Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/bb5iI1WPbNppyqoKFGHl592smj4.roa
File: bb5iI1WPbNppyqoKFGHl592smj4.roa (raw, json)
Hash identifier: dMEHaektgDSjptnb5y/mJH+mUC58u3E+XvJ+oyJwb/c=
Subject key identifier: 6D:BE:62:23:55:8F:6C:DA:69:CA:AA:0A:14:61:E5:E7:DD:AC:9A:3E
Certificate issuer: /CN=7ca643bb399c6d87adc4c7cba5d2b72fbd00d046
Certificate serial: 019428273DE9D5AA810AC0D2AD78151E211F
Authority key identifier: 7C:A6:43:BB:39:9C:6D:87:AD:C4:C7:CB:A5:D2:B7:2F:BD:00:D0:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fKZDuzmcbYetxMfLpdK3L70A0EY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/bb5iI1WPbNppyqoKFGHl592smj4.roa
Signing time: Thu 02 Jan 2025 17:54:07 +0000
ROA not before: Thu 02 Jan 2025 17:54:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20853
IP address blocks: 185.198.37.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:3d:e9:d5:aa:81:0a:c0:d2:ad:78:15:1e:21:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ca643bb399c6d87adc4c7cba5d2b72fbd00d046
Validity
Not Before: Jan 2 17:54:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6dbe6223558f6cda69caaa0a1461e5e7ddac9a3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8c:bb:08:e8:26:5c:f2:4b:44:f0:03:15:e5:
af:c5:4c:84:c6:a9:a2:00:35:9f:00:7b:3c:33:6e:
a5:f8:ae:8e:79:0e:10:02:5c:a2:09:b1:7e:38:86:
ec:f2:ad:64:dd:7a:7a:81:72:00:1e:44:a1:7b:22:
44:95:52:03:33:94:d5:55:d8:59:a5:21:e2:c7:d6:
f8:1c:f1:e7:28:08:66:ca:ff:99:fb:d7:3e:5c:32:
6d:15:7c:63:92:19:cf:13:f0:90:6f:b6:68:db:be:
b2:55:19:c5:c5:f2:9c:0c:65:7e:fa:33:db:20:c1:
f9:e0:29:f2:96:61:33:5a:ca:f1:d2:5a:92:f6:be:
a5:0e:23:ec:09:14:4c:9d:c0:69:56:c2:9d:f4:13:
2e:05:ff:a9:b4:b1:da:00:bf:24:f4:51:69:16:40:
3f:b7:13:69:a5:1e:2e:1f:60:88:c1:8f:57:86:05:
30:4d:be:59:48:ae:a4:76:5f:3f:7e:1c:b4:39:a4:
1a:ae:fc:d3:fb:a9:1d:c3:8d:e1:a4:f5:2c:b3:18:
53:b5:fc:a1:42:a5:37:49:2d:3a:e2:df:cf:a5:ae:
55:e3:c8:2c:88:9c:14:bd:d2:63:9e:a1:24:9c:26:
c0:3a:35:b7:4d:0d:b3:a9:c8:e3:d2:13:39:69:7a:
84:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:BE:62:23:55:8F:6C:DA:69:CA:AA:0A:14:61:E5:E7:DD:AC:9A:3E
X509v3 Authority Key Identifier:
keyid:7C:A6:43:BB:39:9C:6D:87:AD:C4:C7:CB:A5:D2:B7:2F:BD:00:D0:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fKZDuzmcbYetxMfLpdK3L70A0EY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/bb5iI1WPbNppyqoKFGHl592smj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/fKZDuzmcbYetxMfLpdK3L70A0EY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.37.0/24
Signature Algorithm: sha256WithRSAEncryption
15:50:f8:59:80:87:5d:1a:9f:3c:b3:5f:2c:d4:81:62:ad:a8:
c8:16:2b:5d:ff:d1:ab:bc:34:8e:97:2f:60:be:44:82:d9:cd:
de:b1:ee:f8:cc:94:15:6c:c2:36:b3:1a:ff:92:25:74:73:ae:
86:fc:94:be:02:14:79:fc:b8:99:59:21:b2:3d:87:04:89:60:
c8:36:fd:0b:00:d7:2e:6b:81:5e:8f:39:94:9c:80:0a:5d:2e:
3b:96:06:a5:1c:64:27:95:d9:b8:00:9d:96:b5:69:9f:85:8c:
41:dc:5e:44:c9:79:4e:d1:2e:6f:f0:44:f7:b3:37:32:34:3c:
81:ce:29:1a:4a:88:d4:45:2f:4f:4d:6b:8d:c6:da:b3:f0:ed:
1e:28:e9:a2:43:e0:01:90:07:05:13:5b:b2:e9:f1:29:78:3c:
c2:de:ad:49:86:f1:89:7f:8d:60:df:5b:2c:74:6d:2b:35:ac:
c9:28:2f:9c:99:ce:53:f6:18:0f:c3:8a:35:57:b4:c0:0c:02:
fe:9d:90:d8:8b:ff:ae:41:f7:2f:d2:60:6c:75:36:64:ec:13:
55:3b:4a:6e:4e:7c:2d:70:47:40:95:0c:a7:e4:b1:81:29:0f:
93:e7:72:5e:1b:cb:af:1a:bb:10:20:b5:af:52:45:b5:a5:fe:
65:43:57:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJz3p1aqBCsDSrXgVHiEfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjYTY0M2JiMzk5YzZkODdhZGM0YzdjYmE1ZDJiNzJmYmQw
MGQwNDYwHhcNMjUwMTAyMTc1NDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGJlNjIyMzU1OGY2Y2RhNjljYWFhMGExNDYxZTVlN2RkYWM5YTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYy7COgmXPJLRPADFeWvxUyExqmi
ADWfAHs8M26l+K6OeQ4QAlyiCbF+OIbs8q1k3Xp6gXIAHkSheyJElVIDM5TVVdhZ
pSHix9b4HPHnKAhmyv+Z+9c+XDJtFXxjkhnPE/CQb7Zo276yVRnFxfKcDGV++jPb
IMH54CnylmEzWsrx0lqS9r6lDiPsCRRMncBpVsKd9BMuBf+ptLHaAL8k9FFpFkA/
txNppR4uH2CIwY9XhgUwTb5ZSK6kdl8/fhy0OaQarvzT+6kdw43hpPUssxhTtfyh
QqU3SS064t/Ppa5V48gsiJwUvdJjnqEknCbAOjW3TQ2zqcjj0hM5aXqEAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG2+YiNVj2zaacqqChRh5efdrJo+MB8GA1UdIwQY
MBaAFHymQ7s5nG2HrcTHy6XSty+9ANBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZktaRHV6bWNiWWV0eE1mTHBkSzNMNzBBMEVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9jMDMwMWQtNTgwMS00YWM2LWI1MDMt
NDRlYTY0NzIxYzllLzEvYmI1aUkxV1BiTnBweXFvS0ZHSGw1OTJzbWo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9jMDMwMWQtNTgwMS00YWM2LWI1MDMtNDRlYTY0NzIxYzll
LzEvZktaRHV6bWNiWWV0eE1mTHBkSzNMNzBBMEVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucYlMA0G
CSqGSIb3DQEBCwUAA4IBAQAVUPhZgIddGp88s18s1IFirajIFitd/9GrvDSOly9g
vkSC2c3ese74zJQVbMI2sxr/kiV0c66G/JS+AhR5/LiZWSGyPYcEiWDINv0LANcu
a4FejzmUnIAKXS47lgalHGQnldm4AJ2WtWmfhYxB3F5EyXlO0S5v8ET3szcyNDyB
zikaSojURS9PTWuNxtqz8O0eKOmiQ+ABkAcFE1uy6fEpeDzC3q1JhvGJf41g31ss
dG0rNazJKC+cmc5T9hgPw4o1V7TADAL+nZDYi/+uQfcv0mBsdTZk7BNVO0puTnwt
cEdAlQyn5LGBKQ+T53JeG8uvGrsQILWvUkW1pf5lQ1e2
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:14:53 2025 by rpki-client