Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/d3bfe6-78b5-437b-98e9-b914159ba8ad/1/o5N_jAG9g_aL4MkwpX9OBq0Dy-k.roa
File: o5N_jAG9g_aL4MkwpX9OBq0Dy-k.roa (raw, json)
Hash identifier: M8ydZ1fG/pikMq2g2Lj2Oo2CSVv2VUo2aqU5TzG0PFg=
Subject key identifier: A3:93:7F:8C:01:BD:83:F6:8B:E0:C9:30:A5:7F:4E:06:AD:03:CB:E9
Certificate issuer: /CN=fa70b42d7af6ad78222b30f05f2b7913f8063570
Certificate serial: 019423692C396008EA265AE61F49CD6E1724
Authority key identifier: FA:70:B4:2D:7A:F6:AD:78:22:2B:30:F0:5F:2B:79:13:F8:06:35:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-nC0LXr2rXgiKzDwXyt5E_gGNXA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/d3bfe6-78b5-437b-98e9-b914159ba8ad/1/o5N_jAG9g_aL4MkwpX9OBq0Dy-k.roa
Signing time: Wed 01 Jan 2025 19:48:02 +0000
ROA not before: Wed 01 Jan 2025 19:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35332
IP address blocks: 185.100.192.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:2c:39:60:08:ea:26:5a:e6:1f:49:cd:6e:17:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa70b42d7af6ad78222b30f05f2b7913f8063570
Validity
Not Before: Jan 1 19:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3937f8c01bd83f68be0c930a57f4e06ad03cbe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:e4:40:17:84:cf:a5:a6:86:be:4f:46:af:cd:
6d:a2:3d:24:e5:42:f6:01:c8:44:da:07:51:a5:3d:
bd:be:bd:99:59:a2:6f:f3:59:dd:74:a4:b5:7a:95:
48:28:58:a0:74:57:31:86:39:a6:ae:91:28:51:e5:
32:c5:ff:b2:c1:57:dd:3b:45:f5:85:55:d5:06:f6:
c0:32:79:73:12:4e:68:f5:f7:cc:e3:f7:8d:db:0f:
4b:88:10:4f:e5:f2:07:24:0a:4d:be:f7:76:62:30:
be:6b:1c:fc:48:30:42:1f:03:25:4a:ac:bc:0d:dc:
e0:b7:29:19:96:47:c7:bc:a6:cb:63:2a:52:5a:68:
a3:5d:40:ff:fb:b5:10:59:3d:c5:be:ba:5b:bc:d0:
11:ef:64:43:fc:a2:af:91:d7:7e:fa:5f:78:b1:32:
e4:50:8c:bd:f3:b8:f7:40:52:41:af:b9:ab:ab:08:
68:03:c6:ce:34:b6:ff:ad:a8:26:c5:d1:cb:ac:50:
9c:97:22:0a:e0:e8:d2:0c:76:51:bd:b1:33:8e:41:
02:88:dc:46:04:5c:07:13:cf:22:9b:85:a3:f5:30:
07:b3:83:12:4d:aa:50:cb:5d:8f:62:11:18:78:bf:
46:9b:54:38:cc:a6:a9:f2:77:2f:83:2b:11:55:da:
90:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:93:7F:8C:01:BD:83:F6:8B:E0:C9:30:A5:7F:4E:06:AD:03:CB:E9
X509v3 Authority Key Identifier:
keyid:FA:70:B4:2D:7A:F6:AD:78:22:2B:30:F0:5F:2B:79:13:F8:06:35:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-nC0LXr2rXgiKzDwXyt5E_gGNXA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/d3bfe6-78b5-437b-98e9-b914159ba8ad/1/o5N_jAG9g_aL4MkwpX9OBq0Dy-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/d3bfe6-78b5-437b-98e9-b914159ba8ad/1/1-nC0LXr2rXgiKzDwXyt5E_gGNXA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.192.0/22
Signature Algorithm: sha256WithRSAEncryption
c1:18:ca:a6:9e:81:6a:d6:8e:35:37:20:f2:93:20:f4:74:31:
0b:69:96:bc:c3:78:bd:ec:4a:00:0e:78:48:04:c6:f8:4a:c6:
20:95:a1:f3:0c:f6:60:b9:45:87:8b:25:c1:db:a2:67:83:95:
6b:9f:17:b8:fc:af:70:91:fc:76:7e:81:9d:f1:55:8d:47:02:
f1:2a:2d:5e:9c:35:0b:2f:70:e8:31:7f:d1:7b:04:5b:e7:dd:
6d:6b:03:e7:5d:8d:3e:f6:f5:b2:19:50:93:cb:60:77:f6:84:
70:e7:96:c7:65:72:3c:71:8c:2f:4f:84:da:7f:75:15:f7:e0:
bc:f5:43:23:47:80:53:ae:73:7c:6a:b4:aa:44:9a:da:f4:bb:
9d:2a:01:4f:05:db:a6:02:4f:8d:3e:2b:3c:8b:93:f9:b7:85:
1e:69:e0:da:70:46:d0:a5:f1:2d:1c:b6:46:49:fe:05:8f:5e:
b0:75:7f:ad:e2:b3:82:45:fb:27:67:24:76:09:8b:bc:e2:14:
fa:8f:69:9b:4c:58:8d:18:ed:31:6d:3d:e4:ea:f4:ee:ca:44:
da:d3:b1:69:87:c1:69:a3:c1:fa:33:35:dc:93:5d:54:a9:65:
04:0a:03:29:1d:14:76:51:de:5c:7c:0e:3f:61:a5:83:89:01:
16:1e:47:25
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQjaSw5YAjqJlrmH0nNbhckMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhNzBiNDJkN2FmNmFkNzgyMjJiMzBmMDVmMmI3OTEzZjgw
NjM1NzAwHhcNMjUwMTAxMTk0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzkzN2Y4YzAxYmQ4M2Y2OGJlMGM5MzBhNTdmNGUwNmFkMDNjYmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+RAF4TPpaaGvk9Gr81toj0k5UL2
AchE2gdRpT29vr2ZWaJv81nddKS1epVIKFigdFcxhjmmrpEoUeUyxf+ywVfdO0X1
hVXVBvbAMnlzEk5o9ffM4/eN2w9LiBBP5fIHJApNvvd2YjC+axz8SDBCHwMlSqy8
DdzgtykZlkfHvKbLYypSWmijXUD/+7UQWT3FvrpbvNAR72RD/KKvkdd++l94sTLk
UIy987j3QFJBr7mrqwhoA8bONLb/ragmxdHLrFCclyIK4OjSDHZRvbEzjkECiNxG
BFwHE88im4Wj9TAHs4MSTapQy12PYhEYeL9Gm1Q4zKap8ncvgysRVdqQuwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKOTf4wBvYP2i+DJMKV/TgatA8vpMB8GA1UdIwQY
MBaAFPpwtC169q14Iisw8F8reRP4BjVwMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1uQzBMWHIyclhnaUt6RHdYeXQ1RV9nR05YQS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEvZDNiZmU2LTc4YjUtNDM3Yi05OGU5
LWI5MTQxNTliYThhZC8xL281Tl9qQUc5Z19hTDRNa3dwWDlPQnEwRHktay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmEvZDNiZmU2LTc4YjUtNDM3Yi05OGU5LWI5MTQxNTliYThh
ZC8xLzEtbkMwTFhyMnJYZ2lLekR3WHl0NUVfZ0dOWEEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK5ZMAw
DQYJKoZIhvcNAQELBQADggEBAMEYyqaegWrWjjU3IPKTIPR0MQtplrzDeL3sSgAO
eEgExvhKxiCVofMM9mC5RYeLJcHbomeDlWufF7j8r3CR/HZ+gZ3xVY1HAvEqLV6c
NQsvcOgxf9F7BFvn3W1rA+ddjT729bIZUJPLYHf2hHDnlsdlcjxxjC9PhNp/dRX3
4Lz1QyNHgFOuc3xqtKpEmtr0u50qAU8F26YCT40+KzyLk/m3hR5p4NpwRtCl8S0c
tkZJ/gWPXrB1f63is4JF+ydnJHYJi7ziFPqPaZtMWI0Y7TFtPeTq9O7KRNrTsWmH
wWmjwfozNdyTXVSpZQQKAykdFHZR3lx8Dj9hpYOJARYeRyU=
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:54:54 2025 by rpki-client