Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/rXROEoL0RCunB-v1BM1XdpyinrU.roa
File: rXROEoL0RCunB-v1BM1XdpyinrU.roa (raw, json)
Hash identifier: aUwGAACJt+cfil/WYABgKI6j7Rtz2G2ubaoWnqYR4QU=
Subject key identifier: AD:74:4E:12:82:F4:44:2B:A7:07:EB:F5:04:CD:57:76:9C:A2:9E:B5
Certificate issuer: /CN=e2d371c4a7aaa855f8cc3b1aea80229420a80f20
Certificate serial: 019421B21F64A5D9F844C572489566D7641F
Authority key identifier: E2:D3:71:C4:A7:AA:A8:55:F8:CC:3B:1A:EA:80:22:94:20:A8:0F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/rXROEoL0RCunB-v1BM1XdpyinrU.roa
Signing time: Wed 01 Jan 2025 11:48:29 +0000
ROA not before: Wed 01 Jan 2025 11:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204861
IP address blocks: 185.237.232.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:1f:64:a5:d9:f8:44:c5:72:48:95:66:d7:64:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d371c4a7aaa855f8cc3b1aea80229420a80f20
Validity
Not Before: Jan 1 11:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad744e1282f4442ba707ebf504cd57769ca29eb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:99:4e:42:9e:44:90:23:18:ea:81:61:a6:4d:
37:37:54:de:6a:43:17:4b:09:07:bd:89:9c:0f:b6:
a7:75:5b:78:bf:b4:ed:5b:3b:3c:59:ad:cb:1d:28:
8e:f9:ef:2c:ba:26:7c:a2:3e:0f:be:c6:29:c1:a0:
b8:55:b8:25:e8:aa:8b:b6:e7:75:2a:82:af:cb:64:
21:19:45:a6:ff:69:b1:67:16:ba:37:28:97:91:16:
cc:e9:25:6f:af:e2:77:82:00:f4:8f:06:48:15:3d:
f1:f3:1c:b1:78:63:b0:6b:ff:78:72:39:2f:d0:1e:
66:ed:b0:9f:f7:b1:97:33:44:47:09:7e:d1:fc:3c:
ae:03:a3:f7:d5:66:47:a3:a2:96:06:10:ee:e4:11:
02:d0:10:35:6a:03:5f:da:05:d5:8c:d6:8e:f5:aa:
6f:71:f3:36:bb:e5:54:23:67:93:04:fd:b3:8a:f9:
b9:8a:96:1b:d6:94:40:88:e7:6b:0e:70:3e:a2:50:
43:80:8f:94:a0:68:fe:7a:5a:2c:b5:f1:0b:42:0c:
4f:07:25:97:d2:1a:42:25:7a:d2:0d:63:93:fb:e3:
4d:43:68:65:5a:e3:e6:a4:0b:5d:64:97:08:fe:f0:
12:f0:e0:8f:52:4d:2b:41:ff:28:99:99:33:5c:c1:
8b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:74:4E:12:82:F4:44:2B:A7:07:EB:F5:04:CD:57:76:9C:A2:9E:B5
X509v3 Authority Key Identifier:
keyid:E2:D3:71:C4:A7:AA:A8:55:F8:CC:3B:1A:EA:80:22:94:20:A8:0F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/rXROEoL0RCunB-v1BM1XdpyinrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.232.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:b4:2b:06:a8:a0:9a:7c:fb:47:19:9e:74:a9:52:40:3c:16:
2c:6e:db:b0:a8:6e:bd:59:a4:c3:e3:6f:bf:e9:6e:17:e7:db:
a8:18:b4:d0:09:cf:2e:0f:d0:83:ef:48:c4:bf:dc:fa:e2:46:
74:1b:5f:40:ea:5b:84:8b:de:07:2f:fd:76:f5:2c:d2:50:e7:
a2:a3:a5:42:94:3e:c9:a2:34:13:9a:11:79:cc:42:d7:5d:68:
f0:c4:9c:18:80:a3:37:f9:e3:ee:c8:4c:1e:aa:13:26:76:56:
b0:5d:7e:b3:5f:75:81:b2:57:4b:e1:bd:da:ad:94:5c:1e:5f:
97:0f:ed:82:69:a6:74:54:99:48:73:3a:bd:b7:de:48:b7:06:
0f:69:14:d7:a6:95:79:86:83:86:ed:13:38:55:bf:07:91:49:
95:18:41:1d:a8:f9:4b:d7:1d:8b:16:3b:3c:bd:85:1c:d5:63:
ba:06:74:66:b2:e6:a3:71:d5:5a:c7:81:75:08:6c:f3:e7:6f:
73:f6:78:3c:da:e2:2d:2b:09:4d:42:b7:0c:85:f0:90:f9:39:
c7:6a:6e:80:30:e2:88:c6:ce:e9:9b:d6:a5:05:7e:68:a2:52:
84:4e:2e:22:93:6d:66:91:ad:db:04:6e:21:14:5f:3f:26:3c:
4a:4a:2e:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsh9kpdn4RMVySJVm12QfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDM3MWM0YTdhYWE4NTVmOGNjM2IxYWVhODAyMjk0MjBh
ODBmMjAwHhcNMjUwMTAxMTE0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDc0NGUxMjgyZjQ0NDJiYTcwN2ViZjUwNGNkNTc3NjljYTI5ZWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiplOQp5EkCMY6oFhpk03N1TeakMX
SwkHvYmcD7andVt4v7TtWzs8Wa3LHSiO+e8suiZ8oj4PvsYpwaC4Vbgl6KqLtud1
KoKvy2QhGUWm/2mxZxa6NyiXkRbM6SVvr+J3ggD0jwZIFT3x8xyxeGOwa/94cjkv
0B5m7bCf97GXM0RHCX7R/DyuA6P31WZHo6KWBhDu5BEC0BA1agNf2gXVjNaO9apv
cfM2u+VUI2eTBP2zivm5ipYb1pRAiOdrDnA+olBDgI+UoGj+elostfELQgxPByWX
0hpCJXrSDWOT++NNQ2hlWuPmpAtdZJcI/vAS8OCPUk0rQf8omZkzXMGLIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK10ThKC9EQrpwfr9QTNV3acop61MB8GA1UdIwQY
MBaAFOLTccSnqqhV+Mw7GuqAIpQgqA8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9mZWFhMzAtMTQyYS00ZmUwLWFhYjkt
OTA3YTU4Yzk5NGMyLzEvclhST0VvTDBSQ3VuQi12MUJNMVhkcHlpbnJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9mZWFhMzAtMTQyYS00ZmUwLWFhYjktOTA3YTU4Yzk5NGMy
LzEvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCue3oMA0G
CSqGSIb3DQEBCwUAA4IBAQBNtCsGqKCafPtHGZ50qVJAPBYsbtuwqG69WaTD42+/
6W4X59uoGLTQCc8uD9CD70jEv9z64kZ0G19A6luEi94HL/129SzSUOeio6VClD7J
ojQTmhF5zELXXWjwxJwYgKM3+ePuyEweqhMmdlawXX6zX3WBsldL4b3arZRcHl+X
D+2CaaZ0VJlIczq9t95ItwYPaRTXppV5hoOG7RM4Vb8HkUmVGEEdqPlL1x2LFjs8
vYUc1WO6BnRmsuajcdVax4F1CGzz529z9ng82uItKwlNQrcMhfCQ+TnHam6AMOKI
xs7pm9alBX5oolKETi4ik21mka3bBG4hFF8/JjxKSi4G
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:32:51 2025 by rpki-client