Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/rRJd548_PkIpMA6sc3nK3IiyO3U.roa
File: rRJd548_PkIpMA6sc3nK3IiyO3U.roa (raw, json)
Hash identifier: 97V2XsCrvQlt4p/vgZlYzQkhc0Pbgm9OAK3QY8WJkYI=
Subject key identifier: AD:12:5D:E7:8F:3F:3E:42:29:30:0E:AC:73:79:CA:DC:88:B2:3B:75
Certificate issuer: /CN=8da03e0d020efc944c1eebdaee5427d365b70076
Certificate serial: 01941FFA47073F1E7C97C489178CE1AD26A8
Authority key identifier: 8D:A0:3E:0D:02:0E:FC:94:4C:1E:EB:DA:EE:54:27:D3:65:B7:00:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jaA-DQIO_JRMHuva7lQn02W3AHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/rRJd548_PkIpMA6sc3nK3IiyO3U.roa
Signing time: Wed 01 Jan 2025 03:48:03 +0000
ROA not before: Wed 01 Jan 2025 03:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202561
IP address blocks: 185.200.36.0/22 maxlen: 24
198.145.118.0/24 maxlen: 24
198.145.119.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:47:07:3f:1e:7c:97:c4:89:17:8c:e1:ad:26:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8da03e0d020efc944c1eebdaee5427d365b70076
Validity
Not Before: Jan 1 03:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad125de78f3f3e4229300eac7379cadc88b23b75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ad:bd:68:98:69:41:df:fe:e0:f2:90:28:a6:
ee:25:6b:f2:1e:99:88:ce:58:3a:a8:1e:39:95:9e:
01:5d:7c:82:78:f1:f1:eb:a2:e3:8b:b5:c8:3d:ef:
27:55:8e:6e:b9:33:4f:d6:ab:e4:a4:28:7f:1a:fc:
9c:3e:a1:5f:10:5a:a7:af:ae:3d:d0:4f:6f:ee:e6:
57:d6:c4:1b:61:98:a7:6f:ef:c0:3e:79:14:7c:30:
19:94:34:f8:95:ac:6c:1a:fe:7d:0d:54:4f:69:b5:
cd:2c:0e:bc:db:d7:02:bd:ac:0a:9a:dd:8c:32:87:
ba:f1:13:5e:92:4b:01:69:ef:58:60:4c:58:04:d1:
7a:6a:92:1a:b7:b7:77:8f:a3:f7:74:5f:1c:da:cb:
43:61:62:3d:14:96:6a:8f:2c:fd:77:30:21:d4:87:
b3:ce:4e:29:87:8f:06:83:11:cb:5c:ab:86:24:32:
bb:71:96:c5:5b:83:b2:4f:70:90:24:f7:ec:fc:5b:
91:93:dc:29:4b:97:d7:9a:cf:98:bf:7f:1b:5b:17:
52:99:4a:73:d3:64:cd:54:e7:9b:c8:47:df:fd:6d:
d0:7f:f8:ae:e4:19:9a:da:bb:8d:c9:d6:82:53:54:
08:8d:46:98:a9:5e:9c:ab:a8:bb:fb:22:c9:02:60:
25:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:12:5D:E7:8F:3F:3E:42:29:30:0E:AC:73:79:CA:DC:88:B2:3B:75
X509v3 Authority Key Identifier:
keyid:8D:A0:3E:0D:02:0E:FC:94:4C:1E:EB:DA:EE:54:27:D3:65:B7:00:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jaA-DQIO_JRMHuva7lQn02W3AHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/rRJd548_PkIpMA6sc3nK3IiyO3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/jaA-DQIO_JRMHuva7lQn02W3AHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.36.0/22
198.145.118.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:60:72:9c:4b:50:48:5d:1d:d5:ff:36:97:ab:d4:5e:e5:00:
19:00:ec:dc:de:53:78:54:ee:d4:3a:63:18:c4:7c:fa:b7:97:
1c:43:5d:05:76:06:87:9d:87:3b:22:a8:c1:df:27:60:79:5d:
54:65:09:1a:a2:d4:f6:d8:a5:cb:c4:e3:3c:c8:b1:ac:f5:54:
71:be:35:89:ad:5c:bd:34:c9:da:33:a8:55:58:ac:5d:10:b3:
28:16:e9:99:c3:f1:fa:ee:14:cd:1f:75:d1:c4:80:67:4b:b9:
85:1d:fc:97:94:c0:29:e6:9d:09:1b:98:49:69:4b:a6:1f:4f:
b7:ec:9b:79:2e:87:66:3f:9c:b8:03:aa:5a:70:d8:b0:41:9a:
8a:9d:94:00:8b:0c:9f:94:f9:a9:cf:c6:c3:7c:da:29:ea:03:
91:90:73:06:59:e2:1d:af:da:27:40:de:19:bf:30:a2:c0:01:
ac:32:82:62:26:af:c9:49:0c:57:d4:59:c8:7c:dd:d0:07:46:
27:9a:9f:1b:ab:1d:2c:bd:c6:9a:6c:6e:4f:d4:e5:2c:70:6c:
90:48:13:62:7d:0b:d9:ae:e0:4e:db:21:20:91:40:c2:63:8c:
69:23:e3:0c:8c:12:31:50:99:14:d2:20:31:13:13:de:7d:aa:
5a:01:e1:3c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQf+kcHPx58l8SJF4zhrSaoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYTAzZTBkMDIwZWZjOTQ0YzFlZWJkYWVlNTQyN2QzNjVi
NzAwNzYwHhcNMjUwMTAxMDM0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDEyNWRlNzhmM2YzZTQyMjkzMDBlYWM3Mzc5Y2FkYzg4YjIzYjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1K29aJhpQd/+4PKQKKbuJWvyHpmI
zlg6qB45lZ4BXXyCePHx66Lji7XIPe8nVY5uuTNP1qvkpCh/GvycPqFfEFqnr649
0E9v7uZX1sQbYZinb+/APnkUfDAZlDT4laxsGv59DVRPabXNLA6829cCvawKmt2M
Moe68RNekksBae9YYExYBNF6apIat7d3j6P3dF8c2stDYWI9FJZqjyz9dzAh1Iez
zk4ph48GgxHLXKuGJDK7cZbFW4OyT3CQJPfs/FuRk9wpS5fXms+Yv38bWxdSmUpz
02TNVOebyEff/W3Qf/iu5Bma2ruNydaCU1QIjUaYqV6cq6i7+yLJAmAlqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK0SXeePPz5CKTAOrHN5ytyIsjt1MB8GA1UdIwQY
MBaAFI2gPg0CDvyUTB7r2u5UJ9NltwB2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamFBLURRSU9fSlJNSHV2YTdsUW4wMlczQUhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS81NjIxMTItYWQ0NC00ZDcxLTljYjkt
ZmI3ZDdkY2EzNGE3LzEvclJKZDU0OF9Qa0lwTUE2c2MzbkszSWl5TzNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS81NjIxMTItYWQ0NC00ZDcxLTljYjktZmI3ZDdkY2EzNGE3
LzEvamFBLURRSU9fSlJNSHV2YTdsUW4wMlczQUhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCucgkAwQB
xpF2MA0GCSqGSIb3DQEBCwUAA4IBAQA8YHKcS1BIXR3V/zaXq9Re5QAZAOzc3lN4
VO7UOmMYxHz6t5ccQ10FdgaHnYc7IqjB3ydgeV1UZQkaotT22KXLxOM8yLGs9VRx
vjWJrVy9NMnaM6hVWKxdELMoFumZw/H67hTNH3XRxIBnS7mFHfyXlMAp5p0JG5hJ
aUumH0+37Jt5LodmP5y4A6pacNiwQZqKnZQAiwyflPmpz8bDfNop6gORkHMGWeId
r9onQN4ZvzCiwAGsMoJiJq/JSQxX1FnIfN3QB0Ynmp8bqx0svcaabG5P1OUscGyQ
SBNifQvZruBO2yEgkUDCY4xpI+MMjBIxUJkU0iAxExPefapaAeE8
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:27:19 2025 by rpki-client