Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/583a2c-946d-4517-8083-26985ce45978/1/4ohGnWINC3iPFe6nDpOqBOx7d2s.roa
File: 4ohGnWINC3iPFe6nDpOqBOx7d2s.roa (raw, json)
Hash identifier: 9AbJKb6HLl4DZwmq7R7PVZTsMXxo/QDCXs2EgLL85AU=
Subject key identifier: E2:88:46:9D:62:0D:0B:78:8F:15:EE:A7:0E:93:AA:04:EC:7B:77:6B
Certificate issuer: /CN=6052e1592b12ad2cd39f5be57c058535edb12b9c
Certificate serial: 01941FFA4C741D30B4CA6BA25FB87BDD5D22
Authority key identifier: 60:52:E1:59:2B:12:AD:2C:D3:9F:5B:E5:7C:05:85:35:ED:B1:2B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFLhWSsSrSzTn1vlfAWFNe2xK5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/583a2c-946d-4517-8083-26985ce45978/1/4ohGnWINC3iPFe6nDpOqBOx7d2s.roa
Signing time: Wed 01 Jan 2025 03:48:04 +0000
ROA not before: Wed 01 Jan 2025 03:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203982
IP address blocks: 185.118.8.0/22 maxlen: 22
185.118.8.0/24 maxlen: 24
185.118.9.0/24 maxlen: 24
185.118.10.0/24 maxlen: 24
185.118.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:4c:74:1d:30:b4:ca:6b:a2:5f:b8:7b:dd:5d:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6052e1592b12ad2cd39f5be57c058535edb12b9c
Validity
Not Before: Jan 1 03:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e288469d620d0b788f15eea70e93aa04ec7b776b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:44:98:5e:a4:f5:a8:5b:e1:86:ab:7f:eb:0b:
f7:62:37:c6:f6:e8:e0:db:bf:7d:69:ec:35:d3:45:
43:88:2a:b0:3d:15:f1:39:01:93:b5:a9:b3:73:78:
48:52:5c:74:ba:db:7e:56:66:3b:5d:8c:44:c8:0f:
69:33:7a:43:3c:cb:24:75:dd:21:bb:ae:83:9c:13:
e8:ef:a8:df:77:cc:3d:a3:f0:ff:c0:4c:43:8a:73:
a1:4a:a8:37:1d:5f:4b:f7:9e:c6:18:a2:fa:df:11:
bf:be:95:85:17:be:e8:c5:d9:0a:1f:50:a1:89:52:
5f:aa:a2:1a:1e:35:46:ce:ba:07:fe:c9:12:a2:fe:
28:8f:b8:a8:d8:ab:f3:69:04:0e:e4:4e:76:f4:82:
f6:c9:ef:24:b0:1f:9c:c6:87:0c:28:9a:d1:33:b1:
72:a2:79:cb:01:37:63:1d:80:5b:27:ef:54:02:86:
3c:02:05:1d:a8:fe:30:a4:e6:4f:13:6e:e2:d5:26:
5d:55:a2:19:e8:7a:68:71:1c:b3:4a:9c:71:42:83:
4d:41:b5:ed:e3:02:59:fd:a3:3b:bd:bc:20:fe:e9:
29:40:5f:c5:3a:7f:35:bf:2e:6e:a1:60:f3:2e:16:
02:93:b9:f1:4e:b1:8d:21:00:3b:26:aa:f6:b3:55:
e4:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:88:46:9D:62:0D:0B:78:8F:15:EE:A7:0E:93:AA:04:EC:7B:77:6B
X509v3 Authority Key Identifier:
keyid:60:52:E1:59:2B:12:AD:2C:D3:9F:5B:E5:7C:05:85:35:ED:B1:2B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFLhWSsSrSzTn1vlfAWFNe2xK5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/583a2c-946d-4517-8083-26985ce45978/1/4ohGnWINC3iPFe6nDpOqBOx7d2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/583a2c-946d-4517-8083-26985ce45978/1/YFLhWSsSrSzTn1vlfAWFNe2xK5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.8.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:6a:f0:01:33:00:20:67:17:b0:7e:b9:db:b2:10:43:e7:49:
ad:5c:10:9d:a9:98:de:32:d6:b8:48:57:e9:06:75:5b:02:bd:
0b:43:1a:f9:70:9e:88:04:14:ff:79:b5:e8:aa:92:ff:e9:ea:
4d:6c:4b:42:2a:71:f9:04:50:be:a2:58:02:85:e1:2b:a0:b2:
af:5e:18:48:de:f4:e7:d3:94:f2:c0:7b:bb:d0:a3:79:ae:82:
10:42:ef:03:d4:45:77:76:5d:30:e9:13:61:6b:bd:2a:ff:f8:
ed:87:c3:fe:8e:cc:c0:23:df:c4:ae:aa:49:d4:fb:82:1a:d8:
4a:1d:0e:39:0a:eb:84:2c:92:4c:5d:27:5b:a4:0d:25:1f:11:
e5:a4:a8:d4:6c:29:18:3d:1c:9d:aa:e4:86:80:d5:98:13:c3:
22:f7:45:a5:0b:c1:5a:a9:d3:d7:59:4a:7d:47:b7:0b:63:7b:
80:54:c4:b6:14:21:fb:60:1c:b9:16:cc:da:aa:7a:0a:0e:9d:
22:48:ce:4c:85:7d:8f:1a:54:16:9b:ed:16:4a:f2:de:1c:c4:
ce:02:88:2d:93:f1:5b:a0:ae:b5:70:e7:3c:62:81:30:b8:b1:
2c:b7:09:f2:da:af:25:b2:6d:be:87:01:f1:db:15:8b:be:b5:
74:24:49:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+kx0HTC0ymuiX7h73V0iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTJlMTU5MmIxMmFkMmNkMzlmNWJlNTdjMDU4NTM1ZWRi
MTJiOWMwHhcNMjUwMTAxMDM0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjg4NDY5ZDYyMGQwYjc4OGYxNWVlYTcwZTkzYWEwNGVjN2I3NzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkSYXqT1qFvhhqt/6wv3YjfG9ujg
2799aew100VDiCqwPRXxOQGTtamzc3hIUlx0utt+VmY7XYxEyA9pM3pDPMskdd0h
u66DnBPo76jfd8w9o/D/wExDinOhSqg3HV9L957GGKL63xG/vpWFF77oxdkKH1Ch
iVJfqqIaHjVGzroH/skSov4oj7io2KvzaQQO5E529IL2ye8ksB+cxocMKJrRM7Fy
onnLATdjHYBbJ+9UAoY8AgUdqP4wpOZPE27i1SZdVaIZ6HpocRyzSpxxQoNNQbXt
4wJZ/aM7vbwg/ukpQF/FOn81vy5uoWDzLhYCk7nxTrGNIQA7Jqr2s1Xk+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOKIRp1iDQt4jxXupw6TqgTse3drMB8GA1UdIwQY
MBaAFGBS4VkrEq0s059b5XwFhTXtsSucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZMaFdTc1NyU3pUbjF2bGZBV0ZOZTJ4SzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi81ODNhMmMtOTQ2ZC00NTE3LTgwODMt
MjY5ODVjZTQ1OTc4LzEvNG9oR25XSU5DM2lQRmU2bkRwT3FCT3g3ZDJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi81ODNhMmMtOTQ2ZC00NTE3LTgwODMtMjY5ODVjZTQ1OTc4
LzEvWUZMaFdTc1NyU3pUbjF2bGZBV0ZOZTJ4SzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXYIMA0G
CSqGSIb3DQEBCwUAA4IBAQC6avABMwAgZxewfrnbshBD50mtXBCdqZjeMta4SFfp
BnVbAr0LQxr5cJ6IBBT/ebXoqpL/6epNbEtCKnH5BFC+olgCheEroLKvXhhI3vTn
05TywHu70KN5roIQQu8D1EV3dl0w6RNha70q//jth8P+jszAI9/ErqpJ1PuCGthK
HQ45CuuELJJMXSdbpA0lHxHlpKjUbCkYPRydquSGgNWYE8Mi90WlC8FaqdPXWUp9
R7cLY3uAVMS2FCH7YBy5FszaqnoKDp0iSM5MhX2PGlQWm+0WSvLeHMTOAogtk/Fb
oK61cOc8YoEwuLEstwny2q8lsm2+hwHx2xWLvrV0JElr
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:05:17 2025 by rpki-client