Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/cd495f-2b83-4aae-abf7-733567ac73c4/1/DOK3poLou59UpMc35R5JkdESs3k.roa
File: DOK3poLou59UpMc35R5JkdESs3k.roa (raw, json)
Hash identifier: Ny05gs18xdZ/qUkLhgL3+MmGHHUJJIg5QvT4v956noc=
Subject key identifier: 0C:E2:B7:A6:82:E8:BB:9F:54:A4:C7:37:E5:1E:49:91:D1:12:B3:79
Certificate issuer: /CN=f221ff685f4ec803cfaef1756e9e9ca29a854e02
Certificate serial: 018CCA2A6832075076C1F418E28E16923C0D
Authority key identifier: F2:21:FF:68:5F:4E:C8:03:CF:AE:F1:75:6E:9E:9C:A2:9A:85:4E:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8iH_aF9OyAPPrvF1bp6copqFTgI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/cd495f-2b83-4aae-abf7-733567ac73c4/1/DOK3poLou59UpMc35R5JkdESs3k.roa
Signing time: Tue 02 Jan 2024 12:33:46 +0000
ROA not before: Tue 02 Jan 2024 12:33:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202766
IP address blocks: 185.64.77.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:68:32:07:50:76:c1:f4:18:e2:8e:16:92:3c:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f221ff685f4ec803cfaef1756e9e9ca29a854e02
Validity
Not Before: Jan 2 12:33:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ce2b7a682e8bb9f54a4c737e51e4991d112b379
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9f:16:59:3a:3b:46:f6:cd:57:26:a5:ef:e6:
36:10:d9:e1:f8:ed:47:9a:cf:14:4f:6e:ae:cc:08:
1e:b9:cc:09:e1:9f:35:7b:84:5d:d5:43:7d:8a:99:
f6:7c:82:11:a4:a3:6e:45:6a:36:4b:c6:f7:00:c9:
60:9b:3d:ee:b8:2d:35:7b:c0:dc:25:52:cd:fb:aa:
fe:56:b2:9d:d5:5f:90:a2:51:c4:a6:a0:1d:f9:fc:
df:bb:96:7e:92:d7:57:90:cf:a3:b1:76:69:ff:35:
45:bf:dd:2b:83:9b:80:a1:ea:ef:d4:13:17:69:d3:
70:83:41:d8:f2:cf:c5:c9:23:71:2b:16:1a:6a:56:
1b:4f:de:7d:ba:94:b9:e8:43:3a:ed:33:18:12:e9:
ce:a9:7a:33:6b:ad:28:32:99:db:0a:22:d7:71:ff:
48:8f:05:20:7e:7d:45:79:b3:10:62:f5:18:7d:99:
7c:4f:0b:49:a2:78:7c:7f:31:62:16:45:6c:c4:b4:
ef:36:78:b1:1e:18:0a:24:bc:31:79:26:d7:90:7a:
0a:21:c6:b6:01:fd:a7:2a:0a:71:ee:d0:78:89:0e:
8f:33:87:8d:ac:27:32:a7:a2:77:63:ea:e4:14:6f:
6b:33:23:09:eb:9c:10:b6:30:98:c5:bd:6b:d0:60:
fe:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:E2:B7:A6:82:E8:BB:9F:54:A4:C7:37:E5:1E:49:91:D1:12:B3:79
X509v3 Authority Key Identifier:
keyid:F2:21:FF:68:5F:4E:C8:03:CF:AE:F1:75:6E:9E:9C:A2:9A:85:4E:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8iH_aF9OyAPPrvF1bp6copqFTgI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/cd495f-2b83-4aae-abf7-733567ac73c4/1/DOK3poLou59UpMc35R5JkdESs3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/cd495f-2b83-4aae-abf7-733567ac73c4/1/8iH_aF9OyAPPrvF1bp6copqFTgI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.77.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:b3:f4:c1:70:12:ac:e8:11:e5:b8:00:f0:82:2b:7e:92:6f:
2d:c9:64:f2:f3:3b:f1:54:12:ef:c0:d1:05:87:63:f4:50:cd:
f5:7e:d6:ed:b7:69:9b:df:53:45:78:e0:b3:3a:17:f8:c3:a2:
2a:1e:89:86:0b:18:e7:5d:a2:69:88:ef:f1:40:fa:c3:b8:06:
60:03:ca:17:57:fb:55:a5:d0:e4:e8:55:5c:42:72:c8:50:c5:
38:ff:c6:ca:f1:a9:1d:7b:70:05:6c:17:c4:ee:3c:7e:2d:6f:
77:ec:85:fe:28:2d:8f:1e:49:6c:9b:13:08:8d:be:f4:a7:1b:
54:a0:1b:89:79:6d:0c:eb:12:c3:4a:f6:78:c9:78:a3:e5:41:
8e:03:ab:03:98:c1:08:64:e7:a2:3b:f8:e3:18:60:94:7d:9d:
91:42:3f:b3:af:00:9d:51:26:c2:d9:93:91:08:5b:32:3b:4e:
37:26:95:a4:95:8d:34:4e:58:1d:72:d8:09:48:8e:d9:58:db:
c5:dd:bf:b1:a5:51:c3:58:d4:c4:fc:7a:f4:c9:9e:84:a8:63:
91:a9:24:2b:b3:20:12:14:7c:5b:2c:7a:94:c8:c7:82:2b:ca:
69:23:5b:b1:27:26:d8:7f:2d:82:f8:21:d9:f1:f4:d3:da:95:
b7:92:1d:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKmgyB1B2wfQY4o4WkjwNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyMjFmZjY4NWY0ZWM4MDNjZmFlZjE3NTZlOWU5Y2EyOWE4
NTRlMDIwHhcNMjQwMTAyMTIzMzQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2UyYjdhNjgyZThiYjlmNTRhNGM3MzdlNTFlNDk5MWQxMTJiMzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJ8WWTo7RvbNVyal7+Y2ENnh+O1H
ms8UT26uzAgeucwJ4Z81e4Rd1UN9ipn2fIIRpKNuRWo2S8b3AMlgmz3uuC01e8Dc
JVLN+6r+VrKd1V+QolHEpqAd+fzfu5Z+ktdXkM+jsXZp/zVFv90rg5uAoerv1BMX
adNwg0HY8s/FySNxKxYaalYbT959upS56EM67TMYEunOqXoza60oMpnbCiLXcf9I
jwUgfn1FebMQYvUYfZl8TwtJonh8fzFiFkVsxLTvNnixHhgKJLwxeSbXkHoKIca2
Af2nKgpx7tB4iQ6PM4eNrCcyp6J3Y+rkFG9rMyMJ65wQtjCYxb1r0GD+/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAzit6aC6LufVKTHN+UeSZHRErN5MB8GA1UdIwQY
MBaAFPIh/2hfTsgDz67xdW6enKKahU4CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGlIX2FGOU95QVBQcnZGMWJwNmNvcHFGVGdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jZDQ5NWYtMmI4My00YWFlLWFiZjct
NzMzNTY3YWM3M2M0LzEvRE9LM3BvTG91NTlVcE1jMzVSNUprZEVTczNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jZDQ5NWYtMmI4My00YWFlLWFiZjctNzMzNTY3YWM3M2M0
LzEvOGlIX2FGOU95QVBQcnZGMWJwNmNvcHFGVGdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUBNMA0G
CSqGSIb3DQEBCwUAA4IBAQBus/TBcBKs6BHluADwgit+km8tyWTy8zvxVBLvwNEF
h2P0UM31ftbtt2mb31NFeOCzOhf4w6IqHomGCxjnXaJpiO/xQPrDuAZgA8oXV/tV
pdDk6FVcQnLIUMU4/8bK8akde3AFbBfE7jx+LW937IX+KC2PHklsmxMIjb70pxtU
oBuJeW0M6xLDSvZ4yXij5UGOA6sDmMEIZOeiO/jjGGCUfZ2RQj+zrwCdUSbC2ZOR
CFsyO043JpWklY00TlgdctgJSI7ZWNvF3b+xpVHDWNTE/Hr0yZ6EqGORqSQrsyAS
FHxbLHqUyMeCK8ppI1uxJybYfy2C+CHZ8fTT2pW3kh3x
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:05:09 2025 by rpki-client