Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/5a5b74-cab9-4220-b45e-87e8cbd80b4e/1/3YB2Zlq6cQGL_zvdlsW5o8Obass.roa
File: 3YB2Zlq6cQGL_zvdlsW5o8Obass.roa (raw, json)
Hash identifier: P9rzBe/z0wojX8Dyh55Aa+TPSh7ayxbyBOt6o93lnxE=
Subject key identifier: DD:80:76:66:5A:BA:71:01:8B:FF:3B:DD:96:C5:B9:A3:C3:9B:6A:CB
Certificate issuer: /CN=ffdd76d973a2836e201526879f40ae3b65f564f4
Certificate serial: 018CC7933918A99F534E343E55B509EE8B29
Authority key identifier: FF:DD:76:D9:73:A2:83:6E:20:15:26:87:9F:40:AE:3B:65:F5:64:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_9122XOig24gFSaHn0CuO2X1ZPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/5a5b74-cab9-4220-b45e-87e8cbd80b4e/1/3YB2Zlq6cQGL_zvdlsW5o8Obass.roa
Signing time: Tue 02 Jan 2024 00:29:23 +0000
ROA not before: Tue 02 Jan 2024 00:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62117
IP address blocks: 185.46.236.0/24 maxlen: 24
185.46.236.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:39:18:a9:9f:53:4e:34:3e:55:b5:09:ee:8b:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffdd76d973a2836e201526879f40ae3b65f564f4
Validity
Not Before: Jan 2 00:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd8076665aba71018bff3bdd96c5b9a3c39b6acb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ff:1f:d4:d5:9d:1b:9a:71:30:18:6a:e0:ba:
c9:a9:9a:66:c3:b9:1a:19:05:33:e3:43:4c:a0:cb:
e2:4d:41:f0:1c:3c:fe:8e:61:45:15:b8:f0:4a:f2:
46:86:9c:c6:4a:d2:d7:90:c4:a5:fd:34:13:a1:cc:
53:b5:fe:37:15:bb:24:a6:d9:5e:bf:1c:18:10:2f:
b2:5b:ec:fc:d4:df:23:3c:16:11:e5:1f:54:c5:45:
6a:a0:7b:af:2d:32:d8:8d:98:18:c5:76:7f:63:1e:
35:d7:cc:4c:6f:1f:9f:3a:21:80:15:ce:55:8d:26:
15:ce:0f:ff:c4:7f:ab:d9:28:fd:38:f5:eb:74:99:
8c:72:20:9a:d3:2a:5a:9b:a0:8b:5c:b1:25:d3:4b:
52:af:25:fd:5c:05:f4:ea:3b:e1:68:18:5b:2d:c8:
35:f6:f4:13:cf:4b:77:a5:74:4d:5f:bf:26:b2:29:
9c:c3:ed:f0:c7:7e:c7:61:0d:42:0e:f8:12:ce:d5:
c9:f3:03:59:8f:63:93:22:3e:8b:39:07:8a:a0:47:
e9:2c:b1:80:e4:68:79:a5:ac:08:1c:b0:58:cc:68:
e8:e3:05:5a:8b:b9:07:61:d8:f4:9d:f4:82:f5:a5:
d1:5c:6a:45:3a:5a:16:05:7b:49:5e:46:a9:35:5e:
f5:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:80:76:66:5A:BA:71:01:8B:FF:3B:DD:96:C5:B9:A3:C3:9B:6A:CB
X509v3 Authority Key Identifier:
keyid:FF:DD:76:D9:73:A2:83:6E:20:15:26:87:9F:40:AE:3B:65:F5:64:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_9122XOig24gFSaHn0CuO2X1ZPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/5a5b74-cab9-4220-b45e-87e8cbd80b4e/1/3YB2Zlq6cQGL_zvdlsW5o8Obass.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/5a5b74-cab9-4220-b45e-87e8cbd80b4e/1/_9122XOig24gFSaHn0CuO2X1ZPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.46.236.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:a5:21:d4:c8:23:5f:b2:ee:ce:fa:63:0a:43:83:ca:af:00:
92:4d:af:53:96:c4:43:67:6f:bf:34:2f:8b:59:54:ab:8d:f3:
17:a1:17:3b:78:c3:3b:09:74:fe:49:85:cd:01:e2:1f:07:4c:
a2:35:72:1b:de:16:3b:5d:dd:30:10:5b:ae:df:3b:18:c9:31:
4c:48:49:3d:74:e6:a9:7f:6a:2d:79:ca:74:7d:3f:aa:a4:22:
f4:fb:50:29:df:85:5f:14:04:3e:aa:91:1d:4a:1b:29:41:6b:
b8:7e:9a:91:9f:dc:52:ca:01:28:a2:09:3c:70:57:b5:7e:8c:
18:97:5e:50:5a:7f:64:a1:33:cd:ec:09:76:70:c0:f0:cc:36:
9a:5b:66:eb:9f:e2:ac:b8:28:c3:0c:0e:ee:db:9e:26:79:39:
7c:3c:cd:5b:69:24:46:20:2a:a1:5e:21:cd:31:a5:f6:e4:cd:
5b:67:18:47:ce:53:bd:ce:83:d1:65:82:99:4f:2b:8e:b1:37:
ef:19:c7:a3:d0:e1:2d:5e:5e:cf:6e:e6:09:c4:99:74:ec:66:
0e:1d:e1:85:a7:ff:84:58:a9:64:8f:02:3a:d1:89:ac:8a:41:
e7:23:eb:39:31:7a:07:4b:05:8b:86:84:cf:de:24:2c:f7:11:
d1:9d:d0:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHkzkYqZ9TTjQ+VbUJ7ospMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZGQ3NmQ5NzNhMjgzNmUyMDE1MjY4NzlmNDBhZTNiNjVm
NTY0ZjQwHhcNMjQwMTAyMDAyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDgwNzY2NjVhYmE3MTAxOGJmZjNiZGQ5NmM1YjlhM2MzOWI2YWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/8f1NWdG5pxMBhq4LrJqZpmw7ka
GQUz40NMoMviTUHwHDz+jmFFFbjwSvJGhpzGStLXkMSl/TQTocxTtf43Fbskptle
vxwYEC+yW+z81N8jPBYR5R9UxUVqoHuvLTLYjZgYxXZ/Yx4118xMbx+fOiGAFc5V
jSYVzg//xH+r2Sj9OPXrdJmMciCa0ypam6CLXLEl00tSryX9XAX06jvhaBhbLcg1
9vQTz0t3pXRNX78msimcw+3wx37HYQ1CDvgSztXJ8wNZj2OTIj6LOQeKoEfpLLGA
5Gh5pawIHLBYzGjo4wVai7kHYdj0nfSC9aXRXGpFOloWBXtJXkapNV71BwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN2AdmZaunEBi/873ZbFuaPDm2rLMB8GA1UdIwQY
MBaAFP/ddtlzooNuIBUmh59Arjtl9WT0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzkxMjJYT2lnMjRnRlNhSG4wQ3VPMlgxWlBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi81YTViNzQtY2FiOS00MjIwLWI0NWUt
ODdlOGNiZDgwYjRlLzEvM1lCMlpscTZjUUdMX3p2ZGxzVzVvOE9iYXNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi81YTViNzQtY2FiOS00MjIwLWI0NWUtODdlOGNiZDgwYjRl
LzEvXzkxMjJYT2lnMjRnRlNhSG4wQ3VPMlgxWlBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuS7sMA0G
CSqGSIb3DQEBCwUAA4IBAQB8pSHUyCNfsu7O+mMKQ4PKrwCSTa9TlsRDZ2+/NC+L
WVSrjfMXoRc7eMM7CXT+SYXNAeIfB0yiNXIb3hY7Xd0wEFuu3zsYyTFMSEk9dOap
f2otecp0fT+qpCL0+1Ap34VfFAQ+qpEdShspQWu4fpqRn9xSygEoogk8cFe1fowY
l15QWn9koTPN7Al2cMDwzDaaW2brn+KsuCjDDA7u254meTl8PM1baSRGICqhXiHN
MaX25M1bZxhHzlO9zoPRZYKZTyuOsTfvGcej0OEtXl7PbuYJxJl07GYOHeGFp/+E
WKlkjwI60YmsikHnI+s5MXoHSwWLhoTP3iQs9xHRndB0
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:08:21 2025 by rpki-client