Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/d2354a-f3c2-41d5-b292-a9d267acf664/1/sYwqpJAH6xt25FV658_Z0b8PqQ4.roa
File: sYwqpJAH6xt25FV658_Z0b8PqQ4.roa (raw, json)
Hash identifier: nTc7YSWaucHsViUALBoDYtryVR1AkC4pCCvnaDdeVwQ=
Subject key identifier: B1:8C:2A:A4:90:07:EB:1B:76:E4:55:7A:E7:CF:D9:D1:BF:0F:A9:0E
Certificate issuer: /CN=29e46e75865e8d4a081e4b5dda46d3c94003679b
Certificate serial: 01942444A1F945E78922ECA00EC7FF216F99
Authority key identifier: 29:E4:6E:75:86:5E:8D:4A:08:1E:4B:5D:DA:46:D3:C9:40:03:67:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KeRudYZejUoIHktd2kbTyUADZ5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/d2354a-f3c2-41d5-b292-a9d267acf664/1/sYwqpJAH6xt25FV658_Z0b8PqQ4.roa
Signing time: Wed 01 Jan 2025 23:47:45 +0000
ROA not before: Wed 01 Jan 2025 23:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43783
IP address blocks: 185.167.56.0/22 maxlen: 22
185.167.56.0/24 maxlen: 24
185.167.57.0/24 maxlen: 24
185.167.58.0/24 maxlen: 24
185.167.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:a1:f9:45:e7:89:22:ec:a0:0e:c7:ff:21:6f:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29e46e75865e8d4a081e4b5dda46d3c94003679b
Validity
Not Before: Jan 1 23:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b18c2aa49007eb1b76e4557ae7cfd9d1bf0fa90e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f8:0a:a7:c8:bc:77:8e:30:eb:1b:98:4e:d3:
26:fe:00:e5:77:37:1a:5c:12:e2:d5:84:13:9e:fe:
e6:b7:26:a9:23:51:95:83:d9:0f:4b:92:eb:63:15:
0e:5b:5a:07:96:07:d5:c9:d6:96:56:1d:70:5c:3d:
8c:95:ad:61:23:18:71:f3:24:ed:02:54:60:b7:d9:
8f:10:c0:f8:bd:0c:43:a4:50:ce:c4:55:74:3b:01:
de:cb:5f:a1:59:6f:11:7c:28:6e:1b:be:88:9d:59:
a6:ed:bc:5f:bd:13:60:d9:d7:64:33:72:90:ed:55:
5a:1d:ca:c0:1b:7c:a1:48:1a:1c:5a:24:16:4c:49:
f8:15:12:73:24:de:e0:f2:88:fb:e4:2e:1b:f1:1b:
92:d5:48:42:9f:16:9b:9f:f4:b0:ef:15:46:70:1a:
8c:df:94:1f:09:5c:46:b0:96:da:12:4f:6d:79:ce:
f3:ee:8b:8d:3f:11:07:44:bd:b5:ce:c4:8a:a4:81:
6b:a2:48:bf:05:30:5a:07:f5:dc:59:f7:ce:a9:17:
50:6b:33:7e:06:b0:f6:b0:6b:63:60:e1:8e:46:59:
bd:78:25:4e:12:5f:b0:f7:45:db:e6:22:2b:6a:7b:
d6:57:9d:22:c4:71:51:d4:15:2c:bb:35:2a:82:e1:
1b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:8C:2A:A4:90:07:EB:1B:76:E4:55:7A:E7:CF:D9:D1:BF:0F:A9:0E
X509v3 Authority Key Identifier:
keyid:29:E4:6E:75:86:5E:8D:4A:08:1E:4B:5D:DA:46:D3:C9:40:03:67:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KeRudYZejUoIHktd2kbTyUADZ5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d2354a-f3c2-41d5-b292-a9d267acf664/1/sYwqpJAH6xt25FV658_Z0b8PqQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d2354a-f3c2-41d5-b292-a9d267acf664/1/KeRudYZejUoIHktd2kbTyUADZ5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.56.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:29:64:db:b9:b0:0b:9b:45:39:d0:78:b2:e6:2d:12:0b:15:
06:82:8f:a1:6b:ca:a1:6a:4f:35:68:7c:4f:23:bd:46:1b:90:
fb:4b:ee:69:4e:e0:68:86:99:94:d7:f5:9e:8a:f8:fc:f4:c5:
35:0a:4f:2d:67:08:31:15:0e:ca:c4:68:2b:e5:cd:ce:d0:fd:
02:81:9b:cd:77:2f:e3:92:c6:a9:96:33:1d:09:9c:5e:26:fb:
49:8c:d5:13:ea:6e:83:87:2a:02:0d:d4:f0:dd:b2:84:d3:3e:
cb:7a:3d:12:74:33:4a:4e:2b:8a:3b:9a:bf:32:89:6e:ac:42:
20:16:f8:9e:ef:05:ee:a7:79:d6:96:f8:3f:70:1f:ef:0f:ee:
69:b0:c5:ee:fa:87:8f:5e:ae:61:80:b3:25:38:d0:4b:b3:12:
21:ba:d1:ba:15:23:97:b3:fa:3e:2c:49:90:52:58:a5:21:98:
00:09:42:ed:9c:70:b3:c8:87:23:46:33:99:f2:a2:d9:1b:96:
36:dd:24:51:c6:cc:46:13:f2:63:55:58:97:06:75:84:16:9e:
82:72:4a:ca:f9:dd:50:ee:ce:5c:6d:79:48:a3:70:b7:58:e4:
e1:be:b1:5a:9a:ab:c5:f3:3b:71:76:40:f1:dc:0d:26:47:11:
01:5a:5c:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRKH5ReeJIuygDsf/IW+ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZTQ2ZTc1ODY1ZThkNGEwODFlNGI1ZGRhNDZkM2M5NDAw
MzY3OWIwHhcNMjUwMTAxMjM0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMThjMmFhNDkwMDdlYjFiNzZlNDU1N2FlN2NmZDlkMWJmMGZhOTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPgKp8i8d44w6xuYTtMm/gDldzca
XBLi1YQTnv7mtyapI1GVg9kPS5LrYxUOW1oHlgfVydaWVh1wXD2Mla1hIxhx8yTt
AlRgt9mPEMD4vQxDpFDOxFV0OwHey1+hWW8RfChuG76InVmm7bxfvRNg2ddkM3KQ
7VVaHcrAG3yhSBocWiQWTEn4FRJzJN7g8oj75C4b8RuS1UhCnxabn/Sw7xVGcBqM
35QfCVxGsJbaEk9tec7z7ouNPxEHRL21zsSKpIFroki/BTBaB/XcWffOqRdQazN+
BrD2sGtjYOGORlm9eCVOEl+w90Xb5iIranvWV50ixHFR1BUsuzUqguEbZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLGMKqSQB+sbduRVeufP2dG/D6kOMB8GA1UdIwQY
MBaAFCnkbnWGXo1KCB5LXdpG08lAA2ebMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2VSdWRZWmVqVW9JSGt0ZDJrYlR5VUFEWjVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9kMjM1NGEtZjNjMi00MWQ1LWIyOTIt
YTlkMjY3YWNmNjY0LzEvc1l3cXBKQUg2eHQyNUZWNjU4X1owYjhQcVE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9kMjM1NGEtZjNjMi00MWQ1LWIyOTItYTlkMjY3YWNmNjY0
LzEvS2VSdWRZWmVqVW9JSGt0ZDJrYlR5VUFEWjVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuac4MA0G
CSqGSIb3DQEBCwUAA4IBAQAeKWTbubALm0U50Hiy5i0SCxUGgo+ha8qhak81aHxP
I71GG5D7S+5pTuBohpmU1/Weivj89MU1Ck8tZwgxFQ7KxGgr5c3O0P0CgZvNdy/j
ksapljMdCZxeJvtJjNUT6m6DhyoCDdTw3bKE0z7Lej0SdDNKTiuKO5q/MolurEIg
Fvie7wXup3nWlvg/cB/vD+5psMXu+oePXq5hgLMlONBLsxIhutG6FSOXs/o+LEmQ
UlilIZgACULtnHCzyIcjRjOZ8qLZG5Y23SRRxsxGE/JjVViXBnWEFp6CckrK+d1Q
7s5cbXlIo3C3WOThvrFamqvF8ztxdkDx3A0mRxEBWlwx
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:23:42 2025 by rpki-client