Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/701933-8450-49ca-a3ef-69d8092b54e1/1/g8Y2TOOKVhHIEabpCmuLfqLOwz0.roa
File: g8Y2TOOKVhHIEabpCmuLfqLOwz0.roa (raw, json)
Hash identifier: c/0TsoE4PcOybpB4LfpOknZ1hO7co+C172nPxlIdcnA=
Subject key identifier: 83:C6:36:4C:E3:8A:56:11:C8:11:A6:E9:0A:6B:8B:7E:A2:CE:C3:3D
Certificate issuer: /CN=67bf353715a34dda28605fdcf7b7ae806d31159c
Certificate serial: 019427B546F805B2C5CA68CDA400702B2ABA
Authority key identifier: 67:BF:35:37:15:A3:4D:DA:28:60:5F:DC:F7:B7:AE:80:6D:31:15:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z781NxWjTdooYF_c97eugG0xFZw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/701933-8450-49ca-a3ef-69d8092b54e1/1/g8Y2TOOKVhHIEabpCmuLfqLOwz0.roa
Signing time: Thu 02 Jan 2025 15:49:39 +0000
ROA not before: Thu 02 Jan 2025 15:49:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 45040
IP address blocks: 185.216.160.0/22 maxlen: 22
2a0b:b9c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:46:f8:05:b2:c5:ca:68:cd:a4:00:70:2b:2a:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67bf353715a34dda28605fdcf7b7ae806d31159c
Validity
Not Before: Jan 2 15:49:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83c6364ce38a5611c811a6e90a6b8b7ea2cec33d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a7:26:4d:22:74:75:5b:a6:0d:12:2a:24:ef:
f7:54:d4:bf:24:0d:09:f0:0f:3e:47:e2:97:85:b8:
b7:f3:7a:53:6c:a7:8b:21:60:c4:0f:de:14:8a:05:
71:0e:5f:8c:5a:f3:72:1d:71:76:81:9a:af:f7:f6:
0a:0d:15:65:71:f4:c2:f9:9d:b0:2a:5e:be:5b:bf:
92:8c:76:f6:27:f7:0e:09:b0:58:98:28:11:cb:22:
55:f1:23:e8:c7:30:a4:0d:c9:ff:91:11:e6:70:c4:
02:d4:5e:b3:e0:17:7b:04:b8:1a:7f:9c:5d:ff:96:
e0:06:86:ff:24:69:66:bc:04:be:5a:1e:19:f1:20:
4b:a1:79:97:d3:8d:87:f1:9f:ec:75:ac:a9:77:8d:
5a:71:94:c5:e1:fb:d7:1d:a2:5d:3e:92:ac:2d:0d:
6e:81:09:1a:45:0e:95:5e:e3:d6:d7:8a:74:b2:19:
1c:df:fd:ac:32:33:2f:d8:82:a9:b5:c3:e2:bf:60:
9c:fc:a2:05:e8:4a:c6:71:fa:28:9b:58:7a:ef:e5:
2f:50:b0:a9:fb:eb:18:c9:b1:78:89:ec:12:42:56:
a7:8d:4c:7e:43:48:5c:d0:9e:10:46:09:1d:4e:84:
78:1e:b2:d7:12:03:51:3f:38:16:85:e6:9c:b0:e9:
6a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:C6:36:4C:E3:8A:56:11:C8:11:A6:E9:0A:6B:8B:7E:A2:CE:C3:3D
X509v3 Authority Key Identifier:
keyid:67:BF:35:37:15:A3:4D:DA:28:60:5F:DC:F7:B7:AE:80:6D:31:15:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z781NxWjTdooYF_c97eugG0xFZw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/701933-8450-49ca-a3ef-69d8092b54e1/1/g8Y2TOOKVhHIEabpCmuLfqLOwz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/701933-8450-49ca-a3ef-69d8092b54e1/1/Z781NxWjTdooYF_c97eugG0xFZw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.160.0/22
IPv6:
2a0b:b9c0::/32
Signature Algorithm: sha256WithRSAEncryption
1d:4c:5e:4f:77:a2:98:a8:f1:92:66:ff:e9:3a:11:b0:af:f7:
6e:de:9f:e2:68:38:9f:fc:f8:a6:c2:62:14:32:c0:43:ec:d7:
c4:54:13:c6:c8:e1:f3:a9:d3:ef:66:2d:78:37:a0:56:e7:93:
32:10:cc:39:cf:ce:3b:32:94:8c:3f:86:70:9f:ef:56:f2:f7:
a6:0f:dc:92:55:8c:91:0d:24:2b:65:8b:0b:14:90:5e:3b:14:
c7:67:2d:1d:16:cc:12:d5:be:b3:39:42:00:f3:46:52:6d:d1:
47:98:90:35:5e:d3:e3:41:eb:b8:9c:65:5a:47:46:c6:bb:61:
11:ab:4c:38:15:67:7b:39:80:d1:0a:84:d7:ba:a0:d2:96:c9:
61:45:75:7f:b1:a8:23:fe:98:07:c5:35:34:5f:4b:a7:91:0e:
ab:ab:2d:d7:fc:12:80:ba:60:7d:57:9c:ba:11:c5:c2:9b:f8:
b4:6b:47:ba:e7:b4:64:44:14:d1:a0:bf:64:17:b0:c8:34:59:
df:b5:80:80:0a:19:d3:c0:0e:87:89:1a:e2:b7:15:3d:93:b3:
47:b9:63:17:59:f7:c1:ce:b2:68:c3:22:d4:a6:4b:2b:d4:0f:
e3:ff:8a:47:0b:c9:d6:c6:0a:b7:fd:cb:f1:bc:06:00:bc:f1:
d0:db:03:bf
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQntUb4BbLFymjNpABwKyq6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YmYzNTM3MTVhMzRkZGEyODYwNWZkY2Y3YjdhZTgwNmQz
MTE1OWMwHhcNMjUwMTAyMTU0OTM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2M2MzY0Y2UzOGE1NjExYzgxMWE2ZTkwYTZiOGI3ZWEyY2VjMzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqcmTSJ0dVumDRIqJO/3VNS/JA0J
8A8+R+KXhbi383pTbKeLIWDED94UigVxDl+MWvNyHXF2gZqv9/YKDRVlcfTC+Z2w
Kl6+W7+SjHb2J/cOCbBYmCgRyyJV8SPoxzCkDcn/kRHmcMQC1F6z4Bd7BLgaf5xd
/5bgBob/JGlmvAS+Wh4Z8SBLoXmX042H8Z/sdaypd41acZTF4fvXHaJdPpKsLQ1u
gQkaRQ6VXuPW14p0shkc3/2sMjMv2IKptcPiv2Cc/KIF6ErGcfoom1h67+UvULCp
++sYybF4iewSQlanjUx+Q0hc0J4QRgkdToR4HrLXEgNRPzgWheacsOlq1QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIPGNkzjilYRyBGm6Qpri36izsM9MB8GA1UdIwQY
MBaAFGe/NTcVo03aKGBf3Pe3roBtMRWcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjc4MU54V2pUZG9vWUZfYzk3ZXVnRzB4Rlp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS83MDE5MzMtODQ1MC00OWNhLWEzZWYt
NjlkODA5MmI1NGUxLzEvZzhZMlRPT0tWaEhJRWFicENtdUxmcUxPd3owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS83MDE5MzMtODQ1MC00OWNhLWEzZWYtNjlkODA5MmI1NGUx
LzEvWjc4MU54V2pUZG9vWUZfYzk3ZXVnRzB4Rlp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudigMA0E
AgACMAcDBQAqC7nAMA0GCSqGSIb3DQEBCwUAA4IBAQAdTF5Pd6KYqPGSZv/pOhGw
r/du3p/iaDif/PimwmIUMsBD7NfEVBPGyOHzqdPvZi14N6BW55MyEMw5z847MpSM
P4Zwn+9W8vemD9ySVYyRDSQrZYsLFJBeOxTHZy0dFswS1b6zOUIA80ZSbdFHmJA1
XtPjQeu4nGVaR0bGu2ERq0w4FWd7OYDRCoTXuqDSlslhRXV/sagj/pgHxTU0X0un
kQ6rqy3X/BKAumB9V5y6EcXCm/i0a0e657RkRBTRoL9kF7DINFnftYCAChnTwA6H
iRritxU9k7NHuWMXWffBzrJowyLUpksr1A/j/4pHC8nWxgq3/cvxvAYAvPHQ2wO/
-----END CERTIFICATE-----
Generated at Sat Apr 26 04:00:48 2025 by rpki-client