Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/3Vm_yCVfs-cMELxePU7IOqjsJok.roa
File: 3Vm_yCVfs-cMELxePU7IOqjsJok.roa (raw, json)
Hash identifier: kVD1zt/Fw0wy4FVKrPF6BbM/tCCUinsyU9AcxcCbEdA=
Subject key identifier: DD:59:BF:C8:25:5F:B3:E7:0C:10:BC:5E:3D:4E:C8:3A:A8:EC:26:89
Certificate issuer: /CN=cbd4719d72d288a73218d8c1a498823333297e25
Certificate serial: 0194221FDC213480883265587B50D9CE33B8
Authority key identifier: CB:D4:71:9D:72:D2:88:A7:32:18:D8:C1:A4:98:82:33:33:29:7E:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y9RxnXLSiKcyGNjBpJiCMzMpfiU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/3Vm_yCVfs-cMELxePU7IOqjsJok.roa
Signing time: Wed 01 Jan 2025 13:48:20 +0000
ROA not before: Wed 01 Jan 2025 13:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50597
IP address blocks: 167.160.5.0/24 maxlen: 24
185.98.157.0/24 maxlen: 24
185.181.52.0/23 maxlen: 24
185.181.54.0/24 maxlen: 24
185.181.55.0/24 maxlen: 24
192.161.6.0/24 maxlen: 24
192.161.7.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:dc:21:34:80:88:32:65:58:7b:50:d9:ce:33:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbd4719d72d288a73218d8c1a498823333297e25
Validity
Not Before: Jan 1 13:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd59bfc8255fb3e70c10bc5e3d4ec83aa8ec2689
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:06:fb:c6:07:8d:93:2f:94:a4:ad:1e:05:0f:
5a:29:01:2c:f5:e3:a4:46:25:00:70:e9:8f:f8:de:
5a:5b:b3:e4:e8:73:4a:1e:7b:9c:36:86:43:0d:9e:
a9:2c:e1:2e:4d:64:b7:b5:89:1b:cf:25:e8:e0:d1:
3a:0b:fd:fe:d0:46:8b:79:43:b9:3a:90:7c:4a:62:
a3:af:37:b2:b9:de:b6:e3:fa:fd:b4:f9:96:4e:37:
0a:5a:88:ed:ee:80:d6:c3:1b:5f:bf:2e:1f:78:c2:
12:c4:1b:34:2d:31:20:9b:26:63:e0:52:1b:2c:89:
fc:73:ca:86:e7:3f:26:31:af:2f:b9:bd:e4:66:e9:
f4:ab:36:e4:a5:29:d1:e5:bb:18:38:9d:fa:fa:52:
d8:26:da:63:21:dc:14:55:14:90:14:19:ed:cb:d3:
fb:31:13:90:b5:76:5f:3b:60:d0:00:30:71:8b:c0:
eb:b3:aa:ce:64:4c:4b:64:4f:e2:b7:06:0a:02:f6:
14:93:b1:3e:62:57:a0:4d:03:63:52:d1:02:7b:2f:
5e:6a:91:f8:a5:68:89:54:d0:bc:ec:0c:7d:e3:8d:
e3:d2:7c:51:fe:70:b2:8e:d2:89:c6:23:fd:4a:61:
41:da:a6:b7:21:6f:f2:2f:9f:a1:d8:21:82:15:ff:
f4:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:59:BF:C8:25:5F:B3:E7:0C:10:BC:5E:3D:4E:C8:3A:A8:EC:26:89
X509v3 Authority Key Identifier:
keyid:CB:D4:71:9D:72:D2:88:A7:32:18:D8:C1:A4:98:82:33:33:29:7E:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y9RxnXLSiKcyGNjBpJiCMzMpfiU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/3Vm_yCVfs-cMELxePU7IOqjsJok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/y9RxnXLSiKcyGNjBpJiCMzMpfiU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.160.5.0/24
185.98.157.0/24
185.181.52.0/22
192.161.6.0/23
Signature Algorithm: sha256WithRSAEncryption
61:42:4e:a5:67:04:78:ca:b9:46:f6:64:14:7f:9f:48:35:8d:
6a:1e:1c:31:9c:c3:fd:e7:69:e2:7b:a2:8c:90:0d:84:6d:a3:
c3:ef:76:aa:56:45:ba:42:4a:f9:e6:43:36:a0:52:d1:17:69:
f6:8f:3e:9a:61:5d:55:d0:7f:36:c1:80:89:6a:8d:b4:03:3c:
92:f0:aa:c9:cd:ce:97:18:57:ad:62:a7:5d:db:ce:cc:20:b2:
be:b5:d0:cc:9c:4d:2c:55:1a:6b:68:0a:40:33:23:36:65:ac:
49:57:e9:56:c3:fc:39:5c:31:8e:1e:08:d2:7c:db:bf:48:bb:
de:93:e4:93:bc:f1:9c:2e:c0:95:8c:30:79:8a:47:f0:4d:5e:
18:91:c2:46:77:b1:4e:5d:01:0c:6b:47:ae:16:da:31:c6:25:
42:b6:d4:46:81:9a:a7:a4:15:66:eb:b5:4d:3e:eb:70:e7:39:
b1:e8:7b:94:bf:cc:0b:99:3e:58:c8:70:a3:06:82:2a:64:7f:
6b:cb:f2:81:ef:6d:d8:72:7c:9a:5c:df:4b:40:38:69:d4:eb:
6f:80:9b:16:6b:ab:73:2d:44:2b:88:87:9f:54:10:46:25:05:
2c:60:fc:c5:c0:5f:66:0a:09:62:a7:34:6e:b3:29:fe:8d:c6:
13:6c:8b:ba
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQiH9whNICIMmVYe1DZzjO4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZDQ3MTlkNzJkMjg4YTczMjE4ZDhjMWE0OTg4MjMzMzMy
OTdlMjUwHhcNMjUwMTAxMTM0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDU5YmZjODI1NWZiM2U3MGMxMGJjNWUzZDRlYzgzYWE4ZWMyNjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQb7xgeNky+UpK0eBQ9aKQEs9eOk
RiUAcOmP+N5aW7Pk6HNKHnucNoZDDZ6pLOEuTWS3tYkbzyXo4NE6C/3+0EaLeUO5
OpB8SmKjrzeyud624/r9tPmWTjcKWojt7oDWwxtfvy4feMISxBs0LTEgmyZj4FIb
LIn8c8qG5z8mMa8vub3kZun0qzbkpSnR5bsYOJ36+lLYJtpjIdwUVRSQFBnty9P7
MROQtXZfO2DQADBxi8Drs6rOZExLZE/itwYKAvYUk7E+YlegTQNjUtECey9eapH4
pWiJVNC87Ax9443j0nxR/nCyjtKJxiP9SmFB2qa3IW/yL5+h2CGCFf/02wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFN1Zv8glX7PnDBC8Xj1OyDqo7CaJMB8GA1UdIwQY
MBaAFMvUcZ1y0oinMhjYwaSYgjMzKX4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTlSeG5YTFNpS2N5R05qQnBKaUNNek1wZmlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kYzhjMGQtZjhjMy00MDZjLWI3OWUt
YjQ5MmQ2ZmY0ODNmLzEvM1ZtX3lDVmZzLWNNRUx4ZVBVN0lPcWpzSm9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kYzhjMGQtZjhjMy00MDZjLWI3OWUtYjQ5MmQ2ZmY0ODNm
LzEveTlSeG5YTFNpS2N5R05qQnBKaUNNek1wZmlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAp6AFAwQA
uWKdAwQCubU0AwQBwKEGMA0GCSqGSIb3DQEBCwUAA4IBAQBhQk6lZwR4yrlG9mQU
f59INY1qHhwxnMP952nie6KMkA2EbaPD73aqVkW6Qkr55kM2oFLRF2n2jz6aYV1V
0H82wYCJao20AzyS8KrJzc6XGFetYqdd287MILK+tdDMnE0sVRpraApAMyM2ZaxJ
V+lWw/w5XDGOHgjSfNu/SLvek+STvPGcLsCVjDB5ikfwTV4YkcJGd7FOXQEMa0eu
FtoxxiVCttRGgZqnpBVm67VNPutw5zmx6HuUv8wLmT5YyHCjBoIqZH9ry/KB723Y
cnyaXN9LQDhp1OtvgJsWa6tzLUQriIefVBBGJQUsYPzFwF9mCglipzRusyn+jcYT
bIu6
-----END CERTIFICATE-----
Generated at Wed Apr 2 00:23:28 2025 by rpki-client on console.sobornost.net