Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/005c5d-a0f7-46d0-818c-9b2371770df5/1/UTt7fXzs9Pc9eLgRkey6ePSUOS8.roa
File: UTt7fXzs9Pc9eLgRkey6ePSUOS8.roa (raw, json)
Hash identifier: yojdIxOqEUmsGwCqHgtbyKTXsi9fCZCYLlDfH9Lk67o=
Subject key identifier: 51:3B:7B:7D:7C:EC:F4:F7:3D:78:B8:11:91:EC:BA:78:F4:94:39:2F
Certificate issuer: /CN=09fb3bc0f4626e188cc5836dcf9f4921dda1921e
Certificate serial: 0D3CA854
Authority key identifier: 09:FB:3B:C0:F4:62:6E:18:8C:C5:83:6D:CF:9F:49:21:DD:A1:92:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cfs7wPRibhiMxYNtz59JId2hkh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/005c5d-a0f7-46d0-818c-9b2371770df5/1/UTt7fXzs9Pc9eLgRkey6ePSUOS8.roa
Signing time: Sat 01 Jan 2022 00:51:45 +0000
ROA not before: Sat 01 Jan 2022 00:51:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201654
IP address blocks: 185.67.188.0/22 maxlen: 32
185.151.168.0/22 maxlen: 32
2a05:1200::/30 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 222079060 (0xd3ca854)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09fb3bc0f4626e188cc5836dcf9f4921dda1921e
Validity
Not Before: Jan 1 00:51:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=513b7b7d7cecf4f73d78b81191ecba78f494392f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:9c:a8:47:3b:7f:58:32:9e:35:3e:20:8d:ae:
6f:6a:93:e0:94:af:dd:ab:8b:f3:8e:19:19:0c:c7:
68:a5:8a:f2:7c:a0:5f:53:11:b3:55:cb:01:d1:db:
12:42:bb:51:6c:3d:96:b9:fc:0d:f3:1b:3b:e7:9b:
2e:cb:bd:71:35:8b:15:42:80:dd:7f:b1:32:31:3e:
67:ae:a0:69:00:01:9b:ef:00:21:38:1c:f4:4a:09:
c1:b5:0a:75:4b:1d:ac:88:bd:10:69:8e:54:c2:7c:
da:a0:94:54:64:a8:f0:fc:4e:fe:77:60:de:c6:18:
d2:de:a1:28:b8:bd:3b:61:ad:04:4b:2e:a6:1a:9e:
8d:bd:e8:1f:c6:41:e9:d6:22:78:8c:48:b8:8e:f5:
a1:0c:e5:ac:fd:32:51:c6:84:ac:56:6e:9a:23:8c:
4f:15:a7:37:ea:34:7e:44:0f:70:9d:5e:06:fa:02:
e1:bb:03:55:55:84:f0:97:ef:c9:72:90:17:ee:7a:
69:71:63:87:a1:87:af:67:34:17:b3:b5:0c:9e:62:
73:87:77:49:18:97:2a:08:98:d9:ac:0b:a2:b1:13:
db:8e:d6:ba:d2:c0:ec:1b:1e:86:64:1e:f1:c6:3b:
9d:bf:cb:2d:da:b3:a4:80:07:da:5b:df:06:9b:cf:
bd:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:3B:7B:7D:7C:EC:F4:F7:3D:78:B8:11:91:EC:BA:78:F4:94:39:2F
X509v3 Authority Key Identifier:
keyid:09:FB:3B:C0:F4:62:6E:18:8C:C5:83:6D:CF:9F:49:21:DD:A1:92:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cfs7wPRibhiMxYNtz59JId2hkh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/005c5d-a0f7-46d0-818c-9b2371770df5/1/UTt7fXzs9Pc9eLgRkey6ePSUOS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/005c5d-a0f7-46d0-818c-9b2371770df5/1/Cfs7wPRibhiMxYNtz59JId2hkh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.188.0/22
185.151.168.0/22
IPv6:
2a05:1200::/30
Signature Algorithm: sha256WithRSAEncryption
c2:16:fe:16:68:4b:1e:7b:ce:02:8f:13:e1:37:b1:4f:28:52:
eb:f8:2a:b5:23:7d:e7:0c:e6:91:6b:35:c7:51:91:c7:6b:38:
1c:65:38:80:33:bc:c1:fd:2f:9c:55:91:fe:0a:19:72:82:e9:
bf:b9:98:d7:46:ad:e6:dd:7a:71:20:c3:3e:1a:1b:44:a2:75:
f5:d5:02:e2:89:ca:54:80:d3:e6:61:9e:44:65:10:66:3c:f8:
2a:d0:e6:ec:ad:19:f7:2f:fa:7c:31:9b:5a:1b:2a:4a:32:39:
06:38:3a:e7:75:b3:ef:a8:cf:cf:d3:26:94:bf:6d:79:82:fe:
73:36:5a:b1:67:22:f4:4c:01:7d:26:3c:0e:ee:69:c6:c0:d4:
86:dc:3f:36:de:8d:e1:ea:90:f3:57:3c:f1:28:9d:d1:ee:70:
55:d2:eb:6f:96:53:f0:48:f4:53:71:86:4f:02:23:c3:c4:33:
38:b5:05:65:a4:ca:27:bf:23:f4:76:e8:a4:2f:a0:8c:3c:cd:
7f:12:39:06:1d:c6:0a:f7:7e:bf:6b:fb:72:c4:3e:eb:a0:f8:
90:51:56:74:9f:c6:21:f4:e4:b3:02:13:9d:07:fc:f4:0f:0f:
64:ea:e8:16:90:c7:c4:11:48:85:05:0a:65:f2:c0:13:0c:ff:
79:30:cb:fe
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEDTyoVDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
OWZiM2JjMGY0NjI2ZTE4OGNjNTgzNmRjZjlmNDkyMWRkYTE5MjFlMB4XDTIyMDEw
MTAwNTE0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTEzYjdiN2Q3Y2Vj
ZjRmNzNkNzhiODExOTFlY2JhNzhmNDk0MzkyZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALGcqEc7f1gynjU+II2ub2qT4JSv3auL844ZGQzHaKWK8nyg
X1MRs1XLAdHbEkK7UWw9lrn8DfMbO+ebLsu9cTWLFUKA3X+xMjE+Z66gaQABm+8A
ITgc9EoJwbUKdUsdrIi9EGmOVMJ82qCUVGSo8PxO/ndg3sYY0t6hKLi9O2GtBEsu
phqejb3oH8ZB6dYieIxIuI71oQzlrP0yUcaErFZumiOMTxWnN+o0fkQPcJ1eBvoC
4bsDVVWE8JfvyXKQF+56aXFjh6GHr2c0F7O1DJ5ic4d3SRiXKgiY2awLorET247W
utLA7BsehmQe8cY7nb/LLdqzpIAH2lvfBpvPvekCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRRO3t9fOz09z14uBGR7Lp49JQ5LzAfBgNVHSMEGDAWgBQJ+zvA9GJuGIzF
g23Pn0kh3aGSHjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Nmczd3UFJpYmhpTXhZTnR6NTlKSWQyaGtoNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmUvMDA1YzVkLWEwZjctNDZkMC04MThjLTliMjM3MTc3MGRmNS8x
L1VUdDdmWHpzOVBjOWVMZ1JrZXk2ZVBTVU9TOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmUv
MDA1YzVkLWEwZjctNDZkMC04MThjLTliMjM3MTc3MGRmNS8xL0Nmczd3UFJpYmhp
TXhZTnR6NTlKSWQyaGtoNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArlDvAMEArmXqDANBAIAAjAHAwUC
KgUSADANBgkqhkiG9w0BAQsFAAOCAQEAwhb+FmhLHnvOAo8T4TexTyhS6/gqtSN9
5wzmkWs1x1GRx2s4HGU4gDO8wf0vnFWR/goZcoLpv7mY10at5t16cSDDPhobRKJ1
9dUC4onKVIDT5mGeRGUQZjz4KtDm7K0Z9y/6fDGbWhsqSjI5Bjg653Wz76jPz9Mm
lL9teYL+czZasWci9EwBfSY8Du5pxsDUhtw/Nt6N4eqQ81c88Sid0e5wVdLrb5ZT
8Ej0U3GGTwIjw8QzOLUFZaTKJ78j9HbopC+gjDzNfxI5Bh3GCvd+v2v7csQ+66D4
kFFWdJ/GIfTkswITnQf89A8PZOroFpDHxBFIhQUKZfLAEwz/eTDL/g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:53 2025 by rpki-client