Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/5e1871-2af1-47d3-b262-08f433daea15/1/YXxh1XSQz2hJg4wU0JwpLVfgRPc.roa
File: YXxh1XSQz2hJg4wU0JwpLVfgRPc.roa (raw, json)
Hash identifier: fKQqPt+1938ZgXlhZdhE3xLSu/gu+cSj1bUfoNu6uac=
Subject key identifier: 61:7C:61:D5:74:90:CF:68:49:83:8C:14:D0:9C:29:2D:57:E0:44:F7
Certificate issuer: /CN=2cee2998e86fa7488e6b64f8edbc032ce15d1bcc
Certificate serial: 019420D62D44445BBD93835C32F941469F9E
Authority key identifier: 2C:EE:29:98:E8:6F:A7:48:8E:6B:64:F8:ED:BC:03:2C:E1:5D:1B:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LO4pmOhvp0iOa2T47bwDLOFdG8w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/5e1871-2af1-47d3-b262-08f433daea15/1/YXxh1XSQz2hJg4wU0JwpLVfgRPc.roa
Signing time: Wed 01 Jan 2025 07:48:14 +0000
ROA not before: Wed 01 Jan 2025 07:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205564
IP address blocks: 185.213.252.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:2d:44:44:5b:bd:93:83:5c:32:f9:41:46:9f:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cee2998e86fa7488e6b64f8edbc032ce15d1bcc
Validity
Not Before: Jan 1 07:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=617c61d57490cf6849838c14d09c292d57e044f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:37:45:a9:8a:8f:f6:2e:2a:f2:00:96:40:7f:
0a:9a:eb:8e:61:fa:06:d3:25:d5:87:5b:df:47:f4:
af:a3:d1:4d:e4:11:15:1d:34:80:87:91:97:d4:d5:
b8:17:11:03:f9:a8:95:e1:eb:38:51:95:64:80:e4:
ed:ad:6c:41:f3:bc:ec:12:bf:8a:d7:13:05:15:2f:
80:bf:5c:24:23:81:b0:ea:02:0c:f3:76:13:20:c0:
c2:b6:e5:4b:12:71:3c:2e:02:90:7d:76:48:5b:93:
24:07:f5:c9:73:8d:f9:14:b8:5a:62:93:91:ce:4a:
81:29:a3:6c:93:39:29:bb:aa:fb:f8:5a:8a:0d:01:
24:6d:46:4a:06:a0:ce:8a:47:05:29:24:7c:84:59:
bb:e8:ff:d2:77:f0:e2:0a:53:e5:16:50:1f:56:54:
b2:5e:ea:73:03:dd:aa:5f:89:36:79:33:07:89:13:
1a:cc:83:bc:85:27:12:c7:b6:b6:ca:d1:10:36:3a:
d1:2d:d3:f3:ee:56:78:79:d8:46:77:b2:c2:c1:e4:
a4:f4:4a:3b:04:fc:60:03:ed:6f:bb:eb:47:44:ec:
fe:65:40:b4:0f:97:2c:11:c6:3c:4e:97:b1:eb:62:
ca:3c:66:c6:95:8b:91:40:e7:7d:e3:31:72:01:60:
91:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:7C:61:D5:74:90:CF:68:49:83:8C:14:D0:9C:29:2D:57:E0:44:F7
X509v3 Authority Key Identifier:
keyid:2C:EE:29:98:E8:6F:A7:48:8E:6B:64:F8:ED:BC:03:2C:E1:5D:1B:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LO4pmOhvp0iOa2T47bwDLOFdG8w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/5e1871-2af1-47d3-b262-08f433daea15/1/YXxh1XSQz2hJg4wU0JwpLVfgRPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/5e1871-2af1-47d3-b262-08f433daea15/1/LO4pmOhvp0iOa2T47bwDLOFdG8w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.252.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:20:51:de:b9:5c:5e:1a:fd:41:9f:0c:ca:c9:13:82:f1:3b:
16:52:60:2f:9a:a9:d2:a1:b5:db:f8:62:6a:47:96:17:f7:e6:
6a:a9:de:d6:d1:dc:8c:65:9b:36:3f:42:d8:7c:cf:15:4d:aa:
31:3c:a0:53:7d:6c:b8:2b:9b:00:ba:b8:fb:0b:87:e0:4b:bd:
7f:ae:5b:b4:67:27:b2:50:85:4b:29:c2:22:df:30:6a:93:3f:
05:8a:a6:8c:93:8d:72:43:a3:08:6d:f9:c6:18:27:6c:a1:9d:
29:54:b5:58:c3:93:1b:ff:f8:c5:ea:96:7d:90:cb:b4:98:d4:
a9:4b:8a:5f:7f:16:15:3a:cb:20:18:88:60:fb:6d:2d:15:59:
b3:c3:c5:ab:59:61:a6:f3:8a:09:cc:d8:6f:d3:2f:c2:90:42:
2d:9b:65:bf:29:37:9b:dc:bb:d0:f1:c6:68:c5:f9:e1:bf:8a:
08:f7:e3:60:7b:d5:2a:24:e1:0f:b0:18:56:f2:f1:3f:a7:99:
61:9b:01:89:8f:4c:03:0a:67:17:58:9b:70:46:43:fe:41:5c:
ae:95:85:bb:be:37:fc:f7:5f:34:ad:42:28:7e:1a:e4:91:54:
f5:17:38:6b:92:27:eb:64:62:28:01:f9:2d:d2:8d:6e:2a:a4:
eb:7c:03:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1i1ERFu9k4NcMvlBRp+eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZWUyOTk4ZTg2ZmE3NDg4ZTZiNjRmOGVkYmMwMzJjZTE1
ZDFiY2MwHhcNMjUwMTAxMDc0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTdjNjFkNTc0OTBjZjY4NDk4MzhjMTRkMDljMjkyZDU3ZTA0NGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjdFqYqP9i4q8gCWQH8KmuuOYfoG
0yXVh1vfR/Svo9FN5BEVHTSAh5GX1NW4FxED+aiV4es4UZVkgOTtrWxB87zsEr+K
1xMFFS+Av1wkI4Gw6gIM83YTIMDCtuVLEnE8LgKQfXZIW5MkB/XJc435FLhaYpOR
zkqBKaNskzkpu6r7+FqKDQEkbUZKBqDOikcFKSR8hFm76P/Sd/DiClPlFlAfVlSy
XupzA92qX4k2eTMHiRMazIO8hScSx7a2ytEQNjrRLdPz7lZ4edhGd7LCweSk9Eo7
BPxgA+1vu+tHROz+ZUC0D5csEcY8Tpex62LKPGbGlYuRQOd94zFyAWCRKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGF8YdV0kM9oSYOMFNCcKS1X4ET3MB8GA1UdIwQY
MBaAFCzuKZjob6dIjmtk+O28AyzhXRvMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE80cG1PaHZwMGlPYTJUNDdid0RMT0ZkRzh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81ZTE4NzEtMmFmMS00N2QzLWIyNjIt
MDhmNDMzZGFlYTE1LzEvWVh4aDFYU1F6MmhKZzR3VTBKd3BMVmZnUlBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC81ZTE4NzEtMmFmMS00N2QzLWIyNjItMDhmNDMzZGFlYTE1
LzEvTE80cG1PaHZwMGlPYTJUNDdid0RMT0ZkRzh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudX8MA0G
CSqGSIb3DQEBCwUAA4IBAQALIFHeuVxeGv1BnwzKyROC8TsWUmAvmqnSobXb+GJq
R5YX9+Zqqd7W0dyMZZs2P0LYfM8VTaoxPKBTfWy4K5sAurj7C4fgS71/rlu0Zyey
UIVLKcIi3zBqkz8FiqaMk41yQ6MIbfnGGCdsoZ0pVLVYw5Mb//jF6pZ9kMu0mNSp
S4pffxYVOssgGIhg+20tFVmzw8WrWWGm84oJzNhv0y/CkEItm2W/KTeb3LvQ8cZo
xfnhv4oI9+Nge9UqJOEPsBhW8vE/p5lhmwGJj0wDCmcXWJtwRkP+QVyulYW7vjf8
9180rUIofhrkkVT1FzhrkifrZGIoAfkt0o1uKqTrfAMs
-----END CERTIFICATE-----
Generated at Sat Apr 26 10:12:33 2025 by rpki-client