Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/84cd4e-142c-4268-bef6-6ec9d988a408/1/IUfWM-T8xAGUnehJbHrihlR8Ip4.roa
File: IUfWM-T8xAGUnehJbHrihlR8Ip4.roa (raw, json)
Hash identifier: +ZYqqzAxCIjpw2v4zvSgH/2R+ZjJqO0o/ztNO/Ll//g=
Subject key identifier: 21:47:D6:33:E4:FC:C4:01:94:9D:E8:49:6C:7A:E2:86:54:7C:22:9E
Certificate issuer: /CN=1698df0300aab5e2a6f1ac78e593ecc9740daadb
Certificate serial: 0194282145286B780A6E5AC294F972B23D32
Authority key identifier: 16:98:DF:03:00:AA:B5:E2:A6:F1:AC:78:E5:93:EC:C9:74:0D:AA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FpjfAwCqteKm8ax45ZPsyXQNqts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/84cd4e-142c-4268-bef6-6ec9d988a408/1/IUfWM-T8xAGUnehJbHrihlR8Ip4.roa
Signing time: Thu 02 Jan 2025 17:47:36 +0000
ROA not before: Thu 02 Jan 2025 17:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202509
IP address blocks: 185.220.76.0/22 maxlen: 22
2a0b:f240::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:21:45:28:6b:78:0a:6e:5a:c2:94:f9:72:b2:3d:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1698df0300aab5e2a6f1ac78e593ecc9740daadb
Validity
Not Before: Jan 2 17:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2147d633e4fcc401949de8496c7ae286547c229e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:f2:1a:02:b2:1a:55:df:f0:4a:b6:ba:27:ba:
b6:e0:e7:ee:12:8b:4d:16:97:31:2e:47:5a:43:2f:
27:7c:ee:8f:99:4f:e5:cb:fa:50:d3:45:aa:f0:54:
e5:b1:74:2c:e1:55:8e:f9:6f:aa:56:a2:79:65:46:
77:1e:b7:45:c4:03:6a:92:d3:ec:50:6c:4e:57:74:
7b:ac:a7:4d:7f:e7:76:a5:ec:8e:7c:15:ed:97:f2:
c0:e1:9a:9e:49:4a:f3:37:ba:af:19:bd:36:f7:d0:
f1:bf:43:b5:f2:74:bd:00:12:9a:8d:0f:3d:85:cc:
a3:2a:ad:02:ed:b5:ac:3e:9e:8b:14:19:9b:60:e0:
10:ab:c5:93:6f:d6:da:07:45:ad:dd:26:b8:1a:5d:
b4:c6:31:80:94:3b:aa:ee:2f:dc:5d:a4:8f:d7:77:
28:85:d1:c0:ff:92:36:e0:43:5b:e0:72:23:06:69:
66:8d:63:ee:e5:b1:77:59:f0:18:0f:ad:cd:f9:75:
bb:24:cf:f7:40:b7:1b:82:c3:89:14:52:77:d8:ee:
f1:17:a2:d5:7e:52:96:a3:81:1a:50:be:0f:57:73:
51:df:56:eb:c1:c5:20:0a:28:54:37:0a:04:be:e6:
8c:a3:82:35:cb:9b:b7:52:8b:78:93:02:04:27:f5:
eb:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:47:D6:33:E4:FC:C4:01:94:9D:E8:49:6C:7A:E2:86:54:7C:22:9E
X509v3 Authority Key Identifier:
keyid:16:98:DF:03:00:AA:B5:E2:A6:F1:AC:78:E5:93:EC:C9:74:0D:AA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FpjfAwCqteKm8ax45ZPsyXQNqts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/84cd4e-142c-4268-bef6-6ec9d988a408/1/IUfWM-T8xAGUnehJbHrihlR8Ip4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/84cd4e-142c-4268-bef6-6ec9d988a408/1/FpjfAwCqteKm8ax45ZPsyXQNqts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.76.0/22
IPv6:
2a0b:f240::/29
Signature Algorithm: sha256WithRSAEncryption
0a:3c:3f:c8:35:3e:30:f7:94:59:38:cc:68:fa:86:7f:ed:79:
c5:72:77:18:a4:96:fa:f0:53:4f:fe:ea:29:08:fa:58:a0:4c:
ee:f3:6d:18:2f:8d:2a:5b:f4:dd:e3:da:54:42:6a:b0:9a:50:
7d:0d:a1:8e:c0:34:01:95:82:b7:03:b1:88:3a:45:a8:d3:08:
c6:96:a0:b9:36:df:8a:89:b3:6e:7b:a6:f3:13:98:e0:53:4e:
21:e4:77:86:50:77:6e:01:34:c8:e5:1f:3e:f5:fc:d4:c8:38:
84:48:de:82:a1:75:1c:fd:81:03:65:42:4b:83:39:cd:f5:b9:
1e:e9:2c:64:06:e1:f7:62:e3:c0:87:d8:37:ec:88:cc:84:a1:
1a:27:c6:df:37:0c:db:88:c3:52:5c:9f:f7:66:d9:62:61:a9:
0d:60:53:06:36:ec:0c:ce:3a:07:a5:d1:63:80:1f:44:21:66:
8c:71:f8:4c:6b:25:4d:06:62:08:4b:4f:4a:ea:70:74:4c:f0:
c5:1e:a8:03:89:ec:30:e1:68:bc:3f:7b:28:e0:0e:49:65:cc:
3a:22:1e:3c:01:b7:45:96:7c:15:a0:02:12:1a:00:19:62:0c:
00:fa:c1:b9:2b:f9:49:f8:73:bf:fe:3b:da:93:84:2b:82:88:
b7:09:00:2b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQoIUUoa3gKblrClPlysj0yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2OThkZjAzMDBhYWI1ZTJhNmYxYWM3OGU1OTNlY2M5NzQw
ZGFhZGIwHhcNMjUwMTAyMTc0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTQ3ZDYzM2U0ZmNjNDAxOTQ5ZGU4NDk2YzdhZTI4NjU0N2MyMjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4vIaArIaVd/wSra6J7q24OfuEotN
FpcxLkdaQy8nfO6PmU/ly/pQ00Wq8FTlsXQs4VWO+W+qVqJ5ZUZ3HrdFxANqktPs
UGxOV3R7rKdNf+d2peyOfBXtl/LA4ZqeSUrzN7qvGb0299Dxv0O18nS9ABKajQ89
hcyjKq0C7bWsPp6LFBmbYOAQq8WTb9baB0Wt3Sa4Gl20xjGAlDuq7i/cXaSP13co
hdHA/5I24ENb4HIjBmlmjWPu5bF3WfAYD63N+XW7JM/3QLcbgsOJFFJ32O7xF6LV
flKWo4EaUL4PV3NR31brwcUgCihUNwoEvuaMo4I1y5u3Uot4kwIEJ/XrpQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCFH1jPk/MQBlJ3oSWx64oZUfCKeMB8GA1UdIwQY
MBaAFBaY3wMAqrXipvGseOWT7Ml0DarbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnBqZkF3Q3F0ZUttOGF4NDVaUHN5WFFOcXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi84NGNkNGUtMTQyYy00MjY4LWJlZjYt
NmVjOWQ5ODhhNDA4LzEvSVVmV00tVDh4QUdVbmVoSmJIcmlobFI4SXA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi84NGNkNGUtMTQyYy00MjY4LWJlZjYtNmVjOWQ5ODhhNDA4
LzEvRnBqZkF3Q3F0ZUttOGF4NDVaUHN5WFFOcXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudxMMA0E
AgACMAcDBQMqC/JAMA0GCSqGSIb3DQEBCwUAA4IBAQAKPD/INT4w95RZOMxo+oZ/
7XnFcncYpJb68FNP/uopCPpYoEzu820YL40qW/Td49pUQmqwmlB9DaGOwDQBlYK3
A7GIOkWo0wjGlqC5Nt+KibNue6bzE5jgU04h5HeGUHduATTI5R8+9fzUyDiESN6C
oXUc/YEDZUJLgznN9bke6SxkBuH3YuPAh9g37IjMhKEaJ8bfNwzbiMNSXJ/3Ztli
YakNYFMGNuwMzjoHpdFjgB9EIWaMcfhMayVNBmIIS09K6nB0TPDFHqgDieww4Wi8
P3so4A5JZcw6Ih48AbdFlnwVoAISGgAZYgwA+sG5K/lJ+HO//jvak4Qrgoi3CQAr
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:32:16 2025 by rpki-client