Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/ed65e5-f81f-4d9d-8403-22d6cd1e1a8a/1/1coqSPvIzRCZ1S6Z5EWORCEy_NY.roa
File: 1coqSPvIzRCZ1S6Z5EWORCEy_NY.roa (raw, json)
Hash identifier: HDpNqOrJZAq1XJhPSThcDVAo56N193hVEjKsFT9RCtc=
Subject key identifier: D5:CA:2A:48:FB:C8:CD:10:99:D5:2E:99:E4:45:8E:44:21:32:FC:D6
Certificate issuer: /CN=7bc09998ce39cfdca66ecfd8dd3ac38644d3c8a6
Certificate serial: 019420D5EF2EF764291990076657D235EDE6
Authority key identifier: 7B:C0:99:98:CE:39:CF:DC:A6:6E:CF:D8:DD:3A:C3:86:44:D3:C8:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e8CZmM45z9ymbs_Y3TrDhkTTyKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/ed65e5-f81f-4d9d-8403-22d6cd1e1a8a/1/1coqSPvIzRCZ1S6Z5EWORCEy_NY.roa
Signing time: Wed 01 Jan 2025 07:47:58 +0000
ROA not before: Wed 01 Jan 2025 07:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50599
IP address blocks: 185.200.44.0/22 maxlen: 22
2a0a:aac0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:ef:2e:f7:64:29:19:90:07:66:57:d2:35:ed:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7bc09998ce39cfdca66ecfd8dd3ac38644d3c8a6
Validity
Not Before: Jan 1 07:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5ca2a48fbc8cd1099d52e99e4458e442132fcd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:22:15:28:10:80:24:e5:f2:23:7c:b9:fe:81:
2d:73:92:70:a4:a9:f8:80:ff:ce:df:16:2d:bb:6e:
10:ff:0b:da:eb:d2:c8:e4:0b:41:d1:b1:50:ce:c7:
fb:09:9b:ae:6d:4f:07:0d:d1:38:96:b3:cd:5a:40:
00:21:96:05:29:9c:91:cc:37:01:5f:fd:df:d2:c6:
a3:5f:2c:f6:2e:3d:4f:69:fc:17:35:55:7a:be:bd:
54:07:33:ec:31:b7:ff:99:f9:92:65:c3:3f:0b:22:
79:cf:b5:d2:8d:fc:a5:75:10:5c:64:6b:36:22:07:
4c:ed:28:2e:eb:15:d4:d6:1e:e4:f0:ae:96:10:4c:
d5:de:85:b4:11:3e:71:e7:ce:dd:a8:80:0a:4d:68:
f1:e9:a2:7c:07:60:9d:c1:cc:68:54:0c:0a:e1:dd:
02:98:b4:51:34:5f:55:92:f7:a4:0a:7e:6f:7c:52:
ef:48:b9:cc:bb:8f:5c:75:b2:0b:f2:2f:25:cc:08:
5a:80:8a:8d:8c:e8:c3:c1:83:db:a4:d8:8c:35:d4:
74:a7:e4:b4:52:3a:7c:ac:60:d9:73:55:dd:b4:9c:
ef:3b:24:87:5c:76:83:5c:2a:05:b8:40:67:84:10:
cc:1e:83:6b:c0:44:4d:7f:f4:e0:04:ae:75:67:13:
7a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:CA:2A:48:FB:C8:CD:10:99:D5:2E:99:E4:45:8E:44:21:32:FC:D6
X509v3 Authority Key Identifier:
keyid:7B:C0:99:98:CE:39:CF:DC:A6:6E:CF:D8:DD:3A:C3:86:44:D3:C8:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8CZmM45z9ymbs_Y3TrDhkTTyKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/ed65e5-f81f-4d9d-8403-22d6cd1e1a8a/1/1coqSPvIzRCZ1S6Z5EWORCEy_NY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/ed65e5-f81f-4d9d-8403-22d6cd1e1a8a/1/e8CZmM45z9ymbs_Y3TrDhkTTyKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.44.0/22
IPv6:
2a0a:aac0::/29
Signature Algorithm: sha256WithRSAEncryption
bf:b7:82:69:77:8e:2a:c7:bb:5f:ee:b5:f6:b8:63:5a:96:3d:
d7:bb:bf:23:5e:bc:93:63:58:2d:bd:b5:35:92:8e:63:23:25:
49:a2:dd:2b:9d:6d:80:36:f5:4a:93:f7:98:b5:c7:f5:aa:b9:
ab:25:65:78:37:71:80:d3:91:d3:53:3e:c1:62:96:84:ef:47:
b7:f9:31:d9:96:0c:07:c1:b4:05:72:50:3c:73:48:27:c3:a8:
61:fc:b4:de:b2:d1:b2:b5:93:69:ec:e8:49:a8:29:aa:2b:4a:
13:8b:65:94:2b:e9:90:90:4f:9f:98:71:aa:4d:2c:fa:c8:cd:
80:ed:14:23:84:3d:fb:de:4f:32:15:7c:b6:f5:5b:ca:83:e3:
12:1d:d7:71:98:5b:e0:ef:1b:7b:46:fa:0e:15:57:da:25:53:
d7:97:1b:72:84:ce:ed:c7:07:51:b1:33:eb:f1:4d:f8:49:5f:
41:95:5c:b6:38:7e:01:2d:cc:44:e3:e7:ff:ff:3e:4d:c3:1c:
4a:07:79:a2:62:14:e7:43:ec:dd:42:1c:75:cf:0d:34:c9:9b:
cb:81:37:97:4f:7e:c2:a7:83:80:d5:8b:73:76:06:a5:00:d6:
52:ac:46:3b:45:c9:92:49:d2:9e:7e:46:58:a6:a8:30:c8:bc:
48:2b:52:ab
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQg1e8u92QpGZAHZlfSNe3mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYzA5OTk4Y2UzOWNmZGNhNjZlY2ZkOGRkM2FjMzg2NDRk
M2M4YTYwHhcNMjUwMTAxMDc0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWNhMmE0OGZiYzhjZDEwOTlkNTJlOTllNDQ1OGU0NDIxMzJmY2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCIVKBCAJOXyI3y5/oEtc5JwpKn4
gP/O3xYtu24Q/wva69LI5AtB0bFQzsf7CZuubU8HDdE4lrPNWkAAIZYFKZyRzDcB
X/3f0sajXyz2Lj1PafwXNVV6vr1UBzPsMbf/mfmSZcM/CyJ5z7XSjfyldRBcZGs2
IgdM7Sgu6xXU1h7k8K6WEEzV3oW0ET5x587dqIAKTWjx6aJ8B2CdwcxoVAwK4d0C
mLRRNF9VkvekCn5vfFLvSLnMu49cdbIL8i8lzAhagIqNjOjDwYPbpNiMNdR0p+S0
Ujp8rGDZc1XdtJzvOySHXHaDXCoFuEBnhBDMHoNrwERNf/TgBK51ZxN6/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNXKKkj7yM0QmdUumeRFjkQhMvzWMB8GA1UdIwQY
MBaAFHvAmZjOOc/cpm7P2N06w4ZE08imMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZThDWm1NNDV6OXltYnNfWTNUckRoa1RUeUtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9lZDY1ZTUtZjgxZi00ZDlkLTg0MDMt
MjJkNmNkMWUxYThhLzEvMWNvcVNQdkl6UkNaMVM2WjVFV09SQ0V5X05ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9lZDY1ZTUtZjgxZi00ZDlkLTg0MDMtMjJkNmNkMWUxYThh
LzEvZThDWm1NNDV6OXltYnNfWTNUckRoa1RUeUtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucgsMA0E
AgACMAcDBQMqCqrAMA0GCSqGSIb3DQEBCwUAA4IBAQC/t4Jpd44qx7tf7rX2uGNa
lj3Xu78jXryTY1gtvbU1ko5jIyVJot0rnW2ANvVKk/eYtcf1qrmrJWV4N3GA05HT
Uz7BYpaE70e3+THZlgwHwbQFclA8c0gnw6hh/LTestGytZNp7OhJqCmqK0oTi2WU
K+mQkE+fmHGqTSz6yM2A7RQjhD373k8yFXy29VvKg+MSHddxmFvg7xt7RvoOFVfa
JVPXlxtyhM7txwdRsTPr8U34SV9BlVy2OH4BLcxE4+f//z5NwxxKB3miYhTnQ+zd
Qhx1zw00yZvLgTeXT37Cp4OA1YtzdgalANZSrEY7RcmSSdKefkZYpqgwyLxIK1Kr
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:18:15 2025 by rpki-client