Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f42158-f8af-4b6c-b9ea-590bb1bd6916/1/R2aTJOpckw-QMaUyxi4WssttmaI.roa
File: R2aTJOpckw-QMaUyxi4WssttmaI.roa (raw, json)
Hash identifier: RlLDlt1rGiavdoItnnBWTa8l84OiQKQ3lXQCRMzijos=
Subject key identifier: 47:66:93:24:EA:5C:93:0F:90:31:A5:32:C6:2E:16:B2:CB:6D:99:A2
Certificate issuer: /CN=1a11b4c31b8eccad0d34aee1573476cb3474b66e
Certificate serial: 018CC64B283200F655F613B2F7679FAAC914
Authority key identifier: 1A:11:B4:C3:1B:8E:CC:AD:0D:34:AE:E1:57:34:76:CB:34:74:B6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GhG0wxuOzK0NNK7hVzR2yzR0tm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/f42158-f8af-4b6c-b9ea-590bb1bd6916/1/R2aTJOpckw-QMaUyxi4WssttmaI.roa
Signing time: Mon 01 Jan 2024 18:31:03 +0000
ROA not before: Mon 01 Jan 2024 18:31:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57523
IP address blocks: 185.122.204.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:28:32:00:f6:55:f6:13:b2:f7:67:9f:aa:c9:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a11b4c31b8eccad0d34aee1573476cb3474b66e
Validity
Not Before: Jan 1 18:31:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47669324ea5c930f9031a532c62e16b2cb6d99a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0f:af:3d:4e:18:77:87:4b:09:6c:17:5f:aa:
91:5a:50:4e:2e:cc:ef:40:3e:d9:78:fd:ba:54:a2:
73:87:8b:f4:19:a3:ae:e7:ed:67:8c:00:7c:5a:6c:
3e:49:00:3f:53:5a:95:65:fc:c0:e6:ed:99:43:23:
1f:6a:88:18:a6:af:95:3d:a6:78:b6:be:00:e2:dc:
9b:2e:c1:c0:de:8a:3c:c9:7a:10:4b:da:7c:f9:2e:
17:90:d3:7b:18:f3:18:18:98:7d:66:d8:de:4f:b9:
b2:41:de:1a:0d:3c:d0:df:75:19:da:2b:4f:08:55:
a5:87:13:1a:78:f9:ef:bf:15:8c:81:03:e9:77:a1:
86:88:f8:df:40:f8:0d:93:23:b8:30:d2:64:4d:32:
98:23:ac:12:c9:cc:1d:6f:fb:0a:01:3b:97:bb:b8:
c0:d1:a0:e5:eb:54:b1:57:e1:c8:74:a2:40:cf:88:
5e:67:5b:3b:b1:40:ac:d2:a3:ea:6f:35:6d:1d:f9:
c5:6c:b2:b4:30:4f:d0:68:2a:23:8c:13:9b:85:22:
ad:1d:3c:45:51:bc:23:42:0e:c2:f2:cb:10:b6:a6:
3c:ea:f1:99:ae:11:ae:00:49:3c:4c:d0:4c:b5:e0:
89:34:58:e8:f5:77:ea:0d:fa:97:73:74:4a:69:92:
06:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:66:93:24:EA:5C:93:0F:90:31:A5:32:C6:2E:16:B2:CB:6D:99:A2
X509v3 Authority Key Identifier:
keyid:1A:11:B4:C3:1B:8E:CC:AD:0D:34:AE:E1:57:34:76:CB:34:74:B6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GhG0wxuOzK0NNK7hVzR2yzR0tm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f42158-f8af-4b6c-b9ea-590bb1bd6916/1/R2aTJOpckw-QMaUyxi4WssttmaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f42158-f8af-4b6c-b9ea-590bb1bd6916/1/GhG0wxuOzK0NNK7hVzR2yzR0tm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.122.204.0/24
Signature Algorithm: sha256WithRSAEncryption
97:a6:15:39:ed:6e:8a:36:03:aa:bf:81:8b:af:10:47:49:bd:
e0:63:c8:8c:f6:2a:f3:36:ee:51:c4:60:d8:dd:f5:fc:07:22:
93:ad:0f:dc:bc:e8:64:de:8b:46:72:58:1a:e0:44:6d:05:9b:
13:69:5d:7c:bc:3b:05:ac:4b:2e:4e:38:a9:a4:11:1a:3e:7d:
8b:87:a7:4b:9d:34:95:53:00:32:1c:cd:a2:d6:34:7d:f0:d7:
53:4b:8d:b6:bc:fb:0a:24:64:a9:15:ae:83:74:6a:09:d7:9f:
3a:cc:c0:11:08:8d:bf:91:72:e3:fa:f8:a8:f2:e3:cd:ec:aa:
f5:a7:d5:4e:fe:cb:b1:07:b2:58:0d:0c:1a:e1:a0:4b:ba:2f:
32:e5:17:6e:34:7f:7a:19:db:f0:51:9e:0b:db:f2:8a:b7:48:
62:d9:38:7e:7d:51:a8:dc:65:e3:ed:05:02:06:aa:9f:5e:a2:
7e:d9:6a:1a:a4:01:5d:c4:c0:68:cc:c8:0d:48:63:79:ed:16:
60:e5:9e:4c:d9:79:23:47:d5:37:82:59:a8:9d:46:8d:ba:be:
16:0b:f2:38:6a:c6:da:cb:53:cf:3f:73:0c:1d:96:4f:29:79:
59:3a:7d:3e:2d:91:1f:37:e3:7f:9b:f6:49:05:36:ee:e6:44:
26:a3:6d:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSygyAPZV9hOy92efqskUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMTFiNGMzMWI4ZWNjYWQwZDM0YWVlMTU3MzQ3NmNiMzQ3
NGI2NmUwHhcNMjQwMTAxMTgzMTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzY2OTMyNGVhNWM5MzBmOTAzMWE1MzJjNjJlMTZiMmNiNmQ5OWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtw+vPU4Yd4dLCWwXX6qRWlBOLszv
QD7ZeP26VKJzh4v0GaOu5+1njAB8Wmw+SQA/U1qVZfzA5u2ZQyMfaogYpq+VPaZ4
tr4A4tybLsHA3oo8yXoQS9p8+S4XkNN7GPMYGJh9ZtjeT7myQd4aDTzQ33UZ2itP
CFWlhxMaePnvvxWMgQPpd6GGiPjfQPgNkyO4MNJkTTKYI6wSycwdb/sKATuXu7jA
0aDl61SxV+HIdKJAz4heZ1s7sUCs0qPqbzVtHfnFbLK0ME/QaCojjBObhSKtHTxF
UbwjQg7C8ssQtqY86vGZrhGuAEk8TNBMteCJNFjo9XfqDfqXc3RKaZIGIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEdmkyTqXJMPkDGlMsYuFrLLbZmiMB8GA1UdIwQY
MBaAFBoRtMMbjsytDTSu4Vc0dss0dLZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2hHMHd4dU96SzBOTks3aFZ6UjJ5elIwdG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mNDIxNTgtZjhhZi00YjZjLWI5ZWEt
NTkwYmIxYmQ2OTE2LzEvUjJhVEpPcGNrdy1RTWFVeXhpNFdzc3R0bWFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mNDIxNTgtZjhhZi00YjZjLWI5ZWEtNTkwYmIxYmQ2OTE2
LzEvR2hHMHd4dU96SzBOTks3aFZ6UjJ5elIwdG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXrMMA0G
CSqGSIb3DQEBCwUAA4IBAQCXphU57W6KNgOqv4GLrxBHSb3gY8iM9irzNu5RxGDY
3fX8ByKTrQ/cvOhk3otGclga4ERtBZsTaV18vDsFrEsuTjippBEaPn2Lh6dLnTSV
UwAyHM2i1jR98NdTS422vPsKJGSpFa6DdGoJ1586zMARCI2/kXLj+vio8uPN7Kr1
p9VO/suxB7JYDQwa4aBLui8y5RduNH96GdvwUZ4L2/KKt0hi2Th+fVGo3GXj7QUC
BqqfXqJ+2WoapAFdxMBozMgNSGN57RZg5Z5M2XkjR9U3glmonUaNur4WC/I4asba
y1PPP3MMHZZPKXlZOn0+LZEfN+N/m/ZJBTbu5kQmo20y
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:32:38 2025 by rpki-client