Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/d7nnb22eByZ3PgdzvIIdeg7bVrw.roa
File: d7nnb22eByZ3PgdzvIIdeg7bVrw.roa (raw, json)
Hash identifier: MtT+ZrWZXS09kZHHdiFFktcO1Kssl/83QQmCIziV1ms=
Subject key identifier: 77:B9:E7:6F:6D:9E:07:26:77:3E:07:73:BC:82:1D:7A:0E:DB:56:BC
Certificate issuer: /CN=cbd4719d72d288a73218d8c1a498823333297e25
Certificate serial: 0194221FDBA3B51AD2AB4F18705CAEEFBFB3
Authority key identifier: CB:D4:71:9D:72:D2:88:A7:32:18:D8:C1:A4:98:82:33:33:29:7E:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y9RxnXLSiKcyGNjBpJiCMzMpfiU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/d7nnb22eByZ3PgdzvIIdeg7bVrw.roa
Signing time: Wed 01 Jan 2025 13:48:20 +0000
ROA not before: Wed 01 Jan 2025 13:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 167.160.5.0/24 maxlen: 24
185.98.157.0/24 maxlen: 24
185.181.52.0/22 maxlen: 24
192.161.6.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:db:a3:b5:1a:d2:ab:4f:18:70:5c:ae:ef:bf:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbd4719d72d288a73218d8c1a498823333297e25
Validity
Not Before: Jan 1 13:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77b9e76f6d9e0726773e0773bc821d7a0edb56bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a5:dd:61:ba:82:92:98:de:cd:c3:b5:b3:c7:
94:93:48:e1:a4:6b:77:8c:df:34:cd:da:28:c0:0a:
42:05:02:9e:98:d7:ba:30:18:54:37:1c:1f:d6:6f:
48:58:9e:5e:03:52:40:df:27:55:e4:7a:e4:48:24:
9d:f4:89:4d:d3:6b:3b:41:94:56:d5:4e:36:88:07:
f1:44:f7:c4:98:11:d2:7c:3c:4d:7c:ce:4d:d1:36:
84:1d:3e:89:56:20:04:cb:1d:10:65:b2:70:87:73:
0f:b4:1f:02:75:46:72:fe:c7:eb:63:90:bc:6a:5b:
55:85:62:c4:f4:2d:e4:c6:2f:cd:84:ad:3a:eb:df:
9a:07:13:9b:56:f9:db:85:c8:b9:f4:b4:fc:98:cb:
9b:45:c1:24:03:09:8b:5a:00:98:38:51:b0:b5:1d:
a0:82:ea:21:21:98:58:3e:ce:4d:35:1d:f9:43:c4:
e9:a2:36:f5:6b:25:e7:ac:47:db:4b:f3:fb:7c:f8:
34:3f:9b:54:7a:53:44:4f:bf:e4:80:57:9d:ce:0d:
b3:11:ff:b4:74:5a:f2:47:b5:c3:1d:0c:2c:77:b9:
85:91:83:ff:53:12:ff:3a:c4:bc:db:a6:b8:5e:9b:
c1:6c:21:10:6a:d9:17:21:c5:58:f9:c6:28:0d:72:
01:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:B9:E7:6F:6D:9E:07:26:77:3E:07:73:BC:82:1D:7A:0E:DB:56:BC
X509v3 Authority Key Identifier:
keyid:CB:D4:71:9D:72:D2:88:A7:32:18:D8:C1:A4:98:82:33:33:29:7E:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y9RxnXLSiKcyGNjBpJiCMzMpfiU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/d7nnb22eByZ3PgdzvIIdeg7bVrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/y9RxnXLSiKcyGNjBpJiCMzMpfiU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.160.5.0/24
185.98.157.0/24
185.181.52.0/22
192.161.6.0/23
Signature Algorithm: sha256WithRSAEncryption
b3:04:a6:26:18:03:1d:0f:97:d9:2f:71:20:07:dc:bd:91:98:
49:78:6f:e0:ae:1e:be:1c:01:4c:9c:37:8a:a3:7c:6b:2e:81:
9f:e0:59:1d:8e:3c:71:a2:2e:29:23:40:c6:ed:2f:6d:88:08:
6c:a0:ba:e6:07:a6:a3:44:a6:45:c5:35:40:11:23:e6:43:6d:
6a:65:68:89:cc:b4:57:9f:a7:a1:39:02:54:6d:dc:ad:13:06:
de:aa:87:49:d9:68:74:15:04:78:08:7b:75:f1:3a:44:44:36:
f5:c2:56:3b:0b:b6:e1:68:50:59:14:62:4c:1d:cf:90:ea:0c:
4a:44:5f:e6:6e:fa:db:3b:db:47:96:9e:e9:2b:7f:ec:9c:3e:
42:25:12:66:67:58:c8:0d:60:3b:a6:8e:5c:19:6d:ff:34:b4:
74:27:96:62:a9:86:2b:d1:50:1d:88:72:13:3e:13:07:b5:a7:
48:e9:b3:73:13:0e:4b:a0:17:65:cb:06:2c:6f:02:12:25:29:
72:1e:10:78:e8:e5:c5:ff:97:f3:72:07:d4:f0:22:da:e0:03:
62:8f:2e:26:9f:05:82:11:f5:10:5c:b5:68:f3:ce:b7:7f:a6:
6b:47:e1:09:08:af:6d:56:e0:6d:bd:d9:fc:bc:bc:09:9f:eb:
5b:53:05:4d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQiH9ujtRrSq08YcFyu77+zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZDQ3MTlkNzJkMjg4YTczMjE4ZDhjMWE0OTg4MjMzMzMy
OTdlMjUwHhcNMjUwMTAxMTM0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2I5ZTc2ZjZkOWUwNzI2NzczZTA3NzNiYzgyMWQ3YTBlZGI1NmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqXdYbqCkpjezcO1s8eUk0jhpGt3
jN80zdoowApCBQKemNe6MBhUNxwf1m9IWJ5eA1JA3ydV5HrkSCSd9IlN02s7QZRW
1U42iAfxRPfEmBHSfDxNfM5N0TaEHT6JViAEyx0QZbJwh3MPtB8CdUZy/sfrY5C8
altVhWLE9C3kxi/NhK0669+aBxObVvnbhci59LT8mMubRcEkAwmLWgCYOFGwtR2g
guohIZhYPs5NNR35Q8Tpojb1ayXnrEfbS/P7fPg0P5tUelNET7/kgFedzg2zEf+0
dFryR7XDHQwsd7mFkYP/UxL/OsS826a4XpvBbCEQatkXIcVY+cYoDXIBgQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHe5529tngcmdz4Hc7yCHXoO21a8MB8GA1UdIwQY
MBaAFMvUcZ1y0oinMhjYwaSYgjMzKX4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTlSeG5YTFNpS2N5R05qQnBKaUNNek1wZmlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kYzhjMGQtZjhjMy00MDZjLWI3OWUt
YjQ5MmQ2ZmY0ODNmLzEvZDdubmIyMmVCeVozUGdkenZJSWRlZzdiVnJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kYzhjMGQtZjhjMy00MDZjLWI3OWUtYjQ5MmQ2ZmY0ODNm
LzEveTlSeG5YTFNpS2N5R05qQnBKaUNNek1wZmlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAp6AFAwQA
uWKdAwQCubU0AwQBwKEGMA0GCSqGSIb3DQEBCwUAA4IBAQCzBKYmGAMdD5fZL3Eg
B9y9kZhJeG/grh6+HAFMnDeKo3xrLoGf4Fkdjjxxoi4pI0DG7S9tiAhsoLrmB6aj
RKZFxTVAESPmQ21qZWiJzLRXn6ehOQJUbdytEwbeqodJ2Wh0FQR4CHt18TpERDb1
wlY7C7bhaFBZFGJMHc+Q6gxKRF/mbvrbO9tHlp7pK3/snD5CJRJmZ1jIDWA7po5c
GW3/NLR0J5ZiqYYr0VAdiHITPhMHtadI6bNzEw5LoBdlywYsbwISJSlyHhB46OXF
/5fzcgfU8CLa4ANijy4mnwWCEfUQXLVo8863f6ZrR+EJCK9tVuBtvdn8vLwJn+tb
UwVN
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:25:37 2025 by rpki-client