Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/cd495f-2b83-4aae-abf7-733567ac73c4/1/Ldr1vnYWs2pKLKB7SUv-e7tQ3Zk.roa
File: Ldr1vnYWs2pKLKB7SUv-e7tQ3Zk.roa (raw, json)
Hash identifier: lDdeP8HIOwAT1jZkeqXAc8ISizm/X6MT5BV9zKVYD9M=
Subject key identifier: 2D:DA:F5:BE:76:16:B3:6A:4A:2C:A0:7B:49:4B:FE:7B:BB:50:DD:99
Certificate issuer: /CN=f221ff685f4ec803cfaef1756e9e9ca29a854e02
Certificate serial: 018CCA2A6805C65BAD894B25B4F7765FA530
Authority key identifier: F2:21:FF:68:5F:4E:C8:03:CF:AE:F1:75:6E:9E:9C:A2:9A:85:4E:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8iH_aF9OyAPPrvF1bp6copqFTgI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/cd495f-2b83-4aae-abf7-733567ac73c4/1/Ldr1vnYWs2pKLKB7SUv-e7tQ3Zk.roa
Signing time: Tue 02 Jan 2024 12:33:45 +0000
ROA not before: Tue 02 Jan 2024 12:33:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199548
IP address blocks: 185.64.77.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:68:05:c6:5b:ad:89:4b:25:b4:f7:76:5f:a5:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f221ff685f4ec803cfaef1756e9e9ca29a854e02
Validity
Not Before: Jan 2 12:33:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ddaf5be7616b36a4a2ca07b494bfe7bbb50dd99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:72:04:96:ba:47:5c:f6:ef:fb:36:25:3a:83:
99:42:c6:fd:7a:3c:d0:94:05:d4:51:9e:13:54:9c:
1a:d5:92:a2:36:74:3a:88:fc:12:f2:ac:46:69:a6:
7f:40:67:e1:ae:54:f0:20:97:63:cd:fb:0f:fc:8b:
bb:d9:f1:f0:a3:63:ff:95:46:07:59:b4:e1:83:df:
ce:cf:b8:58:f6:28:53:72:72:a4:f3:cf:43:3a:9c:
30:51:88:65:43:ab:21:08:6a:5f:d6:b7:72:b8:88:
61:7d:d6:e1:59:0f:5a:9b:77:01:9a:41:f5:d7:b1:
f3:de:cc:ee:0f:f5:7f:0a:07:fc:08:51:8f:41:a2:
1d:0a:7f:1b:15:84:0f:ce:95:76:4d:4e:86:21:c5:
ba:5c:fa:8f:9b:7b:a4:fd:c5:b6:63:d9:ae:0a:f3:
bb:7b:1b:cd:42:23:93:e9:db:c7:2e:1f:7e:1a:a9:
66:bb:41:54:3e:e1:5e:83:74:0d:ba:b4:38:67:84:
42:06:f6:c5:b0:5d:b8:65:37:b6:51:52:87:f0:8f:
9f:99:91:49:fa:63:51:9c:80:e6:c6:87:e6:61:2b:
6e:ae:78:0a:17:17:3a:32:c3:f5:57:76:e0:7c:94:
45:ea:c3:8f:76:cb:12:61:a6:31:86:5d:d9:fd:7f:
46:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:DA:F5:BE:76:16:B3:6A:4A:2C:A0:7B:49:4B:FE:7B:BB:50:DD:99
X509v3 Authority Key Identifier:
keyid:F2:21:FF:68:5F:4E:C8:03:CF:AE:F1:75:6E:9E:9C:A2:9A:85:4E:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8iH_aF9OyAPPrvF1bp6copqFTgI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/cd495f-2b83-4aae-abf7-733567ac73c4/1/Ldr1vnYWs2pKLKB7SUv-e7tQ3Zk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/cd495f-2b83-4aae-abf7-733567ac73c4/1/8iH_aF9OyAPPrvF1bp6copqFTgI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.77.0/24
Signature Algorithm: sha256WithRSAEncryption
47:7a:02:40:31:4b:09:43:c8:82:1e:d8:47:de:a0:cb:a0:37:
24:17:48:97:59:fb:a9:a9:8b:af:0c:5c:34:78:dc:c5:c9:d3:
2b:58:5b:fd:10:25:a9:dd:03:46:ac:e0:8e:7e:34:d1:eb:de:
2f:85:1c:7b:6d:42:f8:a0:6f:f8:4e:72:dd:78:6f:e7:5b:1b:
b4:61:40:0f:5e:28:2f:e6:5a:ca:7b:fe:5d:fb:2e:23:fd:5f:
a9:bc:47:92:1a:52:c3:f6:36:0e:b6:01:06:c0:96:a1:6e:24:
da:2a:bf:ba:7e:9b:ed:88:c1:83:83:97:4c:e1:c6:46:19:15:
ee:a6:fb:40:a8:3f:8e:75:b6:50:8d:17:a2:97:7b:a0:04:6b:
af:69:4d:0d:e3:3f:76:ae:bb:aa:0a:f3:b3:d2:f6:7b:ef:dc:
f6:03:cd:cf:1f:80:38:9e:d5:20:57:c3:0e:2a:ff:e0:e9:0c:
3d:af:cd:71:f7:a1:00:69:3a:ad:ab:da:74:05:66:2d:41:6c:
05:fc:90:98:34:2d:53:4b:42:87:e2:c7:23:53:4b:b5:84:12:
b0:4d:3a:c6:2e:e3:9b:92:1a:f8:7b:ad:c9:53:23:53:fc:01:
a8:19:57:70:78:5c:ae:8c:51:f4:d2:48:c3:76:c6:a5:fc:e2:
35:03:dc:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKmgFxlutiUsltPd2X6UwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyMjFmZjY4NWY0ZWM4MDNjZmFlZjE3NTZlOWU5Y2EyOWE4
NTRlMDIwHhcNMjQwMTAyMTIzMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGRhZjViZTc2MTZiMzZhNGEyY2EwN2I0OTRiZmU3YmJiNTBkZDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnIElrpHXPbv+zYlOoOZQsb9ejzQ
lAXUUZ4TVJwa1ZKiNnQ6iPwS8qxGaaZ/QGfhrlTwIJdjzfsP/Iu72fHwo2P/lUYH
WbThg9/Oz7hY9ihTcnKk889DOpwwUYhlQ6shCGpf1rdyuIhhfdbhWQ9am3cBmkH1
17Hz3szuD/V/Cgf8CFGPQaIdCn8bFYQPzpV2TU6GIcW6XPqPm3uk/cW2Y9muCvO7
exvNQiOT6dvHLh9+Gqlmu0FUPuFeg3QNurQ4Z4RCBvbFsF24ZTe2UVKH8I+fmZFJ
+mNRnIDmxofmYSturngKFxc6MsP1V3bgfJRF6sOPdssSYaYxhl3Z/X9G3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC3a9b52FrNqSiyge0lL/nu7UN2ZMB8GA1UdIwQY
MBaAFPIh/2hfTsgDz67xdW6enKKahU4CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGlIX2FGOU95QVBQcnZGMWJwNmNvcHFGVGdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jZDQ5NWYtMmI4My00YWFlLWFiZjct
NzMzNTY3YWM3M2M0LzEvTGRyMXZuWVdzMnBLTEtCN1NVdi1lN3RRM1prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jZDQ5NWYtMmI4My00YWFlLWFiZjctNzMzNTY3YWM3M2M0
LzEvOGlIX2FGOU95QVBQcnZGMWJwNmNvcHFGVGdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUBNMA0G
CSqGSIb3DQEBCwUAA4IBAQBHegJAMUsJQ8iCHthH3qDLoDckF0iXWfupqYuvDFw0
eNzFydMrWFv9ECWp3QNGrOCOfjTR694vhRx7bUL4oG/4TnLdeG/nWxu0YUAPXigv
5lrKe/5d+y4j/V+pvEeSGlLD9jYOtgEGwJahbiTaKr+6fpvtiMGDg5dM4cZGGRXu
pvtAqD+OdbZQjReil3ugBGuvaU0N4z92rruqCvOz0vZ779z2A83PH4A4ntUgV8MO
Kv/g6Qw9r81x96EAaTqtq9p0BWYtQWwF/JCYNC1TS0KH4scjU0u1hBKwTTrGLuOb
khr4e63JUyNT/AGoGVdweFyujFH00kjDdsal/OI1A9yv
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:06:33 2025 by rpki-client