Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/b694ae-ed02-47a3-b759-4e2ee2682586/1/tybZ-BB82i_vUsjL98G7wPPKy8M.roa
File: tybZ-BB82i_vUsjL98G7wPPKy8M.roa (raw, json)
Hash identifier: GKJUrgxPZkJ+uYCwmmVmt/0k2mcsNUL0J1SuRA3T7+8=
Subject key identifier: B7:26:D9:F8:10:7C:DA:2F:EF:52:C8:CB:F7:C1:BB:C0:F3:CA:CB:C3
Certificate issuer: /CN=cde8a336d22567951212285234e038d584c73a82
Certificate serial: 01857082BB8CA30112E6B214F83C74C8610E
Authority key identifier: CD:E8:A3:36:D2:25:67:95:12:12:28:52:34:E0:38:D5:84:C7:3A:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zeijNtIlZ5USEihSNOA41YTHOoI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/b694ae-ed02-47a3-b759-4e2ee2682586/1/tybZ-BB82i_vUsjL98G7wPPKy8M.roa
Signing time: Mon 02 Jan 2023 03:24:53 +0000
ROA not before: Mon 02 Jan 2023 03:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51254
IP address blocks: 185.154.188.0/22 maxlen: 22
185.154.188.0/23 maxlen: 23
185.154.190.0/23 maxlen: 23
2a07:8ec0::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:bb:8c:a3:01:12:e6:b2:14:f8:3c:74:c8:61:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cde8a336d22567951212285234e038d584c73a82
Validity
Not Before: Jan 2 03:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b726d9f8107cda2fef52c8cbf7c1bbc0f3cacbc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:56:76:99:e3:96:1b:0c:65:7f:a6:4c:ed:f7:
b1:d5:2b:c9:41:9d:73:d3:21:82:96:61:82:6e:e9:
c2:4a:e3:43:05:db:57:36:f7:0b:55:c8:12:5c:1a:
99:54:fe:15:92:6d:ea:36:9f:1d:3d:6b:15:27:1a:
96:2f:a7:1b:72:8d:3f:4c:1d:9b:de:fa:7c:f7:86:
91:f5:51:fe:c2:32:cc:e4:3a:97:a3:5b:d5:da:aa:
2b:66:4f:1f:dd:21:95:21:f6:fb:fe:f1:b8:00:8c:
85:f7:bd:61:df:a8:e3:45:05:52:13:be:10:8b:76:
4b:84:fc:74:26:97:d2:9b:71:81:89:f2:84:6f:18:
df:4f:05:7b:5f:0b:15:2c:c8:d8:30:bc:6d:7a:18:
28:04:d0:3a:34:d1:b8:00:de:99:1e:43:cf:47:db:
c6:4b:e5:bb:45:6d:de:2c:82:1d:86:83:cc:db:3e:
e3:93:b1:99:cc:5b:01:ac:cc:00:bc:47:b6:d2:c4:
61:b0:fb:f5:93:30:b4:a5:28:aa:90:9b:32:f7:06:
39:68:19:99:d6:bb:20:58:ab:c3:1a:46:3f:bb:d2:
43:8c:9a:ab:0f:0f:4e:65:05:a0:87:a6:da:a2:6a:
c5:54:ba:be:5a:a1:5f:50:fb:5e:b2:85:9d:59:ee:
5b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:26:D9:F8:10:7C:DA:2F:EF:52:C8:CB:F7:C1:BB:C0:F3:CA:CB:C3
X509v3 Authority Key Identifier:
keyid:CD:E8:A3:36:D2:25:67:95:12:12:28:52:34:E0:38:D5:84:C7:3A:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zeijNtIlZ5USEihSNOA41YTHOoI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b694ae-ed02-47a3-b759-4e2ee2682586/1/tybZ-BB82i_vUsjL98G7wPPKy8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b694ae-ed02-47a3-b759-4e2ee2682586/1/zeijNtIlZ5USEihSNOA41YTHOoI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.188.0/22
IPv6:
2a07:8ec0::/36
Signature Algorithm: sha256WithRSAEncryption
24:f4:e3:58:d3:e3:14:ba:00:43:41:54:ca:a2:46:95:3c:ec:
ca:8d:0f:c4:c0:2c:2c:62:44:70:46:82:7e:36:8b:0b:33:91:
df:1b:0d:fe:2f:96:9a:bd:50:30:8b:08:a0:2a:96:22:5a:4d:
e9:85:8a:e7:5e:22:5c:56:c8:62:97:2f:89:d4:4d:de:b4:79:
33:0e:42:1f:77:4c:f5:a0:f8:32:61:4d:e8:f7:2f:39:15:a3:
ae:e3:7a:53:96:0f:2b:a0:dd:20:10:83:db:c7:d3:77:44:a1:
55:49:26:8d:e1:76:ce:db:55:7a:3a:b6:98:f1:bb:be:12:c9:
74:88:fc:fa:31:67:59:a5:9c:da:73:6a:ed:e7:34:b8:04:92:
c7:31:79:a1:c0:14:7a:74:14:ae:96:96:9c:19:bd:68:4b:b4:
45:4f:d0:58:66:e2:20:1d:24:6c:77:eb:cf:3c:fb:34:b0:2a:
0f:3c:83:5e:da:c2:35:d4:de:0f:12:e6:98:7e:37:64:e5:ae:
1f:1a:38:e5:0c:10:99:99:25:91:99:a0:bc:8e:1c:6c:66:54:
7d:3d:87:6a:60:5d:7c:83:40:95:3d:81:a9:58:c7:4d:75:ec:
16:38:c0:ea:88:f8:0c:39:f3:d8:31:4c:ba:13:81:ad:e1:1c:
d4:48:0c:84
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVwgruMowES5rIU+Dx0yGEOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZThhMzM2ZDIyNTY3OTUxMjEyMjg1MjM0ZTAzOGQ1ODRj
NzNhODIwHhcNMjMwMTAyMDMyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzI2ZDlmODEwN2NkYTJmZWY1MmM4Y2JmN2MxYmJjMGYzY2FjYmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlZ2meOWGwxlf6ZM7fex1SvJQZ1z
0yGClmGCbunCSuNDBdtXNvcLVcgSXBqZVP4Vkm3qNp8dPWsVJxqWL6cbco0/TB2b
3vp894aR9VH+wjLM5DqXo1vV2qorZk8f3SGVIfb7/vG4AIyF971h36jjRQVSE74Q
i3ZLhPx0JpfSm3GBifKEbxjfTwV7XwsVLMjYMLxtehgoBNA6NNG4AN6ZHkPPR9vG
S+W7RW3eLIIdhoPM2z7jk7GZzFsBrMwAvEe20sRhsPv1kzC0pSiqkJsy9wY5aBmZ
1rsgWKvDGkY/u9JDjJqrDw9OZQWgh6baomrFVLq+WqFfUPtesoWdWe5bxwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFLcm2fgQfNov71LIy/fBu8DzysvDMB8GA1UdIwQY
MBaAFM3oozbSJWeVEhIoUjTgONWExzqCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemVpak50SWxaNVVTRWloU05PQTQxWVRIT29JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9iNjk0YWUtZWQwMi00N2EzLWI3NTkt
NGUyZWUyNjgyNTg2LzEvdHliWi1CQjgyaV92VXNqTDk4Rzd3UFBLeThNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9iNjk0YWUtZWQwMi00N2EzLWI3NTktNGUyZWUyNjgyNTg2
LzEvemVpak50SWxaNVVTRWloU05PQTQxWVRIT29JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCuZq8MA4E
AgACMAgDBgQqB47AADANBgkqhkiG9w0BAQsFAAOCAQEAJPTjWNPjFLoAQ0FUyqJG
lTzsyo0PxMAsLGJEcEaCfjaLCzOR3xsN/i+Wmr1QMIsIoCqWIlpN6YWK514iXFbI
YpcvidRN3rR5Mw5CH3dM9aD4MmFN6PcvORWjruN6U5YPK6DdIBCD28fTd0ShVUkm
jeF2zttVejq2mPG7vhLJdIj8+jFnWaWc2nNq7ec0uASSxzF5ocAUenQUrpaWnBm9
aEu0RU/QWGbiIB0kbHfrzzz7NLAqDzyDXtrCNdTeDxLmmH43ZOWuHxo45QwQmZkl
kZmgvI4cbGZUfT2HamBdfINAlT2BqVjHTXXsFjjA6oj4DDnz2DFMuhOBreEc1EgM
hA==
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:41:41 2025 by rpki-client