Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/d503fd-9d4b-4563-9cdf-b6e0f3e95cad/1/pGti5NOwKPTLx4Ly3hXPkfnIdHY.roa
File: pGti5NOwKPTLx4Ly3hXPkfnIdHY.roa (raw, json)
Hash identifier: hGj1ei60T0pZizrlmStFTjFUv40NzLgMUG+0J0UuEdw=
Subject key identifier: A4:6B:62:E4:D3:B0:28:F4:CB:C7:82:F2:DE:15:CF:91:F9:C8:74:76
Certificate issuer: /CN=3fac69adaf000dd77a4b001877c258a21d1ff6a0
Certificate serial: 01941FFA196EFE5DC76B7978A7DFF34DA7D7
Authority key identifier: 3F:AC:69:AD:AF:00:0D:D7:7A:4B:00:18:77:C2:58:A2:1D:1F:F6:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P6xpra8ADdd6SwAYd8JYoh0f9qA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/d503fd-9d4b-4563-9cdf-b6e0f3e95cad/1/pGti5NOwKPTLx4Ly3hXPkfnIdHY.roa
Signing time: Wed 01 Jan 2025 03:47:51 +0000
ROA not before: Wed 01 Jan 2025 03:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205556
IP address blocks: 185.213.180.0/22 maxlen: 22
185.213.180.0/24 maxlen: 24
185.213.181.0/24 maxlen: 24
185.213.182.0/24 maxlen: 24
185.213.183.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:19:6e:fe:5d:c7:6b:79:78:a7:df:f3:4d:a7:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fac69adaf000dd77a4b001877c258a21d1ff6a0
Validity
Not Before: Jan 1 03:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a46b62e4d3b028f4cbc782f2de15cf91f9c87476
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:0e:ba:ad:43:0d:e7:fb:0d:a2:23:2c:23:7a:
98:9d:c8:ef:dc:c8:60:a1:e8:8b:c1:c7:c2:61:d3:
41:a8:a2:6a:80:a8:cb:02:3e:e3:96:1c:8f:81:3c:
3f:8e:7f:ae:48:e2:21:0b:5d:a2:06:e5:d2:f3:37:
06:ed:83:80:6a:9a:74:b8:12:24:d5:66:cd:bb:44:
c3:3d:dd:d3:3d:ce:43:1b:f4:ee:27:14:f6:34:4c:
17:59:60:d6:83:01:3a:17:fe:1f:27:5e:c7:29:2c:
44:51:39:2c:88:4a:f5:e0:96:5f:e3:5c:33:a9:ba:
04:28:48:10:98:de:d7:33:72:b9:3c:35:54:15:13:
6a:c9:ff:4b:fa:55:5c:16:8d:70:0d:b4:af:c1:36:
a4:78:b0:b8:f4:b7:4a:4d:5b:97:d9:75:a1:44:f7:
cb:2b:a9:30:57:17:c9:24:11:81:9c:37:41:2d:bd:
96:13:48:0c:ca:52:fb:d2:19:07:2f:09:b4:85:17:
62:fb:1d:5a:1e:d6:d2:d3:52:e8:0f:18:c7:be:61:
06:e2:e0:dc:b3:e8:6f:66:70:9f:25:8f:1f:43:7e:
15:87:83:0c:bf:ac:c9:5e:8a:a9:a6:11:cc:73:46:
4a:dd:e4:1f:a9:a9:9a:2c:6e:7a:a6:e5:e0:1d:81:
50:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:6B:62:E4:D3:B0:28:F4:CB:C7:82:F2:DE:15:CF:91:F9:C8:74:76
X509v3 Authority Key Identifier:
keyid:3F:AC:69:AD:AF:00:0D:D7:7A:4B:00:18:77:C2:58:A2:1D:1F:F6:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P6xpra8ADdd6SwAYd8JYoh0f9qA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/d503fd-9d4b-4563-9cdf-b6e0f3e95cad/1/pGti5NOwKPTLx4Ly3hXPkfnIdHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/d503fd-9d4b-4563-9cdf-b6e0f3e95cad/1/P6xpra8ADdd6SwAYd8JYoh0f9qA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.180.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:5c:f5:37:7c:7c:e3:7b:2f:22:a4:11:f2:46:96:54:e1:91:
0c:f6:18:3d:2c:fa:91:54:89:07:cf:a9:b0:06:4a:e0:d9:11:
a3:32:2a:2c:78:a3:9b:d6:74:68:03:05:fb:1c:68:3f:71:4a:
bb:d8:68:fa:32:74:5c:a6:c5:7e:e0:98:1c:a4:2d:f5:1f:95:
58:ac:a2:30:de:1d:fd:e5:1b:aa:68:56:a9:83:cf:e7:9b:48:
67:4e:d5:91:34:28:33:5c:a5:e7:8f:5d:15:9c:e8:b8:31:15:
6c:0b:1b:95:72:dd:58:7d:27:26:b9:f8:c4:dc:44:f1:d6:74:
9d:42:86:88:f7:d4:05:94:31:dc:b1:d3:af:b6:43:e1:a1:31:
6c:79:70:d9:1a:c9:75:3b:d4:7d:13:7f:1f:60:23:6a:ee:bc:
84:6e:2f:a6:53:4d:ca:56:80:53:ca:ed:b0:1c:ae:e1:a4:59:
ab:df:65:6f:23:4c:a3:ea:29:48:fe:cd:2c:3d:84:e2:21:90:
e8:6f:59:82:19:47:de:9a:b2:be:36:ba:32:49:7f:c6:70:1d:
89:35:ee:13:d6:d9:2e:0f:12:c4:96:a4:a5:fc:2c:07:da:d1:
4b:d6:21:e2:73:1a:58:15:d3:b5:cb:4d:0d:0f:73:50:6d:c5:
2a:ff:85:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+hlu/l3Ha3l4p9/zTafXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmYWM2OWFkYWYwMDBkZDc3YTRiMDAxODc3YzI1OGEyMWQx
ZmY2YTAwHhcNMjUwMTAxMDM0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDZiNjJlNGQzYjAyOGY0Y2JjNzgyZjJkZTE1Y2Y5MWY5Yzg3NDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQ66rUMN5/sNoiMsI3qYncjv3Mhg
oeiLwcfCYdNBqKJqgKjLAj7jlhyPgTw/jn+uSOIhC12iBuXS8zcG7YOAapp0uBIk
1WbNu0TDPd3TPc5DG/TuJxT2NEwXWWDWgwE6F/4fJ17HKSxEUTksiEr14JZf41wz
qboEKEgQmN7XM3K5PDVUFRNqyf9L+lVcFo1wDbSvwTakeLC49LdKTVuX2XWhRPfL
K6kwVxfJJBGBnDdBLb2WE0gMylL70hkHLwm0hRdi+x1aHtbS01LoDxjHvmEG4uDc
s+hvZnCfJY8fQ34Vh4MMv6zJXoqpphHMc0ZK3eQfqamaLG56puXgHYFQpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKRrYuTTsCj0y8eC8t4Vz5H5yHR2MB8GA1UdIwQY
MBaAFD+saa2vAA3XeksAGHfCWKIdH/agMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDZ4cHJhOEFEZGQ2U3dBWWQ4SllvaDBmOXFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9kNTAzZmQtOWQ0Yi00NTYzLTljZGYt
YjZlMGYzZTk1Y2FkLzEvcEd0aTVOT3dLUFRMeDRMeTNoWFBrZm5JZEhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9kNTAzZmQtOWQ0Yi00NTYzLTljZGYtYjZlMGYzZTk1Y2Fk
LzEvUDZ4cHJhOEFEZGQ2U3dBWWQ4SllvaDBmOXFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudW0MA0G
CSqGSIb3DQEBCwUAA4IBAQCjXPU3fHzjey8ipBHyRpZU4ZEM9hg9LPqRVIkHz6mw
Bkrg2RGjMioseKOb1nRoAwX7HGg/cUq72Gj6MnRcpsV+4JgcpC31H5VYrKIw3h39
5RuqaFapg8/nm0hnTtWRNCgzXKXnj10VnOi4MRVsCxuVct1YfScmufjE3ETx1nSd
QoaI99QFlDHcsdOvtkPhoTFseXDZGsl1O9R9E38fYCNq7ryEbi+mU03KVoBTyu2w
HK7hpFmr32VvI0yj6ilI/s0sPYTiIZDob1mCGUfemrK+NroySX/GcB2JNe4T1tku
DxLElqSl/CwH2tFL1iHicxpYFdO1y00ND3NQbcUq/4Wj
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:08:33 2025 by rpki-client