Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/DBLY-XZmzFJDYKlTwKLC35ipgX0.roa
File: DBLY-XZmzFJDYKlTwKLC35ipgX0.roa (raw, json)
Hash identifier: MnDvk+0QKRD/5FZiZIBW7OL1B+2fH7rWVINwVVbQwbc=
Subject key identifier: 0C:12:D8:F9:76:66:CC:52:43:60:A9:53:C0:A2:C2:DF:98:A9:81:7D
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 019421B218EB46B4E08EA61CF8D7057F92D6
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/DBLY-XZmzFJDYKlTwKLC35ipgX0.roa
Signing time: Wed 01 Jan 2025 11:48:27 +0000
ROA not before: Wed 01 Jan 2025 11:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43153
IP address blocks: 195.136.160.0/23 maxlen: 24
195.136.160.0/24 maxlen: 24
195.136.192.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:18:eb:46:b4:e0:8e:a6:1c:f8:d7:05:7f:92:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 11:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c12d8f97666cc524360a953c0a2c2df98a9817d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:11:86:40:7a:4b:68:f7:33:47:5a:26:18:d4:
0b:ad:a4:cc:c3:2d:ea:9a:d1:2a:df:1d:28:6c:3e:
f7:fa:4c:1f:3c:e3:8a:fc:d2:cb:4b:e9:f4:a6:f9:
38:37:b5:b8:cf:d6:2d:9d:29:e3:56:c5:6a:b9:d7:
99:70:a5:35:42:0c:63:b5:83:37:c1:9d:09:cd:6e:
d8:4d:2f:1d:3b:fa:69:2b:45:63:45:15:7c:35:13:
d4:dd:86:e6:86:d8:76:bc:bb:0e:62:9a:ba:c7:9c:
03:cb:05:36:66:42:7d:90:d2:74:8f:0d:00:34:af:
02:e6:0e:b3:fe:46:f8:94:dd:a5:68:cd:ce:ee:10:
c9:af:b9:92:2e:06:1f:98:b5:6d:1e:8a:61:14:b2:
16:cc:04:44:74:a5:52:e4:16:eb:cd:a4:be:a1:63:
38:37:88:a5:8f:1f:2b:d6:3c:42:d3:23:77:42:71:
a2:fd:c2:c0:e5:47:1a:fb:a3:72:5b:c3:0b:a8:c4:
79:06:0e:25:6f:68:30:18:a3:1d:26:9f:78:b5:4c:
54:d1:ec:04:74:a6:29:71:79:64:f3:6f:df:75:72:
89:09:db:36:cb:d9:71:c1:42:62:63:be:9d:ca:0f:
d2:e7:63:57:d7:29:bb:ab:6c:0f:83:1d:c0:53:7b:
2d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:12:D8:F9:76:66:CC:52:43:60:A9:53:C0:A2:C2:DF:98:A9:81:7D
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/DBLY-XZmzFJDYKlTwKLC35ipgX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.136.160.0/23
195.136.192.0/23
Signature Algorithm: sha256WithRSAEncryption
42:a2:fb:f7:7e:60:5d:8c:ac:9c:16:5f:d3:f9:fa:8b:a7:33:
c5:6a:c6:87:3e:c0:c3:f2:90:b4:0f:4d:e8:13:16:78:97:14:
a2:4f:d1:35:68:4b:9b:29:f3:69:da:a6:d7:fd:cf:6e:31:a7:
e2:a1:fd:08:37:1e:d6:1a:30:17:86:22:f9:cc:ff:80:f2:ef:
7d:2e:85:a0:15:49:da:a3:7b:0d:94:86:6b:53:b9:24:e3:dc:
19:f2:f5:e1:05:9b:f8:84:f6:18:a2:0b:82:9e:06:1a:4e:64:
36:26:49:f2:64:00:e6:ef:9c:a4:31:10:39:b3:cf:43:d1:ce:
01:0d:51:ab:5e:4b:79:41:a5:f3:b7:83:7b:1c:db:22:5d:81:
51:96:0e:da:73:70:23:0e:c3:c7:92:29:ed:70:15:cb:1d:f4:
8b:41:b3:c3:2f:04:41:1a:9a:84:df:b0:b7:12:97:ec:2f:50:
cd:5e:fe:53:49:bd:d2:25:a9:2b:ee:13:61:d3:33:32:c2:ee:
43:d4:cb:d4:e2:33:14:29:7f:7b:77:9e:22:a8:73:93:af:d7:
9d:a6:85:29:f3:f3:06:05:6e:f4:4a:13:98:b4:35:1f:48:04:
0c:4d:7f:0c:e0:f0:e6:69:d8:43:a7:45:2b:c5:01:45:df:78:
a2:b2:5d:00
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhshjrRrTgjqYc+NcFf5LWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjUwMTAxMTE0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzEyZDhmOTc2NjZjYzUyNDM2MGE5NTNjMGEyYzJkZjk4YTk4MTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhGGQHpLaPczR1omGNQLraTMwy3q
mtEq3x0obD73+kwfPOOK/NLLS+n0pvk4N7W4z9YtnSnjVsVqudeZcKU1QgxjtYM3
wZ0JzW7YTS8dO/ppK0VjRRV8NRPU3Ybmhth2vLsOYpq6x5wDywU2ZkJ9kNJ0jw0A
NK8C5g6z/kb4lN2laM3O7hDJr7mSLgYfmLVtHophFLIWzAREdKVS5BbrzaS+oWM4
N4iljx8r1jxC0yN3QnGi/cLA5Uca+6NyW8MLqMR5Bg4lb2gwGKMdJp94tUxU0ewE
dKYpcXlk82/fdXKJCds2y9lxwUJiY76dyg/S52NX1ym7q2wPgx3AU3stmQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAwS2Pl2ZsxSQ2CpU8Ciwt+YqYF9MB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvREJMWS1YWm16RkpEWUtsVHdLTEMzNWlwZ1gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBw4igAwQB
w4jAMA0GCSqGSIb3DQEBCwUAA4IBAQBCovv3fmBdjKycFl/T+fqLpzPFasaHPsDD
8pC0D03oExZ4lxSiT9E1aEubKfNp2qbX/c9uMafiof0INx7WGjAXhiL5zP+A8u99
LoWgFUnao3sNlIZrU7kk49wZ8vXhBZv4hPYYoguCngYaTmQ2JknyZADm75ykMRA5
s89D0c4BDVGrXkt5QaXzt4N7HNsiXYFRlg7ac3AjDsPHkintcBXLHfSLQbPDLwRB
GpqE37C3EpfsL1DNXv5TSb3SJakr7hNh0zMywu5D1MvU4jMUKX97d54iqHOTr9ed
poUp8/MGBW70ShOYtDUfSAQMTX8M4PDmadhDp0UrxQFF33iisl0A
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:54 2025 by rpki-client