Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/GE9tZA70mJ5nkdZekD2gOGXOkic.roa
File: GE9tZA70mJ5nkdZekD2gOGXOkic.roa (raw, json)
Hash identifier: mTmJJo93WHeOyhcKCMTh5r8TzgT3MrrzuJWnmysIDd0=
Subject key identifier: 18:4F:6D:64:0E:F4:98:9E:67:91:D6:5E:90:3D:A0:38:65:CE:92:27
Certificate issuer: /CN=4474cf3e2fa892b5fdd3f30dc8275ee1062e1d06
Certificate serial: 0186C3439C64BA1F6D1F60A7A8BD41E1FDBD
Authority key identifier: 44:74:CF:3E:2F:A8:92:B5:FD:D3:F3:0D:C8:27:5E:E1:06:2E:1D:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RHTPPi-okrX90_MNyCde4QYuHQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/GE9tZA70mJ5nkdZekD2gOGXOkic.roa
Signing time: Wed 08 Mar 2023 22:07:13 +0000
ROA not before: Wed 08 Mar 2023 22:07:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399976
IP address blocks: 185.127.166.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c3:43:9c:64:ba:1f:6d:1f:60:a7:a8:bd:41:e1:fd:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4474cf3e2fa892b5fdd3f30dc8275ee1062e1d06
Validity
Not Before: Mar 8 22:07:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=184f6d640ef4989e6791d65e903da03865ce9227
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d5:dc:e8:b3:bc:5e:7d:fe:ec:81:d3:7a:f2:
10:56:e2:dd:92:57:40:7a:28:a6:0d:05:da:04:2e:
65:b1:7a:9a:d8:ab:19:54:69:99:cc:57:b1:64:ac:
aa:d6:54:3c:fb:f6:ee:7c:21:df:42:61:74:c7:02:
2c:42:f0:27:e3:ca:ca:fd:ee:3f:43:ad:5b:a1:f6:
b4:87:98:fb:64:a8:52:0c:5b:ec:43:79:f0:79:6c:
b9:30:00:9e:a6:8e:41:6c:53:79:77:1c:c2:dd:0a:
85:8a:de:91:b1:f2:3b:ff:83:30:46:e1:fa:f4:97:
0f:79:fb:1d:40:e5:08:5e:30:e1:43:f2:c5:69:4f:
bf:ee:e9:bc:03:dc:91:b1:6d:f9:b8:36:e2:a4:1d:
94:3f:47:3b:e0:56:b0:22:a9:ac:27:01:52:75:c1:
ba:17:27:2f:85:5b:13:3d:6d:00:04:14:1f:0c:d0:
17:54:f5:0d:66:01:af:f3:d2:d2:da:cd:cc:a5:38:
bb:00:d8:bb:e4:f0:25:76:a0:f3:4d:3e:8e:45:55:
b0:45:95:70:a5:16:2b:c7:b4:3d:b6:71:ee:c1:37:
df:0f:ba:b2:f1:ae:19:8e:29:6e:f6:39:79:56:6a:
88:c0:c7:e4:82:c2:cd:0b:a3:82:69:38:9e:76:28:
c2:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:4F:6D:64:0E:F4:98:9E:67:91:D6:5E:90:3D:A0:38:65:CE:92:27
X509v3 Authority Key Identifier:
keyid:44:74:CF:3E:2F:A8:92:B5:FD:D3:F3:0D:C8:27:5E:E1:06:2E:1D:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RHTPPi-okrX90_MNyCde4QYuHQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/GE9tZA70mJ5nkdZekD2gOGXOkic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/RHTPPi-okrX90_MNyCde4QYuHQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.127.166.0/23
Signature Algorithm: sha256WithRSAEncryption
c5:a7:c2:c9:c0:7d:94:28:97:50:16:5d:5d:ed:74:d2:79:44:
29:35:b2:30:0e:b0:28:6c:13:ef:bc:a7:46:75:e0:4c:59:30:
a7:d7:8d:ef:0a:5d:3f:c6:af:f6:f8:40:96:c4:d4:d0:9d:99:
0d:d2:23:0f:14:20:c5:24:4b:ae:d5:62:f3:2b:f9:19:e6:35:
28:73:5e:db:b3:c7:31:ee:35:29:ee:ce:d8:5d:8a:55:ea:ec:
a9:e2:1a:46:62:fd:b1:2d:79:3c:f7:0f:b2:28:62:1b:59:36:
f1:43:bd:06:8f:e0:95:4d:90:86:ee:19:48:c7:b6:08:ae:36:
d4:b5:b1:f8:19:7c:0e:f8:53:21:42:6a:3a:b1:be:ea:e4:6a:
99:ef:11:cd:32:56:7e:3f:de:b1:c0:39:75:2d:b2:e3:6e:15:
51:9e:00:f1:48:3a:44:42:8c:37:ae:cc:49:2f:1a:17:9a:46:
dc:72:2f:9c:0a:14:ba:e3:01:5c:38:df:e7:bb:cf:3b:99:4c:
87:dc:20:09:b2:a3:df:a5:82:19:ed:51:3c:ec:57:7b:e6:ba:
5a:82:b8:3d:ff:43:e6:67:67:ce:1a:c5:52:5f:d9:c3:16:24:
5c:82:b5:b5:2b:e8:9d:8b:ef:cb:91:c0:1b:bd:fc:2f:a3:b0:
aa:c5:af:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbDQ5xkuh9tH2CnqL1B4f29MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NzRjZjNlMmZhODkyYjVmZGQzZjMwZGM4Mjc1ZWUxMDYy
ZTFkMDYwHhcNMjMwMzA4MjIwNzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODRmNmQ2NDBlZjQ5ODllNjc5MWQ2NWU5MDNkYTAzODY1Y2U5MjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutXc6LO8Xn3+7IHTevIQVuLdkldA
eiimDQXaBC5lsXqa2KsZVGmZzFexZKyq1lQ8+/bufCHfQmF0xwIsQvAn48rK/e4/
Q61bofa0h5j7ZKhSDFvsQ3nweWy5MACepo5BbFN5dxzC3QqFit6RsfI7/4MwRuH6
9JcPefsdQOUIXjDhQ/LFaU+/7um8A9yRsW35uDbipB2UP0c74FawIqmsJwFSdcG6
FycvhVsTPW0ABBQfDNAXVPUNZgGv89LS2s3MpTi7ANi75PAldqDzTT6ORVWwRZVw
pRYrx7Q9tnHuwTffD7qy8a4Zjilu9jl5VmqIwMfkgsLNC6OCaTiedijCJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBhPbWQO9JieZ5HWXpA9oDhlzpInMB8GA1UdIwQY
MBaAFER0zz4vqJK1/dPzDcgnXuEGLh0GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkhUUFBpLW9rclg5MF9NTnlDZGU0UVl1SFFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjBiYTEtNmFlOC00YjQzLWE3MDkt
NzU0NWMwNGUxNTc4LzEvR0U5dFpBNzBtSjVua2RaZWtEMmdPR1hPa2ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjBiYTEtNmFlOC00YjQzLWE3MDktNzU0NWMwNGUxNTc4
LzEvUkhUUFBpLW9rclg5MF9NTnlDZGU0UVl1SFFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuX+mMA0G
CSqGSIb3DQEBCwUAA4IBAQDFp8LJwH2UKJdQFl1d7XTSeUQpNbIwDrAobBPvvKdG
deBMWTCn143vCl0/xq/2+ECWxNTQnZkN0iMPFCDFJEuu1WLzK/kZ5jUoc17bs8cx
7jUp7s7YXYpV6uyp4hpGYv2xLXk89w+yKGIbWTbxQ70Gj+CVTZCG7hlIx7YIrjbU
tbH4GXwO+FMhQmo6sb7q5GqZ7xHNMlZ+P96xwDl1LbLjbhVRngDxSDpEQow3rsxJ
LxoXmkbcci+cChS64wFcON/nu887mUyH3CAJsqPfpYIZ7VE87Fd75rpagrg9/0Pm
Z2fOGsVSX9nDFiRcgrW1K+idi+/LkcAbvfwvo7Cqxa82
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:08:03 2025 by rpki-client