Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/71173b-1938-4835-af00-a699bcb08ae3/1/1-xyQHxf_deE9-ViNoog6kflfJho.roa
File: 1-xyQHxf_deE9-ViNoog6kflfJho.roa (raw, json)
Hash identifier: QIveh9vpkORylUTH9OU36DpDEaTwHICeGuuojxGmoA4=
Subject key identifier: FB:1C:90:1F:17:FF:75:E1:3D:F9:58:8D:A2:88:3A:91:F9:5F:26:1A
Certificate issuer: /CN=1a99c75fe5777e136573e1e51efba6781f3a5b16
Certificate serial: 019420D5FB560360780341E0D1EC1C5A68F2
Authority key identifier: 1A:99:C7:5F:E5:77:7E:13:65:73:E1:E5:1E:FB:A6:78:1F:3A:5B:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GpnHX-V3fhNlc-HlHvumeB86WxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/71173b-1938-4835-af00-a699bcb08ae3/1/1-xyQHxf_deE9-ViNoog6kflfJho.roa
Signing time: Wed 01 Jan 2025 07:48:01 +0000
ROA not before: Wed 01 Jan 2025 07:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203450
IP address blocks: 185.134.160.0/22 maxlen: 22
2a06:ed40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:fb:56:03:60:78:03:41:e0:d1:ec:1c:5a:68:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a99c75fe5777e136573e1e51efba6781f3a5b16
Validity
Not Before: Jan 1 07:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fb1c901f17ff75e13df9588da2883a91f95f261a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:db:ce:a4:c9:df:8f:30:a5:d2:88:20:58:3a:
0a:94:16:ef:9c:4e:05:ae:14:3e:1d:ee:1e:01:9e:
33:6c:bb:82:26:f7:30:5e:cc:34:aa:42:02:11:27:
8f:5d:24:23:05:90:81:7c:96:9d:25:9c:24:ec:37:
57:74:47:91:c2:7a:00:38:7c:b6:14:de:61:42:e0:
50:ef:c3:8b:44:06:04:98:99:27:5d:88:40:06:13:
23:ac:34:87:a8:f3:68:ce:2d:85:eb:4f:b6:4c:18:
be:e9:2b:31:e1:41:1d:8e:a1:28:5f:c2:d0:be:3c:
11:9b:a0:0b:4f:5e:6e:8a:4c:7e:3d:d8:7b:38:c2:
c0:d4:0f:b7:42:24:f3:e6:2a:b2:5a:6c:fc:69:a5:
63:3b:f7:be:ce:74:78:02:e5:4b:31:1b:bd:46:4e:
5e:8a:81:e5:4c:29:a7:32:c7:59:7c:df:5c:bb:c9:
c5:b2:aa:bc:25:9a:ca:17:0c:d6:d9:74:28:25:35:
ff:99:19:c9:8f:19:47:98:31:83:d0:7c:38:9a:23:
25:0a:65:11:7c:e8:95:f7:20:e5:f5:f1:8a:c2:4a:
36:12:5b:ef:f3:3e:5a:ba:cc:34:6b:98:87:2c:8e:
06:ce:18:c8:81:31:3f:e2:74:3a:4a:d2:93:3f:c6:
6a:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:1C:90:1F:17:FF:75:E1:3D:F9:58:8D:A2:88:3A:91:F9:5F:26:1A
X509v3 Authority Key Identifier:
keyid:1A:99:C7:5F:E5:77:7E:13:65:73:E1:E5:1E:FB:A6:78:1F:3A:5B:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GpnHX-V3fhNlc-HlHvumeB86WxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/71173b-1938-4835-af00-a699bcb08ae3/1/1-xyQHxf_deE9-ViNoog6kflfJho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/71173b-1938-4835-af00-a699bcb08ae3/1/GpnHX-V3fhNlc-HlHvumeB86WxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.134.160.0/22
IPv6:
2a06:ed40::/29
Signature Algorithm: sha256WithRSAEncryption
28:e3:cf:bb:e0:8d:64:bb:1b:58:24:5b:db:0c:36:09:ca:4d:
ed:60:34:fb:05:94:41:ca:e1:51:90:0f:92:3c:c1:6e:22:db:
fe:e5:40:47:2a:71:c3:bd:77:6a:bb:02:6d:b6:1a:9a:d5:96:
00:f4:29:08:8e:35:df:a1:27:2d:f8:3a:d9:46:5d:69:9b:8b:
77:bb:d2:8d:e2:54:83:db:a2:26:77:60:66:dd:fc:e9:22:74:
27:fc:0e:df:7a:6c:f3:7f:87:8e:60:98:22:d7:21:50:be:5f:
fa:ae:70:cd:0d:67:06:9b:2e:a5:da:89:17:a1:8e:26:2b:37:
3b:5b:3d:13:14:80:7e:63:bc:d7:1d:74:4d:b3:fd:a6:3f:0f:
3a:d6:31:86:33:da:97:d4:1b:d1:44:e0:4c:92:c0:78:99:7f:
00:1b:d0:cd:21:4d:2b:66:d9:ed:c1:a0:45:94:20:b0:51:0c:
1c:3a:a2:87:90:d4:d6:41:b0:bf:08:0b:cf:d7:63:30:b3:a2:
73:f3:86:c1:46:9c:9e:a5:d0:05:2e:83:4f:9e:c6:f9:3a:92:
0f:05:08:39:e8:f0:74:49:04:5d:e1:a4:ca:eb:db:ba:c6:53:
12:cd:d8:af:85:e0:9b:c5:42:eb:c3:b6:ae:e6:88:ab:b9:f1:
0b:24:f1:21
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQg1ftWA2B4A0Hg0ewcWmjyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhOTljNzVmZTU3NzdlMTM2NTczZTFlNTFlZmJhNjc4MWYz
YTViMTYwHhcNMjUwMTAxMDc0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjFjOTAxZjE3ZmY3NWUxM2RmOTU4OGRhMjg4M2E5MWY5NWYyNjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29vOpMnfjzCl0oggWDoKlBbvnE4F
rhQ+He4eAZ4zbLuCJvcwXsw0qkICESePXSQjBZCBfJadJZwk7DdXdEeRwnoAOHy2
FN5hQuBQ78OLRAYEmJknXYhABhMjrDSHqPNozi2F60+2TBi+6Ssx4UEdjqEoX8LQ
vjwRm6ALT15uikx+Pdh7OMLA1A+3QiTz5iqyWmz8aaVjO/e+znR4AuVLMRu9Rk5e
ioHlTCmnMsdZfN9cu8nFsqq8JZrKFwzW2XQoJTX/mRnJjxlHmDGD0Hw4miMlCmUR
fOiV9yDl9fGKwko2Elvv8z5ausw0a5iHLI4GzhjIgTE/4nQ6StKTP8ZqEwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPsckB8X/3XhPflYjaKIOpH5XyYaMB8GA1UdIwQY
MBaAFBqZx1/ld34TZXPh5R77pngfOlsWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3BuSFgtVjNmaE5sYy1IbEh2dW1lQjg2V3hZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi83MTE3M2ItMTkzOC00ODM1LWFmMDAt
YTY5OWJjYjA4YWUzLzEvMS14eVFIeGZfZGVFOS1WaU5vb2c2a2ZsZkpoby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvNzExNzNiLTE5MzgtNDgzNS1hZjAwLWE2OTliY2IwOGFl
My8xL0dwbkhYLVYzZmhObGMtSGxIdnVtZUI4Nld4WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmGoDAN
BAIAAjAHAwUDKgbtQDANBgkqhkiG9w0BAQsFAAOCAQEAKOPPu+CNZLsbWCRb2ww2
CcpN7WA0+wWUQcrhUZAPkjzBbiLb/uVARypxw713arsCbbYamtWWAPQpCI4136En
Lfg62UZdaZuLd7vSjeJUg9uiJndgZt386SJ0J/wO33ps83+HjmCYItchUL5f+q5w
zQ1nBpsupdqJF6GOJis3O1s9ExSAfmO81x10TbP9pj8POtYxhjPal9Qb0UTgTJLA
eJl/ABvQzSFNK2bZ7cGgRZQgsFEMHDqih5DU1kGwvwgLz9djMLOic/OGwUacnqXQ
BS6DT57G+TqSDwUIOejwdEkEXeGkyuvbusZTEs3Yr4Xgm8VC68O2ruaIq7nxCyTx
IQ==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:18:15 2025 by rpki-client