Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/9a99c1-0da8-411c-a3a5-6c0e45bc3ff1/1/7LCJOzka2ybJlENjxnrnpkOGO6o.roa
File: 7LCJOzka2ybJlENjxnrnpkOGO6o.roa (raw, json)
Hash identifier: dkZPrEEsgh9pyXoz1765WJl3+Ix9qtagCyR71S0CbPk=
Subject key identifier: EC:B0:89:3B:39:1A:DB:26:C9:94:43:63:C6:7A:E7:A6:43:86:3B:AA
Certificate issuer: /CN=d8f7db18449bc00ae614312cd56d7dc78a05aa27
Certificate serial: 018573716349B9969C8E7D8FEF3CC0F40B7B
Authority key identifier: D8:F7:DB:18:44:9B:C0:0A:E6:14:31:2C:D5:6D:7D:C7:8A:05:AA:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2PfbGESbwArmFDEs1W19x4oFqic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/9a99c1-0da8-411c-a3a5-6c0e45bc3ff1/1/7LCJOzka2ybJlENjxnrnpkOGO6o.roa
Signing time: Mon 02 Jan 2023 17:04:48 +0000
ROA not before: Mon 02 Jan 2023 17:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44205
IP address blocks: 185.115.120.0/22 maxlen: 22
2a06:7600::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:71:63:49:b9:96:9c:8e:7d:8f:ef:3c:c0:f4:0b:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8f7db18449bc00ae614312cd56d7dc78a05aa27
Validity
Not Before: Jan 2 17:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ecb0893b391adb26c9944363c67ae7a643863baa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c9:f8:4d:76:25:5e:16:f2:39:4e:22:82:ba:
39:18:7d:89:d3:e8:1a:38:46:b2:53:80:a6:8c:19:
ad:87:66:a1:32:52:fe:dc:e6:ea:6c:fc:9e:44:1e:
84:03:0a:f3:15:46:92:db:5d:0b:c8:36:99:7f:3d:
0c:06:02:48:0a:30:f8:f0:7a:4c:4f:6d:e6:ec:85:
19:fe:c4:1c:02:c6:0a:fa:24:11:4e:51:c1:a4:dc:
b3:57:b0:b6:3f:12:94:70:67:1d:e8:e0:98:18:3c:
1d:34:9b:18:e4:f6:58:db:ef:c2:48:fe:e6:0a:91:
d0:47:37:5c:c0:24:98:20:26:d6:46:5f:e1:ee:fc:
d6:b6:c2:d7:2f:6d:d0:d2:ea:12:1d:4e:8c:81:f7:
cf:42:cf:f3:54:ec:a7:f5:21:25:b8:1a:0e:f5:62:
2b:c0:25:d4:95:f8:59:7f:b8:20:5b:6b:f0:9b:e2:
29:83:33:de:ca:0b:94:00:e2:6d:00:4c:25:80:38:
0c:5c:d3:35:05:d0:f4:ac:9a:b2:7b:b0:b7:bf:eb:
0e:e9:7a:c2:e0:14:01:cf:81:97:85:14:34:e9:48:
98:96:63:97:0f:45:40:f8:f8:0b:f1:3e:6e:59:55:
db:94:9f:c2:7e:71:f4:5c:2d:0c:57:cd:73:c1:77:
e8:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:B0:89:3B:39:1A:DB:26:C9:94:43:63:C6:7A:E7:A6:43:86:3B:AA
X509v3 Authority Key Identifier:
keyid:D8:F7:DB:18:44:9B:C0:0A:E6:14:31:2C:D5:6D:7D:C7:8A:05:AA:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2PfbGESbwArmFDEs1W19x4oFqic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/9a99c1-0da8-411c-a3a5-6c0e45bc3ff1/1/7LCJOzka2ybJlENjxnrnpkOGO6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/9a99c1-0da8-411c-a3a5-6c0e45bc3ff1/1/2PfbGESbwArmFDEs1W19x4oFqic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.115.120.0/22
IPv6:
2a06:7600::/29
Signature Algorithm: sha256WithRSAEncryption
00:6a:fe:f1:fe:f6:9b:c1:ca:1e:c7:11:5a:c4:d9:cd:9d:0c:
bd:97:c8:30:f2:fc:b9:25:7e:b6:32:48:9c:6e:8f:33:be:31:
3e:98:24:cc:d9:d1:1e:da:0b:d5:d4:ed:9f:67:f9:06:52:30:
ab:f1:38:ad:10:a1:52:1d:a0:f5:ba:44:50:ae:c1:e3:71:e6:
80:b8:03:b9:ce:86:fc:13:a2:f6:36:26:91:57:02:eb:03:fb:
4c:99:59:6f:65:65:a5:ef:ed:bf:05:80:3e:72:0c:88:fe:66:
a7:96:39:0e:bb:93:b2:de:ef:79:ab:eb:ab:61:ac:2e:0f:50:
85:cc:9c:ce:da:ca:4c:14:85:0c:ba:35:0f:54:ac:7b:d4:2b:
7b:5e:2b:43:11:81:f5:86:b5:04:f3:55:3c:42:eb:82:55:5d:
ab:78:2a:e0:04:a9:57:9e:92:22:46:6e:a0:90:12:ff:76:9d:
d9:72:ef:3c:e0:13:d8:71:80:b6:9b:06:49:fa:ca:6d:c3:2d:
b9:6f:8b:06:71:7a:b0:a5:4d:25:19:b1:e3:e0:ee:a8:2b:dd:
2f:da:d4:61:57:c6:e1:f0:5c:3f:38:77:26:35:5f:37:04:fb:
76:e0:cf:79:c2:1a:a9:54:b2:7c:e2:45:e1:0a:b5:ef:22:78:
86:4b:86:13
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVzcWNJuZacjn2P7zzA9At7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZjdkYjE4NDQ5YmMwMGFlNjE0MzEyY2Q1NmQ3ZGM3OGEw
NWFhMjcwHhcNMjMwMTAyMTcwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2IwODkzYjM5MWFkYjI2Yzk5NDQzNjNjNjdhZTdhNjQzODYzYmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0sn4TXYlXhbyOU4igro5GH2J0+ga
OEayU4CmjBmth2ahMlL+3ObqbPyeRB6EAwrzFUaS210LyDaZfz0MBgJICjD48HpM
T23m7IUZ/sQcAsYK+iQRTlHBpNyzV7C2PxKUcGcd6OCYGDwdNJsY5PZY2+/CSP7m
CpHQRzdcwCSYICbWRl/h7vzWtsLXL23Q0uoSHU6MgffPQs/zVOyn9SEluBoO9WIr
wCXUlfhZf7ggW2vwm+IpgzPeyguUAOJtAEwlgDgMXNM1BdD0rJqye7C3v+sO6XrC
4BQBz4GXhRQ06UiYlmOXD0VA+PgL8T5uWVXblJ/CfnH0XC0MV81zwXfowwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOywiTs5GtsmyZRDY8Z656ZDhjuqMB8GA1UdIwQY
MBaAFNj32xhEm8AK5hQxLNVtfceKBaonMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlBmYkdFU2J3QXJtRkRFczFXMTl4NG9GcWljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi85YTk5YzEtMGRhOC00MTFjLWEzYTUt
NmMwZTQ1YmMzZmYxLzEvN0xDSk96a2EyeWJKbEVOanhucm5wa09HTzZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi85YTk5YzEtMGRhOC00MTFjLWEzYTUtNmMwZTQ1YmMzZmYx
LzEvMlBmYkdFU2J3QXJtRkRFczFXMTl4NG9GcWljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXN4MA0E
AgACMAcDBQMqBnYAMA0GCSqGSIb3DQEBCwUAA4IBAQAAav7x/vabwcoexxFaxNnN
nQy9l8gw8vy5JX62Mkicbo8zvjE+mCTM2dEe2gvV1O2fZ/kGUjCr8TitEKFSHaD1
ukRQrsHjceaAuAO5zob8E6L2NiaRVwLrA/tMmVlvZWWl7+2/BYA+cgyI/manljkO
u5Oy3u95q+urYawuD1CFzJzO2spMFIUMujUPVKx71Ct7XitDEYH1hrUE81U8QuuC
VV2reCrgBKlXnpIiRm6gkBL/dp3Zcu884BPYcYC2mwZJ+sptwy25b4sGcXqwpU0l
GbHj4O6oK90v2tRhV8bh8Fw/OHcmNV83BPt24M95whqpVLJ84kXhCrXvIniGS4YT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:27 2025 by rpki-client