Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/e14d80-b5ed-4e7d-9649-694d89142ff9/1/xgIBIhlC5THFJfCwcgUVGet53gk.roa
File: xgIBIhlC5THFJfCwcgUVGet53gk.roa (raw, json)
Hash identifier: p39WBphuc32Ua2iPr7w68fY6sIvm/GzQ1aAw7eWwlyk=
Subject key identifier: C6:02:01:22:19:42:E5:31:C5:25:F0:B0:72:05:15:19:EB:79:DE:09
Certificate issuer: /CN=5bb0e9679ccd367bb6d1680eb3a432a9106cbd97
Certificate serial: 05B15AE8
Authority key identifier: 5B:B0:E9:67:9C:CD:36:7B:B6:D1:68:0E:B3:A4:32:A9:10:6C:BD:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W7DpZ5zNNnu20WgOs6QyqRBsvZc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/e14d80-b5ed-4e7d-9649-694d89142ff9/1/xgIBIhlC5THFJfCwcgUVGet53gk.roa
Signing time: Sat 01 Jan 2022 15:02:43 +0000
ROA not before: Sat 01 Jan 2022 15:02:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201015
IP address blocks: 185.111.66.0/23 maxlen: 23
185.111.66.0/24 maxlen: 24
185.111.67.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95509224 (0x5b15ae8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bb0e9679ccd367bb6d1680eb3a432a9106cbd97
Validity
Not Before: Jan 1 15:02:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c60201221942e531c525f0b072051519eb79de09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:85:a8:30:b5:01:85:4c:9a:0d:25:51:77:3b:
62:26:a5:69:18:90:4d:dd:b9:b0:9a:59:6f:e8:db:
72:0f:4d:f1:d9:5c:f6:aa:f2:71:f6:25:72:70:5b:
84:80:1f:23:b6:cc:87:08:ef:2d:93:9e:a5:0b:f7:
ca:bd:2d:81:b5:0e:e9:cb:cb:7f:bd:ce:22:6c:88:
a0:cf:20:6e:15:fd:c6:ec:2f:e9:4a:82:f3:e1:5c:
01:6c:06:f6:0c:68:59:aa:64:78:43:23:c6:4f:36:
6c:eb:df:80:a8:47:96:e0:0c:e5:77:33:da:76:92:
58:23:18:5d:3e:07:e9:c6:a7:7e:be:74:53:6f:75:
3f:fd:8b:af:09:21:d3:9b:e6:98:af:7e:f3:4d:43:
d1:70:07:cd:bc:d5:d6:83:f1:b4:ea:33:45:e6:61:
6b:df:a3:89:68:99:3b:a4:0a:26:26:97:7b:e2:c3:
cf:0c:05:aa:58:05:e5:98:24:4c:6b:f0:68:24:b1:
25:ec:4b:a0:f7:26:24:32:a2:53:e1:15:68:25:e7:
30:cf:b4:33:e0:da:ea:77:8c:0c:f8:61:d4:19:7f:
45:ff:60:5e:35:67:c7:03:43:66:fa:16:23:bc:49:
a4:46:92:b9:a8:37:8c:78:6d:f6:fc:07:c5:be:b8:
58:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:02:01:22:19:42:E5:31:C5:25:F0:B0:72:05:15:19:EB:79:DE:09
X509v3 Authority Key Identifier:
keyid:5B:B0:E9:67:9C:CD:36:7B:B6:D1:68:0E:B3:A4:32:A9:10:6C:BD:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W7DpZ5zNNnu20WgOs6QyqRBsvZc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e14d80-b5ed-4e7d-9649-694d89142ff9/1/xgIBIhlC5THFJfCwcgUVGet53gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e14d80-b5ed-4e7d-9649-694d89142ff9/1/W7DpZ5zNNnu20WgOs6QyqRBsvZc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.66.0/23
Signature Algorithm: sha256WithRSAEncryption
42:9d:f5:57:2b:e6:cf:5c:54:76:80:d1:f8:f6:7c:4d:d3:60:
51:85:97:9d:6a:52:79:19:71:a9:52:97:31:ab:09:a1:74:b1:
70:06:b3:3f:24:6a:4b:b7:c2:8a:0f:e5:62:49:0c:60:bf:9d:
a4:1e:de:3d:bf:b1:c1:3a:58:e5:a1:ef:2a:51:1a:ed:8f:8e:
d6:a0:fd:c0:82:21:d8:b3:2a:c2:6d:aa:d0:18:c6:7d:ef:a4:
b8:58:9b:9e:ec:03:df:a5:32:d1:69:e0:24:29:ec:54:9e:80:
2e:5e:2b:d1:28:72:9e:27:1c:9f:a5:ae:b1:36:15:f1:b3:39:
c9:5f:94:15:6f:63:99:72:04:2e:aa:00:61:a7:c3:1f:bc:5b:
8b:3b:d4:cc:81:df:9a:b9:ed:5b:5d:bb:0f:f9:be:b2:bd:c2:
ec:29:6b:a5:de:82:e3:b2:f8:e5:b2:82:de:05:eb:a0:8b:1d:
a1:67:10:2e:01:5f:e8:60:ff:2b:fc:d2:97:74:21:3b:ef:bb:
09:f7:02:11:ea:df:da:95:f0:c1:a3:36:97:10:72:f5:a5:83:
14:e9:a9:1d:33:24:13:56:44:b3:30:10:a8:bd:ad:8a:ac:04:
50:56:9f:f1:83:21:5f:ac:ac:36:30:08:45:62:10:ab:0b:86:
00:6a:cb:75
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBbFa6DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YmIwZTk2NzljY2QzNjdiYjZkMTY4MGViM2E0MzJhOTEwNmNiZDk3MB4XDTIyMDEw
MTE1MDI0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzYwMjAxMjIxOTQy
ZTUzMWM1MjVmMGIwNzIwNTE1MTllYjc5ZGUwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIiFqDC1AYVMmg0lUXc7YialaRiQTd25sJpZb+jbcg9N8dlc
9qrycfYlcnBbhIAfI7bMhwjvLZOepQv3yr0tgbUO6cvLf73OImyIoM8gbhX9xuwv
6UqC8+FcAWwG9gxoWapkeEMjxk82bOvfgKhHluAM5Xcz2naSWCMYXT4H6canfr50
U291P/2Lrwkh05vmmK9+801D0XAHzbzV1oPxtOozReZha9+jiWiZO6QKJiaXe+LD
zwwFqlgF5ZgkTGvwaCSxJexLoPcmJDKiU+EVaCXnMM+0M+Da6neMDPhh1Bl/Rf9g
XjVnxwNDZvoWI7xJpEaSuag3jHht9vwHxb64WG0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTGAgEiGULlMcUl8LByBRUZ63neCTAfBgNVHSMEGDAWgBRbsOlnnM02e7bR
aA6zpDKpEGy9lzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1c3RHBaNXpOTm51MjBXZ09zNlF5cVJCc3ZaYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTEvZTE0ZDgwLWI1ZWQtNGU3ZC05NjQ5LTY5NGQ4OTE0MmZmOS8x
L3hnSUJJaGxDNVRIRkpmQ3djZ1VWR2V0NTNnay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEv
ZTE0ZDgwLWI1ZWQtNGU3ZC05NjQ5LTY5NGQ4OTE0MmZmOS8xL1c3RHBaNXpOTm51
MjBXZ09zNlF5cVJCc3ZaYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAblvQjANBgkqhkiG9w0BAQsFAAOC
AQEAQp31Vyvmz1xUdoDR+PZ8TdNgUYWXnWpSeRlxqVKXMasJoXSxcAazPyRqS7fC
ig/lYkkMYL+dpB7ePb+xwTpY5aHvKlEa7Y+O1qD9wIIh2LMqwm2q0BjGfe+kuFib
nuwD36Uy0WngJCnsVJ6ALl4r0Shyniccn6WusTYV8bM5yV+UFW9jmXIELqoAYafD
H7xbizvUzIHfmrntW127D/m+sr3C7Clrpd6C47L45bKC3gXroIsdoWcQLgFf6GD/
K/zSl3QhO++7CfcCEerf2pXwwaM2lxBy9aWDFOmpHTMkE1ZEszAQqL2tiqwEUFaf
8YMhX6ysNjAIRWIQqwuGAGrLdQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:15:41 2025 by rpki-client