Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/e2dc5b-ceb2-435c-aba4-7ef1b9159eb6/1/bTsSCn9VQJFsfJFoDTOrVGY-N2k.roa
File: bTsSCn9VQJFsfJFoDTOrVGY-N2k.roa (raw, json)
Hash identifier: +9Rs1bITp6EHbSOzvjJQ8zLBys/+7urSMq64MyKwyrA=
Subject key identifier: 6D:3B:12:0A:7F:55:40:91:6C:7C:91:68:0D:33:AB:54:66:3E:37:69
Certificate issuer: /CN=cea02c07797fa203a1e2493ba0dd80199ed9be05
Certificate serial: 01942747F67755112136B7D9E6BBABE140C6
Authority key identifier: CE:A0:2C:07:79:7F:A2:03:A1:E2:49:3B:A0:DD:80:19:9E:D9:BE:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zqAsB3l_ogOh4kk7oN2AGZ7ZvgU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/e2dc5b-ceb2-435c-aba4-7ef1b9159eb6/1/bTsSCn9VQJFsfJFoDTOrVGY-N2k.roa
Signing time: Thu 02 Jan 2025 13:50:15 +0000
ROA not before: Thu 02 Jan 2025 13:50:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33915
IP address blocks: 185.72.164.0/22 maxlen: 22
2a05:3b80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:f6:77:55:11:21:36:b7:d9:e6:bb:ab:e1:40:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cea02c07797fa203a1e2493ba0dd80199ed9be05
Validity
Not Before: Jan 2 13:50:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d3b120a7f5540916c7c91680d33ab54663e3769
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8a:24:2d:81:c7:60:62:d7:a5:3a:23:e8:89:
17:11:db:a4:ff:6c:cb:e7:8c:de:f4:10:3d:8c:20:
4d:92:0a:da:6d:50:70:57:bc:4d:f7:89:ff:2f:14:
8d:bb:dc:f9:98:5d:a8:ca:81:8b:4b:bd:82:46:0f:
19:13:eb:24:0d:16:91:50:d2:52:68:ad:73:00:fc:
0a:52:9b:1e:9b:f8:22:c3:87:11:f6:08:a7:ff:6d:
96:82:2d:a5:6b:1a:db:5b:eb:4c:81:2e:c1:2a:79:
11:03:c4:04:2c:84:95:5a:5c:d8:b5:8e:55:f3:98:
4d:fa:72:8f:83:87:ec:cf:5f:1b:b6:f2:d0:8d:be:
61:b8:a5:ba:17:59:f5:7e:83:be:f6:2e:0f:1d:f3:
cf:1a:fd:3b:f5:c4:1c:06:ff:8e:26:3d:b1:cf:82:
ab:54:5d:88:4e:c3:33:d7:7f:02:f9:a1:64:87:fe:
3c:b7:8d:c7:8d:2f:b9:77:a8:f6:9a:99:08:79:63:
91:95:ed:d9:2a:97:88:7b:ee:82:03:55:3c:42:d8:
11:2c:27:08:52:bd:bd:6d:e4:ae:6d:ed:15:cb:d8:
76:7c:3b:ec:70:84:86:f8:7a:c3:20:91:2b:b7:9d:
fa:87:3b:92:26:3e:d6:b2:26:f9:d8:79:e4:d5:4f:
00:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:3B:12:0A:7F:55:40:91:6C:7C:91:68:0D:33:AB:54:66:3E:37:69
X509v3 Authority Key Identifier:
keyid:CE:A0:2C:07:79:7F:A2:03:A1:E2:49:3B:A0:DD:80:19:9E:D9:BE:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zqAsB3l_ogOh4kk7oN2AGZ7ZvgU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e2dc5b-ceb2-435c-aba4-7ef1b9159eb6/1/bTsSCn9VQJFsfJFoDTOrVGY-N2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e2dc5b-ceb2-435c-aba4-7ef1b9159eb6/1/zqAsB3l_ogOh4kk7oN2AGZ7ZvgU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.164.0/22
IPv6:
2a05:3b80::/29
Signature Algorithm: sha256WithRSAEncryption
ad:23:4f:d9:11:13:a6:5e:da:66:1f:1e:c5:0c:cc:bd:74:ba:
e2:3e:cd:26:7e:d9:9f:1d:cb:3d:75:e4:79:cf:0d:be:4d:00:
7a:82:1b:27:17:b6:f3:66:f3:b4:12:ce:9f:70:de:94:62:8e:
3e:f2:45:e6:d3:84:7d:b6:06:b7:0e:ae:56:3a:e0:6c:42:76:
91:a9:17:f7:50:7b:b7:9f:88:c0:55:b3:f0:44:47:2d:a8:6e:
78:76:10:1f:ff:38:0d:ee:58:42:77:7d:65:48:cd:9c:5d:5d:
0e:fc:76:95:1b:f7:f4:68:34:8f:a3:33:99:ae:c7:73:df:b4:
10:28:ff:eb:5c:de:7b:eb:13:f2:7c:af:cf:6f:22:ea:7f:eb:
7f:9b:82:8c:6e:12:c4:42:2a:a1:5d:8d:f2:bd:04:c7:93:b4:
58:6b:87:03:db:2e:13:61:3c:fb:60:35:ac:bd:ba:e3:6e:ba:
9b:4f:aa:b4:06:98:56:b4:33:9a:57:81:bf:7f:3f:a6:c0:4e:
60:f2:c7:35:50:34:94:9a:15:e6:05:91:f2:2b:14:c9:d1:59:
5f:96:55:b7:e4:11:34:c1:4c:4c:b4:67:61:8a:94:a6:10:f0:
d9:38:0b:1b:89:e1:72:42:87:47:ed:72:6c:b0:e6:9d:99:d0:
fe:c3:ff:4e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnR/Z3VREhNrfZ5rur4UDGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYTAyYzA3Nzk3ZmEyMDNhMWUyNDkzYmEwZGQ4MDE5OWVk
OWJlMDUwHhcNMjUwMTAyMTM1MDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDNiMTIwYTdmNTU0MDkxNmM3YzkxNjgwZDMzYWI1NDY2M2UzNzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYokLYHHYGLXpToj6IkXEduk/2zL
54ze9BA9jCBNkgrabVBwV7xN94n/LxSNu9z5mF2oyoGLS72CRg8ZE+skDRaRUNJS
aK1zAPwKUpsem/giw4cR9gin/22Wgi2laxrbW+tMgS7BKnkRA8QELISVWlzYtY5V
85hN+nKPg4fsz18btvLQjb5huKW6F1n1foO+9i4PHfPPGv079cQcBv+OJj2xz4Kr
VF2ITsMz138C+aFkh/48t43HjS+5d6j2mpkIeWORle3ZKpeIe+6CA1U8QtgRLCcI
Ur29beSube0Vy9h2fDvscISG+HrDIJErt536hzuSJj7Wsib52Hnk1U8AOQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG07Egp/VUCRbHyRaA0zq1RmPjdpMB8GA1UdIwQY
MBaAFM6gLAd5f6IDoeJJO6DdgBme2b4FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenFBc0IzbF9vZ09oNGtrN29OMkFHWjdadmdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9lMmRjNWItY2ViMi00MzVjLWFiYTQt
N2VmMWI5MTU5ZWI2LzEvYlRzU0NuOVZRSkZzZkpGb0RUT3JWR1ktTjJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9lMmRjNWItY2ViMi00MzVjLWFiYTQtN2VmMWI5MTU5ZWI2
LzEvenFBc0IzbF9vZ09oNGtrN29OMkFHWjdadmdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUikMA0E
AgACMAcDBQMqBTuAMA0GCSqGSIb3DQEBCwUAA4IBAQCtI0/ZEROmXtpmHx7FDMy9
dLriPs0mftmfHcs9deR5zw2+TQB6ghsnF7bzZvO0Es6fcN6UYo4+8kXm04R9tga3
Dq5WOuBsQnaRqRf3UHu3n4jAVbPwREctqG54dhAf/zgN7lhCd31lSM2cXV0O/HaV
G/f0aDSPozOZrsdz37QQKP/rXN576xPyfK/PbyLqf+t/m4KMbhLEQiqhXY3yvQTH
k7RYa4cD2y4TYTz7YDWsvbrjbrqbT6q0BphWtDOaV4G/fz+mwE5g8sc1UDSUmhXm
BZHyKxTJ0VlfllW35BE0wUxMtGdhipSmEPDZOAsbieFyQodH7XJssOadmdD+w/9O
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:23 2025 by rpki-client on console.sobornost.net