Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/cvQiLzQRGCRqg8HlZypbo_xn_6A.roa
File: cvQiLzQRGCRqg8HlZypbo_xn_6A.roa (raw, json)
Hash identifier: wdBRGQu7Pp6mzrsTJ77Jn/7fQJtp0h5fgrMZn4BA854=
Subject key identifier: 72:F4:22:2F:34:11:18:24:6A:83:C1:E5:67:2A:5B:A3:FC:67:FF:A0
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570957276B5F324E1A3740A39E184E744
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/cvQiLzQRGCRqg8HlZypbo_xn_6A.roa
Signing time: Mon 02 Jan 2023 03:45:20 +0000
ROA not before: Mon 02 Jan 2023 03:45:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61230
IP address blocks: 185.67.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:72:76:b5:f3:24:e1:a3:74:0a:39:e1:84:e7:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72f4222f341118246a83c1e5672a5ba3fc67ffa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:5e:ca:a0:ae:51:6b:72:90:e4:7f:92:25:96:
67:6c:67:82:bd:ca:93:47:f3:c4:c7:de:f9:c3:af:
85:01:60:94:ea:02:80:c2:f3:56:fe:eb:0b:c2:d0:
ad:2b:4b:54:9e:7d:b2:e9:fb:1f:12:27:01:4a:14:
b0:7d:84:f3:7c:85:61:1d:d3:d1:c3:f2:c6:38:3d:
f9:a9:e4:83:5b:71:e0:b9:a9:b0:3f:24:16:08:9b:
e9:13:56:90:5c:e8:24:00:34:34:bf:63:17:82:45:
db:ce:f1:99:c7:12:0b:e2:a7:3d:bf:1b:da:73:07:
ed:27:d1:62:94:b3:b0:df:66:dc:b4:87:b4:12:de:
db:3f:64:5b:ce:8e:aa:96:b8:a1:5c:fb:e9:f5:33:
a8:cd:3a:76:5c:90:a2:c0:38:c1:35:e6:fd:dd:bc:
60:41:4f:84:0f:1e:29:8a:dc:79:b1:91:bf:09:00:
95:44:11:65:3b:23:fe:b6:54:d3:a1:aa:bd:8d:31:
43:3c:2b:c5:9a:97:22:27:26:e6:71:70:b6:05:24:
0d:cb:87:03:a1:d3:ac:b2:21:b0:36:ea:72:8f:ed:
ca:a3:24:bf:1a:37:95:66:ae:44:31:b2:e1:51:02:
15:74:ea:f9:18:39:37:d8:46:7f:ba:fb:e3:26:81:
5d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:F4:22:2F:34:11:18:24:6A:83:C1:E5:67:2A:5B:A3:FC:67:FF:A0
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/cvQiLzQRGCRqg8HlZypbo_xn_6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.253.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:13:7e:67:2a:26:ed:bb:e3:7e:52:63:00:c6:b2:33:e8:15:
b8:e8:cd:6d:66:18:87:22:e3:91:40:41:55:98:18:bb:d8:4d:
c1:ec:24:f2:c0:d3:7e:c0:66:b8:7b:aa:6a:17:0b:79:e9:e0:
81:8b:a1:41:0a:ce:9e:f9:31:3b:b4:90:2e:7f:25:c4:ff:1a:
5c:0a:6f:e4:8a:c3:90:ed:18:46:a6:34:1d:7b:15:c4:d7:4a:
7f:56:2f:0b:e8:a1:45:52:34:04:38:50:7d:df:89:36:5c:d1:
49:30:10:83:07:12:d5:37:ce:a2:65:d4:50:47:f2:c4:86:44:
b1:99:e2:09:63:3c:01:c2:cd:75:34:dc:9d:ae:5d:03:e9:63:
73:13:d3:92:17:4f:8b:30:5e:5f:0a:21:eb:68:f7:e4:35:76:
e0:35:3c:c7:46:4a:d4:eb:86:bc:5c:2c:47:20:61:9f:9e:a7:
b7:af:03:7a:c7:cb:fd:e0:29:df:d7:d3:ce:e2:80:8a:7a:5a:
75:d7:21:3a:bc:d6:da:7d:0a:7e:ee:92:4b:6e:be:55:d5:24:
bd:9e:fe:75:d8:f7:86:92:01:a7:81:e5:67:88:09:29:07:e5:
5e:cf:94:98:3d:cd:3b:f5:2c:07:cf:ea:22:14:46:c8:46:38:
75:6b:ac:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlXJ2tfMk4aN0CjnhhOdEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmY0MjIyZjM0MTExODI0NmE4M2MxZTU2NzJhNWJhM2ZjNjdmZmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl17KoK5Ra3KQ5H+SJZZnbGeCvcqT
R/PEx975w6+FAWCU6gKAwvNW/usLwtCtK0tUnn2y6fsfEicBShSwfYTzfIVhHdPR
w/LGOD35qeSDW3HguamwPyQWCJvpE1aQXOgkADQ0v2MXgkXbzvGZxxIL4qc9vxva
cwftJ9FilLOw32bctIe0Et7bP2Rbzo6qlrihXPvp9TOozTp2XJCiwDjBNeb93bxg
QU+EDx4pitx5sZG/CQCVRBFlOyP+tlTToaq9jTFDPCvFmpciJybmcXC2BSQNy4cD
odOssiGwNupyj+3KoyS/GjeVZq5EMbLhUQIVdOr5GDk32EZ/uvvjJoFdMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHL0Ii80ERgkaoPB5WcqW6P8Z/+gMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvY3ZRaUx6UVJHQ1JxZzhIbFp5cGJvX3huXzZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUP9MA0G
CSqGSIb3DQEBCwUAA4IBAQCzE35nKibtu+N+UmMAxrIz6BW46M1tZhiHIuORQEFV
mBi72E3B7CTywNN+wGa4e6pqFwt56eCBi6FBCs6e+TE7tJAufyXE/xpcCm/kisOQ
7RhGpjQdexXE10p/Vi8L6KFFUjQEOFB934k2XNFJMBCDBxLVN86iZdRQR/LEhkSx
meIJYzwBws11NNydrl0D6WNzE9OSF0+LMF5fCiHraPfkNXbgNTzHRkrU64a8XCxH
IGGfnqe3rwN6x8v94Cnf19PO4oCKelp11yE6vNbafQp+7pJLbr5V1SS9nv512PeG
kgGngeVniAkpB+Vez5SYPc079SwHz+oiFEbIRjh1a6xq
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:03:34 2025 by rpki-client