Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/bc2ba5-0d6b-4ae9-ad76-50764f377d14/1/b97zC7vFryfL8c_8WixC6ID0hlo.roa
File: b97zC7vFryfL8c_8WixC6ID0hlo.roa (raw, json)
Hash identifier: Y+mDY/V1iRhYu3vXCwuGvBKFlvFClbeYjToCTHnFo9A=
Subject key identifier: 6F:DE:F3:0B:BB:C5:AF:27:CB:F1:CF:FC:5A:2C:42:E8:80:F4:86:5A
Certificate issuer: /CN=cbb0a86e98fd8ffa35038eeb08aae850fb909f2b
Certificate serial: 01842EE1A21ED31CCBAF99A3BBAB134282D6
Authority key identifier: CB:B0:A8:6E:98:FD:8F:FA:35:03:8E:EB:08:AA:E8:50:FB:90:9F:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y7Cobpj9j_o1A47rCKroUPuQnys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/bc2ba5-0d6b-4ae9-ad76-50764f377d14/1/b97zC7vFryfL8c_8WixC6ID0hlo.roa
Signing time: Mon 31 Oct 2022 16:30:49 +0000
ROA not before: Mon 31 Oct 2022 16:30:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212941
IP address blocks: 185.67.96.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2e:e1:a2:1e:d3:1c:cb:af:99:a3:bb:ab:13:42:82:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbb0a86e98fd8ffa35038eeb08aae850fb909f2b
Validity
Not Before: Oct 31 16:30:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6fdef30bbbc5af27cbf1cffc5a2c42e880f4865a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:92:e2:86:83:b9:a6:c0:a8:a3:7e:f7:fe:5d:
7e:8c:cd:a6:98:b2:6e:03:c6:44:35:e1:9a:d6:cf:
e0:ee:52:2b:e1:8e:cd:46:ac:2d:92:1d:32:63:62:
f4:14:53:c7:ae:42:19:f7:f2:b4:47:53:70:dd:cc:
27:12:85:78:0b:a9:49:1b:94:3a:18:ab:77:c7:70:
b9:6e:e7:b2:6c:73:d9:57:65:51:17:97:79:f8:6d:
88:4d:65:be:df:45:50:5c:dc:30:8f:f5:91:df:3f:
23:dd:17:81:e5:96:49:86:0e:1c:e3:23:d8:3e:d9:
80:61:44:c7:b4:49:09:a3:4e:65:9a:9d:5e:87:ba:
d0:30:42:7a:ad:b3:16:f2:85:bf:8a:8d:82:62:bf:
23:1f:d2:44:39:3c:8a:a8:e7:44:1b:cb:4f:3e:b6:
ad:22:86:c3:e2:9e:ed:c5:dd:f6:a4:79:b7:f6:52:
b1:da:26:8d:b2:5d:d2:b9:25:72:d5:51:cb:c7:3e:
4e:f0:43:bd:59:0a:c2:39:a6:b2:02:58:4f:4b:98:
59:34:4f:e1:eb:cb:b7:01:c4:26:ad:bc:f1:ef:6c:
d6:01:b1:c8:d3:dc:43:01:15:c5:9e:05:a1:55:20:
0c:81:a5:69:d9:76:b3:ad:a2:3e:bc:2e:4d:5e:2d:
7d:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:DE:F3:0B:BB:C5:AF:27:CB:F1:CF:FC:5A:2C:42:E8:80:F4:86:5A
X509v3 Authority Key Identifier:
keyid:CB:B0:A8:6E:98:FD:8F:FA:35:03:8E:EB:08:AA:E8:50:FB:90:9F:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y7Cobpj9j_o1A47rCKroUPuQnys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/bc2ba5-0d6b-4ae9-ad76-50764f377d14/1/b97zC7vFryfL8c_8WixC6ID0hlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/bc2ba5-0d6b-4ae9-ad76-50764f377d14/1/y7Cobpj9j_o1A47rCKroUPuQnys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.96.0/22
Signature Algorithm: sha256WithRSAEncryption
36:0a:57:d6:4a:05:c5:98:d8:26:b3:f8:8b:bd:36:c8:6f:ac:
f3:56:87:50:74:9f:97:2f:47:91:6c:52:8f:fe:3b:0e:c3:99:
b1:ad:ba:96:fe:b3:02:49:1d:49:7c:05:8c:19:40:b2:af:e7:
66:c4:08:ad:98:57:2f:43:5c:3d:9b:59:2c:08:92:83:a8:2a:
fd:a4:fa:7b:65:2e:88:a5:6e:f9:0d:a4:82:5d:60:3a:7c:c3:
2e:d9:c5:ec:93:4c:6d:74:32:5e:22:45:1d:39:7f:72:9d:47:
58:10:15:bf:83:58:aa:31:64:36:3a:fb:ac:4d:93:2b:ed:cb:
43:f6:a0:4e:cd:8e:c6:47:c0:05:1f:b3:a0:9c:fe:5a:61:c5:
10:a2:8f:46:b5:3c:4d:cd:04:2c:48:fe:ba:b6:4b:48:10:4c:
10:81:6c:37:71:d2:a4:62:19:4e:61:8e:20:ee:3a:b1:3f:b0:
ba:ea:a3:30:ba:b0:b8:a5:db:37:9e:5e:1d:4f:cf:98:e8:ea:
3b:78:61:8f:26:69:3d:82:77:f7:5f:f1:c2:3e:57:df:fc:52:
bc:fd:1a:2f:be:93:82:3d:af:b3:0f:44:9b:35:22:57:77:29:
5b:2f:78:cc:bf:50:29:1c:c4:5e:f7:54:9a:c4:26:6b:06:4c:
e6:91:03:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQu4aIe0xzLr5mju6sTQoLWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYjBhODZlOThmZDhmZmEzNTAzOGVlYjA4YWFlODUwZmI5
MDlmMmIwHhcNMjIxMDMxMTYzMDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmRlZjMwYmJiYzVhZjI3Y2JmMWNmZmM1YTJjNDJlODgwZjQ4NjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZLihoO5psCoo373/l1+jM2mmLJu
A8ZENeGa1s/g7lIr4Y7NRqwtkh0yY2L0FFPHrkIZ9/K0R1Nw3cwnEoV4C6lJG5Q6
GKt3x3C5bueybHPZV2VRF5d5+G2ITWW+30VQXNwwj/WR3z8j3ReB5ZZJhg4c4yPY
PtmAYUTHtEkJo05lmp1eh7rQMEJ6rbMW8oW/io2CYr8jH9JEOTyKqOdEG8tPPrat
IobD4p7txd32pHm39lKx2iaNsl3SuSVy1VHLxz5O8EO9WQrCOaayAlhPS5hZNE/h
68u3AcQmrbzx72zWAbHI09xDARXFngWhVSAMgaVp2XazraI+vC5NXi19ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG/e8wu7xa8ny/HP/FosQuiA9IZaMB8GA1UdIwQY
MBaAFMuwqG6Y/Y/6NQOO6wiq6FD7kJ8rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTdDb2JwajlqX28xQTQ3ckNLcm9VUHVRbnlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9iYzJiYTUtMGQ2Yi00YWU5LWFkNzYt
NTA3NjRmMzc3ZDE0LzEvYjk3ekM3dkZyeWZMOGNfOFdpeEM2SUQwaGxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9iYzJiYTUtMGQ2Yi00YWU5LWFkNzYtNTA3NjRmMzc3ZDE0
LzEveTdDb2JwajlqX28xQTQ3ckNLcm9VUHVRbnlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUNgMA0G
CSqGSIb3DQEBCwUAA4IBAQA2ClfWSgXFmNgms/iLvTbIb6zzVodQdJ+XL0eRbFKP
/jsOw5mxrbqW/rMCSR1JfAWMGUCyr+dmxAitmFcvQ1w9m1ksCJKDqCr9pPp7ZS6I
pW75DaSCXWA6fMMu2cXsk0xtdDJeIkUdOX9ynUdYEBW/g1iqMWQ2OvusTZMr7ctD
9qBOzY7GR8AFH7OgnP5aYcUQoo9GtTxNzQQsSP66tktIEEwQgWw3cdKkYhlOYY4g
7jqxP7C66qMwurC4pds3nl4dT8+Y6Oo7eGGPJmk9gnf3X/HCPlff/FK8/RovvpOC
Pa+zD0SbNSJXdylbL3jMv1ApHMRe91SaxCZrBkzmkQML
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:25 2025 by rpki-client