Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/e4b756-3622-4d61-845c-7de2b81df2a7/1/Ih20YD2zlfOYHEjPJjrZDihPmgQ.roa
File: Ih20YD2zlfOYHEjPJjrZDihPmgQ.roa (raw, json)
Hash identifier: rv3i3OzAHr+tUPf1nFQ25Ix+T5QCTykOVbdU/UbAmrQ=
Subject key identifier: 22:1D:B4:60:3D:B3:95:F3:98:1C:48:CF:26:3A:D9:0E:28:4F:9A:04
Certificate issuer: /CN=b261c4da663e34ac890dfdf537f0e7e912f3ffcc
Certificate serial: 01856FA6F10D382BAE7035543F6E15B83405
Authority key identifier: B2:61:C4:DA:66:3E:34:AC:89:0D:FD:F5:37:F0:E7:E9:12:F3:FF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/smHE2mY-NKyJDf31N_Dn6RLz_8w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/e4b756-3622-4d61-845c-7de2b81df2a7/1/Ih20YD2zlfOYHEjPJjrZDihPmgQ.roa
Signing time: Sun 01 Jan 2023 23:24:49 +0000
ROA not before: Sun 01 Jan 2023 23:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203450
IP address blocks: 185.134.160.0/22 maxlen: 32
2a06:ed40::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a6:f1:0d:38:2b:ae:70:35:54:3f:6e:15:b8:34:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b261c4da663e34ac890dfdf537f0e7e912f3ffcc
Validity
Not Before: Jan 1 23:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=221db4603db395f3981c48cf263ad90e284f9a04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:6f:8a:a7:d1:58:e8:70:de:49:8a:a1:d1:15:
7c:c6:d2:76:de:71:e2:10:5a:ed:49:c1:c7:98:0e:
11:4c:f1:ce:05:9f:31:1e:7b:24:df:69:66:04:32:
bd:ee:c0:6c:e5:cf:8d:c8:d0:7d:c6:13:b9:cb:07:
6d:57:ac:92:8e:44:b6:fa:db:2d:7f:15:53:87:0a:
fe:09:5f:a5:5d:5b:2a:66:f1:c6:bb:a4:fd:42:10:
55:d7:12:6f:4d:46:bf:d8:57:a0:47:a9:27:70:91:
92:ef:8a:1d:cc:81:28:86:38:cf:3b:70:3a:f3:b0:
8b:25:8b:73:0e:5f:02:03:5d:f0:2d:e8:8f:48:be:
86:c6:95:33:a3:7a:a4:fa:c0:90:56:70:ef:c2:56:
bd:84:3a:30:c6:de:52:f8:fe:2f:d8:e7:5e:70:42:
7a:07:ba:cc:b1:b0:83:92:99:92:d6:55:bf:c9:87:
1e:98:8c:d2:d1:70:60:d7:1a:b6:87:bc:03:0a:66:
ba:07:fb:06:f2:1c:b0:d6:89:20:b8:aa:96:67:74:
c2:b7:88:8b:8e:f6:9d:ee:03:2b:32:e3:1c:6d:62:
ff:54:d7:34:db:05:45:0a:45:9c:7c:55:e2:2b:54:
0a:fd:2e:71:b7:39:5d:42:9e:ac:b7:ff:c7:21:26:
bb:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:1D:B4:60:3D:B3:95:F3:98:1C:48:CF:26:3A:D9:0E:28:4F:9A:04
X509v3 Authority Key Identifier:
keyid:B2:61:C4:DA:66:3E:34:AC:89:0D:FD:F5:37:F0:E7:E9:12:F3:FF:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/smHE2mY-NKyJDf31N_Dn6RLz_8w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/e4b756-3622-4d61-845c-7de2b81df2a7/1/Ih20YD2zlfOYHEjPJjrZDihPmgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/e4b756-3622-4d61-845c-7de2b81df2a7/1/smHE2mY-NKyJDf31N_Dn6RLz_8w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.134.160.0/22
IPv6:
2a06:ed40::/29
Signature Algorithm: sha256WithRSAEncryption
96:b4:65:00:95:34:00:1d:b5:66:20:29:b3:93:48:95:07:ec:
cc:f5:15:eb:59:c0:e3:6b:b3:a6:9d:3d:21:24:de:1b:c9:bb:
8b:89:eb:f5:20:9b:da:c6:e7:86:5c:81:0f:c1:dc:c3:97:95:
5a:82:0b:38:30:67:7c:06:44:ae:96:d3:aa:2a:08:4e:9a:90:
d3:3d:2c:4d:cc:73:6a:da:77:b7:6c:fc:69:87:12:15:41:cb:
a2:62:0e:22:e9:69:89:02:73:7e:97:68:36:36:a5:15:93:f4:
29:96:0a:f8:e9:e3:7d:86:e6:08:09:32:c3:f7:d0:19:c1:e7:
20:ac:4c:e8:c4:c1:60:e1:e8:64:c5:85:08:66:93:b9:46:d1:
4e:b0:db:6f:21:d8:49:1f:4a:d2:c2:2a:d9:b2:a1:eb:d6:bb:
b1:74:68:2c:4b:1b:58:97:9a:f8:81:88:76:9f:0d:25:59:e6:
f7:9b:8f:92:17:7e:63:07:e2:70:a0:b6:f1:ab:8c:1d:d7:cc:
6a:50:20:78:ee:31:ce:be:ec:75:22:4e:a0:5d:a2:9f:7f:b0:
25:48:dc:57:94:27:c3:fd:1f:02:ac:be:12:e8:d1:f9:33:7e:
f3:03:30:12:1f:f8:fb:7d:d3:5e:90:17:aa:80:c9:d9:01:9a:
51:90:0a:50
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvpvENOCuucDVUP24VuDQFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNjFjNGRhNjYzZTM0YWM4OTBkZmRmNTM3ZjBlN2U5MTJm
M2ZmY2MwHhcNMjMwMTAxMjMyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjFkYjQ2MDNkYjM5NWYzOTgxYzQ4Y2YyNjNhZDkwZTI4NGY5YTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiW+Kp9FY6HDeSYqh0RV8xtJ23nHi
EFrtScHHmA4RTPHOBZ8xHnsk32lmBDK97sBs5c+NyNB9xhO5ywdtV6ySjkS2+tst
fxVThwr+CV+lXVsqZvHGu6T9QhBV1xJvTUa/2FegR6kncJGS74odzIEohjjPO3A6
87CLJYtzDl8CA13wLeiPSL6GxpUzo3qk+sCQVnDvwla9hDowxt5S+P4v2OdecEJ6
B7rMsbCDkpmS1lW/yYcemIzS0XBg1xq2h7wDCma6B/sG8hyw1okguKqWZ3TCt4iL
jvad7gMrMuMcbWL/VNc02wVFCkWcfFXiK1QK/S5xtzldQp6st//HISa7KQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCIdtGA9s5XzmBxIzyY62Q4oT5oEMB8GA1UdIwQY
MBaAFLJhxNpmPjSsiQ399Tfw5+kS8//MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc21IRTJtWS1OS3lKRGYzMU5fRG42Ukx6Xzh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9lNGI3NTYtMzYyMi00ZDYxLTg0NWMt
N2RlMmI4MWRmMmE3LzEvSWgyMFlEMnpsZk9ZSEVqUEpqclpEaWhQbWdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9lNGI3NTYtMzYyMi00ZDYxLTg0NWMtN2RlMmI4MWRmMmE3
LzEvc21IRTJtWS1OS3lKRGYzMU5fRG42Ukx6Xzh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYagMA0E
AgACMAcDBQMqBu1AMA0GCSqGSIb3DQEBCwUAA4IBAQCWtGUAlTQAHbVmICmzk0iV
B+zM9RXrWcDja7OmnT0hJN4bybuLiev1IJvaxueGXIEPwdzDl5Vaggs4MGd8BkSu
ltOqKghOmpDTPSxNzHNq2ne3bPxphxIVQcuiYg4i6WmJAnN+l2g2NqUVk/Qplgr4
6eN9huYICTLD99AZwecgrEzoxMFg4ehkxYUIZpO5RtFOsNtvIdhJH0rSwirZsqHr
1ruxdGgsSxtYl5r4gYh2nw0lWeb3m4+SF35jB+JwoLbxq4wd18xqUCB47jHOvux1
Ik6gXaKff7AlSNxXlCfD/R8CrL4S6NH5M37zAzASH/j7fdNekBeqgMnZAZpRkApQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:27 2025 by rpki-client