Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/c57b75-10a7-4723-94ea-e857477a7008/1/cM594o8l7Xh7Dw0EOXhcxgvWLYI.roa
File: cM594o8l7Xh7Dw0EOXhcxgvWLYI.roa (raw, json)
Hash identifier: 1Ym4804A2QtxpGJhVDPpEbLS0giUeOdd5FG8xMIV330=
Subject key identifier: 70:CE:7D:E2:8F:25:ED:78:7B:0F:0D:04:39:78:5C:C6:0B:D6:2D:82
Certificate issuer: /CN=467350d5975a272a88bfb8810af45981cd55935a
Certificate serial: 019425FC5BD55988E6B898E17D8531710C0B
Authority key identifier: 46:73:50:D5:97:5A:27:2A:88:BF:B8:81:0A:F4:59:81:CD:55:93:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RnNQ1ZdaJyqIv7iBCvRZgc1Vk1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/c57b75-10a7-4723-94ea-e857477a7008/1/cM594o8l7Xh7Dw0EOXhcxgvWLYI.roa
Signing time: Thu 02 Jan 2025 07:48:02 +0000
ROA not before: Thu 02 Jan 2025 07:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12590
IP address blocks: 185.118.220.0/24 maxlen: 24
185.118.221.0/24 maxlen: 24
185.118.222.0/24 maxlen: 24
185.118.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:5b:d5:59:88:e6:b8:98:e1:7d:85:31:71:0c:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=467350d5975a272a88bfb8810af45981cd55935a
Validity
Not Before: Jan 2 07:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70ce7de28f25ed787b0f0d0439785cc60bd62d82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0f:06:7d:14:64:a9:95:47:b4:12:5a:ed:63:
c5:6f:55:8d:f9:21:1a:fb:0e:44:dc:7b:03:b6:31:
91:d5:c6:d9:3d:c4:13:f6:5b:0d:96:a8:a6:c6:f6:
02:56:c1:0b:ed:39:19:6b:db:7d:8a:e0:89:fd:15:
53:3b:f2:6f:1d:b4:a5:0d:3c:fa:72:b0:85:d2:47:
ed:30:5b:1a:bb:20:bc:e3:41:41:55:1e:bb:1c:4d:
a5:46:a5:73:33:3f:c4:f4:71:56:02:fd:68:8c:e5:
9d:58:86:18:db:bf:84:3b:2c:95:36:54:80:7d:84:
af:e2:ec:e6:13:41:62:71:40:3d:f8:4d:f2:ba:51:
21:3e:62:56:66:f4:0b:a1:43:ef:91:d0:ea:d1:56:
1f:40:f0:f0:11:1e:47:ef:83:22:ac:e5:56:72:bb:
8c:aa:dc:65:dd:9a:ab:67:59:ff:b7:bb:a4:d0:f5:
7a:21:2f:cf:10:45:f2:50:20:f9:c1:e3:35:7e:2a:
9b:68:0b:ad:5c:8c:a1:59:c9:9a:07:78:a5:5d:69:
a9:a0:c7:93:76:b2:ac:44:d8:9e:5e:52:32:1a:cb:
ed:53:cf:19:d6:b7:4e:2f:de:f7:a9:0f:f5:45:a7:
ab:b5:07:9d:d0:32:47:f9:d0:11:6a:99:c6:c6:d3:
e9:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:CE:7D:E2:8F:25:ED:78:7B:0F:0D:04:39:78:5C:C6:0B:D6:2D:82
X509v3 Authority Key Identifier:
keyid:46:73:50:D5:97:5A:27:2A:88:BF:B8:81:0A:F4:59:81:CD:55:93:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RnNQ1ZdaJyqIv7iBCvRZgc1Vk1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/c57b75-10a7-4723-94ea-e857477a7008/1/cM594o8l7Xh7Dw0EOXhcxgvWLYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/c57b75-10a7-4723-94ea-e857477a7008/1/RnNQ1ZdaJyqIv7iBCvRZgc1Vk1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.220.0/22
Signature Algorithm: sha256WithRSAEncryption
00:65:be:8c:5a:a5:ec:b6:0c:3a:45:6e:f7:b1:19:36:fd:f5:
83:4f:9f:66:88:36:8c:51:07:22:86:9e:d4:e3:b6:2f:ec:16:
01:44:42:60:ac:50:43:64:b8:ee:63:1a:24:56:d1:0a:8b:9b:
46:a3:f8:6d:57:a7:12:3a:31:36:8e:5b:fe:42:39:36:87:35:
a7:52:72:09:ca:2e:29:ea:bf:6f:d1:95:9f:34:d1:eb:67:29:
0a:32:28:60:5a:36:a8:35:34:0d:29:1d:eb:dd:10:a6:73:58:
2a:28:7e:30:51:a6:ff:18:6c:b4:1c:0d:79:89:a3:6c:af:3a:
a6:78:89:eb:e7:01:a7:45:45:4d:1c:6c:f2:38:d5:68:e3:3c:
5a:14:a6:30:68:89:5b:91:f4:e0:41:ef:b1:59:02:4c:31:c5:
67:06:54:53:fb:8c:b9:78:65:e8:c8:37:00:4b:6f:de:38:e5:
aa:16:54:a5:2e:79:fa:02:18:a7:6f:c6:ce:11:26:78:15:6c:
df:1a:03:c8:7f:fe:0c:89:56:40:fd:f4:d2:a5:e3:39:15:8c:
e1:3b:28:7e:a2:31:cc:1b:45:8e:4f:35:af:c1:18:7b:7f:49:
3d:3b:8c:44:dd:7d:39:fb:f1:d8:f3:08:06:cb:48:5e:4d:4e:
11:f1:63:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/FvVWYjmuJjhfYUxcQwLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NzM1MGQ1OTc1YTI3MmE4OGJmYjg4MTBhZjQ1OTgxY2Q1
NTkzNWEwHhcNMjUwMTAyMDc0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGNlN2RlMjhmMjVlZDc4N2IwZjBkMDQzOTc4NWNjNjBiZDYyZDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvw8GfRRkqZVHtBJa7WPFb1WN+SEa
+w5E3HsDtjGR1cbZPcQT9lsNlqimxvYCVsEL7TkZa9t9iuCJ/RVTO/JvHbSlDTz6
crCF0kftMFsauyC840FBVR67HE2lRqVzMz/E9HFWAv1ojOWdWIYY27+EOyyVNlSA
fYSv4uzmE0FicUA9+E3yulEhPmJWZvQLoUPvkdDq0VYfQPDwER5H74MirOVWcruM
qtxl3ZqrZ1n/t7uk0PV6IS/PEEXyUCD5weM1fiqbaAutXIyhWcmaB3ilXWmpoMeT
drKsRNieXlIyGsvtU88Z1rdOL973qQ/1RaertQed0DJH+dARapnGxtPpZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHDOfeKPJe14ew8NBDl4XMYL1i2CMB8GA1UdIwQY
MBaAFEZzUNWXWicqiL+4gQr0WYHNVZNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm5OUTFaZGFKeXFJdjdpQkN2UlpnYzFWazFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9jNTdiNzUtMTBhNy00NzIzLTk0ZWEt
ZTg1NzQ3N2E3MDA4LzEvY001OTRvOGw3WGg3RHcwRU9YaGN4Z3ZXTFlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9jNTdiNzUtMTBhNy00NzIzLTk0ZWEtZTg1NzQ3N2E3MDA4
LzEvUm5OUTFaZGFKeXFJdjdpQkN2UlpnYzFWazFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXbcMA0G
CSqGSIb3DQEBCwUAA4IBAQAAZb6MWqXstgw6RW73sRk2/fWDT59miDaMUQcihp7U
47Yv7BYBREJgrFBDZLjuYxokVtEKi5tGo/htV6cSOjE2jlv+Qjk2hzWnUnIJyi4p
6r9v0ZWfNNHrZykKMihgWjaoNTQNKR3r3RCmc1gqKH4wUab/GGy0HA15iaNsrzqm
eInr5wGnRUVNHGzyONVo4zxaFKYwaIlbkfTgQe+xWQJMMcVnBlRT+4y5eGXoyDcA
S2/eOOWqFlSlLnn6Ahinb8bOESZ4FWzfGgPIf/4MiVZA/fTSpeM5FYzhOyh+ojHM
G0WOTzWvwRh7f0k9O4xE3X05+/HY8wgGy0heTU4R8WPl
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:38:15 2025 by rpki-client