Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/cd5c51-aff5-45f8-9612-dd3ddb62c719/1/1-2DOdG0jprV3Z4XjCZCeJDt-ClQ.roa
File: 1-2DOdG0jprV3Z4XjCZCeJDt-ClQ.roa (raw, json)
Hash identifier: D+bEq7jglMRSV0LPOTN+x3IB30Kfhn3Gno1TrnebmfA=
Subject key identifier: FB:60:CE:74:6D:23:A6:B5:77:67:85:E3:09:90:9E:24:3B:7E:0A:54
Certificate issuer: /CN=36b59523fd549f1b4b653d3c1040ff516db6e999
Certificate serial: 0185728C8AB02BEC8973911AE49705C73434
Authority key identifier: 36:B5:95:23:FD:54:9F:1B:4B:65:3D:3C:10:40:FF:51:6D:B6:E9:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NrWVI_1UnxtLZT08EED_UW226Zk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/cd5c51-aff5-45f8-9612-dd3ddb62c719/1/1-2DOdG0jprV3Z4XjCZCeJDt-ClQ.roa
Signing time: Mon 02 Jan 2023 12:54:51 +0000
ROA not before: Mon 02 Jan 2023 12:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 185.161.121.0/24 maxlen: 24
2a11:9600::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:8a:b0:2b:ec:89:73:91:1a:e4:97:05:c7:34:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36b59523fd549f1b4b653d3c1040ff516db6e999
Validity
Not Before: Jan 2 12:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb60ce746d23a6b5776785e309909e243b7e0a54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:2e:b4:12:77:af:f3:f0:5a:46:21:7f:9c:17:
ec:1c:49:c1:86:ee:3a:05:18:28:e4:d0:f7:88:86:
12:af:c4:a5:36:34:65:1b:db:1f:b0:9c:91:ef:9d:
e2:49:2f:8d:cb:cb:12:83:9d:b7:72:20:a5:d2:6a:
5d:d2:40:ec:dc:91:d1:15:12:7c:3c:e7:98:51:92:
15:44:6a:a8:61:f1:e4:df:7d:19:4a:45:57:a3:d8:
a7:9f:dc:a9:ca:86:64:6b:ac:62:16:98:0f:d8:90:
e2:f0:3e:6e:e3:de:7f:24:59:03:ed:ab:e7:33:a6:
55:1e:5f:cb:65:d1:c4:2e:e5:80:56:09:e3:75:b8:
e6:43:10:75:b0:f4:7b:1b:a7:9e:7a:9a:bb:42:0c:
8a:02:8f:b9:9e:2b:09:bd:26:a1:97:ef:99:34:7c:
d6:2c:34:10:95:6c:8f:7d:b9:11:83:0f:f0:58:12:
b2:5c:fb:fe:43:04:d8:c4:3b:60:ad:8c:e3:a9:11:
f1:33:66:09:e7:2a:f0:be:5a:9e:19:e6:f2:63:31:
a2:21:61:b4:e8:63:8a:e3:44:4e:68:72:fd:7d:a0:
82:7b:ea:39:27:37:12:53:a5:94:37:50:dc:24:b7:
69:25:31:65:fc:a5:c8:ed:f6:57:63:d5:36:aa:88:
5f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:60:CE:74:6D:23:A6:B5:77:67:85:E3:09:90:9E:24:3B:7E:0A:54
X509v3 Authority Key Identifier:
keyid:36:B5:95:23:FD:54:9F:1B:4B:65:3D:3C:10:40:FF:51:6D:B6:E9:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NrWVI_1UnxtLZT08EED_UW226Zk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/cd5c51-aff5-45f8-9612-dd3ddb62c719/1/1-2DOdG0jprV3Z4XjCZCeJDt-ClQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/cd5c51-aff5-45f8-9612-dd3ddb62c719/1/NrWVI_1UnxtLZT08EED_UW226Zk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.121.0/24
IPv6:
2a11:9600::/29
Signature Algorithm: sha256WithRSAEncryption
0b:f7:07:a6:49:ec:10:ff:7e:9a:53:53:7d:1f:5a:77:86:46:
c2:a9:b9:3e:46:db:96:89:a4:ce:d7:c8:e2:88:2a:4c:d2:1c:
81:63:6c:48:a7:93:f4:77:2c:b3:3e:1c:66:be:06:85:ec:8f:
3c:e4:0e:8c:5b:36:1d:af:63:49:94:a4:cc:a7:19:1a:f7:5d:
6e:14:80:05:2a:12:c3:08:7c:b8:86:cb:9d:13:bd:65:5f:3e:
43:d3:e3:27:79:48:4b:82:eb:ae:b0:fd:c4:7e:b7:12:5d:39:
1c:89:a4:2c:ee:8e:34:c9:8a:62:61:49:ea:91:fd:7d:c9:5d:
ef:d0:c7:bf:92:db:78:b8:f1:bc:cb:a7:e6:80:86:b9:fb:53:
e4:45:18:4f:80:3a:64:ce:fe:26:f2:4e:a0:0a:27:87:b3:8a:
70:63:97:51:37:7d:cc:53:61:d5:fd:a0:61:2e:ab:c1:95:81:
78:ec:be:dc:0e:cf:32:32:c3:43:b9:30:70:8a:e6:a9:0f:21:
98:97:a6:d5:c3:f2:90:41:8a:b2:0e:07:43:b4:99:98:92:8a:
c8:d2:31:4e:bf:30:fd:44:bf:7a:6b:72:f7:74:f2:09:58:12:
54:3e:f0:1d:af:9e:9e:2c:2a:7d:94:6d:0b:bf:c5:9f:78:c1:
8a:ad:b1:bd
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVyjIqwK+yJc5Ea5JcFxzQ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YjU5NTIzZmQ1NDlmMWI0YjY1M2QzYzEwNDBmZjUxNmRi
NmU5OTkwHhcNMjMwMTAyMTI1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjYwY2U3NDZkMjNhNmI1Nzc2Nzg1ZTMwOTkwOWUyNDNiN2UwYTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhS60Enev8/BaRiF/nBfsHEnBhu46
BRgo5ND3iIYSr8SlNjRlG9sfsJyR753iSS+Ny8sSg523ciCl0mpd0kDs3JHRFRJ8
POeYUZIVRGqoYfHk330ZSkVXo9inn9ypyoZka6xiFpgP2JDi8D5u495/JFkD7avn
M6ZVHl/LZdHELuWAVgnjdbjmQxB1sPR7G6eeepq7QgyKAo+5nisJvSahl++ZNHzW
LDQQlWyPfbkRgw/wWBKyXPv+QwTYxDtgrYzjqRHxM2YJ5yrwvlqeGebyYzGiIWG0
6GOK40ROaHL9faCCe+o5JzcSU6WUN1DcJLdpJTFl/KXI7fZXY9U2qohfvQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPtgznRtI6a1d2eF4wmQniQ7fgpUMB8GA1UdIwQY
MBaAFDa1lSP9VJ8bS2U9PBBA/1FttumZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnJXVklfMVVueHRMWlQwOEVFRF9VVzIyNlprLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9jZDVjNTEtYWZmNS00NWY4LTk2MTIt
ZGQzZGRiNjJjNzE5LzEvMS0yRE9kRzBqcHJWM1o0WGpDWkNlSkR0LUNsUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2YvY2Q1YzUxLWFmZjUtNDVmOC05NjEyLWRkM2RkYjYyYzcx
OS8xL05yV1ZJXzFVbnh0TFpUMDhFRURfVVcyMjZaay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALmheTAN
BAIAAjAHAwUDKhGWADANBgkqhkiG9w0BAQsFAAOCAQEAC/cHpknsEP9+mlNTfR9a
d4ZGwqm5PkbblomkztfI4ogqTNIcgWNsSKeT9Hcssz4cZr4GheyPPOQOjFs2Ha9j
SZSkzKcZGvddbhSABSoSwwh8uIbLnRO9ZV8+Q9PjJ3lIS4LrrrD9xH63El05HImk
LO6ONMmKYmFJ6pH9fcld79DHv5LbeLjxvMun5oCGuftT5EUYT4A6ZM7+JvJOoAon
h7OKcGOXUTd9zFNh1f2gYS6rwZWBeOy+3A7PMjLDQ7kwcIrmqQ8hmJem1cPykEGK
sg4HQ7SZmJKKyNIxTr8w/US/emty93TyCVgSVD7wHa+eniwqfZRtC7/Fn3jBiq2x
vQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:12 2025 by rpki-client