Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/AG70kLcb2n8aE-HkPNxdg7w0z2Q.roa
File: AG70kLcb2n8aE-HkPNxdg7w0z2Q.roa (raw, json)
Hash identifier: spuDxEtsFv0KzWQ5vC7i0TRBKlj6p+kMsyZEd8RS37M=
Subject key identifier: 00:6E:F4:90:B7:1B:DA:7F:1A:13:E1:E4:3C:DC:5D:83:BC:34:CF:64
Certificate issuer: /CN=4474cf3e2fa892b5fdd3f30dc8275ee1062e1d06
Certificate serial: 0186EF2D94CF091FB00C33F5CCCB79FEE719
Authority key identifier: 44:74:CF:3E:2F:A8:92:B5:FD:D3:F3:0D:C8:27:5E:E1:06:2E:1D:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RHTPPi-okrX90_MNyCde4QYuHQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/AG70kLcb2n8aE-HkPNxdg7w0z2Q.roa
Signing time: Fri 17 Mar 2023 10:46:27 +0000
ROA not before: Fri 17 Mar 2023 10:46:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399976
IP address blocks: 185.127.166.0/24 maxlen: 24
185.127.167.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ef:2d:94:cf:09:1f:b0:0c:33:f5:cc:cb:79:fe:e7:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4474cf3e2fa892b5fdd3f30dc8275ee1062e1d06
Validity
Not Before: Mar 17 10:46:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=006ef490b71bda7f1a13e1e43cdc5d83bc34cf64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:54:84:6f:a7:f7:0b:7f:73:71:5e:76:52:cb:
64:21:a1:a7:18:3f:da:fb:85:82:88:e7:20:13:ce:
81:67:e8:1c:fd:2c:e5:c6:d9:14:48:ac:ee:71:65:
33:55:33:9e:7a:0a:9e:be:ee:a9:2d:4b:3e:0a:1d:
46:0e:55:aa:b5:01:11:f1:fc:55:e7:f5:96:16:03:
e5:eb:04:94:5d:c0:61:79:3f:36:7d:45:b0:1f:a2:
70:e0:d8:31:6f:eb:0f:c6:1b:4d:43:ac:1b:b4:b2:
01:b1:f8:0d:9c:6a:b8:0d:c9:90:1e:4e:b4:1e:92:
f5:1a:79:76:03:2b:a6:08:a5:8a:74:f9:03:12:a2:
84:db:ba:7e:fb:6d:62:c5:27:5b:ea:18:42:68:1f:
97:ea:91:03:cd:45:66:10:a4:91:d7:78:7f:f7:86:
39:8f:1e:cc:1d:44:48:09:d0:59:08:e1:77:ec:d2:
41:fe:85:e7:4b:03:87:2f:bd:cb:13:df:d6:a3:ab:
99:45:8e:4e:84:8e:75:a3:37:58:e6:43:35:82:c8:
fd:49:91:e5:23:17:29:9a:75:6c:9b:5e:37:db:95:
8b:a6:ef:26:c0:1d:62:ff:7a:d0:65:cf:fc:11:42:
0d:b1:ec:95:02:78:26:06:c0:b5:d8:98:27:f4:de:
28:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:6E:F4:90:B7:1B:DA:7F:1A:13:E1:E4:3C:DC:5D:83:BC:34:CF:64
X509v3 Authority Key Identifier:
keyid:44:74:CF:3E:2F:A8:92:B5:FD:D3:F3:0D:C8:27:5E:E1:06:2E:1D:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RHTPPi-okrX90_MNyCde4QYuHQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/AG70kLcb2n8aE-HkPNxdg7w0z2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/RHTPPi-okrX90_MNyCde4QYuHQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.127.166.0/23
Signature Algorithm: sha256WithRSAEncryption
46:48:88:db:d0:9c:da:aa:3f:ce:73:3c:31:c2:f1:b5:2e:5d:
a4:23:eb:a8:3f:45:9b:79:6a:30:ff:1c:31:23:96:e2:3a:f8:
47:04:70:78:f9:81:07:10:c6:c3:f2:97:aa:97:1a:09:23:54:
56:4a:cf:cf:d4:6c:7f:05:00:a1:94:60:71:c9:55:10:21:b7:
21:9f:75:e6:73:a8:5e:07:a0:1d:84:0a:be:df:07:53:69:25:
ff:9f:84:46:86:2b:b7:cf:53:f6:9a:a3:f2:aa:0f:76:20:98:
3c:68:17:97:8c:2d:7b:3b:c1:d5:7f:70:9f:3f:6c:7f:22:90:
6e:a1:29:8c:07:dc:43:4c:33:45:e4:27:d0:ec:c7:3e:77:e2:
f9:12:ab:b7:82:8f:c4:0b:a1:5c:17:97:ed:9b:4f:f7:85:07:
db:59:3f:8f:51:5b:4f:f0:dc:f9:e8:33:af:a9:96:45:fa:55:
21:c6:fc:98:20:8a:cf:e2:41:68:01:c0:81:73:7e:9d:13:d4:
31:fa:fe:d5:82:3a:76:a2:00:51:7d:8c:b7:f3:62:0e:c9:a3:
b5:f0:17:83:3e:a0:ef:1a:fb:18:a1:a5:aa:d5:6f:b5:17:e2:
b7:2c:f4:8d:b1:57:e9:db:18:51:ed:6b:6a:ae:e4:db:90:31:
69:23:4f:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbvLZTPCR+wDDP1zMt5/ucZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NzRjZjNlMmZhODkyYjVmZGQzZjMwZGM4Mjc1ZWUxMDYy
ZTFkMDYwHhcNMjMwMzE3MTA0NjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDZlZjQ5MGI3MWJkYTdmMWExM2UxZTQzY2RjNWQ4M2JjMzRjZjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2FSEb6f3C39zcV52UstkIaGnGD/a
+4WCiOcgE86BZ+gc/SzlxtkUSKzucWUzVTOeegqevu6pLUs+Ch1GDlWqtQER8fxV
5/WWFgPl6wSUXcBheT82fUWwH6Jw4Ngxb+sPxhtNQ6wbtLIBsfgNnGq4DcmQHk60
HpL1Gnl2AyumCKWKdPkDEqKE27p++21ixSdb6hhCaB+X6pEDzUVmEKSR13h/94Y5
jx7MHURICdBZCOF37NJB/oXnSwOHL73LE9/Wo6uZRY5OhI51ozdY5kM1gsj9SZHl
IxcpmnVsm14325WLpu8mwB1i/3rQZc/8EUINseyVAngmBsC12Jgn9N4o1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFABu9JC3G9p/GhPh5DzcXYO8NM9kMB8GA1UdIwQY
MBaAFER0zz4vqJK1/dPzDcgnXuEGLh0GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkhUUFBpLW9rclg5MF9NTnlDZGU0UVl1SFFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjBiYTEtNmFlOC00YjQzLWE3MDkt
NzU0NWMwNGUxNTc4LzEvQUc3MGtMY2IybjhhRS1Ia1BOeGRnN3cwejJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjBiYTEtNmFlOC00YjQzLWE3MDktNzU0NWMwNGUxNTc4
LzEvUkhUUFBpLW9rclg5MF9NTnlDZGU0UVl1SFFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuX+mMA0G
CSqGSIb3DQEBCwUAA4IBAQBGSIjb0Jzaqj/OczwxwvG1Ll2kI+uoP0WbeWow/xwx
I5biOvhHBHB4+YEHEMbD8peqlxoJI1RWSs/P1Gx/BQChlGBxyVUQIbchn3Xmc6he
B6AdhAq+3wdTaSX/n4RGhiu3z1P2mqPyqg92IJg8aBeXjC17O8HVf3CfP2x/IpBu
oSmMB9xDTDNF5CfQ7Mc+d+L5Equ3go/EC6FcF5ftm0/3hQfbWT+PUVtP8Nz56DOv
qZZF+lUhxvyYIIrP4kFoAcCBc36dE9Qx+v7Vgjp2ogBRfYy382IOyaO18BeDPqDv
GvsYoaWq1W+1F+K3LPSNsVfp2xhR7WtqruTbkDFpI0/2
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:18:17 2025 by rpki-client