Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/37b585-0e3d-4bf6-b9fe-db8e9aef9fb0/1/lBZTcOO4qo3i9dhadnAOmEyJY9c.roa
File: lBZTcOO4qo3i9dhadnAOmEyJY9c.roa (raw, json)
Hash identifier: 143x0PrWCuZhc0K2BXLT3x3zBnJeyQzYUBvLPH/gyiw=
Subject key identifier: 94:16:53:70:E3:B8:AA:8D:E2:F5:D8:5A:76:70:0E:98:4C:89:63:D7
Certificate issuer: /CN=e25c1ddccda09099e396622868f4afcc8e8b56bc
Certificate serial: 081CA770
Authority key identifier: E2:5C:1D:DC:CD:A0:90:99:E3:96:62:28:68:F4:AF:CC:8E:8B:56:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4lwd3M2gkJnjlmIoaPSvzI6LVrw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/37b585-0e3d-4bf6-b9fe-db8e9aef9fb0/1/lBZTcOO4qo3i9dhadnAOmEyJY9c.roa
Signing time: Sat 01 Jan 2022 14:02:14 +0000
ROA not before: Sat 01 Jan 2022 14:02:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57752
IP address blocks: 185.167.220.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 136095600 (0x81ca770)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e25c1ddccda09099e396622868f4afcc8e8b56bc
Validity
Not Before: Jan 1 14:02:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=94165370e3b8aa8de2f5d85a76700e984c8963d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:57:ab:de:61:7a:7a:43:3d:17:61:d1:d0:c7:
05:2e:53:58:57:06:96:51:be:f6:fe:1c:e7:0e:a9:
4d:b1:95:dd:de:e2:fe:34:8e:86:59:50:9c:d2:b9:
cf:d9:5a:d0:8d:5c:e4:ef:33:f0:cd:c3:58:8e:6f:
2e:23:1b:9c:ae:68:73:a0:35:3b:d5:21:f1:ba:56:
bb:4d:bf:f6:73:07:5b:a2:49:76:f2:4c:4d:ce:ff:
62:d7:36:4b:4f:72:b9:6b:cf:41:6d:87:70:a4:03:
71:64:c5:93:2d:18:44:b8:02:a3:70:82:14:26:f5:
41:6d:ba:84:cb:87:aa:09:31:27:c1:cc:a1:3c:21:
6c:52:cd:19:2e:0d:29:2f:31:9a:46:32:59:33:ee:
e6:34:bf:48:66:3c:37:58:23:d4:68:db:ac:55:ff:
75:90:4a:5f:0c:f3:27:24:2a:d0:4b:d9:34:aa:01:
43:60:4c:50:fc:e4:57:85:82:79:05:5a:45:24:a8:
79:3b:75:db:31:55:91:54:73:40:f1:26:0b:a7:f2:
cc:e3:49:35:91:1f:dd:70:31:98:4c:cf:b3:09:8a:
a9:c5:6f:d8:cf:e8:9c:7a:e4:8b:ce:49:9f:0c:18:
0d:63:e4:a0:1e:9a:db:a6:bd:12:70:20:d5:8c:9d:
11:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:16:53:70:E3:B8:AA:8D:E2:F5:D8:5A:76:70:0E:98:4C:89:63:D7
X509v3 Authority Key Identifier:
keyid:E2:5C:1D:DC:CD:A0:90:99:E3:96:62:28:68:F4:AF:CC:8E:8B:56:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4lwd3M2gkJnjlmIoaPSvzI6LVrw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/37b585-0e3d-4bf6-b9fe-db8e9aef9fb0/1/lBZTcOO4qo3i9dhadnAOmEyJY9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/37b585-0e3d-4bf6-b9fe-db8e9aef9fb0/1/4lwd3M2gkJnjlmIoaPSvzI6LVrw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.220.0/22
Signature Algorithm: sha256WithRSAEncryption
33:a6:64:d0:6d:28:46:71:b4:a7:4c:06:7f:d8:79:11:66:91:
43:c1:85:e2:c6:ee:87:0d:06:b4:7a:61:0e:41:a1:f2:7e:23:
a4:2e:e9:cd:2a:fb:ee:cb:e5:ea:49:22:2f:0a:19:00:c7:52:
f9:f1:01:85:33:85:42:01:af:bd:4c:ab:97:ca:22:dd:f8:41:
0f:39:d5:e8:62:ba:07:60:fc:e9:75:8f:c2:60:20:f3:7e:0e:
bf:7f:2a:ee:08:d1:35:9e:ba:d1:09:ee:c3:4e:69:36:df:0b:
fb:25:b7:d8:ae:fe:3d:bc:8c:32:cc:58:8b:56:cd:59:b2:7f:
7f:7a:aa:68:77:b9:19:99:f5:59:86:28:cd:8b:c3:6c:05:36:
da:10:be:94:48:ba:03:ed:7e:b1:9a:6f:e3:b8:0c:ae:f4:2e:
77:3d:c9:66:5f:63:7b:a0:b3:31:43:c3:fa:97:10:5e:6f:28:
7c:d2:40:b2:d2:8a:92:bc:6b:fc:cf:45:95:17:17:b5:23:4b:
cd:a9:8d:c1:89:9f:8b:33:b6:95:99:8d:31:f5:59:d4:97:c7:
31:86:21:9b:2d:cc:25:4a:1e:72:08:35:05:22:95:f7:c3:ad:
2f:df:57:4e:c4:97:03:70:2d:67:7f:72:db:90:c1:0d:46:a9:
c2:07:f9:d0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECByncDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MjVjMWRkY2NkYTA5MDk5ZTM5NjYyMjg2OGY0YWZjYzhlOGI1NmJjMB4XDTIyMDEw
MTE0MDIxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQxNjUzNzBlM2I4
YWE4ZGUyZjVkODVhNzY3MDBlOTg0Yzg5NjNkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKxXq95henpDPRdh0dDHBS5TWFcGllG+9v4c5w6pTbGV3d7i
/jSOhllQnNK5z9la0I1c5O8z8M3DWI5vLiMbnK5oc6A1O9Uh8bpWu02/9nMHW6JJ
dvJMTc7/Ytc2S09yuWvPQW2HcKQDcWTFky0YRLgCo3CCFCb1QW26hMuHqgkxJ8HM
oTwhbFLNGS4NKS8xmkYyWTPu5jS/SGY8N1gj1GjbrFX/dZBKXwzzJyQq0EvZNKoB
Q2BMUPzkV4WCeQVaRSSoeTt12zFVkVRzQPEmC6fyzONJNZEf3XAxmEzPswmKqcVv
2M/onHrki85JnwwYDWPkoB6a26a9EnAg1YydEXkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSUFlNw47iqjeL12Fp2cA6YTIlj1zAfBgNVHSMEGDAWgBTiXB3czaCQmeOW
Yiho9K/MjotWvDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRsd2QzTTJna0puamxtSW9hUFN2ekk2TFZydy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvMzdiNTg1LTBlM2QtNGJmNi1iOWZlLWRiOGU5YWVmOWZiMC8x
L2xCWlRjT080cW8zaTlkaGFkbkFPbUV5Slk5Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
MzdiNTg1LTBlM2QtNGJmNi1iOWZlLWRiOGU5YWVmOWZiMC8xLzRsd2QzTTJna0pu
amxtSW9hUFN2ekk2TFZydy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmn3DANBgkqhkiG9w0BAQsFAAOC
AQEAM6Zk0G0oRnG0p0wGf9h5EWaRQ8GF4sbuhw0GtHphDkGh8n4jpC7pzSr77svl
6kkiLwoZAMdS+fEBhTOFQgGvvUyrl8oi3fhBDznV6GK6B2D86XWPwmAg834Ov38q
7gjRNZ660Qnuw05pNt8L+yW32K7+PbyMMsxYi1bNWbJ/f3qqaHe5GZn1WYYozYvD
bAU22hC+lEi6A+1+sZpv47gMrvQudz3JZl9je6CzMUPD+pcQXm8ofNJAstKKkrxr
/M9FlRcXtSNLzamNwYmfizO2lZmNMfVZ1JfHMYYhmy3MJUoecgg1BSKV98OtL99X
TsSXA3AtZ39y25DBDUapwgf50A==
-----END CERTIFICATE-----
Generated at Mon May 12 10:21:56 2025 by rpki-client