Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/397c1e-51a7-416f-a45c-2a0213179c07/1/lMqQBQxUd3_rITgUX_Xd15bHhcs.roa
File: lMqQBQxUd3_rITgUX_Xd15bHhcs.roa (raw, json)
Hash identifier: xYWVB8Ylsxp8fpKTzhWqmzpng/adcMSNJZDIutd8YK0=
Subject key identifier: 94:CA:90:05:0C:54:77:7F:EB:21:38:14:5F:F5:DD:D7:96:C7:85:CB
Certificate issuer: /CN=ef8669e70cea94973afd34fb08eb59e9d86b57fc
Certificate serial: 019421B253152D6DC05888F09ED396726133
Authority key identifier: EF:86:69:E7:0C:EA:94:97:3A:FD:34:FB:08:EB:59:E9:D8:6B:57:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/74Zp5wzqlJc6_TT7COtZ6dhrV_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/397c1e-51a7-416f-a45c-2a0213179c07/1/lMqQBQxUd3_rITgUX_Xd15bHhcs.roa
Signing time: Wed 01 Jan 2025 11:48:42 +0000
ROA not before: Wed 01 Jan 2025 11:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209082
IP address blocks: 185.128.220.0/22 maxlen: 24
2a03:9ba0::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:53:15:2d:6d:c0:58:88:f0:9e:d3:96:72:61:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef8669e70cea94973afd34fb08eb59e9d86b57fc
Validity
Not Before: Jan 1 11:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94ca90050c54777feb2138145ff5ddd796c785cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:73:7b:94:e8:a6:a6:e8:49:77:30:ed:f2:91:
bd:77:84:b5:88:5a:f8:ad:e4:4e:51:40:54:7b:28:
fc:be:74:a4:68:a6:c3:bd:f3:2f:94:c1:30:96:14:
21:06:d4:5a:e1:6e:7d:31:0d:b4:c0:2a:9c:96:2c:
31:a8:3a:66:b9:ca:ac:6d:3a:4f:1d:b0:eb:94:a6:
83:7b:87:18:52:d3:0e:f6:5e:b6:18:fa:b8:be:7d:
87:17:4b:63:53:42:43:08:85:b9:74:0f:af:7a:2d:
58:c9:1d:13:35:04:04:e1:5c:60:82:f9:e2:22:a2:
ed:3b:b8:95:c8:9b:5c:87:81:be:75:d9:e9:d9:b7:
39:22:8d:67:de:6a:51:9d:66:87:e2:bf:52:6b:d5:
00:1c:74:7d:1f:f5:d4:e8:a7:c5:e8:cb:8c:fb:94:
3f:d3:ff:ba:4a:55:30:90:61:d4:3b:b2:5a:e6:54:
b4:26:c1:ab:0e:56:99:5f:e9:d2:9a:89:b5:54:68:
d8:0d:5a:35:e0:c5:6d:fb:1c:60:4a:f0:89:db:9e:
ef:2d:14:49:ee:d7:33:04:47:5e:7c:ed:fd:17:72:
d8:bc:23:27:7b:00:3a:73:30:ed:36:2b:6e:05:fa:
62:64:54:78:90:e7:c0:54:b1:a1:78:d8:8f:af:35:
b7:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:CA:90:05:0C:54:77:7F:EB:21:38:14:5F:F5:DD:D7:96:C7:85:CB
X509v3 Authority Key Identifier:
keyid:EF:86:69:E7:0C:EA:94:97:3A:FD:34:FB:08:EB:59:E9:D8:6B:57:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/74Zp5wzqlJc6_TT7COtZ6dhrV_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/397c1e-51a7-416f-a45c-2a0213179c07/1/lMqQBQxUd3_rITgUX_Xd15bHhcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/397c1e-51a7-416f-a45c-2a0213179c07/1/74Zp5wzqlJc6_TT7COtZ6dhrV_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.220.0/22
IPv6:
2a03:9ba0::/32
Signature Algorithm: sha256WithRSAEncryption
8b:0c:63:e0:b8:e6:3e:4a:c8:8c:85:9d:61:c8:80:99:5e:69:
04:af:c8:3a:e6:fc:c5:37:dc:90:fc:ea:52:c1:ec:97:df:2e:
f0:b7:93:ef:f9:40:86:dc:09:a3:0c:8f:78:61:ef:11:b1:18:
17:f4:36:9e:61:47:cb:7a:eb:ee:34:4f:c4:cb:9e:4c:d8:22:
20:a3:55:82:01:2b:a8:a6:05:d6:dd:be:44:79:4d:1d:de:5f:
13:e3:b4:c4:69:96:9d:8f:f5:66:ea:03:9c:11:9f:7a:36:01:
ab:97:26:b1:01:2d:91:2e:bd:f4:7f:4d:e4:58:df:ad:86:f7:
be:7a:4f:a6:c0:7b:ce:54:cd:bc:4c:e9:e7:e3:d1:b5:c2:b4:
4a:b8:ef:2e:68:00:80:e2:c3:9e:4d:9d:5b:78:61:ec:00:4f:
f1:c7:8f:a5:03:36:b5:e2:91:75:06:09:13:18:63:29:9b:5e:
cf:be:99:68:a3:a6:50:af:1d:52:7a:94:16:7a:bb:ef:11:b9:
1b:81:9c:5b:60:e8:43:5c:c8:8c:3a:04:5e:5d:80:1e:f2:35:
32:d8:6b:e7:6b:85:ad:81:aa:bb:cf:26:04:5e:65:5e:e3:60:
ac:07:44:1e:74:f7:4e:29:f3:6f:bc:8e:73:49:20:54:69:d1:
b2:89:53:4a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhslMVLW3AWIjwntOWcmEzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmODY2OWU3MGNlYTk0OTczYWZkMzRmYjA4ZWI1OWU5ZDg2
YjU3ZmMwHhcNMjUwMTAxMTE0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGNhOTAwNTBjNTQ3NzdmZWIyMTM4MTQ1ZmY1ZGRkNzk2Yzc4NWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3N7lOimpuhJdzDt8pG9d4S1iFr4
reROUUBUeyj8vnSkaKbDvfMvlMEwlhQhBtRa4W59MQ20wCqcliwxqDpmucqsbTpP
HbDrlKaDe4cYUtMO9l62GPq4vn2HF0tjU0JDCIW5dA+vei1YyR0TNQQE4Vxggvni
IqLtO7iVyJtch4G+ddnp2bc5Io1n3mpRnWaH4r9Sa9UAHHR9H/XU6KfF6MuM+5Q/
0/+6SlUwkGHUO7Ja5lS0JsGrDlaZX+nSmom1VGjYDVo14MVt+xxgSvCJ257vLRRJ
7tczBEdefO39F3LYvCMnewA6czDtNituBfpiZFR4kOfAVLGheNiPrzW32wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJTKkAUMVHd/6yE4FF/13deWx4XLMB8GA1UdIwQY
MBaAFO+GaecM6pSXOv00+wjrWenYa1f8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzRacDV3enFsSmM2X1RUN0NPdFo2ZGhyVl93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8zOTdjMWUtNTFhNy00MTZmLWE0NWMt
MmEwMjEzMTc5YzA3LzEvbE1xUUJReFVkM19ySVRnVVhfWGQxNWJIaGNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8zOTdjMWUtNTFhNy00MTZmLWE0NWMtMmEwMjEzMTc5YzA3
LzEvNzRacDV3enFsSmM2X1RUN0NPdFo2ZGhyVl93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYDcMA0E
AgACMAcDBQAqA5ugMA0GCSqGSIb3DQEBCwUAA4IBAQCLDGPguOY+SsiMhZ1hyICZ
XmkEr8g65vzFN9yQ/OpSweyX3y7wt5Pv+UCG3AmjDI94Ye8RsRgX9DaeYUfLeuvu
NE/Ey55M2CIgo1WCASuopgXW3b5EeU0d3l8T47TEaZadj/Vm6gOcEZ96NgGrlyax
AS2RLr30f03kWN+thve+ek+mwHvOVM28TOnn49G1wrRKuO8uaACA4sOeTZ1beGHs
AE/xx4+lAza14pF1BgkTGGMpm17Pvploo6ZQrx1SepQWervvEbkbgZxbYOhDXMiM
OgReXYAe8jUy2Gvna4Wtgaq7zyYEXmVe42CsB0QedPdOKfNvvI5zSSBUadGyiVNK
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:07:01 2025 by rpki-client