Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/aMnAwu4Z02DOVxZwI-gl6W0MdrE.roa
File: aMnAwu4Z02DOVxZwI-gl6W0MdrE.roa (raw, json)
Hash identifier: kKYIrH7MPDu5q5QQeHNiKYHJysOAoAY8snPw/8LfTn8=
Subject key identifier: 68:C9:C0:C2:EE:19:D3:60:CE:57:16:70:23:E8:25:E9:6D:0C:76:B1
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0194236A4DD1BBFB14B5B5C23E20385C663E
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/aMnAwu4Z02DOVxZwI-gl6W0MdrE.roa
Signing time: Wed 01 Jan 2025 19:49:16 +0000
ROA not before: Wed 01 Jan 2025 19:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205512
IP address blocks: 185.122.38.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:4d:d1:bb:fb:14:b5:b5:c2:3e:20:38:5c:66:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 19:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68c9c0c2ee19d360ce57167023e825e96d0c76b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:dd:f3:96:9b:c7:e4:4a:82:7a:ee:4e:5a:e1:
87:5f:f2:33:84:d9:58:ba:f5:70:f3:98:65:dd:4d:
f1:da:5c:28:04:6b:4f:16:d2:0c:6d:0a:a1:ab:61:
37:47:e3:fa:b3:72:d0:f4:89:6e:66:f8:a6:1c:14:
6b:94:06:55:ad:1f:e8:b3:64:d1:c6:7d:15:b1:6a:
23:5e:b5:51:29:f6:84:92:52:8e:cb:83:6b:a7:4a:
1c:cf:7e:d4:94:f9:5d:89:61:fd:e5:f0:7f:2d:9b:
fb:a5:4b:c5:db:9e:36:cc:41:62:79:ae:3f:e7:1c:
4e:03:dd:fb:4f:02:9f:15:c5:38:d8:85:d0:e1:e9:
ae:f3:75:17:be:d2:87:4d:45:2a:5d:48:4d:5c:df:
b4:51:87:d1:0f:67:01:be:aa:13:63:0f:13:54:be:
63:80:41:7d:a8:a1:43:77:0d:bb:13:f8:2d:39:ca:
98:06:87:75:ec:62:5c:29:3b:7c:6c:17:5b:e4:a9:
26:a6:15:09:d1:5b:2c:ce:b7:e1:67:5d:f4:0d:50:
f6:f2:03:62:ab:dd:fd:b4:fd:bd:2d:13:f3:a7:e0:
45:9f:f7:cb:f1:6a:77:ee:c4:b8:1d:77:5d:2b:51:
41:0c:c9:fa:ff:8c:cf:92:7b:0f:6b:05:42:d7:3b:
ea:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:C9:C0:C2:EE:19:D3:60:CE:57:16:70:23:E8:25:E9:6D:0C:76:B1
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/aMnAwu4Z02DOVxZwI-gl6W0MdrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.122.38.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:94:d3:76:ad:a7:f9:b8:49:c2:65:5c:26:7f:2a:95:9e:29:
c4:d1:f7:69:da:ca:7a:3e:04:5c:fa:68:ec:36:64:11:94:1e:
d4:62:7d:f3:7b:41:26:e7:7f:d9:b6:e4:a4:c7:63:c7:40:42:
95:0e:78:05:b9:c9:0d:d4:10:5f:fa:29:b2:68:f3:c1:59:a7:
22:59:c7:ae:fd:fe:db:6e:2b:96:66:60:e5:ed:d9:c2:91:45:
e8:0d:5d:44:38:61:a7:9c:7b:f4:bb:7c:99:5b:df:06:c4:db:
34:67:97:f1:68:13:a3:1d:d1:1d:14:f0:13:fb:df:e0:bd:9f:
b0:1c:1f:6a:54:ca:76:fc:7c:a8:a1:50:1d:87:15:9a:3d:52:
f5:1e:31:04:1b:59:57:1a:5b:c6:75:83:a1:a3:51:b6:30:9a:
25:32:14:25:5b:90:68:60:b0:e4:33:aa:a8:b0:37:16:4e:84:
ee:ba:63:97:3a:71:7e:d6:0b:ad:88:16:47:68:bc:46:49:4a:
90:7a:88:cf:56:3a:35:b1:69:cb:b8:d0:ab:55:16:75:eb:2e:
76:9e:83:d6:2a:b6:40:5c:07:d8:c8:58:35:81:81:4b:b3:7f:
32:e8:f6:a1:4f:e2:d1:f0:ac:11:c7:4a:50:a3:b4:f4:a4:da:
47:21:3a:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjak3Ru/sUtbXCPiA4XGY+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTAxMTk0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGM5YzBjMmVlMTlkMzYwY2U1NzE2NzAyM2U4MjVlOTZkMGM3NmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjt3zlpvH5EqCeu5OWuGHX/IzhNlY
uvVw85hl3U3x2lwoBGtPFtIMbQqhq2E3R+P6s3LQ9IluZvimHBRrlAZVrR/os2TR
xn0VsWojXrVRKfaEklKOy4Nrp0ocz37UlPldiWH95fB/LZv7pUvF2542zEFiea4/
5xxOA937TwKfFcU42IXQ4emu83UXvtKHTUUqXUhNXN+0UYfRD2cBvqoTYw8TVL5j
gEF9qKFDdw27E/gtOcqYBod17GJcKTt8bBdb5KkmphUJ0VsszrfhZ130DVD28gNi
q939tP29LRPzp+BFn/fL8Wp37sS4HXddK1FBDMn6/4zPknsPawVC1zvqQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGjJwMLuGdNgzlcWcCPoJeltDHaxMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvYU1uQXd1NFowMkRPVnhad0ktZ2w2VzBNZHJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXomMA0G
CSqGSIb3DQEBCwUAA4IBAQC9lNN2raf5uEnCZVwmfyqVninE0fdp2sp6PgRc+mjs
NmQRlB7UYn3ze0Em53/ZtuSkx2PHQEKVDngFuckN1BBf+imyaPPBWaciWceu/f7b
biuWZmDl7dnCkUXoDV1EOGGnnHv0u3yZW98GxNs0Z5fxaBOjHdEdFPAT+9/gvZ+w
HB9qVMp2/HyooVAdhxWaPVL1HjEEG1lXGlvGdYOho1G2MJolMhQlW5BoYLDkM6qo
sDcWToTuumOXOnF+1gutiBZHaLxGSUqQeojPVjo1sWnLuNCrVRZ16y52noPWKrZA
XAfYyFg1gYFLs38y6PahT+LR8KwRx0pQo7T0pNpHITpF
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:10:37 2025 by rpki-client