Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/32c5ce-28b2-47d7-abd5-2e9d6ca08701/1/v7ByIKwOXqJTxGdfMvVM_P8Yk14.roa
File: v7ByIKwOXqJTxGdfMvVM_P8Yk14.roa (raw, json)
Hash identifier: bIjV2ZJzBy3yyrxiMfJkpYLvuc3jbffdO+NM/L9jsvs=
Subject key identifier: BF:B0:72:20:AC:0E:5E:A2:53:C4:67:5F:32:F5:4C:FC:FF:18:93:5E
Certificate issuer: /CN=65865968a1d8f4f377865c913af3b9af890d7cce
Certificate serial: 01856E2FB76EA72EB7946370BD767E50C9DA
Authority key identifier: 65:86:59:68:A1:D8:F4:F3:77:86:5C:91:3A:F3:B9:AF:89:0D:7C:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZYZZaKHY9PN3hlyROvO5r4kNfM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/32c5ce-28b2-47d7-abd5-2e9d6ca08701/1/v7ByIKwOXqJTxGdfMvVM_P8Yk14.roa
Signing time: Sun 01 Jan 2023 16:34:59 +0000
ROA not before: Sun 01 Jan 2023 16:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5578
IP address blocks: 185.161.174.0/23 maxlen: 23
185.161.174.0/24 maxlen: 24
185.161.175.0/24 maxlen: 24
2a07:c380::/29 maxlen: 29
2a07:c387::/32 maxlen: 32
2a07:c380:50::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:b7:6e:a7:2e:b7:94:63:70:bd:76:7e:50:c9:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65865968a1d8f4f377865c913af3b9af890d7cce
Validity
Not Before: Jan 1 16:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bfb07220ac0e5ea253c4675f32f54cfcff18935e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:04:71:b2:a8:8b:98:9b:38:c3:a5:7c:73:d6:
e9:82:43:32:3c:07:15:82:81:11:d2:ae:f8:03:3c:
f0:b2:4e:12:14:a2:05:fa:b2:85:50:09:0e:cb:8b:
e9:ae:c0:2b:c4:8c:b1:d1:a1:fd:8e:05:02:3f:84:
5f:87:e8:82:cf:b4:46:aa:40:df:d5:78:1c:42:dc:
78:68:8e:f6:61:99:93:cc:e6:e3:5d:65:56:ed:49:
d8:18:4e:72:c8:5b:e8:ba:88:9c:39:b9:7e:03:ff:
b1:6b:f5:c0:e4:2c:3d:b5:c5:c9:f0:a2:7a:2d:10:
d5:63:6d:03:6f:d5:e6:fa:85:8d:cf:b3:cb:4a:3e:
bb:19:9c:7b:61:07:18:72:56:7c:b8:fa:66:80:53:
5c:57:16:1e:a3:6c:85:0c:62:ef:b8:be:77:d6:80:
ff:8c:18:e7:31:d4:3c:00:10:93:c6:b2:25:34:af:
83:40:79:ca:03:15:ba:69:e1:e5:a6:ee:fc:05:76:
ea:cf:9c:bb:24:10:44:3f:5f:46:08:31:16:f3:e9:
55:eb:9c:db:dc:46:9c:5a:d3:3d:e8:4e:e8:f8:1e:
13:5e:3f:48:f8:24:a5:91:9e:b2:58:ce:83:ac:e6:
40:7c:a6:2f:34:ee:72:87:0b:25:8c:97:45:bb:b4:
eb:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:B0:72:20:AC:0E:5E:A2:53:C4:67:5F:32:F5:4C:FC:FF:18:93:5E
X509v3 Authority Key Identifier:
keyid:65:86:59:68:A1:D8:F4:F3:77:86:5C:91:3A:F3:B9:AF:89:0D:7C:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYZZaKHY9PN3hlyROvO5r4kNfM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/32c5ce-28b2-47d7-abd5-2e9d6ca08701/1/v7ByIKwOXqJTxGdfMvVM_P8Yk14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/32c5ce-28b2-47d7-abd5-2e9d6ca08701/1/ZYZZaKHY9PN3hlyROvO5r4kNfM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.174.0/23
IPv6:
2a07:c380::/29
Signature Algorithm: sha256WithRSAEncryption
a9:b5:ca:24:f1:cd:81:74:ed:0e:4b:a1:27:85:df:66:43:75:
92:41:d1:83:04:0e:e6:3b:ee:11:36:ee:ab:ff:69:e7:3e:c3:
c2:8d:d8:91:38:a2:d7:17:b0:bb:36:95:c9:28:3d:fd:14:d2:
e4:64:47:a0:49:e5:a1:7e:09:0f:5e:86:59:75:9f:0c:e4:8d:
78:15:2c:f0:0e:2e:2e:b1:b4:80:9d:50:46:8d:6d:ec:c3:7b:
2f:94:a5:9d:36:b1:83:e7:70:b6:6e:38:0e:69:df:c0:fb:db:
fb:cf:74:46:27:96:5f:8d:28:82:51:be:d4:0a:86:4b:08:c6:
f7:37:85:c1:38:3e:e2:7c:13:51:d1:8c:44:84:33:6a:63:54:
d7:89:05:47:d1:99:0a:16:8b:c5:e6:da:4b:b9:17:c5:9c:f3:
e5:ba:53:0c:8f:6c:e8:b2:39:87:76:00:c9:15:ea:51:b0:af:
96:ec:8f:b5:3f:b0:8b:43:95:0c:98:5e:38:da:43:11:49:d0:
fe:92:c3:11:d6:6d:6e:a7:87:9e:c2:88:0d:73:89:45:0c:ce:
6a:bd:b0:24:21:e1:59:de:a4:25:4e:a7:f3:c7:72:f9:7a:ea:
8e:e7:0c:b6:2c:18:31:1b:1b:39:6c:07:69:b7:e1:e2:b5:34:
4c:f6:ed:f0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuL7dupy63lGNwvXZ+UMnaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ODY1OTY4YTFkOGY0ZjM3Nzg2NWM5MTNhZjNiOWFmODkw
ZDdjY2UwHhcNMjMwMTAxMTYzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmIwNzIyMGFjMGU1ZWEyNTNjNDY3NWYzMmY1NGNmY2ZmMTg5MzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiARxsqiLmJs4w6V8c9bpgkMyPAcV
goER0q74Azzwsk4SFKIF+rKFUAkOy4vprsArxIyx0aH9jgUCP4Rfh+iCz7RGqkDf
1XgcQtx4aI72YZmTzObjXWVW7UnYGE5yyFvouoicObl+A/+xa/XA5Cw9tcXJ8KJ6
LRDVY20Db9Xm+oWNz7PLSj67GZx7YQcYclZ8uPpmgFNcVxYeo2yFDGLvuL531oD/
jBjnMdQ8ABCTxrIlNK+DQHnKAxW6aeHlpu78BXbqz5y7JBBEP19GCDEW8+lV65zb
3EacWtM96E7o+B4TXj9I+CSlkZ6yWM6DrOZAfKYvNO5yhwsljJdFu7Tr/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL+wciCsDl6iU8RnXzL1TPz/GJNeMB8GA1UdIwQY
MBaAFGWGWWih2PTzd4ZckTrzua+JDXzOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWllaWmFLSFk5UE4zaGx5Uk92TzVyNGtOZk00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8zMmM1Y2UtMjhiMi00N2Q3LWFiZDUt
MmU5ZDZjYTA4NzAxLzEvdjdCeUlLd09YcUpUeEdkZk12Vk1fUDhZazE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8zMmM1Y2UtMjhiMi00N2Q3LWFiZDUtMmU5ZDZjYTA4NzAx
LzEvWllaWmFLSFk5UE4zaGx5Uk92TzVyNGtOZk00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuaGuMA0E
AgACMAcDBQMqB8OAMA0GCSqGSIb3DQEBCwUAA4IBAQCptcok8c2BdO0OS6Enhd9m
Q3WSQdGDBA7mO+4RNu6r/2nnPsPCjdiROKLXF7C7NpXJKD39FNLkZEegSeWhfgkP
XoZZdZ8M5I14FSzwDi4usbSAnVBGjW3sw3svlKWdNrGD53C2bjgOad/A+9v7z3RG
J5ZfjSiCUb7UCoZLCMb3N4XBOD7ifBNR0YxEhDNqY1TXiQVH0ZkKFovF5tpLuRfF
nPPlulMMj2zosjmHdgDJFepRsK+W7I+1P7CLQ5UMmF442kMRSdD+ksMR1m1up4ee
wogNc4lFDM5qvbAkIeFZ3qQlTqfzx3L5euqO5wy2LBgxGxs5bAdpt+HitTRM9u3w
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:37 2025 by rpki-client