Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/kTl30QOsbrDzk_mb8ECK1dAhV14.roa
File: kTl30QOsbrDzk_mb8ECK1dAhV14.roa (raw, json)
Hash identifier: ktEj7/KQdl7DWD89NCLPeaAfOqTe9FU+2FvlPHr9TVM=
Subject key identifier: 91:39:77:D1:03:AC:6E:B0:F3:93:F9:9B:F0:40:8A:D5:D0:21:57:5E
Certificate issuer: /CN=593897174f967490dbf6189d479df2c9371bf404
Certificate serial: 019422FB56BC9DA160264B289A8896B4C82E
Authority key identifier: 59:38:97:17:4F:96:74:90:DB:F6:18:9D:47:9D:F2:C9:37:1B:F4:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WTiXF0-WdJDb9hidR53yyTcb9AQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/kTl30QOsbrDzk_mb8ECK1dAhV14.roa
Signing time: Wed 01 Jan 2025 17:48:04 +0000
ROA not before: Wed 01 Jan 2025 17:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 185.67.36.0/22 maxlen: 32
2a05:bc0::/29 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:56:bc:9d:a1:60:26:4b:28:9a:88:96:b4:c8:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=593897174f967490dbf6189d479df2c9371bf404
Validity
Not Before: Jan 1 17:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=913977d103ac6eb0f393f99bf0408ad5d021575e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:54:42:32:d8:16:b1:b2:2a:1d:4c:5c:27:ce:
5d:20:6f:41:49:9e:6b:1c:80:2c:9f:44:5c:5d:95:
63:cd:c5:d3:19:20:92:57:70:f1:c7:36:1f:80:df:
71:19:89:94:dd:e1:90:74:6b:72:8d:d2:72:a0:69:
57:a7:9b:a7:0f:2a:cc:50:9e:cf:c4:58:24:a9:cd:
00:0e:4d:01:19:2c:15:19:b9:7a:41:8d:c8:22:a0:
95:3a:2e:89:85:ab:ba:99:92:7e:60:b7:3c:c5:ec:
5c:a1:42:8b:a1:13:65:d6:c6:26:72:9a:ca:56:ce:
9d:f9:3f:b1:ac:6b:2b:7f:c6:3b:b9:d5:aa:63:c7:
d7:14:aa:3e:1d:f1:63:b0:3f:11:f0:99:79:30:30:
62:66:45:a6:9f:a6:78:87:c3:d1:79:02:5d:cd:f4:
33:1e:ed:65:c1:97:c3:31:31:80:3d:8f:8e:0c:02:
c6:96:4b:f0:a1:4a:8f:51:69:5e:6d:4a:c5:20:2e:
08:85:b2:c1:28:2a:77:62:df:52:f4:b7:a8:8b:5b:
45:74:a0:cd:9e:80:b3:6d:ed:63:2f:3b:62:bd:59:
6e:62:50:b6:5f:37:e9:f5:e6:64:bf:c4:9f:1c:47:
4d:27:b1:d5:33:8b:0c:8c:03:9b:81:08:71:34:d1:
ae:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:39:77:D1:03:AC:6E:B0:F3:93:F9:9B:F0:40:8A:D5:D0:21:57:5E
X509v3 Authority Key Identifier:
keyid:59:38:97:17:4F:96:74:90:DB:F6:18:9D:47:9D:F2:C9:37:1B:F4:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WTiXF0-WdJDb9hidR53yyTcb9AQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/kTl30QOsbrDzk_mb8ECK1dAhV14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/WTiXF0-WdJDb9hidR53yyTcb9AQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.36.0/22
IPv6:
2a05:bc0::/29
Signature Algorithm: sha256WithRSAEncryption
4f:88:b3:75:6e:d9:22:db:40:69:c6:69:1b:51:e0:6d:3e:a1:
01:b2:90:14:88:e6:d2:81:d4:03:ce:b3:3a:6e:7c:99:7f:6a:
db:4c:d8:bf:64:d4:d6:90:cb:1b:4e:69:2f:b9:bb:fa:d7:75:
9c:97:6e:0c:b9:3c:77:bc:b8:54:08:02:9a:20:9d:40:22:35:
ae:9e:e9:45:de:55:4a:01:98:2c:a2:2b:8c:dc:cb:99:06:93:
30:8c:bd:cc:58:cf:c8:7c:0e:04:d5:8b:87:93:72:2a:b4:66:
68:2f:00:81:21:f8:44:b9:50:69:bc:ea:a4:d1:3e:ce:47:66:
0f:26:c2:75:47:27:24:03:38:f4:ac:68:53:25:49:63:a2:9f:
29:1e:33:45:5f:02:5a:ac:e1:7e:d1:de:ab:01:66:1a:bd:fc:
2e:85:8d:0d:03:fe:5c:73:7a:74:ac:a6:04:af:89:7b:81:c3:
37:c2:d2:52:56:43:4e:ea:43:8b:c7:33:93:82:7b:05:61:52:
f6:6c:73:40:8f:42:e8:24:2b:93:66:aa:58:d1:53:c4:e6:b5:
f2:48:b1:24:59:a3:81:c0:51:2e:63:e5:85:68:0d:2d:10:d1:
0a:a4:15:fd:4d:64:33:7e:6f:8d:9a:33:f4:29:1d:4c:11:da:
4a:22:92:66
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi+1a8naFgJksomoiWtMguMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5Mzg5NzE3NGY5Njc0OTBkYmY2MTg5ZDQ3OWRmMmM5Mzcx
YmY0MDQwHhcNMjUwMTAxMTc0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTM5NzdkMTAzYWM2ZWIwZjM5M2Y5OWJmMDQwOGFkNWQwMjE1NzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1RCMtgWsbIqHUxcJ85dIG9BSZ5r
HIAsn0RcXZVjzcXTGSCSV3DxxzYfgN9xGYmU3eGQdGtyjdJyoGlXp5unDyrMUJ7P
xFgkqc0ADk0BGSwVGbl6QY3IIqCVOi6Jhau6mZJ+YLc8xexcoUKLoRNl1sYmcprK
Vs6d+T+xrGsrf8Y7udWqY8fXFKo+HfFjsD8R8Jl5MDBiZkWmn6Z4h8PReQJdzfQz
Hu1lwZfDMTGAPY+ODALGlkvwoUqPUWlebUrFIC4IhbLBKCp3Yt9S9Leoi1tFdKDN
noCzbe1jLztivVluYlC2Xzfp9eZkv8SfHEdNJ7HVM4sMjAObgQhxNNGuiwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJE5d9EDrG6w85P5m/BAitXQIVdeMB8GA1UdIwQY
MBaAFFk4lxdPlnSQ2/YYnUed8sk3G/QEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1RpWEYwLVdkSkRiOWhpZFI1M3l5VGNiOUFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kY2Y5NzYtMDA3ZC00NTQyLWIwZTIt
NWY4ZmM3MDc4MzZhLzEva1RsMzBRT3NickR6a19tYjhFQ0sxZEFoVjE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9kY2Y5NzYtMDA3ZC00NTQyLWIwZTItNWY4ZmM3MDc4MzZh
LzEvV1RpWEYwLVdkSkRiOWhpZFI1M3l5VGNiOUFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUMkMA0E
AgACMAcDBQMqBQvAMA0GCSqGSIb3DQEBCwUAA4IBAQBPiLN1btki20BpxmkbUeBt
PqEBspAUiObSgdQDzrM6bnyZf2rbTNi/ZNTWkMsbTmkvubv613Wcl24MuTx3vLhU
CAKaIJ1AIjWunulF3lVKAZgsoiuM3MuZBpMwjL3MWM/IfA4E1YuHk3IqtGZoLwCB
IfhEuVBpvOqk0T7OR2YPJsJ1RyckAzj0rGhTJUljop8pHjNFXwJarOF+0d6rAWYa
vfwuhY0NA/5cc3p0rKYEr4l7gcM3wtJSVkNO6kOLxzOTgnsFYVL2bHNAj0LoJCuT
ZqpY0VPE5rXySLEkWaOBwFEuY+WFaA0tENEKpBX9TWQzfm+NmjP0KR1MEdpKIpJm
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:12:40 2025 by rpki-client