Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/4ebc33-ee54-437c-8a1b-dec4807cd7e6/1/cvkG_y1cL0YAHfjQA7tH3oSS1BM.roa
File: cvkG_y1cL0YAHfjQA7tH3oSS1BM.roa (raw, json)
Hash identifier: kvaRsBfAFxeZA6gu+TEc8LHfkCny56mAcc6wJSjFdsU=
Subject key identifier: 72:F9:06:FF:2D:5C:2F:46:00:1D:F8:D0:03:BB:47:DE:84:92:D4:13
Certificate issuer: /CN=08fe040242651353d556b8c4240082190f271d13
Certificate serial: 0195905BCBB5818776DC9824FFB7D6F8CDDC
Authority key identifier: 08:FE:04:02:42:65:13:53:D5:56:B8:C4:24:00:82:19:0F:27:1D:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CP4EAkJlE1PVVrjEJACCGQ8nHRM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/4ebc33-ee54-437c-8a1b-dec4807cd7e6/1/cvkG_y1cL0YAHfjQA7tH3oSS1BM.roa
Signing time: Thu 13 Mar 2025 16:34:49 +0000
ROA not before: Thu 13 Mar 2025 16:34:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.22.168.0/24 maxlen: 24
185.22.170.0/24 maxlen: 24
185.22.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:90:5b:cb:b5:81:87:76:dc:98:24:ff:b7:d6:f8:cd:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fe040242651353d556b8c4240082190f271d13
Validity
Not Before: Mar 13 16:34:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72f906ff2d5c2f46001df8d003bb47de8492d413
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:79:b2:c7:a9:b1:7c:fd:5e:f6:fd:35:4b:5f:
26:c4:a7:00:b3:dd:de:d6:c8:05:90:fe:d4:02:a8:
1c:8e:60:d3:3b:8d:ac:09:a6:61:c3:50:a0:93:f9:
e6:94:d3:59:f2:58:94:2a:2e:d7:53:3c:3d:d5:20:
44:16:8e:77:43:9e:6e:5c:52:57:49:61:05:43:78:
8b:12:39:0a:5d:78:35:85:c2:b8:33:27:65:0b:ee:
1e:03:2a:d0:64:db:99:d0:67:b1:fd:2a:01:01:51:
ac:62:32:0b:58:1f:a9:3e:7c:04:9d:67:15:80:1d:
ee:7b:53:74:5a:0e:27:52:df:c2:a4:e0:d0:8b:09:
51:bd:40:bb:43:62:73:95:33:b3:85:76:22:28:73:
35:8f:3b:f2:3e:7a:e3:1f:3e:ae:b1:c9:18:c0:e9:
da:c4:ea:64:65:61:5c:72:1f:53:28:db:d0:60:cc:
f3:67:f0:46:3f:5a:7a:2e:ed:a4:8c:13:a9:57:59:
ec:e8:68:f4:c3:41:da:95:d5:87:83:23:bd:eb:5e:
d1:c4:8a:95:2c:a4:eb:f5:e0:4b:43:8c:ee:8e:ef:
bd:ba:61:0c:c0:c9:4a:23:d0:d9:d6:20:60:af:20:
1c:5f:0a:22:d5:1b:28:86:0a:ff:7d:d4:cd:77:37:
3e:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:F9:06:FF:2D:5C:2F:46:00:1D:F8:D0:03:BB:47:DE:84:92:D4:13
X509v3 Authority Key Identifier:
keyid:08:FE:04:02:42:65:13:53:D5:56:B8:C4:24:00:82:19:0F:27:1D:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CP4EAkJlE1PVVrjEJACCGQ8nHRM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/4ebc33-ee54-437c-8a1b-dec4807cd7e6/1/cvkG_y1cL0YAHfjQA7tH3oSS1BM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/4ebc33-ee54-437c-8a1b-dec4807cd7e6/1/CP4EAkJlE1PVVrjEJACCGQ8nHRM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.168.0/24
185.22.170.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:24:8c:53:b5:02:10:29:78:7e:8c:9b:9d:88:2e:7e:64:c7:
71:3a:b5:d1:de:55:06:6f:41:c5:1e:ef:e7:56:13:77:ad:0b:
17:78:47:a2:b2:fb:8b:99:89:2a:70:90:15:6a:1c:ac:4f:26:
36:56:93:4b:7c:48:8a:67:4e:93:c5:13:bd:e4:ba:1f:79:16:
c4:77:01:8a:cd:ac:75:84:04:4b:3b:83:a3:94:7a:2f:11:10:
d0:5f:02:ba:8e:6f:e3:4f:26:e3:b2:81:ed:c7:bc:7f:4e:42:
d6:a5:28:31:41:77:79:98:2e:aa:dc:03:3b:05:fa:fc:40:9a:
df:89:69:94:22:93:0b:e8:94:92:62:e9:8c:49:bc:d5:d9:af:
b7:7d:3a:e9:13:20:de:f0:c2:b2:70:ac:1f:92:45:90:f9:c3:
4c:ee:b5:40:55:3a:e7:df:26:41:f9:bd:88:f4:c7:e1:ef:e5:
8d:91:de:de:ef:ee:bf:82:b7:a2:9d:ee:e5:5f:e1:a4:42:09:
32:4f:6f:80:f3:b2:c7:50:ee:36:02:5c:8a:43:29:eb:65:52:
f1:08:96:82:9a:8c:62:1a:ed:eb:1e:23:d3:b1:1c:5a:64:e7:
96:08:a3:99:47:60:6f:5e:ec:74:0b:66:22:d5:10:63:84:43:
de:2f:be:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZWQW8u1gYd23Jgk/7fW+M3cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZmUwNDAyNDI2NTEzNTNkNTU2YjhjNDI0MDA4MjE5MGYy
NzFkMTMwHhcNMjUwMzEzMTYzNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmY5MDZmZjJkNWMyZjQ2MDAxZGY4ZDAwM2JiNDdkZTg0OTJkNDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Hmyx6mxfP1e9v01S18mxKcAs93e
1sgFkP7UAqgcjmDTO42sCaZhw1Cgk/nmlNNZ8liUKi7XUzw91SBEFo53Q55uXFJX
SWEFQ3iLEjkKXXg1hcK4MydlC+4eAyrQZNuZ0Gex/SoBAVGsYjILWB+pPnwEnWcV
gB3ue1N0Wg4nUt/CpODQiwlRvUC7Q2JzlTOzhXYiKHM1jzvyPnrjHz6usckYwOna
xOpkZWFcch9TKNvQYMzzZ/BGP1p6Lu2kjBOpV1ns6Gj0w0HaldWHgyO9617RxIqV
LKTr9eBLQ4zuju+9umEMwMlKI9DZ1iBgryAcXwoi1Rsohgr/fdTNdzc+gwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHL5Bv8tXC9GAB340AO7R96EktQTMB8GA1UdIwQY
MBaAFAj+BAJCZRNT1Va4xCQAghkPJx0TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1A0RUFrSmxFMVBWVnJqRUpBQ0NHUThuSFJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy80ZWJjMzMtZWU1NC00MzdjLThhMWIt
ZGVjNDgwN2NkN2U2LzEvY3ZrR195MWNMMFlBSGZqUUE3dEgzb1NTMUJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy80ZWJjMzMtZWU1NC00MzdjLThhMWItZGVjNDgwN2NkN2U2
LzEvQ1A0RUFrSmxFMVBWVnJqRUpBQ0NHUThuSFJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuRaoAwQB
uRaqMA0GCSqGSIb3DQEBCwUAA4IBAQBLJIxTtQIQKXh+jJudiC5+ZMdxOrXR3lUG
b0HFHu/nVhN3rQsXeEeisvuLmYkqcJAVahysTyY2VpNLfEiKZ06TxRO95LofeRbE
dwGKzax1hARLO4OjlHovERDQXwK6jm/jTybjsoHtx7x/TkLWpSgxQXd5mC6q3AM7
Bfr8QJrfiWmUIpML6JSSYumMSbzV2a+3fTrpEyDe8MKycKwfkkWQ+cNM7rVAVTrn
3yZB+b2I9Mfh7+WNkd7e7+6/greine7lX+GkQgkyT2+A87LHUO42AlyKQynrZVLx
CJaCmoxiGu3rHiPTsRxaZOeWCKOZR2BvXux0C2Yi1RBjhEPeL74y
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:12:50 2025 by rpki-client