Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/aae9db-e0c9-478e-bb58-24da551c68ab/1/1d4yJwGSUTdKstDqUlP-6mQAJzQ.roa
File: 1d4yJwGSUTdKstDqUlP-6mQAJzQ.roa (raw, json)
Hash identifier: DwRZ2rl0JUmPDYpYIbHSJwfa4VL5tZiCJHWhq3s/Y+I=
Subject key identifier: D5:DE:32:27:01:92:51:37:4A:B2:D0:EA:52:53:FE:EA:64:00:27:34
Certificate issuer: /CN=58bdb1bd75727519e400bfe88a75123d6184de14
Certificate serial: 09E3F895
Authority key identifier: 58:BD:B1:BD:75:72:75:19:E4:00:BF:E8:8A:75:12:3D:61:84:DE:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WL2xvXVydRnkAL_oinUSPWGE3hQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/aae9db-e0c9-478e-bb58-24da551c68ab/1/1d4yJwGSUTdKstDqUlP-6mQAJzQ.roa
Signing time: Sat 01 Jan 2022 06:06:18 +0000
ROA not before: Sat 01 Jan 2022 06:06:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206801
IP address blocks: 185.170.138.0/24 maxlen: 24
185.170.136.0/22 maxlen: 22
185.170.136.0/23 maxlen: 23
185.170.136.0/24 maxlen: 24
185.170.138.0/23 maxlen: 23
185.170.137.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 165935253 (0x9e3f895)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58bdb1bd75727519e400bfe88a75123d6184de14
Validity
Not Before: Jan 1 06:06:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d5de3227019251374ab2d0ea5253feea64002734
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b3:94:08:99:e8:c9:02:0f:b5:f7:c3:2b:c8:
77:5d:39:7d:ea:4b:17:48:48:4f:ce:fa:36:de:ec:
57:8e:ad:56:39:e1:18:27:3a:de:65:55:30:1c:a3:
ae:e7:90:2c:46:41:02:9d:0e:07:c3:95:53:24:c1:
eb:67:e7:ff:c8:ca:f7:5e:6e:16:ad:f6:2d:e5:65:
d6:ad:c4:18:c1:75:94:7f:d7:fc:e4:20:32:e2:23:
6d:73:92:c0:4d:e8:41:6e:ed:c1:1b:a8:71:0c:f1:
85:b0:a6:f7:1e:c5:32:f7:84:5f:3c:51:4b:09:37:
77:0d:60:ee:e6:20:a6:70:9c:d8:0a:ec:56:61:2b:
b9:05:5d:a9:cf:fe:c9:1a:97:8b:42:1b:66:b3:b6:
5c:d1:76:43:78:0c:4e:3a:16:bc:ed:d4:b0:8f:6b:
14:49:92:35:d9:f7:a9:d8:26:f9:6e:ce:c0:91:e5:
2d:07:c2:dc:7f:9d:dd:8c:2d:4b:74:ce:7e:74:76:
48:0f:ba:90:3f:44:2f:8c:1a:34:dc:b7:05:2d:71:
27:87:49:40:8f:f5:9d:01:73:e5:22:82:f3:c4:38:
32:c7:b7:94:12:8e:20:0f:32:9c:cf:30:58:1b:ae:
2e:83:3b:0b:15:1b:23:45:99:56:1c:b6:f4:5d:09:
e5:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:DE:32:27:01:92:51:37:4A:B2:D0:EA:52:53:FE:EA:64:00:27:34
X509v3 Authority Key Identifier:
keyid:58:BD:B1:BD:75:72:75:19:E4:00:BF:E8:8A:75:12:3D:61:84:DE:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WL2xvXVydRnkAL_oinUSPWGE3hQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/aae9db-e0c9-478e-bb58-24da551c68ab/1/1d4yJwGSUTdKstDqUlP-6mQAJzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/aae9db-e0c9-478e-bb58-24da551c68ab/1/WL2xvXVydRnkAL_oinUSPWGE3hQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.136.0/22
Signature Algorithm: sha256WithRSAEncryption
09:64:1e:34:af:38:d3:4d:ec:a2:f1:29:50:66:82:dd:cc:3a:
46:d8:16:3b:84:fb:54:21:4a:d2:2a:02:78:c7:5c:dc:35:a8:
a4:7a:a8:c9:2f:88:0d:bd:6b:9c:0e:d8:13:46:71:16:fb:de:
3d:24:07:67:01:b8:5a:08:20:ab:1a:2d:cb:aa:11:78:5d:da:
1a:79:4c:bd:d8:ed:26:01:6c:1c:79:09:08:95:41:91:e9:e6:
75:16:96:dd:66:8c:8a:f0:0c:d8:65:53:22:ff:2a:de:1e:c3:
61:44:c8:89:89:58:4c:e4:f0:4a:91:ca:cd:46:8e:a6:2d:ce:
54:16:ae:32:5f:91:56:6d:35:b6:ac:09:25:08:b9:04:c0:9a:
1b:df:50:49:de:75:ab:8b:b5:2e:fb:fe:10:68:59:ec:3b:f4:
57:3a:2a:af:0c:1a:13:f5:fe:b9:0c:ca:84:f8:5c:ed:00:2a:
c9:97:a7:ea:2b:a6:8d:2f:e4:20:35:2c:b7:a6:44:cc:e8:10:
de:e4:7e:1a:71:5c:2c:56:54:1e:a2:a6:06:0b:60:62:82:23:
6f:d3:ae:0c:95:c7:95:02:57:c0:29:af:73:9e:ee:93:11:15:
24:ed:f9:73:5b:fb:71:b8:05:24:f7:5d:7f:7c:e0:7d:71:fc:
39:46:1a:5d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECeP4lTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
OGJkYjFiZDc1NzI3NTE5ZTQwMGJmZTg4YTc1MTIzZDYxODRkZTE0MB4XDTIyMDEw
MTA2MDYxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDVkZTMyMjcwMTky
NTEzNzRhYjJkMGVhNTI1M2ZlZWE2NDAwMjczNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+zlAiZ6MkCD7X3wyvId105fepLF0hIT876Nt7sV46tVjnh
GCc63mVVMByjrueQLEZBAp0OB8OVUyTB62fn/8jK915uFq32LeVl1q3EGMF1lH/X
/OQgMuIjbXOSwE3oQW7twRuocQzxhbCm9x7FMveEXzxRSwk3dw1g7uYgpnCc2Ars
VmEruQVdqc/+yRqXi0IbZrO2XNF2Q3gMTjoWvO3UsI9rFEmSNdn3qdgm+W7OwJHl
LQfC3H+d3YwtS3TOfnR2SA+6kD9EL4waNNy3BS1xJ4dJQI/1nQFz5SKC88Q4Mse3
lBKOIA8ynM8wWBuuLoM7CxUbI0WZVhy29F0J5QkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTV3jInAZJRN0qy0OpSU/7qZAAnNDAfBgNVHSMEGDAWgBRYvbG9dXJ1GeQA
v+iKdRI9YYTeFDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dMMnh2WFZ5ZFJua0FMX29pblVTUFdHRTNoUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvYWFlOWRiLWUwYzktNDc4ZS1iYjU4LTI0ZGE1NTFjNjhhYi8x
LzFkNHlKd0dTVVRkS3N0RHFVbFAtNm1RQUp6US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
YWFlOWRiLWUwYzktNDc4ZS1iYjU4LTI0ZGE1NTFjNjhhYi8xL1dMMnh2WFZ5ZFJu
a0FMX29pblVTUFdHRTNoUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmqiDANBgkqhkiG9w0BAQsFAAOC
AQEACWQeNK84003sovEpUGaC3cw6RtgWO4T7VCFK0ioCeMdc3DWopHqoyS+IDb1r
nA7YE0ZxFvvePSQHZwG4Wgggqxoty6oReF3aGnlMvdjtJgFsHHkJCJVBkenmdRaW
3WaMivAM2GVTIv8q3h7DYUTIiYlYTOTwSpHKzUaOpi3OVBauMl+RVm01tqwJJQi5
BMCaG99QSd51q4u1Lvv+EGhZ7Dv0VzoqrwwaE/X+uQzKhPhc7QAqyZen6iumjS/k
IDUst6ZEzOgQ3uR+GnFcLFZUHqKmBgtgYoIjb9OuDJXHlQJXwCmvc57ukxEVJO35
c1v7cbgFJPddf3zgfXH8OUYaXQ==
-----END CERTIFICATE-----
Generated at Fri May 9 09:11:43 2025 by rpki-client