Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/954876-d45c-4669-a1cd-6cbc38d4ea4c/1/0v1ZVnqgUmXulKZqzxbKFvTqkbs.roa
File: 0v1ZVnqgUmXulKZqzxbKFvTqkbs.roa (raw, json)
Hash identifier: /d4bURig+ig27jRWlfeJnvasG+3EJlMJK5S1opCmpZE=
Subject key identifier: D2:FD:59:56:7A:A0:52:65:EE:94:A6:6A:CF:16:CA:16:F4:EA:91:BB
Certificate issuer: /CN=82fd6ce85e919ab9bfad3f32dd9808f614009dc0
Certificate serial: 018CC2DAC854E76B64C8EEA843CDBB3FEC41
Authority key identifier: 82:FD:6C:E8:5E:91:9A:B9:BF:AD:3F:32:DD:98:08:F6:14:00:9D:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gv1s6F6Rmrm_rT8y3ZgI9hQAncA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/954876-d45c-4669-a1cd-6cbc38d4ea4c/1/0v1ZVnqgUmXulKZqzxbKFvTqkbs.roa
Signing time: Mon 01 Jan 2024 02:29:27 +0000
ROA not before: Mon 01 Jan 2024 02:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211270
IP address blocks: 185.84.158.128/25 maxlen: 25
185.84.158.0/24 maxlen: 24
185.84.157.0/24 maxlen: 24
185.84.156.0/22 maxlen: 22
185.84.159.0/24 maxlen: 24
185.84.156.0/24 maxlen: 24
2a12:fac0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:c8:54:e7:6b:64:c8:ee:a8:43:cd:bb:3f:ec:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82fd6ce85e919ab9bfad3f32dd9808f614009dc0
Validity
Not Before: Jan 1 02:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2fd59567aa05265ee94a66acf16ca16f4ea91bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:15:c2:fc:8a:e6:00:f7:4c:93:4e:dc:b6:4f:
49:ac:35:e9:d8:5a:e0:bb:55:8f:c4:a6:e4:f1:9c:
1b:b6:dc:f9:f1:62:25:d4:9b:4a:d5:3a:63:08:6e:
78:9d:d6:90:a2:e6:a5:95:a1:27:3b:e4:c5:67:4a:
7a:22:87:24:b0:a2:8e:c2:f8:6c:ac:07:e3:e2:48:
7e:01:ca:f3:e7:17:88:2d:33:1b:c3:f5:b2:4c:57:
bd:56:ff:51:6d:a7:2a:d8:65:10:6f:7a:b6:03:8a:
c7:2b:65:3e:5c:44:7e:d0:d6:b1:39:4d:bd:4b:4c:
90:29:0f:fb:5c:21:bc:ab:00:8a:b2:2e:1f:14:5d:
6d:d6:4a:fe:a1:1a:6a:dc:cd:99:d1:a7:e6:b6:7d:
f4:bd:7f:be:a7:f2:b3:37:fe:d0:bf:da:90:8f:36:
b6:f8:1c:4a:4a:25:e4:82:78:7e:91:7c:96:b5:eb:
ce:2d:26:ea:99:57:94:c6:f4:b0:81:ef:46:3e:90:
ae:57:e7:28:cd:ff:50:78:45:e9:7e:43:b6:b4:fd:
67:a8:5e:9a:b0:2e:9b:56:e5:81:58:c3:0d:01:99:
f4:c7:d4:ab:65:80:cc:05:9a:f0:51:4f:10:19:f3:
46:c4:c7:c1:6a:dd:b7:f0:30:ce:6d:14:bc:88:1e:
68:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:FD:59:56:7A:A0:52:65:EE:94:A6:6A:CF:16:CA:16:F4:EA:91:BB
X509v3 Authority Key Identifier:
keyid:82:FD:6C:E8:5E:91:9A:B9:BF:AD:3F:32:DD:98:08:F6:14:00:9D:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gv1s6F6Rmrm_rT8y3ZgI9hQAncA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/954876-d45c-4669-a1cd-6cbc38d4ea4c/1/0v1ZVnqgUmXulKZqzxbKFvTqkbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/954876-d45c-4669-a1cd-6cbc38d4ea4c/1/gv1s6F6Rmrm_rT8y3ZgI9hQAncA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.156.0/22
IPv6:
2a12:fac0::/32
Signature Algorithm: sha256WithRSAEncryption
62:10:e5:ca:f3:69:c4:c3:55:df:22:eb:21:11:2a:86:fe:29:
3a:db:d7:fb:cd:6d:73:67:81:dc:1c:82:61:bf:5e:0f:1b:e1:
ed:25:08:32:36:12:c8:5e:59:a1:19:23:34:13:93:01:8c:08:
3c:f2:a0:ba:8a:f8:cb:26:91:24:35:cd:7f:0a:a1:3a:ed:c8:
6e:36:0e:6d:9d:02:40:ac:56:7e:bf:b1:8d:3f:2f:73:83:c7:
46:34:d6:d5:35:dc:9f:65:83:51:cc:ad:b8:1b:04:dd:30:de:
3b:11:5a:fd:5e:50:b4:56:af:29:e7:a5:32:c1:00:cd:d1:68:
bb:1d:01:2d:fe:98:f6:f7:d4:a2:fc:91:8f:d6:d8:32:a6:48:
ca:5f:87:a3:aa:df:07:a1:49:a6:5e:9f:0b:4b:fa:a1:6e:44:
22:1a:ec:e4:b5:8c:9a:2f:6c:48:19:33:ff:fa:db:3f:86:d0:
71:63:8e:b6:a7:06:43:1c:f7:43:0e:e2:46:fd:ee:6c:22:05:
0d:21:6b:98:d1:b3:77:ea:c1:e4:c1:a5:f5:55:41:5c:61:a3:
8d:f4:13:5b:70:df:7c:9c:0c:e3:ce:d2:d4:75:9e:f5:03:9f:
7d:2b:38:a4:22:9e:ec:7c:98:9f:ee:12:70:41:b7:82:9e:39:
da:35:d5:50
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2shU52tkyO6oQ827P+xBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZmQ2Y2U4NWU5MTlhYjliZmFkM2YzMmRkOTgwOGY2MTQw
MDlkYzAwHhcNMjQwMTAxMDIyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmZkNTk1NjdhYTA1MjY1ZWU5NGE2NmFjZjE2Y2ExNmY0ZWE5MWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghXC/IrmAPdMk07ctk9JrDXp2Frg
u1WPxKbk8Zwbttz58WIl1JtK1TpjCG54ndaQouallaEnO+TFZ0p6IocksKKOwvhs
rAfj4kh+Acrz5xeILTMbw/WyTFe9Vv9Rbacq2GUQb3q2A4rHK2U+XER+0NaxOU29
S0yQKQ/7XCG8qwCKsi4fFF1t1kr+oRpq3M2Z0afmtn30vX++p/KzN/7Qv9qQjza2
+BxKSiXkgnh+kXyWtevOLSbqmVeUxvSwge9GPpCuV+cozf9QeEXpfkO2tP1nqF6a
sC6bVuWBWMMNAZn0x9SrZYDMBZrwUU8QGfNGxMfBat238DDObRS8iB5oyQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNL9WVZ6oFJl7pSmas8Wyhb06pG7MB8GA1UdIwQY
MBaAFIL9bOhekZq5v60/Mt2YCPYUAJ3AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3YxczZGNlJtcm1fclQ4eTNaZ0k5aFFBbmNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS85NTQ4NzYtZDQ1Yy00NjY5LWExY2Qt
NmNiYzM4ZDRlYTRjLzEvMHYxWlZucWdVbVh1bEtacXp4YktGdlRxa2JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS85NTQ4NzYtZDQ1Yy00NjY5LWExY2QtNmNiYzM4ZDRlYTRj
LzEvZ3YxczZGNlJtcm1fclQ4eTNaZ0k5aFFBbmNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVScMA0E
AgACMAcDBQAqEvrAMA0GCSqGSIb3DQEBCwUAA4IBAQBiEOXK82nEw1XfIushESqG
/ik629f7zW1zZ4HcHIJhv14PG+HtJQgyNhLIXlmhGSM0E5MBjAg88qC6ivjLJpEk
Nc1/CqE67chuNg5tnQJArFZ+v7GNPy9zg8dGNNbVNdyfZYNRzK24GwTdMN47EVr9
XlC0Vq8p56UywQDN0Wi7HQEt/pj299Si/JGP1tgypkjKX4ejqt8HoUmmXp8LS/qh
bkQiGuzktYyaL2xIGTP/+ts/htBxY462pwZDHPdDDuJG/e5sIgUNIWuY0bN36sHk
waX1VUFcYaON9BNbcN98nAzjztLUdZ71A599KzikIp7sfJif7hJwQbeCnjnaNdVQ
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:53:50 2025 by rpki-client