Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/eb52a4-0473-4a65-b826-5f82fbf95540/1/Ub8Xh3heaMGpAv8tSdBuqMTgC7A.roa
File: Ub8Xh3heaMGpAv8tSdBuqMTgC7A.roa (raw, json)
Hash identifier: KBZkDtlwNW5llDOVTq7QsU0SuoU9m5cpe4Z54HSMHVc=
Subject key identifier: 51:BF:17:87:78:5E:68:C1:A9:02:FF:2D:49:D0:6E:A8:C4:E0:0B:B0
Certificate issuer: /CN=dfb33aac34c29698f32f6a0092931d2fe2298317
Certificate serial: 061D6DDF
Authority key identifier: DF:B3:3A:AC:34:C2:96:98:F3:2F:6A:00:92:93:1D:2F:E2:29:83:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/37M6rDTClpjzL2oAkpMdL-Ipgxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/eb52a4-0473-4a65-b826-5f82fbf95540/1/Ub8Xh3heaMGpAv8tSdBuqMTgC7A.roa
Signing time: Sat 01 Jan 2022 11:57:46 +0000
ROA not before: Sat 01 Jan 2022 11:57:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206886
IP address blocks: 185.172.96.0/22 maxlen: 24
2a0b:d00:2::/48 maxlen: 48
2a0b:d00:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102591967 (0x61d6ddf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfb33aac34c29698f32f6a0092931d2fe2298317
Validity
Not Before: Jan 1 11:57:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=51bf1787785e68c1a902ff2d49d06ea8c4e00bb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:c3:33:72:5d:0a:11:a7:d8:1c:ef:b4:69:19:
d6:43:1e:c2:96:cc:2c:db:b6:8a:0d:93:b2:58:6c:
c8:4c:31:4c:01:79:32:70:08:f1:5d:47:3c:2d:8b:
77:f2:dd:82:a0:90:f8:12:c3:42:5a:5a:94:ee:e8:
c7:d7:55:86:c1:2d:62:4a:ae:e3:bf:5c:47:ad:3a:
cc:6d:9a:3a:00:1e:01:44:9f:4f:75:ff:03:f3:15:
70:3a:80:54:a7:64:17:03:73:d5:cc:31:fc:7c:24:
16:21:ad:4e:ec:01:f9:59:38:ef:82:7c:10:71:41:
66:36:d4:ad:eb:ef:50:73:98:0b:bd:45:3a:b9:ed:
10:f4:a0:2e:81:f1:c9:bc:fa:39:fc:be:0f:02:ed:
87:c2:51:40:df:c6:0e:bb:3a:63:a6:02:e2:68:cb:
b4:99:9b:9b:ff:88:23:0a:f4:1c:ec:47:37:4c:97:
11:40:fe:83:7e:9f:79:d5:7a:89:97:7a:a5:97:4f:
75:52:55:62:9f:d2:0e:5c:fc:05:9d:76:6c:70:8f:
6f:38:8a:2a:d1:d8:3a:43:d7:46:53:eb:6c:67:b2:
4f:bc:df:6c:28:09:08:c1:a0:4b:ed:b0:6f:4c:d3:
73:2b:17:f8:c1:33:93:b6:27:8d:8b:61:13:e7:95:
83:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:BF:17:87:78:5E:68:C1:A9:02:FF:2D:49:D0:6E:A8:C4:E0:0B:B0
X509v3 Authority Key Identifier:
keyid:DF:B3:3A:AC:34:C2:96:98:F3:2F:6A:00:92:93:1D:2F:E2:29:83:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/37M6rDTClpjzL2oAkpMdL-Ipgxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/eb52a4-0473-4a65-b826-5f82fbf95540/1/Ub8Xh3heaMGpAv8tSdBuqMTgC7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/eb52a4-0473-4a65-b826-5f82fbf95540/1/37M6rDTClpjzL2oAkpMdL-Ipgxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.96.0/22
IPv6:
2a0b:d00:1::-2a0b:d00:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a7:cc:b8:76:e7:f0:e2:f5:33:16:6b:a0:ad:67:30:a4:ac:df:
21:d6:c0:5f:78:bf:bc:14:fa:c2:aa:d8:71:d7:0f:9c:bf:8d:
7e:d4:55:a2:85:b3:ac:40:8f:cc:4e:03:c1:05:23:2b:9b:3c:
31:4d:17:9b:f4:c0:39:cf:de:73:3a:10:be:c7:e1:e1:fe:99:
45:76:eb:3a:2a:5d:15:cc:ad:3a:9c:8e:28:c9:46:67:5c:95:
87:a2:10:20:65:a8:68:30:3c:16:d1:a8:f7:8d:b9:21:ca:43:
57:69:df:4e:e6:cc:93:2b:07:ae:9a:b4:cc:74:43:cd:3b:6b:
ce:5b:79:6f:1e:c1:ce:13:18:5c:6c:c9:c5:e9:22:42:78:51:
62:71:65:95:82:7c:0b:60:ab:97:ff:b6:a3:14:39:ba:8c:51:
c1:19:87:0f:14:56:07:f8:77:72:94:fe:e1:25:7b:05:15:8c:
8f:e2:15:51:95:44:69:d7:d3:d2:98:bb:3a:0f:ae:89:ed:87:
4d:85:bf:79:3b:bf:43:fc:f5:ff:1a:27:34:a4:2c:eb:83:80:
ef:9a:92:ca:f7:08:33:19:c3:88:b5:6e:22:ef:92:7c:c7:77:
99:60:f3:f4:e4:44:ea:8b:96:47:82:57:dc:69:df:5d:6b:39:
4c:5a:ea:b9
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEBh1t3zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZmIzM2FhYzM0YzI5Njk4ZjMyZjZhMDA5MjkzMWQyZmUyMjk4MzE3MB4XDTIyMDEw
MTExNTc0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTFiZjE3ODc3ODVl
NjhjMWE5MDJmZjJkNDlkMDZlYThjNGUwMGJiMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJfDM3JdChGn2BzvtGkZ1kMewpbMLNu2ig2TslhsyEwxTAF5
MnAI8V1HPC2Ld/LdgqCQ+BLDQlpalO7ox9dVhsEtYkqu479cR606zG2aOgAeAUSf
T3X/A/MVcDqAVKdkFwNz1cwx/HwkFiGtTuwB+Vk474J8EHFBZjbUrevvUHOYC71F
OrntEPSgLoHxybz6Ofy+DwLth8JRQN/GDrs6Y6YC4mjLtJmbm/+IIwr0HOxHN0yX
EUD+g36fedV6iZd6pZdPdVJVYp/SDlz8BZ12bHCPbziKKtHYOkPXRlPrbGeyT7zf
bCgJCMGgS+2wb0zTcysX+MEzk7YnjYthE+eVg7MCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBRRvxeHeF5owakC/y1J0G6oxOALsDAfBgNVHSMEGDAWgBTfszqsNMKWmPMv
agCSkx0v4imDFzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzM3TTZyRFRDbHBqekwyb0FrcE1kTC1JcGd4Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmIvZWI1MmE0LTA0NzMtNGE2NS1iODI2LTVmODJmYmY5NTU0MC8x
L1ViOFhoM2hlYU1HcEF2OHRTZEJ1cU1UZ0M3QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIv
ZWI1MmE0LTA0NzMtNGE2NS1iODI2LTVmODJmYmY5NTU0MC8xLzM3TTZyRFRDbHBq
ekwyb0FrcE1kTC1JcGd4Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowDAQCAAEwBgMEArmsYDAaBAIAAjAUMBIDBwAqCw0A
AAEDBwAqCw0AAAIwDQYJKoZIhvcNAQELBQADggEBAKfMuHbn8OL1MxZroK1nMKSs
3yHWwF94v7wU+sKq2HHXD5y/jX7UVaKFs6xAj8xOA8EFIyubPDFNF5v0wDnP3nM6
EL7H4eH+mUV26zoqXRXMrTqcjijJRmdclYeiECBlqGgwPBbRqPeNuSHKQ1dp307m
zJMrB66atMx0Q807a85beW8ewc4TGFxsycXpIkJ4UWJxZZWCfAtgq5f/tqMUObqM
UcEZhw8UVgf4d3KU/uElewUVjI/iFVGVRGnX09KYuzoPronth02Fv3k7v0P89f8a
JzSkLOuDgO+aksr3CDMZw4i1biLvknzHd5lg8/TkROqLlkeCV9xp311rOUxa6rk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:27 2025 by rpki-client