Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1a325-8eac-45a2-b576-dd2125abcf5d/1/aT8817yVFLQrfaIblDCkgZ725GY.roa
File: aT8817yVFLQrfaIblDCkgZ725GY.roa (raw, json)
Hash identifier: 5ZUBj7ckV68dy+Lh+e27bKgrRdp6uXEtSYYnX2eHXN8=
Subject key identifier: 69:3F:3C:D7:BC:95:14:B4:2B:7D:A2:1B:94:30:A4:81:9E:F6:E4:66
Certificate issuer: /CN=d2de05d3ca750dd5c27eebfa5539c20b7d2829cf
Certificate serial: 018CC87044B201E86216948DB06D01F9EB9A
Authority key identifier: D2:DE:05:D3:CA:75:0D:D5:C2:7E:EB:FA:55:39:C2:0B:7D:28:29:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0t4F08p1DdXCfuv6VTnCC30oKc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1a325-8eac-45a2-b576-dd2125abcf5d/1/aT8817yVFLQrfaIblDCkgZ725GY.roa
Signing time: Tue 02 Jan 2024 04:30:49 +0000
ROA not before: Tue 02 Jan 2024 04:30:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202658
IP address blocks: 185.157.184.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:44:b2:01:e8:62:16:94:8d:b0:6d:01:f9:eb:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2de05d3ca750dd5c27eebfa5539c20b7d2829cf
Validity
Not Before: Jan 2 04:30:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=693f3cd7bc9514b42b7da21b9430a4819ef6e466
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:36:88:df:c0:c9:4e:f3:fc:f0:8a:f3:05:2f:
d6:61:53:81:49:be:5e:48:83:f7:2b:a1:88:0e:a0:
4f:cd:78:2f:4b:1b:11:28:24:b8:db:fa:5f:a2:93:
cd:be:8a:db:6b:b2:95:b2:60:93:02:85:de:f0:51:
c8:4c:32:f4:fa:3c:48:bf:9c:0f:0f:33:e8:66:da:
84:07:66:ce:bb:ed:ac:a4:2b:6f:95:31:2f:70:66:
ab:22:4b:14:1d:7e:3e:54:db:0f:5e:8e:85:3c:f2:
10:76:40:86:65:3a:06:58:b8:c0:9b:71:e5:2f:f2:
5a:3b:94:d8:87:cc:4c:16:58:fa:38:bc:26:74:7a:
10:ae:13:74:a4:55:68:29:44:42:46:45:4e:01:c4:
08:3a:26:78:ba:d8:9a:cf:06:cf:f9:eb:15:0d:0d:
63:94:50:d7:4a:17:1a:07:91:d3:6c:40:e0:c2:88:
7b:15:99:18:da:42:01:6b:87:5e:94:8f:c5:8e:41:
ab:59:41:3c:27:bd:7f:b2:e3:ca:f5:6c:3c:0e:49:
39:5c:db:24:21:a2:8e:cb:d8:97:b5:72:51:7a:ee:
6c:62:ed:dd:cf:e2:86:5e:fd:62:12:aa:80:c9:56:
d5:3f:56:3b:d4:3f:39:54:56:78:34:c1:96:40:6d:
bb:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:3F:3C:D7:BC:95:14:B4:2B:7D:A2:1B:94:30:A4:81:9E:F6:E4:66
X509v3 Authority Key Identifier:
keyid:D2:DE:05:D3:CA:75:0D:D5:C2:7E:EB:FA:55:39:C2:0B:7D:28:29:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0t4F08p1DdXCfuv6VTnCC30oKc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1a325-8eac-45a2-b576-dd2125abcf5d/1/aT8817yVFLQrfaIblDCkgZ725GY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1a325-8eac-45a2-b576-dd2125abcf5d/1/0t4F08p1DdXCfuv6VTnCC30oKc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.184.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:2a:7c:28:59:75:92:2f:6a:88:1b:99:ba:42:ec:aa:87:f7:
07:40:09:57:b3:11:4a:ce:3e:ce:14:30:b3:97:62:3a:e8:87:
32:ed:5e:c1:07:a6:79:84:bd:db:1e:66:49:36:db:cf:99:1b:
4c:e9:52:c7:29:a4:c4:cb:c9:33:ce:f3:4c:3b:69:20:3d:31:
18:55:e6:db:17:65:37:30:22:04:69:67:9f:de:3f:7d:34:6c:
df:90:45:ae:fa:e4:23:17:61:6c:d3:66:d3:22:10:c4:0f:7c:
2b:83:15:6f:97:87:1d:66:8a:3e:15:81:0d:fa:1d:3d:95:ff:
e3:20:41:93:09:b4:c4:c5:39:a1:8b:43:11:c2:bd:a1:c3:86:
c4:d7:1b:8d:2f:b9:0f:02:1f:12:92:e0:69:a0:c1:3f:af:c8:
3b:46:3c:4c:22:68:25:02:b4:bf:7a:4f:65:f0:ca:45:6f:48:
f9:4b:48:d2:5e:00:9c:f9:a4:4b:dc:3f:36:ef:1a:0c:81:d1:
9d:ca:f5:db:08:7f:4d:52:f8:e1:26:90:1b:46:3a:e5:c9:1e:
94:ac:e6:38:c9:b0:c5:1a:3e:86:e1:4b:4e:11:8d:14:f2:6b:
a6:a1:ae:b0:84:8f:2d:66:7c:d5:72:ac:31:9b:0d:7c:fa:98:
bb:b1:02:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcESyAehiFpSNsG0B+euaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZGUwNWQzY2E3NTBkZDVjMjdlZWJmYTU1MzljMjBiN2Qy
ODI5Y2YwHhcNMjQwMTAyMDQzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTNmM2NkN2JjOTUxNGI0MmI3ZGEyMWI5NDMwYTQ4MTllZjZlNDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1TaI38DJTvP88IrzBS/WYVOBSb5e
SIP3K6GIDqBPzXgvSxsRKCS42/pfopPNvorba7KVsmCTAoXe8FHITDL0+jxIv5wP
DzPoZtqEB2bOu+2spCtvlTEvcGarIksUHX4+VNsPXo6FPPIQdkCGZToGWLjAm3Hl
L/JaO5TYh8xMFlj6OLwmdHoQrhN0pFVoKURCRkVOAcQIOiZ4utiazwbP+esVDQ1j
lFDXShcaB5HTbEDgwoh7FZkY2kIBa4delI/FjkGrWUE8J71/suPK9Ww8Dkk5XNsk
IaKOy9iXtXJReu5sYu3dz+KGXv1iEqqAyVbVP1Y71D85VFZ4NMGWQG27WwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGk/PNe8lRS0K32iG5QwpIGe9uRmMB8GA1UdIwQY
MBaAFNLeBdPKdQ3Vwn7r+lU5wgt9KCnPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHQ0RjA4cDFEZFhDZnV2NlZUbkNDMzBvS2M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWEzMjUtOGVhYy00NWEyLWI1NzYt
ZGQyMTI1YWJjZjVkLzEvYVQ4ODE3eVZGTFFyZmFJYmxEQ2tnWjcyNUdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWEzMjUtOGVhYy00NWEyLWI1NzYtZGQyMTI1YWJjZjVk
LzEvMHQ0RjA4cDFEZFhDZnV2NlZUbkNDMzBvS2M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZ24MA0G
CSqGSIb3DQEBCwUAA4IBAQCfKnwoWXWSL2qIG5m6Quyqh/cHQAlXsxFKzj7OFDCz
l2I66Icy7V7BB6Z5hL3bHmZJNtvPmRtM6VLHKaTEy8kzzvNMO2kgPTEYVebbF2U3
MCIEaWef3j99NGzfkEWu+uQjF2Fs02bTIhDED3wrgxVvl4cdZoo+FYEN+h09lf/j
IEGTCbTExTmhi0MRwr2hw4bE1xuNL7kPAh8SkuBpoME/r8g7RjxMImglArS/ek9l
8MpFb0j5S0jSXgCc+aRL3D827xoMgdGdyvXbCH9NUvjhJpAbRjrlyR6UrOY4ybDF
Gj6G4UtOEY0U8mumoa6whI8tZnzVcqwxmw18+pi7sQIm
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:19 2025 by rpki-client