Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/aae9db-e0c9-478e-bb58-24da551c68ab/1/NnAmvV-PQW4RVtY-9mUe9flJ8Zs.roa
File: NnAmvV-PQW4RVtY-9mUe9flJ8Zs.roa (raw, json)
Hash identifier: a7tfGXjKEGvax9tqJ6r4y+GwMCWG+fvyBpZdX53Qvys=
Subject key identifier: 36:70:26:BD:5F:8F:41:6E:11:56:D6:3E:F6:65:1E:F5:F9:49:F1:9B
Certificate issuer: /CN=58bdb1bd75727519e400bfe88a75123d6184de14
Certificate serial: 09E53A62
Authority key identifier: 58:BD:B1:BD:75:72:75:19:E4:00:BF:E8:8A:75:12:3D:61:84:DE:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WL2xvXVydRnkAL_oinUSPWGE3hQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/aae9db-e0c9-478e-bb58-24da551c68ab/1/NnAmvV-PQW4RVtY-9mUe9flJ8Zs.roa
Signing time: Sat 01 Jan 2022 06:06:19 +0000
ROA not before: Sat 01 Jan 2022 06:06:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209137
IP address blocks: 185.170.137.0/24 maxlen: 24
185.170.136.0/22 maxlen: 22
185.170.136.0/23 maxlen: 23
185.170.138.0/24 maxlen: 24
185.170.139.0/24 maxlen: 24
185.170.138.0/23 maxlen: 23
185.170.136.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166017634 (0x9e53a62)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58bdb1bd75727519e400bfe88a75123d6184de14
Validity
Not Before: Jan 1 06:06:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=367026bd5f8f416e1156d63ef6651ef5f949f19b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d3:01:05:4f:30:8f:79:87:de:e0:43:4c:59:
06:b7:f1:3d:c1:ce:bf:2f:c0:1c:53:ba:95:34:28:
63:71:56:59:23:1b:df:88:28:34:78:81:fb:4d:50:
7d:9d:a3:ed:2f:60:6e:a8:b0:d1:f9:8e:03:1c:6f:
a3:b1:26:2e:c4:65:97:54:c6:7f:66:2d:d3:a4:28:
97:25:39:30:b6:b3:af:3c:bf:83:71:54:e6:40:5e:
f7:07:8c:52:73:4c:1a:e3:2f:a9:ff:42:81:96:25:
b3:6b:89:5a:59:01:69:a5:19:54:26:46:dd:a5:27:
8e:04:cf:d1:f2:77:10:9e:ef:55:79:31:29:4a:ec:
22:be:98:ed:a6:df:8a:23:64:6b:be:54:f7:36:27:
9b:69:30:c4:36:47:5e:c3:d8:24:68:ac:42:4c:9e:
59:eb:4d:1f:2b:df:4f:47:6c:ed:56:84:3a:75:85:
5a:75:55:e4:bb:7f:29:58:6e:aa:f7:eb:b9:f3:73:
55:86:7a:57:d8:f0:63:1b:21:c1:be:ff:4b:34:3c:
2a:cc:ea:25:cd:be:e0:0d:e9:36:37:f0:72:eb:dc:
93:56:55:ed:d6:2d:8a:f5:27:a5:30:b8:0b:6a:ce:
a0:ba:99:0a:39:4b:eb:08:10:0c:22:a9:15:ed:38:
7d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:70:26:BD:5F:8F:41:6E:11:56:D6:3E:F6:65:1E:F5:F9:49:F1:9B
X509v3 Authority Key Identifier:
keyid:58:BD:B1:BD:75:72:75:19:E4:00:BF:E8:8A:75:12:3D:61:84:DE:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WL2xvXVydRnkAL_oinUSPWGE3hQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/aae9db-e0c9-478e-bb58-24da551c68ab/1/NnAmvV-PQW4RVtY-9mUe9flJ8Zs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/aae9db-e0c9-478e-bb58-24da551c68ab/1/WL2xvXVydRnkAL_oinUSPWGE3hQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.136.0/22
Signature Algorithm: sha256WithRSAEncryption
42:9c:a7:6c:3a:b7:56:2a:e5:eb:be:74:33:99:e5:3c:81:ae:
88:9b:ab:53:54:b7:1e:61:57:b8:e4:80:65:67:dd:2b:be:66:
8a:52:d7:c9:ac:9c:b4:47:ee:9e:05:62:1e:0d:37:99:5d:a0:
a6:0b:e2:ff:4f:23:d9:e5:0a:03:b2:84:62:e0:70:e6:8a:13:
0d:83:4a:d1:66:bc:8a:15:15:15:00:2f:8c:d9:5c:18:7a:2f:
ca:dd:5b:ab:81:db:63:2c:74:be:ad:6a:26:5e:11:6a:64:74:
83:9c:3b:84:2e:5c:7f:bc:be:5e:5f:1b:07:a5:fb:ab:4f:ce:
a1:4a:c3:6b:87:2c:04:fd:9d:a0:d0:d1:ad:fb:8d:c7:d5:94:
bd:f6:9e:6c:f6:ff:4f:90:86:6d:49:73:39:e5:02:5d:6b:ca:
36:8a:cf:2b:b1:60:54:94:9f:13:f6:c0:82:07:a0:d9:60:b2:
d4:74:cc:48:07:41:73:33:73:79:a8:0b:39:07:d0:74:96:c8:
fe:59:88:b9:f3:22:88:94:5f:3e:ed:5f:f6:8d:94:08:d2:8c:
65:70:be:db:f3:a4:51:99:21:d6:37:65:a0:3e:60:d0:6c:66:
26:15:c2:bb:8f:72:1f:fd:2f:de:d8:3a:d2:fd:18:5b:c1:1a:
3b:74:ec:98
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECeU6YjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
OGJkYjFiZDc1NzI3NTE5ZTQwMGJmZTg4YTc1MTIzZDYxODRkZTE0MB4XDTIyMDEw
MTA2MDYxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzY3MDI2YmQ1Zjhm
NDE2ZTExNTZkNjNlZjY2NTFlZjVmOTQ5ZjE5YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANHTAQVPMI95h97gQ0xZBrfxPcHOvy/AHFO6lTQoY3FWWSMb
34goNHiB+01QfZ2j7S9gbqiw0fmOAxxvo7EmLsRll1TGf2Yt06QolyU5MLazrzy/
g3FU5kBe9weMUnNMGuMvqf9CgZYls2uJWlkBaaUZVCZG3aUnjgTP0fJ3EJ7vVXkx
KUrsIr6Y7abfiiNka75U9zYnm2kwxDZHXsPYJGisQkyeWetNHyvfT0ds7VaEOnWF
WnVV5Lt/KVhuqvfrufNzVYZ6V9jwYxshwb7/SzQ8KszqJc2+4A3pNjfwcuvck1ZV
7dYtivUnpTC4C2rOoLqZCjlL6wgQDCKpFe04fbsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ2cCa9X49BbhFW1j72ZR71+UnxmzAfBgNVHSMEGDAWgBRYvbG9dXJ1GeQA
v+iKdRI9YYTeFDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dMMnh2WFZ5ZFJua0FMX29pblVTUFdHRTNoUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvYWFlOWRiLWUwYzktNDc4ZS1iYjU4LTI0ZGE1NTFjNjhhYi8x
L05uQW12Vi1QUVc0UlZ0WS05bVVlOWZsSjhacy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
YWFlOWRiLWUwYzktNDc4ZS1iYjU4LTI0ZGE1NTFjNjhhYi8xL1dMMnh2WFZ5ZFJu
a0FMX29pblVTUFdHRTNoUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmqiDANBgkqhkiG9w0BAQsFAAOC
AQEAQpynbDq3Virl6750M5nlPIGuiJurU1S3HmFXuOSAZWfdK75milLXyayctEfu
ngViHg03mV2gpgvi/08j2eUKA7KEYuBw5ooTDYNK0Wa8ihUVFQAvjNlcGHovyt1b
q4HbYyx0vq1qJl4RamR0g5w7hC5cf7y+Xl8bB6X7q0/OoUrDa4csBP2doNDRrfuN
x9WUvfaebPb/T5CGbUlzOeUCXWvKNorPK7FgVJSfE/bAggeg2WCy1HTMSAdBczNz
eagLOQfQdJbI/lmIufMiiJRfPu1f9o2UCNKMZXC+2/OkUZkh1jdloD5g0GxmJhXC
u49yH/0v3tg60v0YW8EaO3TsmA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:17 2025 by rpki-client