Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/m98lVq0kGkp5maBseiZ6_NcMkFc.roa
File: m98lVq0kGkp5maBseiZ6_NcMkFc.roa (raw, json)
Hash identifier: zw8QL5Nl2o1RGivnyvxTxOJY1+qfb2jBwiCov1mk2Og=
Subject key identifier: 9B:DF:25:56:AD:24:1A:4A:79:99:A0:6C:7A:26:7A:FC:D7:0C:90:57
Certificate issuer: /CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Certificate serial: 0BC65E2F
Authority key identifier: D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/m98lVq0kGkp5maBseiZ6_NcMkFc.roa
Signing time: Tue 21 Jun 2022 14:42:44 +0000
ROA not before: Tue 21 Jun 2022 14:42:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201925
IP address blocks: 217.117.132.0/22 maxlen: 22
185.165.151.0/24 maxlen: 24
2001:67c:2fd0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 197549615 (0xbc65e2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Validity
Not Before: Jun 21 14:42:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9bdf2556ad241a4a7999a06c7a267afcd70c9057
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:66:a4:b9:8d:32:2c:89:d8:80:09:26:f6:43:
32:d1:d0:55:eb:f3:ca:e1:b3:57:cc:85:7e:47:a4:
be:aa:20:f9:9f:66:0f:c4:a0:4c:b5:41:72:62:a5:
6d:0b:09:7e:43:ec:19:6e:3f:09:d8:b1:7b:2b:ce:
05:16:47:9e:01:02:f1:d5:5a:a9:cd:a4:c7:b3:7b:
1c:09:9e:1f:d5:d7:1f:dc:10:85:f5:4e:f7:f2:1b:
4c:90:83:c6:37:ac:fd:b0:d1:46:58:03:25:df:16:
5f:10:b8:42:f6:a6:53:bd:23:c3:d6:78:b1:11:90:
78:51:5d:aa:da:da:eb:c4:35:2f:e6:68:2e:4a:f8:
0f:15:e6:26:3b:6e:ad:02:99:f3:7e:a9:e0:86:94:
47:82:57:62:c7:d8:b7:0a:f8:9c:c5:46:73:d9:d7:
f3:13:0b:cd:76:3b:4a:74:24:45:c8:22:38:2f:be:
4f:7f:bc:d0:ca:47:21:3a:69:56:c6:9d:35:d2:78:
82:0b:6f:72:5f:a1:d8:f2:aa:43:43:41:7d:57:f0:
8b:97:5a:bf:94:b0:15:e1:a8:ea:6f:21:2d:94:c1:
54:db:0c:3a:17:ba:71:6e:38:d9:36:33:9c:78:63:
94:72:9d:6b:1b:8c:f6:86:d1:76:19:b0:83:1e:5d:
54:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:DF:25:56:AD:24:1A:4A:79:99:A0:6C:7A:26:7A:FC:D7:0C:90:57
X509v3 Authority Key Identifier:
keyid:D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/m98lVq0kGkp5maBseiZ6_NcMkFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.151.0/24
217.117.132.0/22
IPv6:
2001:67c:2fd0::/48
Signature Algorithm: sha256WithRSAEncryption
20:1b:79:39:e1:da:fb:95:de:b9:cb:a4:c8:d3:34:a1:52:18:
a8:3c:cf:f1:87:11:41:65:57:bd:ad:2c:9b:25:04:c0:ab:01:
6f:27:bd:6d:4b:0f:14:90:5d:35:69:3e:60:22:c8:ae:ed:48:
13:61:eb:7a:7b:81:7f:0e:9d:fa:f6:58:dc:a7:98:88:d9:23:
18:4f:1c:1f:db:59:fa:9a:b3:dc:ef:c5:0b:81:c5:dc:38:ac:
f4:fa:cf:e8:c8:50:14:c7:c8:76:b4:76:48:e0:83:a0:5b:af:
83:79:fa:88:37:5f:63:37:42:25:08:f6:5b:2b:1b:bd:0f:17:
cd:0a:d6:d4:2e:5a:02:d0:a4:df:03:2f:ad:c7:ce:6e:d8:63:
66:61:b9:8a:4c:e5:f8:ac:ed:3e:86:86:41:46:6d:7a:cc:70:
3a:2a:e7:f2:bb:d6:b7:9d:26:17:0d:53:a9:f9:fc:78:05:38:
0b:f2:78:c1:ac:c3:f8:9d:5c:52:8d:de:c5:1c:f5:46:4a:e4:
10:0e:12:98:28:71:37:41:d4:4f:bc:cf:76:b7:27:39:75:26:
90:bb:95:04:bb:a8:bc:4d:b6:d6:89:a1:87:a6:58:f6:a6:2b:
ff:20:11:2b:77:fc:63:ee:5b:f8:10:35:b2:db:62:c4:ed:37:
89:4a:8b:04
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEC8ZeLzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
M2Q1NmYwN2JlMTg0Y2JhNTJmNmZkYzA0OWU4MTE0ZDI2MTZjMzJhMB4XDTIyMDYy
MTE0NDI0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWJkZjI1NTZhZDI0
MWE0YTc5OTlhMDZjN2EyNjdhZmNkNzBjOTA1NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM1mpLmNMiyJ2IAJJvZDMtHQVevzyuGzV8yFfkekvqog+Z9m
D8SgTLVBcmKlbQsJfkPsGW4/CdixeyvOBRZHngEC8dVaqc2kx7N7HAmeH9XXH9wQ
hfVO9/IbTJCDxjes/bDRRlgDJd8WXxC4QvamU70jw9Z4sRGQeFFdqtra68Q1L+Zo
Lkr4DxXmJjturQKZ836p4IaUR4JXYsfYtwr4nMVGc9nX8xMLzXY7SnQkRcgiOC++
T3+80MpHITppVsadNdJ4ggtvcl+h2PKqQ0NBfVfwi5dav5SwFeGo6m8hLZTBVNsM
Ohe6cW442TYznHhjlHKdaxuM9obRdhmwgx5dVMkCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBSb3yVWrSQaSnmZoGx6Jnr81wyQVzAfBgNVHSMEGDAWgBTT1W8HvhhMulL2
/cBJ6BFNJhbDKjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzA5VnZCNzRZVExwUzl2M0FTZWdSVFNZV3d5by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvNTc4NmFiLTA2N2UtNDQwYy1iMjc2LTFiMDZkMWM3MDRjMS8x
L205OGxWcTBrR2twNW1hQnNlaVo2X05jTWtGYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
NTc4NmFiLTA2N2UtNDQwYy1iMjc2LTFiMDZkMWM3MDRjMS8xLzA5VnZCNzRZVExw
Uzl2M0FTZWdSVFNZV3d5by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEALmllwMEAtl1hDAPBAIAAjAJAwcA
IAEGfC/QMA0GCSqGSIb3DQEBCwUAA4IBAQAgG3k54dr7ld65y6TI0zShUhioPM/x
hxFBZVe9rSybJQTAqwFvJ71tSw8UkF01aT5gIsiu7UgTYet6e4F/Dp369ljcp5iI
2SMYTxwf21n6mrPc78ULgcXcOKz0+s/oyFAUx8h2tHZI4IOgW6+DefqIN19jN0Il
CPZbKxu9DxfNCtbULloC0KTfAy+tx85u2GNmYbmKTOX4rO0+hoZBRm16zHA6Kufy
u9a3nSYXDVOp+fx4BTgL8njBrMP4nVxSjd7FHPVGSuQQDhKYKHE3QdRPvM92tyc5
dSaQu5UEu6i8TbbWiaGHplj2piv/IBErd/xj7lv4EDWy22LE7TeJSosE
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:52 2025 by rpki-client