Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/aa1797-4373-4a2f-a074-c73cbe70abb9/1/22eL62zQsXgq_4EBIN5g_8xKSak.roa
File: 22eL62zQsXgq_4EBIN5g_8xKSak.roa (raw, json)
Hash identifier: QePy8MiMUfdwP9ZQMo2oVzSmpZm9fbMMe+d0vJUJG/w=
Subject key identifier: DB:67:8B:EB:6C:D0:B1:78:2A:FF:81:01:20:DE:60:FF:CC:4A:49:A9
Certificate issuer: /CN=4aab65873cb2782f13c378f5543c691443d16f79
Certificate serial: 018CC79417F91444A721FF5D6DE95F4D7963
Authority key identifier: 4A:AB:65:87:3C:B2:78:2F:13:C3:78:F5:54:3C:69:14:43:D1:6F:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SqtlhzyyeC8Tw3j1VDxpFEPRb3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/aa1797-4373-4a2f-a074-c73cbe70abb9/1/22eL62zQsXgq_4EBIN5g_8xKSak.roa
Signing time: Tue 02 Jan 2024 00:30:20 +0000
ROA not before: Tue 02 Jan 2024 00:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29119
IP address blocks: 185.201.4.0/24 maxlen: 24
185.201.5.0/24 maxlen: 24
185.201.7.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:17:f9:14:44:a7:21:ff:5d:6d:e9:5f:4d:79:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4aab65873cb2782f13c378f5543c691443d16f79
Validity
Not Before: Jan 2 00:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db678beb6cd0b1782aff810120de60ffcc4a49a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f7:8f:61:c9:1d:47:30:d2:c5:20:9c:bf:99:
08:96:44:7b:b3:72:44:5f:0b:4e:be:74:df:76:15:
e6:f3:76:48:96:49:94:ef:61:8c:64:7f:f3:bd:c0:
28:48:5a:12:a6:3e:34:f0:4d:24:73:79:2d:fb:cc:
87:0d:c6:ef:ba:b5:ab:59:a2:59:91:e3:a0:64:fb:
da:33:09:35:89:de:ef:1f:44:6f:a9:93:96:ea:81:
7b:18:7a:6a:29:75:66:cd:b4:ef:ec:68:68:bf:77:
9e:be:42:8c:be:32:79:d1:db:ee:aa:5a:0d:70:49:
1a:e4:60:3c:a3:5a:eb:ae:99:de:3c:f3:e9:98:cc:
bc:47:b0:2e:b2:a7:e6:04:3d:4b:3a:08:90:ae:c4:
32:a6:58:2e:a3:d2:47:22:18:27:2f:5a:50:70:f0:
95:23:30:8c:33:68:b1:68:da:c8:00:73:69:68:3e:
81:87:ed:bb:d7:fb:9b:f2:e8:86:24:f5:ce:76:9f:
d8:e7:cf:cb:5d:0a:84:d8:1e:27:aa:cd:d0:e3:a6:
37:e8:2a:08:b2:0c:8a:b1:b8:c7:98:68:e4:85:01:
2e:2c:08:4b:df:1d:99:eb:07:c9:26:9c:11:b4:f1:
4d:ba:ed:fb:e9:4f:18:bf:92:51:41:a9:8f:4a:4a:
08:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:67:8B:EB:6C:D0:B1:78:2A:FF:81:01:20:DE:60:FF:CC:4A:49:A9
X509v3 Authority Key Identifier:
keyid:4A:AB:65:87:3C:B2:78:2F:13:C3:78:F5:54:3C:69:14:43:D1:6F:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SqtlhzyyeC8Tw3j1VDxpFEPRb3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/aa1797-4373-4a2f-a074-c73cbe70abb9/1/22eL62zQsXgq_4EBIN5g_8xKSak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/aa1797-4373-4a2f-a074-c73cbe70abb9/1/SqtlhzyyeC8Tw3j1VDxpFEPRb3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.4.0/23
185.201.7.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:bc:8f:54:85:65:48:8e:47:d2:ce:5f:dd:9a:4d:7c:dc:c5:
19:0b:9d:be:17:5e:95:97:44:98:11:bb:6a:d5:af:9c:52:78:
ad:a5:42:16:49:37:66:06:3b:09:d2:a7:65:4f:a2:fa:d6:9b:
96:44:80:dc:05:47:72:c7:8d:9a:13:f5:a2:b4:9b:5e:05:a3:
c9:78:65:29:bd:87:cb:73:6f:6d:63:26:5c:10:76:ca:0f:39:
82:7a:b5:c2:d5:f6:5a:9a:dc:73:d6:5c:ab:01:fa:d3:57:26:
29:58:3c:74:a6:2d:23:40:9a:6c:8e:ec:75:25:aa:22:cf:c7:
be:66:3c:95:d4:fc:23:58:9c:50:bc:76:37:2b:bc:bb:36:2b:
c1:8d:0a:50:05:04:21:69:ee:58:c4:97:87:06:1d:a6:cf:96:
68:47:d8:53:e5:9b:41:65:2d:a0:c4:17:d1:d2:37:57:37:eb:
11:e5:a4:ec:aa:9c:4a:7d:57:c0:6b:c6:b0:27:64:b3:6a:9e:
b8:b2:f7:d9:66:66:45:2d:db:3f:e4:57:8f:b8:ad:35:4c:48:
5d:d8:67:9b:7e:2c:e0:c0:24:b9:9e:3a:5e:dc:97:5c:5f:b0:
e8:a0:a2:2a:21:38:33:10:f7:21:e2:87:23:ca:71:76:96:25:
72:e9:61:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHlBf5FESnIf9dbelfTXljMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhYWI2NTg3M2NiMjc4MmYxM2MzNzhmNTU0M2M2OTE0NDNk
MTZmNzkwHhcNMjQwMTAyMDAzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjY3OGJlYjZjZDBiMTc4MmFmZjgxMDEyMGRlNjBmZmNjNGE0OWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfePYckdRzDSxSCcv5kIlkR7s3JE
XwtOvnTfdhXm83ZIlkmU72GMZH/zvcAoSFoSpj408E0kc3kt+8yHDcbvurWrWaJZ
keOgZPvaMwk1id7vH0RvqZOW6oF7GHpqKXVmzbTv7Ghov3eevkKMvjJ50dvuqloN
cEka5GA8o1rrrpnePPPpmMy8R7AusqfmBD1LOgiQrsQyplguo9JHIhgnL1pQcPCV
IzCMM2ixaNrIAHNpaD6Bh+271/ub8uiGJPXOdp/Y58/LXQqE2B4nqs3Q46Y36CoI
sgyKsbjHmGjkhQEuLAhL3x2Z6wfJJpwRtPFNuu376U8Yv5JRQamPSkoIhwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNtni+ts0LF4Kv+BASDeYP/MSkmpMB8GA1UdIwQY
MBaAFEqrZYc8sngvE8N49VQ8aRRD0W95MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3F0bGh6eXllQzhUdzNqMVZEeHBGRVBSYjNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9hYTE3OTctNDM3My00YTJmLWEwNzQt
YzczY2JlNzBhYmI5LzEvMjJlTDYyelFzWGdxXzRFQklONWdfOHhLU2FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9hYTE3OTctNDM3My00YTJmLWEwNzQtYzczY2JlNzBhYmI5
LzEvU3F0bGh6eXllQzhUdzNqMVZEeHBGRVBSYjNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuckEAwQA
uckHMA0GCSqGSIb3DQEBCwUAA4IBAQCdvI9UhWVIjkfSzl/dmk183MUZC52+F16V
l0SYEbtq1a+cUnitpUIWSTdmBjsJ0qdlT6L61puWRIDcBUdyx42aE/WitJteBaPJ
eGUpvYfLc29tYyZcEHbKDzmCerXC1fZamtxz1lyrAfrTVyYpWDx0pi0jQJpsjux1
Jaoiz8e+ZjyV1PwjWJxQvHY3K7y7NivBjQpQBQQhae5YxJeHBh2mz5ZoR9hT5ZtB
ZS2gxBfR0jdXN+sR5aTsqpxKfVfAa8awJ2Szap64svfZZmZFLds/5FePuK01TEhd
2GebfizgwCS5njpe3JdcX7DooKIqITgzEPch4ocjynF2liVy6WGC
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:59:01 2025 by rpki-client