Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/57d581-3994-4d83-a1b0-968470b650f4/1/ozrYmKzfcQiHcjDGhHjcCOOzpaw.roa
File: ozrYmKzfcQiHcjDGhHjcCOOzpaw.roa (raw, json)
Hash identifier: EU4EcvPrdv4pFLIAopUAtyOsa5C4KUodrEB13SkVOeQ=
Subject key identifier: A3:3A:D8:98:AC:DF:71:08:87:72:30:C6:84:78:DC:08:E3:B3:A5:AC
Certificate issuer: /CN=ff836ed8cd29b81b8421a1dab920905e2ed76184
Certificate serial: 01856F42B1E4402E85769351691BF70EC465
Authority key identifier: FF:83:6E:D8:CD:29:B8:1B:84:21:A1:DA:B9:20:90:5E:2E:D7:61:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4Nu2M0puBuEIaHauSCQXi7XYYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/57d581-3994-4d83-a1b0-968470b650f4/1/ozrYmKzfcQiHcjDGhHjcCOOzpaw.roa
Signing time: Sun 01 Jan 2023 21:35:19 +0000
ROA not before: Sun 01 Jan 2023 21:35:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204995
IP address blocks: 185.184.9.0/24 maxlen: 24
185.184.8.0/24 maxlen: 24
185.184.11.0/24 maxlen: 24
2a0b:2180:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:b1:e4:40:2e:85:76:93:51:69:1b:f7:0e:c4:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff836ed8cd29b81b8421a1dab920905e2ed76184
Validity
Not Before: Jan 1 21:35:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a33ad898acdf7108877230c68478dc08e3b3a5ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:bb:77:9b:2b:67:0c:8a:5b:60:a0:10:df:9b:
db:8a:21:20:c3:d8:17:41:cc:a3:5d:7a:a6:e2:69:
25:90:a7:01:23:47:c8:ad:ad:38:04:f2:3a:f6:69:
a4:d7:b1:ba:0f:98:74:4f:63:97:21:dc:48:5d:1f:
10:2d:25:b2:9f:71:28:1a:1f:e9:01:2a:55:c7:74:
95:38:4f:74:b1:5c:50:1b:75:7c:59:6f:56:6f:69:
a8:20:ea:b9:ad:50:da:e7:6a:ce:f2:0d:70:1d:21:
4a:87:71:38:57:65:db:8a:04:1a:a5:d8:bc:9a:aa:
98:08:9e:e9:45:35:dc:23:06:fd:b5:c0:d4:aa:bf:
27:05:8c:4a:1e:4a:18:5b:c2:d8:5c:51:fa:24:02:
f7:6c:b2:a0:d2:b3:85:fa:db:4d:87:5e:09:3f:77:
ee:af:88:4e:8e:ab:f3:0b:8f:f9:e7:9d:a5:99:4e:
68:b4:68:9d:fb:e3:19:d5:b5:c4:2f:5e:7e:06:59:
06:5a:38:d7:f0:2b:fe:c0:e5:3e:9d:df:68:df:4d:
f8:39:91:9c:31:06:b4:8c:ec:95:fc:ef:6b:61:c2:
fe:e2:9e:51:d8:81:75:84:26:6f:d7:eb:e3:6b:32:
88:5d:45:f6:29:44:cf:75:da:c1:67:03:97:2f:dc:
05:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:3A:D8:98:AC:DF:71:08:87:72:30:C6:84:78:DC:08:E3:B3:A5:AC
X509v3 Authority Key Identifier:
keyid:FF:83:6E:D8:CD:29:B8:1B:84:21:A1:DA:B9:20:90:5E:2E:D7:61:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4Nu2M0puBuEIaHauSCQXi7XYYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/57d581-3994-4d83-a1b0-968470b650f4/1/ozrYmKzfcQiHcjDGhHjcCOOzpaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/57d581-3994-4d83-a1b0-968470b650f4/1/_4Nu2M0puBuEIaHauSCQXi7XYYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.184.8.0/23
185.184.11.0/24
IPv6:
2a0b:2180:1::/48
Signature Algorithm: sha256WithRSAEncryption
1b:26:43:eb:14:2c:7f:1b:5c:71:a7:c2:50:a7:42:5c:a4:1f:
43:0d:4a:bb:dc:82:16:ea:dd:ca:55:84:c7:1b:6a:b6:f7:b0:
81:7f:85:9d:1a:8b:40:a3:3c:e0:f4:93:ca:45:af:eb:87:10:
17:11:c6:da:a8:d3:83:d4:e5:e9:3a:35:8c:73:34:88:1e:f0:
f9:73:68:a5:28:37:5f:f6:1b:59:9c:a4:b7:2e:3d:f4:7d:04:
fd:54:14:cc:6e:b3:3c:86:e7:0b:21:4f:e7:92:53:8d:a8:92:
5a:39:be:14:72:7d:f4:41:ca:33:44:9c:17:b1:ec:44:78:5b:
d5:b3:b7:ee:af:e1:2c:a5:0e:21:bd:49:f1:95:95:0b:78:12:
1a:ad:17:68:2c:a4:ed:29:01:2b:f0:14:e9:5b:56:f5:8c:5f:
db:4c:ca:e2:31:e5:9b:e4:c8:67:75:4b:2d:d6:a0:4e:9e:7d:
0c:48:76:07:a2:aa:32:60:bd:12:ef:37:1c:bc:70:2c:23:35:
6a:2c:66:82:aa:5b:ee:e7:7b:56:5b:e0:00:a8:0e:ba:92:45:
ab:d7:02:e2:45:5b:cb:7d:8a:7d:cd:cf:37:08:76:d3:42:9e:
68:57:ac:a9:94:f3:f3:f8:bc:9a:16:d2:64:15:11:6a:b6:9d:
8f:45:9c:03
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVvQrHkQC6FdpNRaRv3DsRlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODM2ZWQ4Y2QyOWI4MWI4NDIxYTFkYWI5MjA5MDVlMmVk
NzYxODQwHhcNMjMwMTAxMjEzNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzNhZDg5OGFjZGY3MTA4ODc3MjMwYzY4NDc4ZGMwOGUzYjNhNWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLt3mytnDIpbYKAQ35vbiiEgw9gX
QcyjXXqm4mklkKcBI0fIra04BPI69mmk17G6D5h0T2OXIdxIXR8QLSWyn3EoGh/p
ASpVx3SVOE90sVxQG3V8WW9Wb2moIOq5rVDa52rO8g1wHSFKh3E4V2XbigQapdi8
mqqYCJ7pRTXcIwb9tcDUqr8nBYxKHkoYW8LYXFH6JAL3bLKg0rOF+ttNh14JP3fu
r4hOjqvzC4/5552lmU5otGid++MZ1bXEL15+BlkGWjjX8Cv+wOU+nd9o3034OZGc
MQa0jOyV/O9rYcL+4p5R2IF1hCZv1+vjazKIXUX2KUTPddrBZwOXL9wFYwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKM62Jis33EIh3IwxoR43Ajjs6WsMB8GA1UdIwQY
MBaAFP+DbtjNKbgbhCGh2rkgkF4u12GEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzROdTJNMHB1QnVFSWFIYXVTQ1FYaTdYWVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81N2Q1ODEtMzk5NC00ZDgzLWExYjAt
OTY4NDcwYjY1MGY0LzEvb3pyWW1LemZjUWlIY2pER2hIamNDT096cGF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81N2Q1ODEtMzk5NC00ZDgzLWExYjAtOTY4NDcwYjY1MGY0
LzEvXzROdTJNMHB1QnVFSWFIYXVTQ1FYaTdYWVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBubgIAwQA
ubgLMA8EAgACMAkDBwAqCyGAAAEwDQYJKoZIhvcNAQELBQADggEBABsmQ+sULH8b
XHGnwlCnQlykH0MNSrvcghbq3cpVhMcbarb3sIF/hZ0ai0CjPOD0k8pFr+uHEBcR
xtqo04PU5ek6NYxzNIge8PlzaKUoN1/2G1mcpLcuPfR9BP1UFMxuszyG5wshT+eS
U42oklo5vhRyffRByjNEnBex7ER4W9Wzt+6v4SylDiG9SfGVlQt4EhqtF2gspO0p
ASvwFOlbVvWMX9tMyuIx5ZvkyGd1Sy3WoE6efQxIdgeiqjJgvRLvNxy8cCwjNWos
ZoKqW+7ne1Zb4ACoDrqSRavXAuJFW8t9in3NzzcIdtNCnmhXrKmU8/P4vJoW0mQV
EWq2nY9FnAM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:22 2025 by rpki-client