Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/bfb168-1b3d-48ae-9800-1744e7259b17/1/K6kXybvopVXOL8G7nc-JuI0-8R4.roa
File: K6kXybvopVXOL8G7nc-JuI0-8R4.roa (raw, json)
Hash identifier: oQMOFPYTWVBXV/E3lKqtCROYcIk4ZTCuIunuchMogS8=
Subject key identifier: 2B:A9:17:C9:BB:E8:A5:55:CE:2F:C1:BB:9D:CF:89:B8:8D:3E:F1:1E
Certificate issuer: /CN=e8a905b0a4f1ba373d9e7892d2455bc5ea8bbf89
Certificate serial: 018682F1E0694297564018ECCE9593501EBE
Authority key identifier: E8:A9:05:B0:A4:F1:BA:37:3D:9E:78:92:D2:45:5B:C5:EA:8B:BF:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6KkFsKTxujc9nniS0kVbxeqLv4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/bfb168-1b3d-48ae-9800-1744e7259b17/1/K6kXybvopVXOL8G7nc-JuI0-8R4.roa
Signing time: Fri 24 Feb 2023 10:22:15 +0000
ROA not before: Fri 24 Feb 2023 10:22:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136923
IP address blocks: 185.235.227.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:82:f1:e0:69:42:97:56:40:18:ec:ce:95:93:50:1e:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8a905b0a4f1ba373d9e7892d2455bc5ea8bbf89
Validity
Not Before: Feb 24 10:22:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ba917c9bbe8a555ce2fc1bb9dcf89b88d3ef11e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:8f:17:61:7b:30:54:ae:c7:5f:08:43:49:2a:
96:8a:a1:14:58:33:c5:38:26:86:0a:63:ef:4a:c2:
53:c6:4f:a0:3c:42:09:e4:ae:fc:ef:cd:8e:c3:ef:
b1:bc:e5:e2:2f:7f:17:4e:a6:b8:e6:d9:f7:1c:15:
64:44:a6:dc:d0:77:a5:cc:0d:dd:4d:26:51:de:50:
9e:03:13:21:fe:52:2d:8b:01:97:9e:88:d6:16:38:
a0:0d:70:72:69:45:46:ae:48:3b:f0:b4:b9:ea:30:
f0:72:0f:75:44:ce:76:3b:9a:41:22:9b:6c:43:eb:
92:b3:d5:52:5c:9a:94:d9:43:88:d4:14:32:89:33:
6b:eb:06:17:9f:8c:26:26:61:03:8f:ee:2b:92:55:
1e:ba:b3:42:e0:2d:3f:22:7c:57:e2:ac:a5:84:dd:
60:74:dc:0e:cf:b0:03:ee:7d:ae:65:6d:99:cf:97:
6c:42:98:a9:e2:d0:fb:83:74:f6:8c:e3:2a:19:0c:
51:34:8d:4e:ac:19:23:63:41:85:5f:bc:09:ad:e5:
0c:16:98:6b:f2:05:f9:cd:60:8d:62:37:98:b1:a4:
32:d9:f3:0e:b7:e6:3c:04:2e:22:0c:31:5c:d7:2c:
ba:6c:b6:a8:84:a6:cc:97:21:bc:f0:a6:0f:ed:de:
b7:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:A9:17:C9:BB:E8:A5:55:CE:2F:C1:BB:9D:CF:89:B8:8D:3E:F1:1E
X509v3 Authority Key Identifier:
keyid:E8:A9:05:B0:A4:F1:BA:37:3D:9E:78:92:D2:45:5B:C5:EA:8B:BF:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6KkFsKTxujc9nniS0kVbxeqLv4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/bfb168-1b3d-48ae-9800-1744e7259b17/1/K6kXybvopVXOL8G7nc-JuI0-8R4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/bfb168-1b3d-48ae-9800-1744e7259b17/1/6KkFsKTxujc9nniS0kVbxeqLv4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.227.0/24
Signature Algorithm: sha256WithRSAEncryption
56:26:b9:43:c4:b9:10:48:1f:cc:d4:d2:70:db:8a:1d:5c:e4:
2d:47:89:58:ef:43:9a:63:bf:ef:14:b0:9f:de:33:f8:83:d9:
39:30:7a:46:d9:66:bc:a9:46:03:c1:e3:ec:12:44:b5:8f:9c:
5f:26:e8:ea:85:10:8b:01:9c:52:50:e4:66:ac:42:85:00:f0:
5e:23:d4:4e:9a:24:0e:b9:e0:8f:53:10:b9:3f:83:bf:53:0f:
73:8c:c0:39:dd:89:b8:b6:f2:d0:a9:b5:08:59:87:5d:67:54:
df:22:56:48:71:05:eb:2c:d3:71:dc:c6:81:57:15:9e:73:b9:
60:f8:fe:63:2f:df:bf:b2:99:f0:7e:55:0c:9c:72:6c:c8:a0:
67:6b:3a:ea:66:b2:0b:8d:bc:e6:fa:f2:c1:84:cc:11:d9:77:
b5:fb:c4:53:9e:47:5c:13:b1:ec:e2:2f:c2:2e:db:6b:4b:93:
b0:50:42:b3:2a:de:96:c9:3e:a6:89:2a:c9:65:5a:1a:48:ff:
87:3b:25:8e:a7:ba:07:00:ff:85:0a:3e:23:e3:f3:32:42:9a:
59:6a:66:a1:b4:7e:f1:11:20:42:33:bd:7e:ef:77:f3:78:a6:
8d:fc:bc:19:1c:96:6a:aa:c2:1b:2f:0f:b4:cd:40:af:b2:96:
92:0d:a3:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaC8eBpQpdWQBjszpWTUB6+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YTkwNWIwYTRmMWJhMzczZDllNzg5MmQyNDU1YmM1ZWE4
YmJmODkwHhcNMjMwMjI0MTAyMjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmE5MTdjOWJiZThhNTU1Y2UyZmMxYmI5ZGNmODliODhkM2VmMTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlY8XYXswVK7HXwhDSSqWiqEUWDPF
OCaGCmPvSsJTxk+gPEIJ5K78782Ow++xvOXiL38XTqa45tn3HBVkRKbc0HelzA3d
TSZR3lCeAxMh/lItiwGXnojWFjigDXByaUVGrkg78LS56jDwcg91RM52O5pBIpts
Q+uSs9VSXJqU2UOI1BQyiTNr6wYXn4wmJmEDj+4rklUeurNC4C0/InxX4qylhN1g
dNwOz7AD7n2uZW2Zz5dsQpip4tD7g3T2jOMqGQxRNI1OrBkjY0GFX7wJreUMFphr
8gX5zWCNYjeYsaQy2fMOt+Y8BC4iDDFc1yy6bLaohKbMlyG88KYP7d634QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCupF8m76KVVzi/Bu53PibiNPvEeMB8GA1UdIwQY
MBaAFOipBbCk8bo3PZ54ktJFW8Xqi7+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNktrRnNLVHh1amM5bm5pUzBrVmJ4ZXFMdjRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9iZmIxNjgtMWIzZC00OGFlLTk4MDAt
MTc0NGU3MjU5YjE3LzEvSzZrWHlidm9wVlhPTDhHN25jLUp1STAtOFI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9iZmIxNjgtMWIzZC00OGFlLTk4MDAtMTc0NGU3MjU5YjE3
LzEvNktrRnNLVHh1amM5bm5pUzBrVmJ4ZXFMdjRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuevjMA0G
CSqGSIb3DQEBCwUAA4IBAQBWJrlDxLkQSB/M1NJw24odXOQtR4lY70OaY7/vFLCf
3jP4g9k5MHpG2Wa8qUYDwePsEkS1j5xfJujqhRCLAZxSUORmrEKFAPBeI9ROmiQO
ueCPUxC5P4O/Uw9zjMA53Ym4tvLQqbUIWYddZ1TfIlZIcQXrLNNx3MaBVxWec7lg
+P5jL9+/spnwflUMnHJsyKBnazrqZrILjbzm+vLBhMwR2Xe1+8RTnkdcE7Hs4i/C
LttrS5OwUEKzKt6WyT6miSrJZVoaSP+HOyWOp7oHAP+FCj4j4/MyQppZamahtH7x
ESBCM71+73fzeKaN/LwZHJZqqsIbLw+0zUCvspaSDaNT
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:11 2025 by rpki-client