Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/dacb92-ff70-49fe-b4b8-8989b4caa206/1/i1y7TAu4eZuINLnbMHWhraWkV7Q.roa
File: i1y7TAu4eZuINLnbMHWhraWkV7Q.roa (raw, json)
Hash identifier: 5W2nC+zCGbvk80Gay8OtFwwtbb47Ru26+BBu/lW2iZI=
Subject key identifier: 8B:5C:BB:4C:0B:B8:79:9B:88:34:B9:DB:30:75:A1:AD:A5:A4:57:B4
Certificate issuer: /CN=6315dd0ba11fdaf74d53b956fc1c846a7e2f61fe
Certificate serial: 019424B2C9374B6BECF94BB264BE84D1C2D8
Authority key identifier: 63:15:DD:0B:A1:1F:DA:F7:4D:53:B9:56:FC:1C:84:6A:7E:2F:61:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YxXdC6Ef2vdNU7lW_ByEan4vYf4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/dacb92-ff70-49fe-b4b8-8989b4caa206/1/i1y7TAu4eZuINLnbMHWhraWkV7Q.roa
Signing time: Thu 02 Jan 2025 01:48:04 +0000
ROA not before: Thu 02 Jan 2025 01:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200653
IP address blocks: 185.100.28.0/22 maxlen: 22
185.100.28.0/23 maxlen: 23
185.100.28.0/24 maxlen: 24
185.100.29.0/24 maxlen: 24
185.100.30.0/23 maxlen: 23
185.100.30.0/24 maxlen: 24
185.100.31.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:c9:37:4b:6b:ec:f9:4b:b2:64:be:84:d1:c2:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6315dd0ba11fdaf74d53b956fc1c846a7e2f61fe
Validity
Not Before: Jan 2 01:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b5cbb4c0bb8799b8834b9db3075a1ada5a457b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b7:1a:43:85:a2:98:e4:c5:a0:e1:79:53:1d:
a6:50:e7:09:a8:27:54:0e:a3:5a:1f:09:7c:e2:83:
b4:f0:a2:95:73:fb:7c:c4:76:47:03:5b:51:38:6a:
bd:e0:ad:b3:90:7a:f7:f0:08:66:26:87:6f:2d:0b:
10:da:0e:20:88:3c:7f:9e:c4:36:c5:f8:19:5e:19:
06:1e:c8:2d:0c:f8:06:aa:a1:20:47:a8:b8:f5:23:
df:17:49:40:c5:26:42:48:34:13:19:53:13:a3:a6:
49:33:ca:92:60:d4:dd:91:15:0c:b0:6b:12:06:a0:
41:29:7b:8f:06:11:92:a6:64:b8:6a:1f:a7:5d:89:
33:74:57:5b:41:65:e7:0b:7f:1f:16:97:f3:00:9b:
81:e7:e4:89:6a:02:07:dd:0b:bb:7f:89:12:4b:34:
69:f7:6d:b6:bd:df:d2:a4:f6:35:7a:ab:25:f9:1f:
47:b0:de:2e:97:bf:9f:9c:0e:93:b6:01:6f:71:ce:
c6:08:82:14:40:1f:d4:10:5b:23:76:a9:c7:7b:69:
2c:13:64:d7:a0:cd:4e:35:f5:cf:b2:e7:7e:4c:60:
81:1c:87:75:34:1a:2a:86:bb:f6:e5:43:5a:36:ec:
d9:68:38:f6:a4:f2:2d:21:b6:ee:60:2b:e0:eb:4f:
22:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:5C:BB:4C:0B:B8:79:9B:88:34:B9:DB:30:75:A1:AD:A5:A4:57:B4
X509v3 Authority Key Identifier:
keyid:63:15:DD:0B:A1:1F:DA:F7:4D:53:B9:56:FC:1C:84:6A:7E:2F:61:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YxXdC6Ef2vdNU7lW_ByEan4vYf4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/dacb92-ff70-49fe-b4b8-8989b4caa206/1/i1y7TAu4eZuINLnbMHWhraWkV7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/dacb92-ff70-49fe-b4b8-8989b4caa206/1/YxXdC6Ef2vdNU7lW_ByEan4vYf4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.28.0/22
Signature Algorithm: sha256WithRSAEncryption
05:39:c8:76:c7:6e:3a:59:d2:c8:8d:b5:ad:f9:3d:7f:68:ce:
6e:86:9c:5d:cd:e9:15:bf:80:24:34:1c:ce:06:0e:d2:74:5e:
72:f0:b9:d3:9f:5d:6c:6e:33:a2:7a:c7:10:6a:85:83:ad:fa:
79:dc:58:5d:c3:e4:16:b0:8d:30:c5:67:f6:fa:ec:cf:30:a9:
75:9f:20:12:4a:70:d3:7a:56:56:79:d2:e6:ec:23:5f:24:03:
57:fa:ff:00:93:91:a6:5a:91:de:36:22:4e:ac:a9:bf:7c:f0:
99:1b:c1:39:03:2d:33:91:e2:dc:1a:c2:70:c8:e3:f5:21:9a:
b6:be:dd:b6:21:f3:53:45:8c:94:03:42:a9:07:03:40:f6:61:
04:1a:4f:ca:23:91:89:7e:fb:83:86:77:e9:01:89:72:d4:59:
d1:27:33:91:2a:50:93:ad:2f:dd:ea:74:c1:f5:f2:6a:1f:68:
7b:aa:85:2d:1b:2b:66:21:e5:e8:b5:07:f1:33:c2:3b:d6:a0:
cb:d3:be:c0:ad:f3:05:aa:3f:50:f9:2c:d1:87:02:12:e3:7c:
2b:ba:92:6d:ce:7a:fe:f4:04:e9:a8:8b:e4:da:40:f0:38:1c:
52:dc:53:d5:20:73:29:98:1f:f9:b7:21:14:2b:1b:72:fd:99:
9f:ee:69:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkssk3S2vs+UuyZL6E0cLYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMTVkZDBiYTExZmRhZjc0ZDUzYjk1NmZjMWM4NDZhN2Uy
ZjYxZmUwHhcNMjUwMTAyMDE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjVjYmI0YzBiYjg3OTliODgzNGI5ZGIzMDc1YTFhZGE1YTQ1N2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LcaQ4WimOTFoOF5Ux2mUOcJqCdU
DqNaHwl84oO08KKVc/t8xHZHA1tROGq94K2zkHr38AhmJodvLQsQ2g4giDx/nsQ2
xfgZXhkGHsgtDPgGqqEgR6i49SPfF0lAxSZCSDQTGVMTo6ZJM8qSYNTdkRUMsGsS
BqBBKXuPBhGSpmS4ah+nXYkzdFdbQWXnC38fFpfzAJuB5+SJagIH3Qu7f4kSSzRp
9222vd/SpPY1eqsl+R9HsN4ul7+fnA6TtgFvcc7GCIIUQB/UEFsjdqnHe2ksE2TX
oM1ONfXPsud+TGCBHId1NBoqhrv25UNaNuzZaDj2pPItIbbuYCvg608ivQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFItcu0wLuHmbiDS52zB1oa2lpFe0MB8GA1UdIwQY
MBaAFGMV3QuhH9r3TVO5VvwchGp+L2H+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXhYZEM2RWYydmROVTdsV19CeUVhbjR2WWY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9kYWNiOTItZmY3MC00OWZlLWI0Yjgt
ODk4OWI0Y2FhMjA2LzEvaTF5N1RBdTRlWnVJTkxuYk1IV2hyYVdrVjdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9kYWNiOTItZmY3MC00OWZlLWI0YjgtODk4OWI0Y2FhMjA2
LzEvWXhYZEM2RWYydmROVTdsV19CeUVhbjR2WWY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWQcMA0G
CSqGSIb3DQEBCwUAA4IBAQAFOch2x246WdLIjbWt+T1/aM5uhpxdzekVv4AkNBzO
Bg7SdF5y8LnTn11sbjOiescQaoWDrfp53Fhdw+QWsI0wxWf2+uzPMKl1nyASSnDT
elZWedLm7CNfJANX+v8Ak5GmWpHeNiJOrKm/fPCZG8E5Ay0zkeLcGsJwyOP1IZq2
vt22IfNTRYyUA0KpBwNA9mEEGk/KI5GJfvuDhnfpAYly1FnRJzORKlCTrS/d6nTB
9fJqH2h7qoUtGytmIeXotQfxM8I71qDL077ArfMFqj9Q+SzRhwIS43wrupJtznr+
9ATpqIvk2kDwOBxS3FPVIHMpmB/5tyEUKxty/Zmf7mmU
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:23 2025 by rpki-client