Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/70959b-d79b-42dc-b893-5f2d0e2ae714/1/IO0LvnAOcWauTMBpIRocATcgbnc.roa
File: IO0LvnAOcWauTMBpIRocATcgbnc.roa (raw, json)
Hash identifier: X7MgkZkBpVtr92LvTB/v/8FDDjBqTMenme65NutXS6Q=
Subject key identifier: 20:ED:0B:BE:70:0E:71:66:AE:4C:C0:69:21:1A:1C:01:37:20:6E:77
Certificate issuer: /CN=b0adf05afef6f65fa19a61c30ae4fb11c7cf25b6
Certificate serial: 0194228E2ED5C39888BA7E53679959384A10
Authority key identifier: B0:AD:F0:5A:FE:F6:F6:5F:A1:9A:61:C3:0A:E4:FB:11:C7:CF:25:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sK3wWv729l-hmmHDCuT7EcfPJbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/70959b-d79b-42dc-b893-5f2d0e2ae714/1/IO0LvnAOcWauTMBpIRocATcgbnc.roa
Signing time: Wed 01 Jan 2025 15:48:50 +0000
ROA not before: Wed 01 Jan 2025 15:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2116
IP address blocks: 185.67.40.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:2e:d5:c3:98:88:ba:7e:53:67:99:59:38:4a:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0adf05afef6f65fa19a61c30ae4fb11c7cf25b6
Validity
Not Before: Jan 1 15:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20ed0bbe700e7166ae4cc069211a1c0137206e77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:df:21:df:04:d4:35:d9:fd:74:bd:24:ef:87:
87:e3:27:2c:cc:a3:23:e8:9c:3d:45:d4:e0:6d:6e:
77:04:6b:d8:47:a8:7d:f3:59:ea:d2:9c:09:5b:62:
53:1b:a1:66:1a:b7:51:61:12:dd:fd:13:9b:33:6f:
19:58:1c:5b:46:da:fe:5c:55:32:48:35:1e:ac:bc:
85:d3:54:f8:71:65:0d:5f:07:35:1a:5e:88:a6:fc:
fb:20:3d:6e:49:17:fe:8f:a6:87:44:f2:69:23:c1:
12:a7:4f:7b:87:d3:2b:88:c7:18:df:d1:36:a7:68:
bd:9d:92:17:63:ba:1b:12:dc:93:f6:2e:16:56:8d:
55:f8:74:6d:e4:bc:7f:04:74:23:3e:b9:d3:c4:b2:
ea:3c:bf:48:b3:49:27:d2:1b:7c:99:71:1a:d2:45:
69:04:2d:b1:22:96:a8:e0:33:56:77:df:01:17:76:
6a:8c:d4:35:e0:45:e0:f8:47:8a:d5:73:8b:f9:08:
a1:aa:65:37:09:f4:a1:f7:e3:0d:5e:d5:46:c8:08:
06:fa:89:7c:d1:7b:3a:0d:30:e3:db:49:fe:de:df:
06:07:2d:39:c0:c1:cc:b0:2a:82:93:bc:98:3a:18:
a5:a2:4d:fe:98:be:82:b9:c4:61:0c:fc:fc:61:f9:
72:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:ED:0B:BE:70:0E:71:66:AE:4C:C0:69:21:1A:1C:01:37:20:6E:77
X509v3 Authority Key Identifier:
keyid:B0:AD:F0:5A:FE:F6:F6:5F:A1:9A:61:C3:0A:E4:FB:11:C7:CF:25:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sK3wWv729l-hmmHDCuT7EcfPJbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/70959b-d79b-42dc-b893-5f2d0e2ae714/1/IO0LvnAOcWauTMBpIRocATcgbnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/70959b-d79b-42dc-b893-5f2d0e2ae714/1/sK3wWv729l-hmmHDCuT7EcfPJbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.40.0/22
Signature Algorithm: sha256WithRSAEncryption
80:d5:24:ca:90:44:7b:8d:65:7a:50:36:de:d5:43:c9:c0:1e:
c9:d6:b7:d6:f2:2a:11:0b:7b:60:cd:3c:e7:bf:88:64:74:41:
65:fc:0f:21:5b:a7:b0:dd:35:ad:6c:53:ef:fe:d2:c7:df:f3:
0b:85:b0:dc:8c:49:c8:9a:b4:c1:50:11:12:4c:86:10:47:01:
03:92:be:1b:ed:ab:f6:a9:0f:ba:22:79:4c:e1:65:e9:fb:af:
bc:b8:6d:93:b7:be:3d:5d:a5:02:1b:14:2b:d1:f5:31:2a:3d:
4e:f0:2e:2c:b6:92:5c:48:ff:ca:4b:82:2a:46:cd:2b:67:21:
ee:48:5e:bd:14:23:0b:c5:a2:80:eb:db:b6:c1:a5:02:4f:26:
0a:74:a4:2a:ab:4c:b7:3e:e3:f7:80:ff:83:1e:b8:21:fa:47:
e9:56:56:1f:4e:7f:f8:2a:96:09:39:86:59:e5:4a:14:e7:ac:
70:98:e3:23:ba:d0:6d:5b:f4:36:a1:c1:e4:6d:be:ea:6b:ed:
3c:a7:8b:ee:26:47:b0:11:e7:6d:1d:eb:ca:e8:74:ec:6f:ba:
1a:69:ea:53:81:7c:8a:80:1d:c6:66:2a:99:86:ea:17:5f:f8:
65:4c:80:7b:08:eb:9a:20:1a:ef:8d:87:d0:70:7b:a8:1b:f0:
fa:f9:45:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiji7Vw5iIun5TZ5lZOEoQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYWRmMDVhZmVmNmY2NWZhMTlhNjFjMzBhZTRmYjExYzdj
ZjI1YjYwHhcNMjUwMTAxMTU0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGVkMGJiZTcwMGU3MTY2YWU0Y2MwNjkyMTFhMWMwMTM3MjA2ZTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAst8h3wTUNdn9dL0k74eH4ycszKMj
6Jw9RdTgbW53BGvYR6h981nq0pwJW2JTG6FmGrdRYRLd/RObM28ZWBxbRtr+XFUy
SDUerLyF01T4cWUNXwc1Gl6Ipvz7ID1uSRf+j6aHRPJpI8ESp097h9MriMcY39E2
p2i9nZIXY7obEtyT9i4WVo1V+HRt5Lx/BHQjPrnTxLLqPL9Is0kn0ht8mXEa0kVp
BC2xIpao4DNWd98BF3ZqjNQ14EXg+EeK1XOL+QihqmU3CfSh9+MNXtVGyAgG+ol8
0Xs6DTDj20n+3t8GBy05wMHMsCqCk7yYOhilok3+mL6CucRhDPz8YflyEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCDtC75wDnFmrkzAaSEaHAE3IG53MB8GA1UdIwQY
MBaAFLCt8Fr+9vZfoZphwwrk+xHHzyW2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0szd1d2NzI5bC1obW1IREN1VDdFY2ZQSmJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS83MDk1OWItZDc5Yi00MmRjLWI4OTMt
NWYyZDBlMmFlNzE0LzEvSU8wTHZuQU9jV2F1VE1CcElSb2NBVGNnYm5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS83MDk1OWItZDc5Yi00MmRjLWI4OTMtNWYyZDBlMmFlNzE0
LzEvc0szd1d2NzI5bC1obW1IREN1VDdFY2ZQSmJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUMoMA0G
CSqGSIb3DQEBCwUAA4IBAQCA1STKkER7jWV6UDbe1UPJwB7J1rfW8ioRC3tgzTzn
v4hkdEFl/A8hW6ew3TWtbFPv/tLH3/MLhbDcjEnImrTBUBESTIYQRwEDkr4b7av2
qQ+6InlM4WXp+6+8uG2Tt749XaUCGxQr0fUxKj1O8C4stpJcSP/KS4IqRs0rZyHu
SF69FCMLxaKA69u2waUCTyYKdKQqq0y3PuP3gP+DHrgh+kfpVlYfTn/4KpYJOYZZ
5UoU56xwmOMjutBtW/Q2ocHkbb7qa+08p4vuJkewEedtHevK6HTsb7oaaepTgXyK
gB3GZiqZhuoXX/hlTIB7COuaIBrvjYfQcHuoG/D6+UUz
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:46:57 2025 by rpki-client