Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/0b06bc-b8c7-4f75-b29e-c107a7ac0488/1/uttBn3BeMuTXxoK30BkzXPkFxfU.roa
File: uttBn3BeMuTXxoK30BkzXPkFxfU.roa (raw, json)
Hash identifier: jLahX+dDdjSrjp99Ulkmq3xmoESyVfuC7tcXMrpNrOg=
Subject key identifier: BA:DB:41:9F:70:5E:32:E4:D7:C6:82:B7:D0:19:33:5C:F9:05:C5:F5
Certificate issuer: /CN=58ffa14df2a89cb6709636f2b0b570abccf8b84b
Certificate serial: 018CC871372A89FC8E460A0D0843BC52C8D9
Authority key identifier: 58:FF:A1:4D:F2:A8:9C:B6:70:96:36:F2:B0:B5:70:AB:CC:F8:B8:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WP-hTfKonLZwljbysLVwq8z4uEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/0b06bc-b8c7-4f75-b29e-c107a7ac0488/1/uttBn3BeMuTXxoK30BkzXPkFxfU.roa
Signing time: Tue 02 Jan 2024 04:31:51 +0000
ROA not before: Tue 02 Jan 2024 04:31:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205388
IP address blocks: 185.216.212.0/22 maxlen: 32
2a0b:bbc0::/32 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:37:2a:89:fc:8e:46:0a:0d:08:43:bc:52:c8:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ffa14df2a89cb6709636f2b0b570abccf8b84b
Validity
Not Before: Jan 2 04:31:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=badb419f705e32e4d7c682b7d019335cf905c5f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:81:9d:9b:a4:1e:1d:69:a4:4f:e3:11:64:57:
d7:f5:66:25:92:81:36:d0:f6:97:40:b9:0f:1c:f6:
8a:86:95:bb:88:94:84:26:d1:80:e2:39:2e:7f:92:
14:e5:8e:d0:a3:5c:22:74:7f:7c:c6:4a:50:7d:1b:
99:53:ae:b3:50:63:ea:e5:ae:6c:9b:ff:35:5d:0a:
5e:29:56:f6:4a:9c:a8:1c:7d:01:c5:de:fe:5a:f2:
48:ec:74:62:f8:9c:6d:f4:cf:3f:d7:c8:2c:50:34:
53:fe:19:c2:ae:95:64:ee:32:4a:95:d5:de:52:6d:
72:a5:d6:3d:d9:26:26:4a:6c:bd:9a:3d:a2:bd:98:
2d:14:91:c7:98:45:f9:d6:f1:79:ec:cb:dc:5e:6e:
a9:1c:57:d9:e2:cb:88:b1:7b:e4:82:b6:d0:e1:78:
60:5d:ff:f0:30:31:40:ca:ec:a8:df:f4:13:3b:0b:
36:3b:22:ac:dd:2a:b5:63:99:23:ec:80:e0:e2:8a:
16:f4:86:ac:6d:61:e0:21:25:b5:0b:cb:4d:b6:65:
b1:be:69:06:1a:fb:ef:12:57:f5:ee:69:1f:cb:f8:
8e:ed:5a:cf:3b:85:48:57:6d:89:fc:d1:5e:86:e8:
f9:11:96:a8:17:5a:f3:a3:49:95:b0:8d:5a:1d:38:
2f:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:DB:41:9F:70:5E:32:E4:D7:C6:82:B7:D0:19:33:5C:F9:05:C5:F5
X509v3 Authority Key Identifier:
keyid:58:FF:A1:4D:F2:A8:9C:B6:70:96:36:F2:B0:B5:70:AB:CC:F8:B8:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WP-hTfKonLZwljbysLVwq8z4uEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/0b06bc-b8c7-4f75-b29e-c107a7ac0488/1/uttBn3BeMuTXxoK30BkzXPkFxfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/0b06bc-b8c7-4f75-b29e-c107a7ac0488/1/WP-hTfKonLZwljbysLVwq8z4uEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.212.0/22
IPv6:
2a0b:bbc0::/32
Signature Algorithm: sha256WithRSAEncryption
73:c1:ee:e5:2e:1b:e0:c9:47:8d:3e:ed:29:7d:d7:f0:1d:54:
48:3e:b8:00:17:e8:cd:9a:1c:3b:ff:8d:e8:39:e8:aa:db:1f:
37:ec:79:00:05:eb:45:93:bb:29:f4:2d:96:7a:8f:f1:b5:39:
69:71:37:7f:ec:30:37:e1:43:0d:ad:02:a4:7f:fd:05:48:26:
5b:73:74:33:0a:fa:a1:8b:ae:2b:de:cd:b0:76:7a:90:94:a7:
d9:05:b4:63:9f:25:ea:3c:ba:12:f5:d0:ba:e5:e8:52:b4:1c:
71:d5:99:44:cd:51:df:a9:ed:42:ec:68:cb:0a:80:13:9e:db:
0d:d6:5f:3b:ed:e5:98:74:7e:fc:d2:eb:c9:d2:a7:82:20:26:
d1:20:77:8c:1e:99:2d:e2:89:e5:98:0b:6c:f6:a9:8f:7a:16:
e6:f0:6c:cb:1a:43:04:60:5b:55:35:51:b4:3a:f9:a0:23:4f:
ee:b2:71:d4:90:b4:49:88:8b:b1:de:26:69:96:45:22:63:9d:
81:2f:3d:bf:69:2b:4f:2a:13:cf:63:74:b2:2a:88:f4:65:6c:
1a:b8:0b:67:9e:d8:df:01:41:ea:18:b9:a1:25:11:fd:ee:79:
31:ac:e5:3f:af:cf:dd:8b:e9:bb:31:9b:f4:80:f2:d7:7a:a2:
3f:12:7b:52
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIcTcqifyORgoNCEO8UsjZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZmZhMTRkZjJhODljYjY3MDk2MzZmMmIwYjU3MGFiY2Nm
OGI4NGIwHhcNMjQwMTAyMDQzMTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWRiNDE5ZjcwNWUzMmU0ZDdjNjgyYjdkMDE5MzM1Y2Y5MDVjNWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIGdm6QeHWmkT+MRZFfX9WYlkoE2
0PaXQLkPHPaKhpW7iJSEJtGA4jkuf5IU5Y7Qo1widH98xkpQfRuZU66zUGPq5a5s
m/81XQpeKVb2SpyoHH0Bxd7+WvJI7HRi+Jxt9M8/18gsUDRT/hnCrpVk7jJKldXe
Um1ypdY92SYmSmy9mj2ivZgtFJHHmEX51vF57MvcXm6pHFfZ4suIsXvkgrbQ4Xhg
Xf/wMDFAyuyo3/QTOws2OyKs3Sq1Y5kj7IDg4ooW9IasbWHgISW1C8tNtmWxvmkG
GvvvElf17mkfy/iO7VrPO4VIV22J/NFehuj5EZaoF1rzo0mVsI1aHTgvBQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLrbQZ9wXjLk18aCt9AZM1z5BcX1MB8GA1UdIwQY
MBaAFFj/oU3yqJy2cJY28rC1cKvM+LhLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1AtaFRmS29uTFp3bGpieXNMVndxOHo0dUVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8wYjA2YmMtYjhjNy00Zjc1LWIyOWUt
YzEwN2E3YWMwNDg4LzEvdXR0Qm4zQmVNdVRYeG9LMzBCa3pYUGtGeGZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8wYjA2YmMtYjhjNy00Zjc1LWIyOWUtYzEwN2E3YWMwNDg4
LzEvV1AtaFRmS29uTFp3bGpieXNMVndxOHo0dUVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudjUMA0E
AgACMAcDBQAqC7vAMA0GCSqGSIb3DQEBCwUAA4IBAQBzwe7lLhvgyUeNPu0pfdfw
HVRIPrgAF+jNmhw7/43oOeiq2x837HkABetFk7sp9C2Weo/xtTlpcTd/7DA34UMN
rQKkf/0FSCZbc3QzCvqhi64r3s2wdnqQlKfZBbRjnyXqPLoS9dC65ehStBxx1ZlE
zVHfqe1C7GjLCoATntsN1l877eWYdH780uvJ0qeCICbRIHeMHpkt4onlmAts9qmP
ehbm8GzLGkMEYFtVNVG0OvmgI0/usnHUkLRJiIux3iZplkUiY52BLz2/aStPKhPP
Y3SyKoj0ZWwauAtnntjfAUHqGLmhJRH97nkxrOU/r8/di+m7MZv0gPLXeqI/EntS
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:47:52 2025 by rpki-client