Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/d994dd-de52-4612-b0fe-14987243ac56/1/RV8paaJ3goMy9MfTaatO8nD3vp0.roa
File: RV8paaJ3goMy9MfTaatO8nD3vp0.roa (raw, json)
Hash identifier: e4c5enruS1aSsE+Y/GCFoVHc8KGnXiS/8gSNbBU+Ybc=
Subject key identifier: 45:5F:29:69:A2:77:82:83:32:F4:C7:D3:69:AB:4E:F2:70:F7:BE:9D
Certificate issuer: /CN=4d21cb9b2f8c5de9daa30889d9e2394537ba3e38
Certificate serial: 019420D6606456CF7FD1FE7F129D344D324D
Authority key identifier: 4D:21:CB:9B:2F:8C:5D:E9:DA:A3:08:89:D9:E2:39:45:37:BA:3E:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TSHLmy-MXenaowiJ2eI5RTe6Pjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/d994dd-de52-4612-b0fe-14987243ac56/1/RV8paaJ3goMy9MfTaatO8nD3vp0.roa
Signing time: Wed 01 Jan 2025 07:48:27 +0000
ROA not before: Wed 01 Jan 2025 07:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57119
IP address blocks: 185.175.148.0/22 maxlen: 22
2a0b:fd00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:60:64:56:cf:7f:d1:fe:7f:12:9d:34:4d:32:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d21cb9b2f8c5de9daa30889d9e2394537ba3e38
Validity
Not Before: Jan 1 07:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=455f2969a277828332f4c7d369ab4ef270f7be9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c5:41:c0:97:3a:95:5b:a7:72:5e:8b:1c:b4:
80:50:57:49:f1:6f:8b:a9:c9:3e:98:32:39:73:83:
b2:65:35:fc:35:7d:4f:68:17:63:56:9b:26:18:4a:
e9:65:5e:25:d5:4a:ae:59:5d:4e:3e:c4:ec:31:6c:
8a:a7:c9:6c:6e:21:34:24:2b:b3:d1:ea:b8:8e:10:
df:49:82:98:59:16:82:e2:53:9e:77:ba:ad:c3:0e:
80:53:b0:ef:ff:aa:11:c6:ea:fd:16:89:21:6b:66:
62:18:b5:ca:e0:26:64:f7:dd:48:72:af:2b:7d:56:
e0:d8:bd:8a:eb:aa:a5:3b:78:62:a7:d5:cf:88:fd:
dd:ae:e0:e8:75:69:b5:45:9a:13:ae:b7:dc:16:35:
0d:7c:3c:e8:99:16:80:c5:25:22:95:ba:c4:55:22:
a3:01:99:6c:96:83:8a:43:3d:f9:e9:36:41:3d:9f:
e7:23:fa:8e:77:e7:3b:2b:72:98:1e:6c:9d:38:c2:
ec:96:1e:0e:31:06:3d:4d:57:79:3b:fb:fc:59:ef:
3c:24:92:68:d1:6e:cd:c3:44:9c:09:c1:0e:2d:19:
f7:5a:65:85:f2:5f:75:6c:5a:ba:a2:a4:f3:db:7a:
ba:15:95:ec:8b:66:fe:ed:fd:a8:6e:9d:00:e9:ef:
29:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:5F:29:69:A2:77:82:83:32:F4:C7:D3:69:AB:4E:F2:70:F7:BE:9D
X509v3 Authority Key Identifier:
keyid:4D:21:CB:9B:2F:8C:5D:E9:DA:A3:08:89:D9:E2:39:45:37:BA:3E:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TSHLmy-MXenaowiJ2eI5RTe6Pjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/d994dd-de52-4612-b0fe-14987243ac56/1/RV8paaJ3goMy9MfTaatO8nD3vp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/d994dd-de52-4612-b0fe-14987243ac56/1/TSHLmy-MXenaowiJ2eI5RTe6Pjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.175.148.0/22
IPv6:
2a0b:fd00::/32
Signature Algorithm: sha256WithRSAEncryption
64:78:13:e6:ef:e5:40:b6:2d:43:9d:6e:f8:5a:fb:32:e0:1a:
8c:65:97:7b:4a:6e:38:03:43:18:fd:4c:cb:10:27:33:0d:84:
e7:ca:bd:8f:1c:1d:e3:af:c0:be:60:fe:c3:5b:65:aa:53:22:
e5:b8:56:b5:ab:36:ec:5d:6e:fd:bd:0a:50:a3:e6:9a:2a:38:
ea:49:6d:e6:7e:e4:9c:8d:1b:2e:d4:db:1a:eb:05:dc:25:0b:
84:a6:83:9f:cd:6d:66:8d:df:15:a1:c3:92:e5:df:84:fd:8b:
e1:a9:15:a9:fe:dd:65:4d:21:a9:bb:6d:a6:af:a1:3a:04:d9:
36:fd:d4:06:81:ac:c9:ba:3f:4e:a0:4f:2f:5b:6e:90:3d:2d:
62:a0:7b:d6:00:32:8b:f3:90:95:e6:91:6a:f4:89:1e:97:5b:
58:c4:18:1d:38:a8:3f:cb:58:54:c1:96:ab:d7:26:bf:3a:93:
94:10:ad:54:79:e0:14:7c:dd:4e:2f:e7:f3:33:53:c9:45:ea:
b7:2a:45:7f:ef:b8:26:bd:e3:24:01:fa:41:a9:dc:37:f2:6c:
99:30:41:24:3c:c3:7b:3b:a6:3f:86:e5:1c:47:76:ab:63:8a:
06:55:de:ee:60:07:45:35:86:2b:d3:c1:6e:ce:23:ce:27:40:
57:6c:b1:a8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQg1mBkVs9/0f5/Ep00TTJNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMjFjYjliMmY4YzVkZTlkYWEzMDg4OWQ5ZTIzOTQ1Mzdi
YTNlMzgwHhcNMjUwMTAxMDc0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTVmMjk2OWEyNzc4MjgzMzJmNGM3ZDM2OWFiNGVmMjcwZjdiZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcVBwJc6lVuncl6LHLSAUFdJ8W+L
qck+mDI5c4OyZTX8NX1PaBdjVpsmGErpZV4l1UquWV1OPsTsMWyKp8lsbiE0JCuz
0eq4jhDfSYKYWRaC4lOed7qtww6AU7Dv/6oRxur9Fokha2ZiGLXK4CZk991Icq8r
fVbg2L2K66qlO3hip9XPiP3druDodWm1RZoTrrfcFjUNfDzomRaAxSUilbrEVSKj
AZlsloOKQz356TZBPZ/nI/qOd+c7K3KYHmydOMLslh4OMQY9TVd5O/v8We88JJJo
0W7Nw0ScCcEOLRn3WmWF8l91bFq6oqTz23q6FZXsi2b+7f2obp0A6e8p7QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEVfKWmid4KDMvTH02mrTvJw976dMB8GA1UdIwQY
MBaAFE0hy5svjF3p2qMIidniOUU3uj44MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFNITG15LU1YZW5hb3dpSjJlSTVSVGU2UGpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9kOTk0ZGQtZGU1Mi00NjEyLWIwZmUt
MTQ5ODcyNDNhYzU2LzEvUlY4cGFhSjNnb015OU1mVGFhdE84bkQzdnAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9kOTk0ZGQtZGU1Mi00NjEyLWIwZmUtMTQ5ODcyNDNhYzU2
LzEvVFNITG15LU1YZW5hb3dpSjJlSTVSVGU2UGpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCua+UMA0E
AgACMAcDBQAqC/0AMA0GCSqGSIb3DQEBCwUAA4IBAQBkeBPm7+VAti1DnW74Wvsy
4BqMZZd7Sm44A0MY/UzLECczDYTnyr2PHB3jr8C+YP7DW2WqUyLluFa1qzbsXW79
vQpQo+aaKjjqSW3mfuScjRsu1Nsa6wXcJQuEpoOfzW1mjd8VocOS5d+E/YvhqRWp
/t1lTSGpu22mr6E6BNk2/dQGgazJuj9OoE8vW26QPS1ioHvWADKL85CV5pFq9Ike
l1tYxBgdOKg/y1hUwZar1ya/OpOUEK1UeeAUfN1OL+fzM1PJReq3KkV/77gmveMk
AfpBqdw38myZMEEkPMN7O6Y/huUcR3arY4oGVd7uYAdFNYYr08FuziPOJ0BXbLGo
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:44 2025 by rpki-client