Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/eb52a4-0473-4a65-b826-5f82fbf95540/1/O-h70dxo8oKLZXyub6WfQnBMOaw.roa
File: O-h70dxo8oKLZXyub6WfQnBMOaw.roa (raw, json)
Hash identifier: 29NT8z9pFnrhLSUCW613aYtBIIXjyoNkJwQ8XuT+Peo=
Subject key identifier: 3B:E8:7B:D1:DC:68:F2:82:8B:65:7C:AE:6F:A5:9F:42:70:4C:39:AC
Certificate issuer: /CN=dfb33aac34c29698f32f6a0092931d2fe2298317
Certificate serial: 018572F13A02DAE0DF47E62FB8E7C1786452
Authority key identifier: DF:B3:3A:AC:34:C2:96:98:F3:2F:6A:00:92:93:1D:2F:E2:29:83:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/37M6rDTClpjzL2oAkpMdL-Ipgxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/eb52a4-0473-4a65-b826-5f82fbf95540/1/O-h70dxo8oKLZXyub6WfQnBMOaw.roa
Signing time: Mon 02 Jan 2023 14:44:49 +0000
ROA not before: Mon 02 Jan 2023 14:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206886
IP address blocks: 185.172.96.0/22 maxlen: 24
2a0b:d00:2::/48 maxlen: 48
2a0b:d00:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:f1:3a:02:da:e0:df:47:e6:2f:b8:e7:c1:78:64:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfb33aac34c29698f32f6a0092931d2fe2298317
Validity
Not Before: Jan 2 14:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3be87bd1dc68f2828b657cae6fa59f42704c39ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:73:6f:24:7a:d4:6f:19:ee:69:c3:06:eb:be:
60:14:50:9f:64:9f:d4:df:d0:f6:49:40:b4:53:ba:
ef:74:24:7a:85:dc:ec:23:60:a7:7a:c7:57:57:db:
e0:25:f2:59:19:4e:8d:ff:cd:1f:25:91:0c:16:05:
fa:e1:d0:36:f0:dd:29:01:dd:c7:73:55:1b:e3:b0:
21:d0:11:e8:89:3d:97:71:52:b0:be:c0:09:56:c5:
1f:2d:3e:26:29:8d:e4:1d:40:65:ef:85:65:fb:84:
29:20:7e:b7:50:87:17:20:e1:c2:6e:c5:3f:79:2a:
e6:9f:2c:f7:bd:ab:f4:6e:ba:79:ca:df:96:d9:c4:
94:43:b5:18:a4:14:fa:2e:a0:bd:a3:e6:bc:4f:cc:
e3:20:6e:f1:61:89:cb:87:4c:95:e5:fa:f6:a5:0a:
3c:1d:30:5a:40:81:a6:9c:7a:bf:5d:14:ad:09:12:
ef:2b:5f:b9:6f:3e:3b:45:86:6e:f5:c3:cf:0c:1f:
00:e5:24:9a:4d:08:24:0f:83:fe:2e:71:a3:24:d9:
2f:88:35:31:63:8e:91:65:a9:05:ac:82:c6:2b:32:
81:10:86:68:46:b2:f7:ea:53:8d:df:2e:18:f9:91:
e9:07:06:f9:2b:92:0a:1a:71:50:25:5a:89:86:51:
0d:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:E8:7B:D1:DC:68:F2:82:8B:65:7C:AE:6F:A5:9F:42:70:4C:39:AC
X509v3 Authority Key Identifier:
keyid:DF:B3:3A:AC:34:C2:96:98:F3:2F:6A:00:92:93:1D:2F:E2:29:83:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/37M6rDTClpjzL2oAkpMdL-Ipgxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/eb52a4-0473-4a65-b826-5f82fbf95540/1/O-h70dxo8oKLZXyub6WfQnBMOaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/eb52a4-0473-4a65-b826-5f82fbf95540/1/37M6rDTClpjzL2oAkpMdL-Ipgxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.96.0/22
IPv6:
2a0b:d00:1::-2a0b:d00:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2b:7c:f2:8f:88:43:dd:55:f8:3c:c5:8d:ae:01:64:6a:22:cd:
1a:71:4c:ff:fd:7a:37:60:b0:aa:f9:a7:37:e9:1b:d4:d8:4a:
dc:4a:b4:ce:45:14:28:0e:6b:56:8a:64:50:f9:1e:a2:6d:62:
61:3a:73:0a:26:31:74:42:32:35:ac:70:35:a8:28:5c:9d:0a:
4a:31:81:53:39:40:04:01:c1:20:c5:d0:8a:5c:12:65:f7:12:
9e:90:17:bc:2f:6b:14:1f:25:a8:9d:2f:67:25:2f:38:67:74:
30:32:b3:2e:9f:ff:e0:cc:af:de:f7:8d:de:e2:0d:de:7d:34:
7d:c4:05:cb:c5:54:1f:57:f5:12:c6:b4:6d:06:ae:85:3c:a4:
ae:43:11:d3:ba:7d:56:e3:f2:12:7d:3e:d2:e9:1d:1f:fb:50:
71:7c:b9:ab:f5:c8:c3:2c:7c:56:51:00:04:e9:3a:df:d8:40:
a9:fd:d8:af:71:07:04:11:50:d0:76:84:32:d3:91:7b:bf:0a:
ce:88:80:48:08:f4:5f:cb:39:31:9d:07:9a:b4:be:81:12:37:
2b:3a:2d:e5:a9:26:39:8a:ee:51:93:e4:15:17:e6:75:89:78:
e3:9e:d1:57:e2:69:86:00:74:be:5d:c1:df:e7:04:b2:79:1f:
32:d4:b5:2a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVy8ToC2uDfR+YvuOfBeGRSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYjMzYWFjMzRjMjk2OThmMzJmNmEwMDkyOTMxZDJmZTIy
OTgzMTcwHhcNMjMwMTAyMTQ0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmU4N2JkMWRjNjhmMjgyOGI2NTdjYWU2ZmE1OWY0MjcwNGMzOWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnNvJHrUbxnuacMG675gFFCfZJ/U
39D2SUC0U7rvdCR6hdzsI2CnesdXV9vgJfJZGU6N/80fJZEMFgX64dA28N0pAd3H
c1Ub47Ah0BHoiT2XcVKwvsAJVsUfLT4mKY3kHUBl74Vl+4QpIH63UIcXIOHCbsU/
eSrmnyz3vav0brp5yt+W2cSUQ7UYpBT6LqC9o+a8T8zjIG7xYYnLh0yV5fr2pQo8
HTBaQIGmnHq/XRStCRLvK1+5bz47RYZu9cPPDB8A5SSaTQgkD4P+LnGjJNkviDUx
Y46RZakFrILGKzKBEIZoRrL36lON3y4Y+ZHpBwb5K5IKGnFQJVqJhlENlwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFDvoe9HcaPKCi2V8rm+ln0JwTDmsMB8GA1UdIwQY
MBaAFN+zOqw0wpaY8y9qAJKTHS/iKYMXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzdNNnJEVENscGp6TDJvQWtwTWRMLUlwZ3hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9lYjUyYTQtMDQ3My00YTY1LWI4MjYt
NWY4MmZiZjk1NTQwLzEvTy1oNzBkeG84b0tMWlh5dWI2V2ZRbkJNT2F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9lYjUyYTQtMDQ3My00YTY1LWI4MjYtNWY4MmZiZjk1NTQw
LzEvMzdNNnJEVENscGp6TDJvQWtwTWRMLUlwZ3hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQCuaxgMBoE
AgACMBQwEgMHACoLDQAAAQMHACoLDQAAAjANBgkqhkiG9w0BAQsFAAOCAQEAK3zy
j4hD3VX4PMWNrgFkaiLNGnFM//16N2CwqvmnN+kb1NhK3Eq0zkUUKA5rVopkUPke
om1iYTpzCiYxdEIyNaxwNagoXJ0KSjGBUzlABAHBIMXQilwSZfcSnpAXvC9rFB8l
qJ0vZyUvOGd0MDKzLp//4Myv3veN3uIN3n00fcQFy8VUH1f1Esa0bQauhTykrkMR
07p9VuPyEn0+0ukdH/tQcXy5q/XIwyx8VlEABOk639hAqf3Yr3EHBBFQ0HaEMtOR
e78KzoiASAj0X8s5MZ0HmrS+gRI3Kzot5akmOYruUZPkFRfmdYl4457RV+JphgB0
vl3B3+cEsnkfMtS1Kg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:52 2025 by rpki-client