Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/ac13e2-2a29-4e70-859b-6c30b8ef63b4/1/lCcGP0By4bIb2j9yw6HrKNh92kU.roa
File: lCcGP0By4bIb2j9yw6HrKNh92kU.roa (raw, json)
Hash identifier: t9iVYIQlwyfQhFcfEUNBvyEmQUHPHIQDyPcnFJPqupY=
Subject key identifier: 94:27:06:3F:40:72:E1:B2:1B:DA:3F:72:C3:A1:EB:28:D8:7D:DA:45
Certificate issuer: /CN=9097f97237ef366de5ab6d758eee543e08d57f5c
Certificate serial: 0190FDCDD9F0A447032AA2FDF609FE91CFC8
Authority key identifier: 90:97:F9:72:37:EF:36:6D:E5:AB:6D:75:8E:EE:54:3E:08:D5:7F:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kJf5cjfvNm3lq211ju5UPgjVf1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/ac13e2-2a29-4e70-859b-6c30b8ef63b4/1/lCcGP0By4bIb2j9yw6HrKNh92kU.roa
Signing time: Mon 29 Jul 2024 09:24:04 +0000
ROA not before: Mon 29 Jul 2024 09:24:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48846
IP address blocks: 185.228.96.0/24 maxlen: 24
185.228.97.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fd:cd:d9:f0:a4:47:03:2a:a2:fd:f6:09:fe:91:cf:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9097f97237ef366de5ab6d758eee543e08d57f5c
Validity
Not Before: Jul 29 09:24:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9427063f4072e1b21bda3f72c3a1eb28d87dda45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:69:66:f0:49:3b:9f:a0:a8:e1:3a:8b:a1:22:
4e:bd:f5:fb:cf:58:40:fd:90:ff:da:c6:5d:ec:6b:
5b:69:76:4f:ee:d9:06:38:be:09:0b:d7:ad:ec:ae:
4f:a5:17:bc:54:97:41:b4:5b:ba:f3:ca:17:5e:bf:
6c:0f:0e:9f:4b:06:b8:8e:e9:dc:1d:23:ba:10:82:
10:4c:80:df:32:f3:4a:0c:9e:9c:c1:58:8f:1f:03:
3a:91:93:10:34:de:3a:0d:07:ae:07:7a:9f:b9:03:
9d:52:d9:a1:8f:d1:8e:01:2d:38:5d:31:60:92:e7:
16:ae:4a:95:f9:ed:77:c3:d0:04:14:40:1c:a0:d9:
6f:f4:4d:c3:02:4d:da:29:20:ff:88:b0:33:e1:bb:
e8:8c:e3:89:a8:67:58:02:33:74:0a:de:18:00:1d:
7a:07:ca:57:ca:ff:49:03:31:6e:4a:d2:b2:c8:66:
0a:15:20:90:81:e3:55:98:04:82:37:92:72:b2:c2:
63:06:93:4d:bb:48:54:be:88:97:df:7c:66:e1:aa:
4c:06:f3:24:c7:1e:f0:3e:54:e8:28:d3:e4:5d:54:
f0:0d:91:c9:e7:35:8e:df:fe:07:45:53:cc:39:81:
ee:e3:40:63:a9:8b:75:66:fa:c0:47:e8:4a:5c:5b:
36:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:27:06:3F:40:72:E1:B2:1B:DA:3F:72:C3:A1:EB:28:D8:7D:DA:45
X509v3 Authority Key Identifier:
keyid:90:97:F9:72:37:EF:36:6D:E5:AB:6D:75:8E:EE:54:3E:08:D5:7F:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kJf5cjfvNm3lq211ju5UPgjVf1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/ac13e2-2a29-4e70-859b-6c30b8ef63b4/1/lCcGP0By4bIb2j9yw6HrKNh92kU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/ac13e2-2a29-4e70-859b-6c30b8ef63b4/1/kJf5cjfvNm3lq211ju5UPgjVf1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.96.0/23
Signature Algorithm: sha256WithRSAEncryption
80:72:b9:0b:16:52:2a:37:14:e8:ef:34:f8:52:33:09:45:18:
af:71:41:50:71:bf:63:1d:43:05:03:3c:6d:d9:ae:60:5b:60:
49:3e:4f:3b:64:e3:33:5b:25:32:12:2a:f4:5d:5d:f2:10:4c:
32:13:78:84:6e:6e:5d:2e:cb:75:55:99:ac:bb:0a:dc:76:41:
aa:a6:fe:6c:4f:30:55:df:b2:4b:05:8b:a7:a3:2b:c1:d1:1a:
4b:2b:49:47:e0:1f:13:7d:bb:9b:90:00:11:6e:0b:51:f1:87:
ae:b1:8c:ef:9c:98:8e:7a:f2:b8:eb:0c:02:d0:25:19:5e:09:
eb:fe:3a:7d:49:00:d1:8d:de:3e:85:d4:b0:e0:b9:70:29:40:
04:8a:33:43:3f:5a:81:91:7d:6d:99:73:42:db:26:9a:1a:8d:
ba:85:6a:08:18:02:62:4c:ed:43:36:e0:14:74:d9:54:68:77:
e6:81:28:01:5e:00:98:43:67:14:f3:53:9d:3e:11:69:10:e2:
6e:1e:0e:81:1b:fd:a9:29:17:a5:cf:00:31:80:62:75:23:ac:
42:a9:3c:9b:fd:5d:24:a9:29:fe:81:8c:52:1b:ce:d3:23:c6:
35:70:33:db:6e:02:32:ee:22:b7:d2:00:cb:12:cd:be:29:ad:
8f:e7:1b:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZD9zdnwpEcDKqL99gn+kc/IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwOTdmOTcyMzdlZjM2NmRlNWFiNmQ3NThlZWU1NDNlMDhk
NTdmNWMwHhcNMjQwNzI5MDkyNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDI3MDYzZjQwNzJlMWIyMWJkYTNmNzJjM2ExZWIyOGQ4N2RkYTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA22lm8Ek7n6Co4TqLoSJOvfX7z1hA
/ZD/2sZd7GtbaXZP7tkGOL4JC9et7K5PpRe8VJdBtFu688oXXr9sDw6fSwa4junc
HSO6EIIQTIDfMvNKDJ6cwViPHwM6kZMQNN46DQeuB3qfuQOdUtmhj9GOAS04XTFg
kucWrkqV+e13w9AEFEAcoNlv9E3DAk3aKSD/iLAz4bvojOOJqGdYAjN0Ct4YAB16
B8pXyv9JAzFuStKyyGYKFSCQgeNVmASCN5JyssJjBpNNu0hUvoiX33xm4apMBvMk
xx7wPlToKNPkXVTwDZHJ5zWO3/4HRVPMOYHu40BjqYt1ZvrAR+hKXFs2eQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJQnBj9AcuGyG9o/csOh6yjYfdpFMB8GA1UdIwQY
MBaAFJCX+XI37zZt5attdY7uVD4I1X9cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0pmNWNqZnZObTNscTIxMWp1NVVQZ2pWZjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9hYzEzZTItMmEyOS00ZTcwLTg1OWIt
NmMzMGI4ZWY2M2I0LzEvbENjR1AwQnk0YkliMmo5eXc2SHJLTmg5MmtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9hYzEzZTItMmEyOS00ZTcwLTg1OWItNmMzMGI4ZWY2M2I0
LzEva0pmNWNqZnZObTNscTIxMWp1NVVQZ2pWZjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBueRgMA0G
CSqGSIb3DQEBCwUAA4IBAQCAcrkLFlIqNxTo7zT4UjMJRRivcUFQcb9jHUMFAzxt
2a5gW2BJPk87ZOMzWyUyEir0XV3yEEwyE3iEbm5dLst1VZmsuwrcdkGqpv5sTzBV
37JLBYunoyvB0RpLK0lH4B8TfbubkAARbgtR8YeusYzvnJiOevK46wwC0CUZXgnr
/jp9SQDRjd4+hdSw4LlwKUAEijNDP1qBkX1tmXNC2yaaGo26hWoIGAJiTO1DNuAU
dNlUaHfmgSgBXgCYQ2cU81OdPhFpEOJuHg6BG/2pKRelzwAxgGJ1I6xCqTyb/V0k
qSn+gYxSG87TI8Y1cDPbbgIy7iK30gDLEs2+Ka2P5xuE
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:02:54 2025 by rpki-client