Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/602244-7699-4103-bc7e-c4711482380e/1/iddMiGg8ovKZ_KW8pvcXVd9RE60.roa
File: iddMiGg8ovKZ_KW8pvcXVd9RE60.roa (raw, json)
Hash identifier: tlHNfQDbOnq01Er7SY3BPzZvcVpBmTMeqa5ifXXCQPU=
Subject key identifier: 89:D7:4C:88:68:3C:A2:F2:99:FC:A5:BC:A6:F7:17:55:DF:51:13:AD
Certificate issuer: /CN=3787b324b0d32fb1a3678b02c482286d4c26ba0f
Certificate serial: 019421B1F82CE3940C826CF4118BA2B914F3
Authority key identifier: 37:87:B3:24:B0:D3:2F:B1:A3:67:8B:02:C4:82:28:6D:4C:26:BA:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N4ezJLDTL7GjZ4sCxIIobUwmug8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/602244-7699-4103-bc7e-c4711482380e/1/iddMiGg8ovKZ_KW8pvcXVd9RE60.roa
Signing time: Wed 01 Jan 2025 11:48:18 +0000
ROA not before: Wed 01 Jan 2025 11:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 185.222.116.0/22 maxlen: 22
2a0c:3800::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:f8:2c:e3:94:0c:82:6c:f4:11:8b:a2:b9:14:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3787b324b0d32fb1a3678b02c482286d4c26ba0f
Validity
Not Before: Jan 1 11:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89d74c88683ca2f299fca5bca6f71755df5113ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:7c:f4:64:1c:4d:66:51:53:cd:99:6c:58:a4:
0f:f8:f2:44:10:46:8d:0c:bb:b3:65:45:cf:36:59:
b7:8f:9e:fa:0e:53:37:55:30:6a:1e:b9:20:ff:ac:
13:72:bc:8c:18:ac:7e:7d:43:55:f1:97:0f:33:b6:
46:52:cc:59:15:86:8d:a0:a5:af:4e:56:78:7d:68:
10:29:23:71:ab:de:d2:75:c3:8c:a5:0b:9b:ea:88:
b3:94:4d:63:d1:f9:d8:94:b2:5e:fe:fc:03:49:6e:
cf:da:c4:2b:81:1f:c8:52:8a:f2:f9:d2:74:b0:89:
8d:38:03:8b:fe:0d:fc:e7:05:0a:16:d2:d0:d4:dc:
d4:09:34:cb:d9:ff:2d:48:fb:61:bc:71:d4:f6:cf:
e4:b4:24:45:42:71:90:55:64:29:76:86:71:8c:3d:
e4:5b:5f:16:ac:12:c2:11:3c:95:7b:8a:f1:d0:71:
f9:b9:11:3b:58:98:db:b7:4b:7b:f1:ba:34:f9:4e:
b1:30:1c:5a:43:3e:86:c3:04:7e:c3:ef:a3:22:ff:
98:fa:23:5f:5e:ef:e6:15:38:4b:49:9d:a7:4f:ca:
6b:a8:ee:7f:9d:3b:ee:34:37:ed:04:60:82:5b:15:
2b:72:7d:02:8d:ff:a3:bd:eb:6a:3a:8d:0e:3a:bc:
b5:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:D7:4C:88:68:3C:A2:F2:99:FC:A5:BC:A6:F7:17:55:DF:51:13:AD
X509v3 Authority Key Identifier:
keyid:37:87:B3:24:B0:D3:2F:B1:A3:67:8B:02:C4:82:28:6D:4C:26:BA:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N4ezJLDTL7GjZ4sCxIIobUwmug8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/602244-7699-4103-bc7e-c4711482380e/1/iddMiGg8ovKZ_KW8pvcXVd9RE60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/602244-7699-4103-bc7e-c4711482380e/1/N4ezJLDTL7GjZ4sCxIIobUwmug8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.116.0/22
IPv6:
2a0c:3800::/32
Signature Algorithm: sha256WithRSAEncryption
76:a0:70:38:77:80:71:69:f6:6e:8f:ba:81:a7:b5:7e:83:bf:
a6:9d:7e:ad:83:c1:9e:14:b6:86:26:e8:ca:f0:6c:3b:f7:f0:
2f:8a:77:aa:c7:9d:e5:e8:33:5d:4e:60:d8:a9:86:75:b1:8f:
ea:6b:e0:f2:dc:c1:e6:c1:cd:c8:d4:e3:9d:07:9b:e5:93:f7:
b9:2b:57:91:21:bd:9b:4a:29:a8:eb:40:c6:d5:ec:a4:f8:8e:
a8:56:5a:2e:b1:42:ba:fd:4c:c6:dd:94:80:2d:7f:db:f9:f9:
03:5a:58:60:33:cc:2e:33:e2:23:e9:12:76:72:07:39:ff:3d:
f8:82:c9:e9:e7:0f:95:83:5c:ca:cc:c2:df:e8:b4:ff:d1:e2:
b6:19:33:76:4e:47:91:a4:57:28:d6:61:01:45:1b:8d:73:3f:
d4:e6:d8:fd:5a:d1:47:f1:32:6e:42:3b:34:c9:cc:c0:36:16:
1d:81:68:7c:dd:50:a8:cd:7a:fb:d5:70:0a:9d:b5:48:8c:2a:
5e:03:29:37:ff:fb:b4:f3:05:e0:88:f6:90:e5:98:70:5a:d4:
a3:38:3f:c7:52:db:b5:f9:d4:e8:06:ac:6e:2c:c8:b8:b8:03:
3f:4f:dd:ab:5b:cd:0e:3d:8a:10:f3:b1:9f:2e:01:85:d3:73:
3b:92:00:56
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhsfgs45QMgmz0EYuiuRTzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ODdiMzI0YjBkMzJmYjFhMzY3OGIwMmM0ODIyODZkNGMy
NmJhMGYwHhcNMjUwMTAxMTE0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWQ3NGM4ODY4M2NhMmYyOTlmY2E1YmNhNmY3MTc1NWRmNTExM2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXz0ZBxNZlFTzZlsWKQP+PJEEEaN
DLuzZUXPNlm3j576DlM3VTBqHrkg/6wTcryMGKx+fUNV8ZcPM7ZGUsxZFYaNoKWv
TlZ4fWgQKSNxq97SdcOMpQub6oizlE1j0fnYlLJe/vwDSW7P2sQrgR/IUory+dJ0
sImNOAOL/g385wUKFtLQ1NzUCTTL2f8tSPthvHHU9s/ktCRFQnGQVWQpdoZxjD3k
W18WrBLCETyVe4rx0HH5uRE7WJjbt0t78bo0+U6xMBxaQz6GwwR+w++jIv+Y+iNf
Xu/mFThLSZ2nT8prqO5/nTvuNDftBGCCWxUrcn0Cjf+jvetqOo0OOry1gwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFInXTIhoPKLymfylvKb3F1XfUROtMB8GA1UdIwQY
MBaAFDeHsySw0y+xo2eLAsSCKG1MJroPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjRlekpMRFRMN0dqWjRzQ3hJSW9iVXdtdWc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS82MDIyNDQtNzY5OS00MTAzLWJjN2Ut
YzQ3MTE0ODIzODBlLzEvaWRkTWlHZzhvdktaX0tXOHB2Y1hWZDlSRTYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS82MDIyNDQtNzY5OS00MTAzLWJjN2UtYzQ3MTE0ODIzODBl
LzEvTjRlekpMRFRMN0dqWjRzQ3hJSW9iVXdtdWc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCud50MA0E
AgACMAcDBQAqDDgAMA0GCSqGSIb3DQEBCwUAA4IBAQB2oHA4d4BxafZuj7qBp7V+
g7+mnX6tg8GeFLaGJujK8Gw79/Avineqx53l6DNdTmDYqYZ1sY/qa+Dy3MHmwc3I
1OOdB5vlk/e5K1eRIb2bSimo60DG1eyk+I6oVlousUK6/UzG3ZSALX/b+fkDWlhg
M8wuM+Ij6RJ2cgc5/z34gsnp5w+Vg1zKzMLf6LT/0eK2GTN2TkeRpFco1mEBRRuN
cz/U5tj9WtFH8TJuQjs0yczANhYdgWh83VCozXr71XAKnbVIjCpeAyk3//u08wXg
iPaQ5ZhwWtSjOD/HUtu1+dToBqxuLMi4uAM/T92rW80OPYoQ87GfLgGF03M7kgBW
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:25:13 2025 by rpki-client