Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/53a03e-5571-456f-88a6-831817955d33/1/0cv6pnoqEaLx-XOXEdNiD2K1yF8.roa
File: 0cv6pnoqEaLx-XOXEdNiD2K1yF8.roa (raw, json)
Hash identifier: lq7CiIc5aPQgnwh3zsqHYTZ3PO9YHHlD8OV9E7AF4xA=
Subject key identifier: D1:CB:FA:A6:7A:2A:11:A2:F1:F9:73:97:11:D3:62:0F:62:B5:C8:5F
Certificate issuer: /CN=77c51066d4f53dae10e69674dced3f032dd72efd
Certificate serial: 013875AE
Authority key identifier: 77:C5:10:66:D4:F5:3D:AE:10:E6:96:74:DC:ED:3F:03:2D:D7:2E:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d8UQZtT1Pa4Q5pZ03O0_Ay3XLv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/53a03e-5571-456f-88a6-831817955d33/1/0cv6pnoqEaLx-XOXEdNiD2K1yF8.roa
Signing time: Sat 01 Jan 2022 11:02:08 +0000
ROA not before: Sat 01 Jan 2022 11:02:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 185.138.166.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20477358 (0x13875ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77c51066d4f53dae10e69674dced3f032dd72efd
Validity
Not Before: Jan 1 11:02:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d1cbfaa67a2a11a2f1f9739711d3620f62b5c85f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:35:a4:f1:72:15:5e:e8:ba:70:22:38:90:39:
6c:a2:a1:49:4a:6b:f9:bc:fa:dd:00:35:41:af:40:
46:d7:cd:dc:ea:68:69:05:79:f9:08:f9:74:da:9e:
b3:6b:16:86:6e:aa:07:ba:dd:e2:dc:04:7e:d0:eb:
cb:9b:f9:07:22:f2:e7:23:d5:43:3b:54:be:4f:ad:
3e:4e:43:b2:31:a2:13:b4:f7:39:d7:c4:1a:8c:9a:
82:f9:08:8c:d7:56:4a:c4:33:98:99:c3:3d:c5:93:
d8:46:46:b9:74:fb:50:c9:9c:40:c1:1e:df:28:db:
15:4e:f2:f2:b6:23:eb:09:92:33:f7:44:c6:63:54:
f3:7e:0d:a1:1d:db:27:35:ca:96:63:6e:1f:4a:0a:
52:46:c4:33:f1:43:37:ae:90:0d:25:cb:1a:cb:a7:
d3:ca:45:0f:19:a2:39:a7:3e:01:6f:cf:32:c5:0c:
db:be:45:ba:e5:9c:98:ad:c6:ca:30:62:03:40:c7:
f2:7b:0f:3e:bd:9f:3e:61:b1:cb:64:ca:4c:04:5b:
2e:78:f5:fa:7a:76:48:3b:9b:35:e2:ad:33:60:b2:
dc:8c:42:71:57:ef:80:06:c0:96:85:de:b1:bc:2f:
c2:f8:e2:ab:78:4f:65:4f:83:ea:c3:6a:5d:54:78:
8b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:CB:FA:A6:7A:2A:11:A2:F1:F9:73:97:11:D3:62:0F:62:B5:C8:5F
X509v3 Authority Key Identifier:
keyid:77:C5:10:66:D4:F5:3D:AE:10:E6:96:74:DC:ED:3F:03:2D:D7:2E:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8UQZtT1Pa4Q5pZ03O0_Ay3XLv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/53a03e-5571-456f-88a6-831817955d33/1/0cv6pnoqEaLx-XOXEdNiD2K1yF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/53a03e-5571-456f-88a6-831817955d33/1/d8UQZtT1Pa4Q5pZ03O0_Ay3XLv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.166.0/24
Signature Algorithm: sha256WithRSAEncryption
61:cd:ae:6c:4c:d5:cf:93:ae:99:73:71:71:eb:d7:c7:7d:01:
e9:03:aa:2d:81:76:b3:67:91:2f:ca:80:18:d6:57:4b:ec:bf:
a9:29:c7:0f:50:b4:2e:17:ae:24:85:7d:ff:2c:11:bc:c1:08:
ea:a1:2a:b1:bd:97:08:41:30:cd:b2:de:a0:9e:2e:4b:da:0d:
87:1f:64:ad:55:f1:60:f5:07:2f:c9:33:5b:66:74:c1:97:76:
6b:2f:f8:13:4f:8d:5a:4e:3f:fe:ab:4f:4f:f0:2c:62:69:80:
88:35:53:41:2b:fc:13:20:60:08:48:30:b0:46:fd:72:85:c9:
b6:6b:fe:04:c7:27:ec:37:a4:32:a3:15:de:7d:b8:80:32:29:
20:07:e3:d6:28:65:ed:7d:a7:8f:c9:00:4c:6f:30:5c:55:f1:
4e:7f:6e:ed:be:50:21:4a:cb:02:60:a9:3f:29:b3:88:f4:6c:
a2:57:59:39:6b:44:ef:97:d3:6d:72:9a:70:b2:aa:05:f5:fe:
f6:e8:43:96:87:82:1d:c3:7a:40:e2:28:af:a5:53:9d:20:ed:
66:b1:a3:b2:c9:90:06:04:4e:a7:8c:aa:ee:fc:6b:43:5d:80:
69:b0:ce:3b:e9:7f:43:50:c2:63:32:ee:ce:65:02:fd:38:90:
61:ce:2b:6e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEATh1rjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
N2M1MTA2NmQ0ZjUzZGFlMTBlNjk2NzRkY2VkM2YwMzJkZDcyZWZkMB4XDTIyMDEw
MTExMDIwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDFjYmZhYTY3YTJh
MTFhMmYxZjk3Mzk3MTFkMzYyMGY2MmI1Yzg1ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL41pPFyFV7ounAiOJA5bKKhSUpr+bz63QA1Qa9ARtfN3Opo
aQV5+Qj5dNqes2sWhm6qB7rd4twEftDry5v5ByLy5yPVQztUvk+tPk5DsjGiE7T3
OdfEGoyagvkIjNdWSsQzmJnDPcWT2EZGuXT7UMmcQMEe3yjbFU7y8rYj6wmSM/dE
xmNU834NoR3bJzXKlmNuH0oKUkbEM/FDN66QDSXLGsun08pFDxmiOac+AW/PMsUM
275FuuWcmK3GyjBiA0DH8nsPPr2fPmGxy2TKTARbLnj1+np2SDubNeKtM2Cy3IxC
cVfvgAbAloXesbwvwvjiq3hPZU+D6sNqXVR4i8UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTRy/qmeioRovH5c5cR02IPYrXIXzAfBgNVHSMEGDAWgBR3xRBm1PU9rhDm
lnTc7T8DLdcu/TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Q4VVFadFQxUGE0UTVwWjAzTzBfQXkzWEx2MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvNTNhMDNlLTU1NzEtNDU2Zi04OGE2LTgzMTgxNzk1NWQzMy8x
LzBjdjZwbm9xRWFMeC1YT1hFZE5pRDJLMXlGOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Iv
NTNhMDNlLTU1NzEtNDU2Zi04OGE2LTgzMTgxNzk1NWQzMy8xL2Q4VVFadFQxUGE0
UTVwWjAzTzBfQXkzWEx2MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmKpjANBgkqhkiG9w0BAQsFAAOC
AQEAYc2ubEzVz5OumXNxcevXx30B6QOqLYF2s2eRL8qAGNZXS+y/qSnHD1C0Lheu
JIV9/ywRvMEI6qEqsb2XCEEwzbLeoJ4uS9oNhx9krVXxYPUHL8kzW2Z0wZd2ay/4
E0+NWk4//qtPT/AsYmmAiDVTQSv8EyBgCEgwsEb9coXJtmv+BMcn7DekMqMV3n24
gDIpIAfj1ihl7X2nj8kATG8wXFXxTn9u7b5QIUrLAmCpPymziPRsoldZOWtE75fT
bXKacLKqBfX+9uhDloeCHcN6QOIor6VTnSDtZrGjssmQBgROp4yq7vxrQ12AabDO
O+l/Q1DCYzLuzmUC/TiQYc4rbg==
-----END CERTIFICATE-----
Generated at Tue Apr 22 05:50:25 2025 by rpki-client