:70:
08:19:9d:90:6e:4d:a2:23:26:07:c5:f5:00:5d:bc:
c5:30:3d:bd:a7:27:93:8b:88:c8:4b:c7:80:39:25:
8e:31:ad:c1:d5:b9:89:7b:f9:61:85:bd:8a:26:60:
37:f9:77:15:fe:c6:ed:43:5a:ee:03:1a:b2:ec:f4:
5f:71:6c:d0:0c:0a:4c:de:26:ce:ee:f2:ba:f4:6b:
c8:09:b6:50:ea:e9:b6:52:34:fb:d6:c8:8c:92:eb:
c0:9e:b9:ac:1f:7e:2e:e3:a5:d1:55:9e:97:8f:8a:
d1:4e:5f:31:5a:04:95:c4:11:85:fa:25:6f:30:e5:
55:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:EC:C5:23:D1:76:B4:D0:E2:47:8A:E7:23:AF:04:60:36:B9:93:0D
X509v3 Authority Key Identifier:
keyid:8A:A1:FE:9A:4C:03:D0:15:AE:C9:74:E2:D2:97:09:A9:79:EB:82:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqH-mkwD0BWuyXTi0pcJqXnrgvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/dOzFI9F2tNDiR4rnI68EYDa5kw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/iqH-mkwD0BWuyXTi0pcJqXnrgvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.47.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:6a:3a:88:50:f1:05:06:64:23:2f:e7:8f:61:55:eb:b1:4e:
97:92:f3:d7:17:2e:64:74:ec:ab:1e:77:b7:21:af:93:87:64:
c7:a2:a2:7c:19:8c:33:8f:77:af:af:9b:01:d0:cf:f5:07:73:
6c:5b:54:2e:e1:4a:8f:18:4d:9e:98:c4:1f:cb:ff:b4:83:7d:
85:f1:11:0b:6c:a2:46:e9:8f:ff:67:2d:e1:04:34:08:c6:a8:
b0:ec:15:7b:b2:61:f1:38:49:95:98:24:31:3e:87:64:ce:7b:
08:4f:7b:cd:61:88:86:4e:dc:c0:5f:26:40:d2:dc:21:07:8d:
fa:ca:31:c6:e2:d7:99:33:3e:ff:92:64:43:43:0b:71:a8:40:
96:73:bc:8a:57:b5:be:4d:b5:bd:af:c0:cd:f3:31:0e:11:4d:
9f:53:e2:b9:31:e5:b2:91:f7:64:7a:55:f8:2c:10:70:a4:be:
f7:40:44:16:52:2f:21:82:21:a2:57:e4:38:e2:d9:6d:81:14:
cf:12:dc:d2:94:00:19:80:4a:1b:82:f0:1b:9e:48:fa:02:8b:
13:5d:1e:f1:5c:fe:fb:bf:f6:13:09:bc:70:a2:eb:24:a4:c6:
63:ef:3d:0c:3c:57:59:82:ec:06:49:a5:4c:dc:58:49:6d:ca:
78:e9:d2:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwcHIl0WswfC+IE6ZpeN2yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYTFmZTlhNGMwM2QwMTVhZWM5NzRlMmQyOTcwOWE5Nzll
YjgyZjEwHhcNMjMwMTAyMDMwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGVjYzUyM2QxNzZiNGQwZTI0NzhhZTcyM2FmMDQ2MDM2Yjk5MzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAsvTIgrL5VMAshVd7f7gdr+QVzj
RhBSJVN7YrSSmK7FerwusRKUIVW9jbkNcH2pQ1iAbt284z57esQgJXyMRlGxrMcT
FKA/a5EJ0WD8dWpHrXRLC7uqsmUiTccP2mXyNGtg+QUm8LjDiecjiiEcR9HIFtBm
KUoJQfQhP8jlb5kaXh87nnAIGZ2Qbk2iIyYHxfUAXbzFMD29pyeTi4jIS8eAOSWO
Ma3B1bmJe/lhhb2KJmA3+XcV/sbtQ1ruAxqy7PRfcWzQDApM3ibO7vK69GvICbZQ
6um2UjT71siMkuvAnrmsH34u46XRVZ6Xj4rRTl8xWgSVxBGF+iVvMOVVeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHTsxSPRdrTQ4keK5yOvBGA2uZMNMB8GA1UdIwQY
MBaAFIqh/ppMA9AVrsl04tKXCal564LxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXFILW1rd0QwQld1eVhUaTBwY0pxWG5yZ3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi80MWU5YjAtNjJlNy00NzE4LWI5NjYt
MWY5YWUwNTU2NDZmLzEvZE96Rkk5RjJ0TkRpUjRybkk2OEVZRGE1a3cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi80MWU5YjAtNjJlNy00NzE4LWI5NjYtMWY5YWUwNTU2NDZm
LzEvaXFILW1rd0QwQld1eVhUaTBwY0pxWG5yZ3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufEvMA0G
CSqGSIb3DQEBCwUAA4IBAQB/ajqIUPEFBmQjL+ePYVXrsU6XkvPXFy5kdOyrHne3
Ia+Th2THoqJ8GYwzj3evr5sB0M/1B3NsW1Qu4UqPGE2emMQfy/+0g32F8RELbKJG
6Y//Zy3hBDQIxqiw7BV7smHxOEmVmCQxPodkznsIT3vNYYiGTtzAXyZA0twhB436
yjHG4teZMz7/kmRDQwtxqECWc7yKV7W+TbW9r8DN8zEOEU2fU+K5MeWykfdkelX4
LBBwpL73QEQWUi8hgiGiV+Q44tltgRTPEtzSlAAZgEobgvAbnkj6AosTXR7xXP77
v/YTCbxwouskpMZj7z0MPFdZguwGSaVM3FhJbcp46dKz
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:17:40 2025 by rpki-client