Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/cd5c51-aff5-45f8-9612-dd3ddb62c719/1/s1rmXVRoFiirg7_oUaWbSvqWud0.roa
File: s1rmXVRoFiirg7_oUaWbSvqWud0.roa (raw, json)
Hash identifier: O9/aTDxA+eLA28kXWKTkjK89xVNQvNE3s8g87rzLvJI=
Subject key identifier: B3:5A:E6:5D:54:68:16:28:AB:83:BF:E8:51:A5:9B:4A:FA:96:B9:DD
Certificate issuer: /CN=36b59523fd549f1b4b653d3c1040ff516db6e999
Certificate serial: 0185728C8BA8969969F5539D5F80D47E1210
Authority key identifier: 36:B5:95:23:FD:54:9F:1B:4B:65:3D:3C:10:40:FF:51:6D:B6:E9:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NrWVI_1UnxtLZT08EED_UW226Zk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/cd5c51-aff5-45f8-9612-dd3ddb62c719/1/s1rmXVRoFiirg7_oUaWbSvqWud0.roa
Signing time: Mon 02 Jan 2023 12:54:51 +0000
ROA not before: Mon 02 Jan 2023 12:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211096
IP address blocks: 185.161.121.0/24 maxlen: 24
2a11:9600::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:8b:a8:96:99:69:f5:53:9d:5f:80:d4:7e:12:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36b59523fd549f1b4b653d3c1040ff516db6e999
Validity
Not Before: Jan 2 12:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b35ae65d54681628ab83bfe851a59b4afa96b9dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:24:58:1b:00:b9:b5:df:cf:a2:d6:4c:1c:c2:
8a:4d:35:a2:0b:79:b3:af:00:f2:95:21:68:1f:12:
5a:bf:fa:78:2c:a9:ec:59:7a:8b:d5:30:aa:ab:e7:
a6:94:20:78:69:72:51:76:8d:83:be:d8:98:7f:24:
67:07:93:b1:08:17:d7:d5:b3:5d:7b:b0:fe:96:71:
98:10:9c:30:66:fb:74:94:24:49:c5:76:fe:1a:9b:
56:cb:60:9f:a3:7c:d1:5d:d1:7f:00:37:f6:59:75:
a8:71:d1:69:2c:25:76:76:67:03:42:0d:e7:c1:f7:
c3:28:6a:ad:49:3e:46:5c:5a:bd:60:5f:71:77:a6:
dc:90:77:8d:ef:e7:6a:3f:f6:9d:6a:67:75:bc:be:
1f:22:bb:55:4d:c9:63:b6:0b:f3:1b:60:83:97:4e:
24:22:55:29:dc:39:53:96:84:fc:d9:f6:a7:ad:69:
c3:94:34:d6:56:77:52:b3:12:64:bb:4a:16:c8:25:
e5:b8:7f:d7:1c:68:6d:c6:60:7a:84:20:66:aa:8f:
f8:72:4a:ba:0a:f3:16:8e:44:ba:51:53:51:35:db:
83:e9:ec:bf:81:47:ff:50:2b:49:a3:0f:3c:0b:0d:
c6:61:f2:01:ec:61:99:3a:e9:00:9f:a6:01:42:ca:
1b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:5A:E6:5D:54:68:16:28:AB:83:BF:E8:51:A5:9B:4A:FA:96:B9:DD
X509v3 Authority Key Identifier:
keyid:36:B5:95:23:FD:54:9F:1B:4B:65:3D:3C:10:40:FF:51:6D:B6:E9:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NrWVI_1UnxtLZT08EED_UW226Zk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/cd5c51-aff5-45f8-9612-dd3ddb62c719/1/s1rmXVRoFiirg7_oUaWbSvqWud0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/cd5c51-aff5-45f8-9612-dd3ddb62c719/1/NrWVI_1UnxtLZT08EED_UW226Zk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.121.0/24
IPv6:
2a11:9600::/29
Signature Algorithm: sha256WithRSAEncryption
32:63:ab:f1:f2:66:59:97:eb:46:3c:7c:9b:84:90:9a:83:29:
32:d4:ab:8b:85:bb:a3:26:79:50:e0:a5:83:87:d7:05:ea:25:
2a:93:a7:82:4c:09:ea:57:80:59:8a:1b:5d:72:9a:8b:e7:90:
12:16:54:89:89:51:e0:e8:6b:d9:35:f5:5a:73:bc:df:20:4b:
63:5b:b3:62:33:8d:6b:09:1b:9b:a3:35:bb:03:6f:bf:de:2e:
96:19:15:54:36:b7:d7:2f:1b:0f:f8:b7:c4:da:39:b9:6b:a5:
a2:15:31:0c:9e:20:c2:41:51:84:ed:9e:68:58:e0:83:e9:d6:
75:eb:a5:93:10:95:95:d6:60:b5:8b:54:c2:e1:3d:6e:a1:d1:
3b:9e:3e:82:4c:72:b8:e3:aa:d2:e2:55:64:ab:fc:e9:62:cd:
37:c4:65:01:5d:0a:b0:19:f8:fc:d4:c5:8a:14:e6:11:eb:2d:
fa:2b:89:3b:04:01:ba:c8:87:09:e2:7a:78:bc:51:53:ee:2d:
02:29:4f:46:9f:ea:ae:70:7d:08:64:33:32:11:bf:97:cc:b0:
f4:c6:b8:b7:da:2d:88:5d:a3:6e:21:ad:03:17:e9:0c:c8:8d:
9e:d9:a7:5a:d0:91:67:dd:2e:54:4a:52:2e:24:73:04:d6:93:
4a:6a:70:36
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyjIuolplp9VOdX4DUfhIQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YjU5NTIzZmQ1NDlmMWI0YjY1M2QzYzEwNDBmZjUxNmRi
NmU5OTkwHhcNMjMwMTAyMTI1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzVhZTY1ZDU0NjgxNjI4YWI4M2JmZTg1MWE1OWI0YWZhOTZiOWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiRYGwC5td/PotZMHMKKTTWiC3mz
rwDylSFoHxJav/p4LKnsWXqL1TCqq+emlCB4aXJRdo2DvtiYfyRnB5OxCBfX1bNd
e7D+lnGYEJwwZvt0lCRJxXb+GptWy2Cfo3zRXdF/ADf2WXWocdFpLCV2dmcDQg3n
wffDKGqtST5GXFq9YF9xd6bckHeN7+dqP/adamd1vL4fIrtVTcljtgvzG2CDl04k
IlUp3DlTloT82fanrWnDlDTWVndSsxJku0oWyCXluH/XHGhtxmB6hCBmqo/4ckq6
CvMWjkS6UVNRNduD6ey/gUf/UCtJow88Cw3GYfIB7GGZOukAn6YBQsobqQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLNa5l1UaBYoq4O/6FGlm0r6lrndMB8GA1UdIwQY
MBaAFDa1lSP9VJ8bS2U9PBBA/1FttumZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnJXVklfMVVueHRMWlQwOEVFRF9VVzIyNlprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9jZDVjNTEtYWZmNS00NWY4LTk2MTIt
ZGQzZGRiNjJjNzE5LzEvczFybVhWUm9GaWlyZzdfb1VhV2JTdnFXdWQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9jZDVjNTEtYWZmNS00NWY4LTk2MTItZGQzZGRiNjJjNzE5
LzEvTnJXVklfMVVueHRMWlQwOEVFRF9VVzIyNlprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuaF5MA0E
AgACMAcDBQMqEZYAMA0GCSqGSIb3DQEBCwUAA4IBAQAyY6vx8mZZl+tGPHybhJCa
gyky1KuLhbujJnlQ4KWDh9cF6iUqk6eCTAnqV4BZihtdcpqL55ASFlSJiVHg6GvZ
NfVac7zfIEtjW7NiM41rCRubozW7A2+/3i6WGRVUNrfXLxsP+LfE2jm5a6WiFTEM
niDCQVGE7Z5oWOCD6dZ166WTEJWV1mC1i1TC4T1uodE7nj6CTHK446rS4lVkq/zp
Ys03xGUBXQqwGfj81MWKFOYR6y36K4k7BAG6yIcJ4np4vFFT7i0CKU9Gn+qucH0I
ZDMyEb+XzLD0xri32i2IXaNuIa0DF+kMyI2e2ada0JFn3S5USlIuJHME1pNKanA2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:33 2024 by rpki-client on console-fra.rpki-client.org