Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/5d6167-f02b-44db-b565-0e4382310ca5/1/a6z9s2B5USpArv-yW1XShxJdtpo.roa
File: a6z9s2B5USpArv-yW1XShxJdtpo.roa (raw, json)
Hash identifier: hfVnswmh8KT0yGpguvtRDoEqQ95xhx5KsIsgaJn/9yM=
Subject key identifier: 6B:AC:FD:B3:60:79:51:2A:40:AE:FF:B2:5B:55:D2:87:12:5D:B6:9A
Certificate issuer: /CN=1bef5aa14d3140c7c7c4988f19da9431eb1a40f1
Certificate serial: 019423696D4CF06090BEAF75EA4795BDD77C
Authority key identifier: 1B:EF:5A:A1:4D:31:40:C7:C7:C4:98:8F:19:DA:94:31:EB:1A:40:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-9aoU0xQMfHxJiPGdqUMesaQPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/5d6167-f02b-44db-b565-0e4382310ca5/1/a6z9s2B5USpArv-yW1XShxJdtpo.roa
Signing time: Wed 01 Jan 2025 19:48:19 +0000
ROA not before: Wed 01 Jan 2025 19:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49796
IP address blocks: 185.167.72.0/22 maxlen: 22
185.167.72.0/23 maxlen: 23
185.167.72.0/24 maxlen: 24
185.167.72.3/32 maxlen: 32
185.167.72.13/32 maxlen: 32
185.167.72.253/32 maxlen: 32
185.167.72.254/32 maxlen: 32
185.167.73.0/24 maxlen: 24
185.167.74.0/23 maxlen: 23
185.167.74.0/24 maxlen: 24
185.167.75.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:6d:4c:f0:60:90:be:af:75:ea:47:95:bd:d7:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bef5aa14d3140c7c7c4988f19da9431eb1a40f1
Validity
Not Before: Jan 1 19:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6bacfdb36079512a40aeffb25b55d287125db69a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:14:53:a4:1e:7d:52:5e:4e:4c:24:fb:41:7f:
d7:4f:f3:c5:f6:bc:7d:74:e6:4d:85:0d:30:90:92:
fa:6b:7d:aa:23:3b:52:7e:26:71:3b:e9:d3:d6:b8:
d1:18:68:ae:89:d1:6b:38:19:13:83:1a:62:9a:ca:
de:ff:12:16:6f:2c:fa:df:0b:ea:4f:f8:46:e4:94:
92:9b:74:4c:ce:b7:d2:51:a5:b1:08:2d:15:ef:6d:
df:73:f1:5f:fa:51:fe:11:f2:62:e4:c6:1a:35:6c:
c4:5d:73:d4:18:32:d8:17:60:2a:6c:11:ed:76:ee:
26:c4:aa:1d:f8:1b:6a:11:4f:07:b2:06:26:18:c4:
34:6f:29:bf:e6:5c:09:3e:3f:17:71:b0:cc:77:05:
b1:e4:d2:f1:e0:3d:b6:f6:29:3c:9e:9f:30:b7:f2:
b4:3c:72:a6:d2:d6:ed:09:55:d1:70:75:ef:cc:0b:
ac:5f:0a:c1:c0:e8:d9:90:8c:0d:a2:22:01:78:10:
3a:34:41:33:0b:01:25:a7:34:81:d6:87:f0:6d:86:
1d:ca:36:b1:4b:cc:8e:f5:f0:ee:ac:ef:b5:81:05:
c9:1f:38:15:b7:41:0b:f4:a7:88:02:7e:b1:cc:3e:
bb:60:86:d1:a8:b9:17:d4:2a:dd:5f:34:9c:8f:0c:
f6:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:AC:FD:B3:60:79:51:2A:40:AE:FF:B2:5B:55:D2:87:12:5D:B6:9A
X509v3 Authority Key Identifier:
keyid:1B:EF:5A:A1:4D:31:40:C7:C7:C4:98:8F:19:DA:94:31:EB:1A:40:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-9aoU0xQMfHxJiPGdqUMesaQPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5d6167-f02b-44db-b565-0e4382310ca5/1/a6z9s2B5USpArv-yW1XShxJdtpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5d6167-f02b-44db-b565-0e4382310ca5/1/G-9aoU0xQMfHxJiPGdqUMesaQPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.72.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:98:d6:2a:08:f7:87:31:3a:46:1a:f9:34:9d:00:e5:da:7d:
f8:e2:98:9f:5a:85:61:14:32:34:6b:ad:c4:2a:5a:63:e0:30:
79:70:25:eb:c3:d5:fe:2e:4e:36:01:1f:e0:7d:76:16:d8:76:
54:26:0f:a9:a7:b5:fa:23:26:31:fc:f0:86:eb:66:14:d5:5d:
6c:ef:63:6a:22:50:e7:e6:a6:79:91:a3:3c:11:1e:23:15:df:
2e:f9:20:53:68:9a:5a:6d:93:63:6c:26:41:9f:28:97:f2:eb:
5b:d4:f9:54:58:ab:f0:25:73:13:82:08:5c:c7:6e:9b:49:6f:
76:19:fb:9e:51:d4:50:fe:12:2c:3f:73:bf:69:b1:d6:cb:22:
b7:06:32:ec:36:b6:8e:4c:e9:d0:01:c5:6d:f2:69:5d:ea:b1:
3f:f7:ea:34:e7:2e:59:21:7f:ad:c3:c2:97:03:b3:fa:48:61:
4f:42:58:4a:02:76:54:fa:6c:d3:9c:c7:d0:f1:18:bb:eb:bf:
46:2f:70:da:05:1a:6e:d4:a6:02:3e:ff:5f:91:51:99:78:f2:
a7:e6:a0:04:92:dc:22:43:d3:ed:3a:5f:50:5b:43:48:88:e3:
1c:77:91:15:69:d7:3d:d5:f6:03:c4:8f:94:2d:cc:89:8a:55:
59:ba:9d:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaW1M8GCQvq916keVvdd8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZWY1YWExNGQzMTQwYzdjN2M0OTg4ZjE5ZGE5NDMxZWIx
YTQwZjEwHhcNMjUwMTAxMTk0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmFjZmRiMzYwNzk1MTJhNDBhZWZmYjI1YjU1ZDI4NzEyNWRiNjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7BRTpB59Ul5OTCT7QX/XT/PF9rx9
dOZNhQ0wkJL6a32qIztSfiZxO+nT1rjRGGiuidFrOBkTgxpimsre/xIWbyz63wvq
T/hG5JSSm3RMzrfSUaWxCC0V723fc/Ff+lH+EfJi5MYaNWzEXXPUGDLYF2AqbBHt
du4mxKod+BtqEU8HsgYmGMQ0bym/5lwJPj8XcbDMdwWx5NLx4D229ik8np8wt/K0
PHKm0tbtCVXRcHXvzAusXwrBwOjZkIwNoiIBeBA6NEEzCwElpzSB1ofwbYYdyjax
S8yO9fDurO+1gQXJHzgVt0EL9KeIAn6xzD67YIbRqLkX1CrdXzScjwz2NQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGus/bNgeVEqQK7/sltV0ocSXbaaMB8GA1UdIwQY
MBaAFBvvWqFNMUDHx8SYjxnalDHrGkDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRy05YW9VMHhRTWZIeEppUEdkcVVNZXNhUVBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC81ZDYxNjctZjAyYi00NGRiLWI1NjUt
MGU0MzgyMzEwY2E1LzEvYTZ6OXMyQjVVU3BBcnYteVcxWFNoeEpkdHBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC81ZDYxNjctZjAyYi00NGRiLWI1NjUtMGU0MzgyMzEwY2E1
LzEvRy05YW9VMHhRTWZIeEppUEdkcVVNZXNhUVBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuadIMA0G
CSqGSIb3DQEBCwUAA4IBAQAumNYqCPeHMTpGGvk0nQDl2n344pifWoVhFDI0a63E
Klpj4DB5cCXrw9X+Lk42AR/gfXYW2HZUJg+pp7X6IyYx/PCG62YU1V1s72NqIlDn
5qZ5kaM8ER4jFd8u+SBTaJpabZNjbCZBnyiX8utb1PlUWKvwJXMTgghcx26bSW92
GfueUdRQ/hIsP3O/abHWyyK3BjLsNraOTOnQAcVt8mld6rE/9+o05y5ZIX+tw8KX
A7P6SGFPQlhKAnZU+mzTnMfQ8Ri7679GL3DaBRpu1KYCPv9fkVGZePKn5qAEktwi
Q9PtOl9QW0NIiOMcd5EVadc91fYDxI+ULcyJilVZup3I
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:45 2025 by rpki-client on console.sobornost.net