Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/2S2xgLbL1Fvg8OGjjeveKrY43xY.roa
File: 2S2xgLbL1Fvg8OGjjeveKrY43xY.roa (raw, json)
Hash identifier: Qa1VrubiwKf0GSaz2grJznV9b7BfuO1MaPM6OeH6iTc=
Subject key identifier: D9:2D:B1:80:B6:CB:D4:5B:E0:F0:E1:A3:8D:EB:DE:2A:B6:38:DF:16
Certificate issuer: /CN=38a8550659bb68e770d8b0126b7261fb87d8240b
Certificate serial: 063260D6
Authority key identifier: 38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/2S2xgLbL1Fvg8OGjjeveKrY43xY.roa
Signing time: Sat 01 Jan 2022 14:05:40 +0000
ROA not before: Sat 01 Jan 2022 14:05:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206353
IP address blocks: 185.186.128.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 103964886 (0x63260d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a8550659bb68e770d8b0126b7261fb87d8240b
Validity
Not Before: Jan 1 14:05:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d92db180b6cbd45be0f0e1a38debde2ab638df16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:07:c7:0b:b3:ed:65:26:85:03:19:b0:54:2f:
e0:9f:e7:5b:d5:3f:2e:2d:84:53:bc:a8:35:ac:64:
cc:a7:da:de:f0:8d:90:af:b6:68:86:4a:1c:1c:e5:
3b:6b:d4:c2:27:a9:44:64:05:42:03:04:3b:85:a1:
0d:ca:1b:91:90:b1:d0:da:fa:43:f9:29:eb:02:83:
09:45:94:6e:0d:90:c2:ab:35:ff:11:f8:5a:1b:1b:
19:74:26:5d:a7:67:02:21:6a:54:c7:30:5f:c6:87:
92:48:7b:0e:fc:43:03:f8:a4:5d:de:e6:68:0d:7c:
02:83:ea:a4:4d:34:e9:78:19:94:69:d7:73:8d:8f:
fb:28:4e:39:fc:d2:08:c6:0d:6c:23:bd:c6:61:c7:
0f:ab:b0:52:62:c2:8f:3b:e0:ed:64:3f:73:ac:c7:
85:66:ce:ef:13:8b:ad:d8:82:19:c9:8a:93:46:79:
4b:02:52:35:bc:00:3b:02:a9:7c:39:e7:89:a9:1f:
f3:a4:c6:12:81:8e:72:2d:a0:02:71:04:8e:47:04:
d5:01:60:a8:06:d3:54:91:d9:06:d6:e3:c3:dd:48:
90:b1:40:6a:01:ad:db:85:2f:af:f2:20:1d:12:ee:
ef:62:5e:c6:cf:99:7d:01:a3:bd:6c:60:dd:70:97:
5e:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:2D:B1:80:B6:CB:D4:5B:E0:F0:E1:A3:8D:EB:DE:2A:B6:38:DF:16
X509v3 Authority Key Identifier:
keyid:38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/2S2xgLbL1Fvg8OGjjeveKrY43xY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.128.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:15:21:41:ab:e5:49:bb:4c:d1:c1:16:4d:d5:32:cf:3a:07:
aa:c0:53:4f:59:ca:f9:4c:2c:e9:44:36:ac:f6:f5:b9:00:91:
c0:e9:41:dd:5c:a6:9e:36:4e:0e:ac:13:68:0a:5f:8e:e7:fd:
d5:65:f9:c9:27:1c:fc:28:37:29:41:51:91:8c:93:6e:4c:23:
13:7a:67:17:b4:5f:1c:9f:7d:2c:c5:c5:9a:d0:c0:82:03:69:
96:f3:43:6b:11:eb:08:9f:d7:9d:10:0c:57:3c:07:f5:ec:a6:
cf:62:48:2a:cb:9d:07:33:86:47:c1:12:2d:d6:a0:a1:17:3f:
33:26:d4:c8:78:c5:03:8c:26:d7:43:6d:49:b9:0f:ae:00:f2:
27:a2:50:05:69:9d:51:db:a1:d4:e5:a4:c8:74:0a:db:33:04:
b7:60:db:a7:1b:77:e0:0d:02:e1:a0:27:1a:2e:fd:a4:ce:90:
61:86:13:c7:e2:3a:2f:20:d2:39:91:fb:14:31:e3:39:13:75:
a8:37:e4:98:d1:6c:b5:98:c5:d5:06:e5:93:00:b4:e4:31:c2:
85:66:0a:d1:21:4e:b0:4b:4d:89:74:88:f8:78:3b:75:35:04:
08:c9:c1:ed:c3:d4:41:a2:a7:9b:35:77:ec:92:cc:89:1f:f4:
09:3c:ea:51
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBjJg1jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OGE4NTUwNjU5YmI2OGU3NzBkOGIwMTI2YjcyNjFmYjg3ZDgyNDBiMB4XDTIyMDEw
MTE0MDU0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDkyZGIxODBiNmNi
ZDQ1YmUwZjBlMWEzOGRlYmRlMmFiNjM4ZGYxNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIgHxwuz7WUmhQMZsFQv4J/nW9U/Li2EU7yoNaxkzKfa3vCN
kK+2aIZKHBzlO2vUwiepRGQFQgMEO4WhDcobkZCx0Nr6Q/kp6wKDCUWUbg2Qwqs1
/xH4WhsbGXQmXadnAiFqVMcwX8aHkkh7DvxDA/ikXd7maA18AoPqpE006XgZlGnX
c42P+yhOOfzSCMYNbCO9xmHHD6uwUmLCjzvg7WQ/c6zHhWbO7xOLrdiCGcmKk0Z5
SwJSNbwAOwKpfDnniakf86TGEoGOci2gAnEEjkcE1QFgqAbTVJHZBtbjw91IkLFA
agGt24Uvr/IgHRLu72Jexs+ZfQGjvWxg3XCXXuMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTZLbGAtsvUW+Dw4aON694qtjjfFjAfBgNVHSMEGDAWgBQ4qFUGWbto53DY
sBJrcmH7h9gkCzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09LaFZCbG03YU9kdzJMQVNhM0poLTRmWUpBcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDIvN2RjZTczLWM0ZGYtNDMzMy04ZTgxLTFkNzAzYjQ5NjYzNC8x
LzJTMnhnTGJMMUZ2ZzhPR2pqZXZlS3JZNDN4WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDIv
N2RjZTczLWM0ZGYtNDMzMy04ZTgxLTFkNzAzYjQ5NjYzNC8xL09LaFZCbG03YU9k
dzJMQVNhM0poLTRmWUpBcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALm6gDANBgkqhkiG9w0BAQsFAAOC
AQEAuhUhQavlSbtM0cEWTdUyzzoHqsBTT1nK+Uws6UQ2rPb1uQCRwOlB3VymnjZO
DqwTaApfjuf91WX5yScc/Cg3KUFRkYyTbkwjE3pnF7RfHJ99LMXFmtDAggNplvND
axHrCJ/XnRAMVzwH9eymz2JIKsudBzOGR8ESLdagoRc/MybUyHjFA4wm10NtSbkP
rgDyJ6JQBWmdUduh1OWkyHQK2zMEt2Dbpxt34A0C4aAnGi79pM6QYYYTx+I6LyDS
OZH7FDHjORN1qDfkmNFstZjF1QblkwC05DHChWYK0SFOsEtNiXSI+Hg7dTUECMnB
7cPUQaKnmzV37JLMiR/0CTzqUQ==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:12:21 2025 by rpki-client