Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/4269dc-e8a5-4aa8-9971-e368966dd85f/1/CBMLSgB_nkTJo6PiWoY5oG6_TUg.roa
File: CBMLSgB_nkTJo6PiWoY5oG6_TUg.roa (raw, json)
Hash identifier: JhE+1KPBMbjPKBx5mdeH0sIv6eombbvFSqdXMUwLht0=
Subject key identifier: 08:13:0B:4A:00:7F:9E:44:C9:A3:A3:E2:5A:86:39:A0:6E:BF:4D:48
Certificate issuer: /CN=b86611d1d90f0a807b2949f7474d41c3683886dc
Certificate serial: 018CC6B7911F34C0306BFF22E5C1F3881889
Authority key identifier: B8:66:11:D1:D9:0F:0A:80:7B:29:49:F7:47:4D:41:C3:68:38:86:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uGYR0dkPCoB7KUn3R01Bw2g4htw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/4269dc-e8a5-4aa8-9971-e368966dd85f/1/CBMLSgB_nkTJo6PiWoY5oG6_TUg.roa
Signing time: Mon 01 Jan 2024 20:29:28 +0000
ROA not before: Mon 01 Jan 2024 20:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200507
IP address blocks: 185.98.163.0/24 maxlen: 24
185.98.160.0/22 maxlen: 22
185.98.162.0/24 maxlen: 24
2a01:9200::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:91:1f:34:c0:30:6b:ff:22:e5:c1:f3:88:18:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b86611d1d90f0a807b2949f7474d41c3683886dc
Validity
Not Before: Jan 1 20:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08130b4a007f9e44c9a3a3e25a8639a06ebf4d48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:bb:60:b0:79:94:82:70:d1:7a:42:43:04:0b:
0b:61:53:ff:fd:01:5c:c0:94:b6:80:cd:b4:e4:53:
ab:8d:23:97:30:74:5c:31:af:0b:5f:ff:13:e5:84:
42:b0:87:c6:73:b5:71:de:35:04:df:d1:c4:9a:45:
da:83:71:f6:a7:0c:b8:93:93:01:78:45:12:e5:a7:
bc:88:51:70:d3:41:9e:6e:2d:e9:69:25:b6:07:03:
7f:17:9a:cd:00:7b:84:69:b1:4a:ba:5a:17:63:8f:
ad:c1:61:d1:1f:6c:bc:10:0c:60:7c:b4:61:b8:6c:
f7:84:f3:63:e6:b8:47:f3:ef:48:be:e9:77:3a:0f:
10:3c:4f:a4:32:59:bd:a2:a7:a4:42:7e:8d:87:aa:
b9:87:d8:a5:3f:7b:87:a7:15:be:7a:bb:75:f2:97:
c5:6b:e8:54:81:4a:45:57:b2:79:cd:73:b2:2e:30:
3b:79:ab:d2:83:ea:48:dc:89:49:d1:c5:67:55:3b:
30:0b:7e:10:84:60:91:41:9d:61:46:82:3c:a9:dd:
b2:4d:a2:cc:1c:22:fc:a4:8e:98:21:61:a4:0a:4b:
b8:13:81:d4:1c:1f:5e:55:15:e0:7a:37:41:1f:1d:
c1:d5:40:20:68:08:26:60:30:cb:f8:3b:4c:b9:84:
44:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:13:0B:4A:00:7F:9E:44:C9:A3:A3:E2:5A:86:39:A0:6E:BF:4D:48
X509v3 Authority Key Identifier:
keyid:B8:66:11:D1:D9:0F:0A:80:7B:29:49:F7:47:4D:41:C3:68:38:86:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uGYR0dkPCoB7KUn3R01Bw2g4htw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/4269dc-e8a5-4aa8-9971-e368966dd85f/1/CBMLSgB_nkTJo6PiWoY5oG6_TUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/4269dc-e8a5-4aa8-9971-e368966dd85f/1/uGYR0dkPCoB7KUn3R01Bw2g4htw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.160.0/22
IPv6:
2a01:9200::/32
Signature Algorithm: sha256WithRSAEncryption
80:f1:e8:2d:52:3e:78:c5:1e:02:74:fd:b0:87:69:14:34:fd:
fa:9b:43:6d:03:13:20:57:9c:e4:90:d8:af:bd:f4:f7:a7:47:
a4:af:0c:d8:13:5e:21:79:fc:76:2c:7d:22:b7:66:de:37:cf:
b4:29:03:4b:de:b6:02:87:9f:a2:9e:45:31:3b:92:ec:90:ce:
23:ef:b5:88:59:4e:1e:f6:d3:90:06:d5:55:46:7d:16:dc:06:
e7:d0:5f:06:3e:67:32:43:d3:e0:1a:67:0f:b3:36:a3:61:14:
a5:a9:e8:f1:d9:41:17:e9:c2:3c:92:c7:78:80:d8:78:1a:98:
70:17:05:85:b5:b2:b3:68:83:90:27:4f:ee:a5:d6:22:dc:cc:
f7:71:6d:8e:22:d8:7d:b5:ff:48:b5:22:47:50:ad:41:da:60:
78:80:1e:05:a8:1e:7c:bf:27:58:68:c0:5b:ca:97:24:15:4e:
c1:f2:3a:2b:03:7e:c2:e4:9a:ba:a9:1a:cb:44:7d:a7:0a:40:
83:55:cd:75:b5:ad:fb:06:92:f8:68:55:40:4e:ff:47:53:10:
dd:d2:05:f3:50:fe:c4:85:8b:68:17:e5:63:cb:31:fa:b8:ca:
37:ea:46:d4:b5:cf:13:01:66:ea:c7:4f:19:ce:83:78:c8:3c:
97:5f:bb:dc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGt5EfNMAwa/8i5cHziBiJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NjYxMWQxZDkwZjBhODA3YjI5NDlmNzQ3NGQ0MWMzNjgz
ODg2ZGMwHhcNMjQwMTAxMjAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODEzMGI0YTAwN2Y5ZTQ0YzlhM2EzZTI1YTg2MzlhMDZlYmY0ZDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7tgsHmUgnDRekJDBAsLYVP//QFc
wJS2gM205FOrjSOXMHRcMa8LX/8T5YRCsIfGc7Vx3jUE39HEmkXag3H2pwy4k5MB
eEUS5ae8iFFw00Gebi3paSW2BwN/F5rNAHuEabFKuloXY4+twWHRH2y8EAxgfLRh
uGz3hPNj5rhH8+9Ivul3Og8QPE+kMlm9oqekQn6Nh6q5h9ilP3uHpxW+ert18pfF
a+hUgUpFV7J5zXOyLjA7eavSg+pI3IlJ0cVnVTswC34QhGCRQZ1hRoI8qd2yTaLM
HCL8pI6YIWGkCku4E4HUHB9eVRXgejdBHx3B1UAgaAgmYDDL+DtMuYREXQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAgTC0oAf55EyaOj4lqGOaBuv01IMB8GA1UdIwQY
MBaAFLhmEdHZDwqAeylJ90dNQcNoOIbcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUdZUjBka1BDb0I3S1VuM1IwMUJ3Mmc0aHR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS80MjY5ZGMtZThhNS00YWE4LTk5NzEt
ZTM2ODk2NmRkODVmLzEvQ0JNTFNnQl9ua1RKbzZQaVdvWTVvRzZfVFVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS80MjY5ZGMtZThhNS00YWE4LTk5NzEtZTM2ODk2NmRkODVm
LzEvdUdZUjBka1BDb0I3S1VuM1IwMUJ3Mmc0aHR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWKgMA0E
AgACMAcDBQAqAZIAMA0GCSqGSIb3DQEBCwUAA4IBAQCA8egtUj54xR4CdP2wh2kU
NP36m0NtAxMgV5zkkNivvfT3p0ekrwzYE14hefx2LH0it2beN8+0KQNL3rYCh5+i
nkUxO5LskM4j77WIWU4e9tOQBtVVRn0W3Abn0F8GPmcyQ9PgGmcPszajYRSlqejx
2UEX6cI8ksd4gNh4GphwFwWFtbKzaIOQJ0/updYi3Mz3cW2OIth9tf9ItSJHUK1B
2mB4gB4FqB58vydYaMBbypckFU7B8jorA37C5Jq6qRrLRH2nCkCDVc11ta37BpL4
aFVATv9HUxDd0gXzUP7EhYtoF+VjyzH6uMo36kbUtc8TAWbqx08ZzoN4yDyXX7vc
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:29:14 2025 by rpki-client