Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/dcbba6-19e0-45cd-b44d-3d33d374d01f/1/V79a2pZVVvJ0VWDM6fOn4OolKEs.roa
File: V79a2pZVVvJ0VWDM6fOn4OolKEs.roa (raw, json)
Hash identifier: bxiP8GhtHgFM5zC9flspvg7NXFXivVepLhhof/kA/4k=
Subject key identifier: 57:BF:5A:DA:96:55:56:F2:74:55:60:CC:E9:F3:A7:E0:EA:25:28:4B
Certificate issuer: /CN=898df4e11514becc472a757e036b38087d0165ed
Certificate serial: 018BB8A277C09CB4BD733367CD6FF6E1FD92
Authority key identifier: 89:8D:F4:E1:15:14:BE:CC:47:2A:75:7E:03:6B:38:08:7D:01:65:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iY304RUUvsxHKnV-A2s4CH0BZe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/dcbba6-19e0-45cd-b44d-3d33d374d01f/1/V79a2pZVVvJ0VWDM6fOn4OolKEs.roa
Signing time: Fri 10 Nov 2023 09:48:57 +0000
ROA not before: Fri 10 Nov 2023 09:48:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56911
IP address blocks: 185.47.138.0/24 maxlen: 24
185.47.137.0/24 maxlen: 24
185.47.136.0/22 maxlen: 24
185.47.136.0/24 maxlen: 24
185.47.139.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b8:a2:77:c0:9c:b4:bd:73:33:67:cd:6f:f6:e1:fd:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=898df4e11514becc472a757e036b38087d0165ed
Validity
Not Before: Nov 10 09:48:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=57bf5ada965556f2745560cce9f3a7e0ea25284b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b5:a2:17:38:66:ef:ad:f6:e3:9f:20:f1:b1:
ad:36:a3:82:da:70:09:3e:41:98:97:e3:b9:86:eb:
9e:66:11:20:e0:8e:5a:17:b6:5a:ae:ac:aa:a4:47:
6c:30:c3:72:5e:0b:79:e7:32:ad:ff:d1:a8:f9:0f:
57:46:65:53:02:4e:83:ff:da:cd:8f:33:64:9e:f9:
e1:d8:50:e7:ce:51:24:0b:91:65:38:a8:3e:b7:6b:
c8:50:ff:68:e3:27:2c:a5:75:99:c5:b0:4c:dc:3a:
63:9c:43:e0:52:a9:dd:9a:37:1b:36:49:3b:bd:58:
06:9f:dd:0d:09:a6:2e:eb:38:61:5a:0d:e7:44:bf:
81:b7:de:e8:58:b1:43:a0:86:9b:f0:f9:0a:18:59:
fa:b3:88:e0:d0:09:f9:6e:4f:65:0e:00:d7:de:d4:
89:be:7f:cc:a4:6c:55:5b:29:bd:bc:13:31:85:08:
d0:77:9b:05:77:6c:7c:21:87:76:73:f3:fd:06:a7:
6b:c7:64:db:76:09:29:bb:0f:ce:e9:5c:1e:6b:35:
bb:00:d6:67:9a:0f:ea:24:41:c8:4f:78:77:14:9f:
d0:0a:df:ee:60:7a:c3:42:bd:fc:a8:37:f2:97:3a:
a7:7e:62:d1:81:56:5f:ce:97:51:58:89:80:84:e0:
0d:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:BF:5A:DA:96:55:56:F2:74:55:60:CC:E9:F3:A7:E0:EA:25:28:4B
X509v3 Authority Key Identifier:
keyid:89:8D:F4:E1:15:14:BE:CC:47:2A:75:7E:03:6B:38:08:7D:01:65:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iY304RUUvsxHKnV-A2s4CH0BZe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/dcbba6-19e0-45cd-b44d-3d33d374d01f/1/V79a2pZVVvJ0VWDM6fOn4OolKEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/dcbba6-19e0-45cd-b44d-3d33d374d01f/1/iY304RUUvsxHKnV-A2s4CH0BZe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.47.136.0/22
Signature Algorithm: sha256WithRSAEncryption
70:7c:e0:ad:1f:8d:b0:16:31:68:1b:8d:88:54:f9:e9:76:cb:
8e:4b:4b:a4:80:fd:8d:b6:ff:85:82:ee:cf:d9:24:0b:fd:9c:
8f:d4:ca:71:f8:f4:7a:dc:51:8d:47:ef:91:c5:fd:45:54:ba:
22:4e:b5:08:16:a8:bd:4c:66:1b:58:44:ca:7d:2b:07:1f:4c:
a8:f7:d2:68:d3:d5:03:e0:ea:a4:02:4a:91:0c:7f:ef:30:75:
76:b8:ed:19:f8:bf:6a:dd:33:15:94:bc:17:db:8b:b6:9b:18:
bf:9c:c6:52:31:09:4d:8c:77:59:62:07:2d:05:7e:c6:72:34:
ba:6c:46:08:56:b6:4f:d3:f5:c2:47:28:15:b3:ea:8f:b1:d0:
07:04:7a:c5:b4:c7:55:96:fc:e1:9e:d4:71:36:83:e6:1b:b0:
db:0c:c3:c3:1e:f5:a5:20:71:0c:b1:d3:31:f6:af:7e:93:bb:
01:fb:fd:dc:6b:20:b1:94:50:6c:4f:39:0b:0f:e6:a6:f5:5d:
b4:54:40:aa:38:10:1b:ce:55:f3:94:c9:bd:5c:15:7f:6a:83:
16:80:30:9a:f0:7e:05:21:e0:ed:20:1f:be:3f:73:76:b0:d1:
46:44:c3:f5:34:ac:41:38:0d:93:f7:95:f4:85:67:ae:1a:04:
81:ca:89:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYu4onfAnLS9czNnzW/24f2SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5OGRmNGUxMTUxNGJlY2M0NzJhNzU3ZTAzNmIzODA4N2Qw
MTY1ZWQwHhcNMjMxMTEwMDk0ODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2JmNWFkYTk2NTU1NmYyNzQ1NTYwY2NlOWYzYTdlMGVhMjUyODRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7WiFzhm7632458g8bGtNqOC2nAJ
PkGYl+O5huueZhEg4I5aF7ZarqyqpEdsMMNyXgt55zKt/9Go+Q9XRmVTAk6D/9rN
jzNknvnh2FDnzlEkC5FlOKg+t2vIUP9o4ycspXWZxbBM3DpjnEPgUqndmjcbNkk7
vVgGn90NCaYu6zhhWg3nRL+Bt97oWLFDoIab8PkKGFn6s4jg0An5bk9lDgDX3tSJ
vn/MpGxVWym9vBMxhQjQd5sFd2x8IYd2c/P9Bqdrx2Tbdgkpuw/O6VweazW7ANZn
mg/qJEHIT3h3FJ/QCt/uYHrDQr38qDfylzqnfmLRgVZfzpdRWImAhOANCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFe/WtqWVVbydFVgzOnzp+DqJShLMB8GA1UdIwQY
MBaAFImN9OEVFL7MRyp1fgNrOAh9AWXtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVkzMDRSVVV2c3hIS25WLUEyczRDSDBCWmUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9kY2JiYTYtMTllMC00NWNkLWI0NGQt
M2QzM2QzNzRkMDFmLzEvVjc5YTJwWlZWdkowVldETTZmT240T29sS0VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9kY2JiYTYtMTllMC00NWNkLWI0NGQtM2QzM2QzNzRkMDFm
LzEvaVkzMDRSVVV2c3hIS25WLUEyczRDSDBCWmUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuS+IMA0G
CSqGSIb3DQEBCwUAA4IBAQBwfOCtH42wFjFoG42IVPnpdsuOS0ukgP2Ntv+Fgu7P
2SQL/ZyP1Mpx+PR63FGNR++Rxf1FVLoiTrUIFqi9TGYbWETKfSsHH0yo99Jo09UD
4OqkAkqRDH/vMHV2uO0Z+L9q3TMVlLwX24u2mxi/nMZSMQlNjHdZYgctBX7GcjS6
bEYIVrZP0/XCRygVs+qPsdAHBHrFtMdVlvzhntRxNoPmG7DbDMPDHvWlIHEMsdMx
9q9+k7sB+/3cayCxlFBsTzkLD+am9V20VECqOBAbzlXzlMm9XBV/aoMWgDCa8H4F
IeDtIB++P3N2sNFGRMP1NKxBOA2T95X0hWeuGgSByolJ
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:31:51 2025 by rpki-client