Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/794de3-39e6-4f2c-86f1-bc2c453c0ec8/1/UimTjYOP0EzrCaiSFBeZrUyW0Nc.roa
File: UimTjYOP0EzrCaiSFBeZrUyW0Nc.roa (raw, json)
Hash identifier: ICMmUQQ3EZmWfRi2Atl6bpgSoSc4L6nW+n1fJyzn1Xg=
Subject key identifier: 52:29:93:8D:83:8F:D0:4C:EB:09:A8:92:14:17:99:AD:4C:96:D0:D7
Certificate issuer: /CN=27dd2479badcb40a24a436b1edcc361c3fa62afb
Certificate serial: 0194258F35B9BBABD9FD1FDD30F2D3C840CD
Authority key identifier: 27:DD:24:79:BA:DC:B4:0A:24:A4:36:B1:ED:CC:36:1C:3F:A6:2A:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J90kebrctAokpDax7cw2HD-mKvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/794de3-39e6-4f2c-86f1-bc2c453c0ec8/1/UimTjYOP0EzrCaiSFBeZrUyW0Nc.roa
Signing time: Thu 02 Jan 2025 05:48:49 +0000
ROA not before: Thu 02 Jan 2025 05:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60718
IP address blocks: 185.18.168.0/22 maxlen: 24
185.18.170.0/24 maxlen: 24
185.18.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:35:b9:bb:ab:d9:fd:1f:dd:30:f2:d3:c8:40:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27dd2479badcb40a24a436b1edcc361c3fa62afb
Validity
Not Before: Jan 2 05:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5229938d838fd04ceb09a892141799ad4c96d0d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:72:8d:fd:42:5c:20:88:77:a2:fd:05:60:6a:
14:38:eb:bd:90:2b:8f:cb:76:3a:64:c6:f1:73:59:
14:63:ad:39:e3:aa:57:80:dd:f0:5e:43:5b:e0:89:
6e:c0:bb:c2:e7:f9:ca:c3:b6:11:e4:f9:f9:6a:25:
54:ef:11:89:b6:51:2f:e5:53:cc:c1:a0:08:f8:12:
42:cb:40:35:85:2a:b8:1a:e2:ac:24:ff:90:6a:04:
ef:fd:5d:70:70:cd:9d:11:dd:03:de:29:0f:7f:76:
d1:ab:0b:2a:26:52:1d:29:81:b1:29:0d:cf:47:30:
c9:2e:5c:49:cc:b1:17:e1:dc:04:4c:d8:17:b7:92:
61:63:5a:c1:c4:1e:4a:39:b6:03:20:ab:40:31:ef:
1c:fb:76:aa:51:69:da:df:7a:5b:88:9a:63:07:b1:
c2:69:1a:0a:58:d2:38:45:04:02:69:5f:eb:ce:7e:
f9:0b:df:f2:db:94:15:8e:cb:85:17:1c:b3:e1:cf:
e1:f8:5d:14:8b:15:49:b6:8f:1b:29:71:6a:de:b7:
9e:92:6d:86:2f:2d:0d:1b:a6:f4:cb:af:38:3c:46:
f2:97:68:37:d0:cc:bd:5f:71:17:90:67:c7:48:dc:
99:bb:4b:d2:69:a8:30:7c:c9:79:e1:30:86:8c:e9:
63:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:29:93:8D:83:8F:D0:4C:EB:09:A8:92:14:17:99:AD:4C:96:D0:D7
X509v3 Authority Key Identifier:
keyid:27:DD:24:79:BA:DC:B4:0A:24:A4:36:B1:ED:CC:36:1C:3F:A6:2A:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J90kebrctAokpDax7cw2HD-mKvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/794de3-39e6-4f2c-86f1-bc2c453c0ec8/1/UimTjYOP0EzrCaiSFBeZrUyW0Nc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/794de3-39e6-4f2c-86f1-bc2c453c0ec8/1/J90kebrctAokpDax7cw2HD-mKvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.18.168.0/22
Signature Algorithm: sha256WithRSAEncryption
17:5e:f5:ba:7b:38:2f:c3:f4:a1:65:20:e8:6c:85:97:4c:6b:
7c:fc:30:b2:97:5f:8c:4e:e0:01:e3:cd:c5:3b:39:a7:c4:55:
07:17:c9:74:54:0b:71:cf:25:1b:f6:1c:65:cf:11:fa:10:06:
a9:1e:fd:cb:3a:24:6d:c9:05:e9:40:2f:31:3a:be:61:d7:45:
b9:a1:61:4a:21:84:d4:09:e9:a0:5a:de:4c:ee:18:d4:36:ad:
74:61:0d:30:d5:58:66:f6:13:9a:df:33:21:48:a0:f5:7e:cb:
9b:8c:c5:bb:0c:2e:36:d2:32:41:cd:6b:3b:3c:ef:e1:be:f7:
09:c0:06:84:d7:78:0b:1d:cd:9e:0c:3e:21:ed:a2:7d:31:59:
de:b7:c7:4f:78:b4:1e:e1:16:70:e3:bf:ce:23:50:72:cf:01:
9b:29:f0:80:38:94:d7:37:a3:6c:7a:e3:a4:9b:ba:9b:47:f3:
cb:cc:fc:3d:86:30:7b:43:d1:7b:d4:9f:5d:a2:c6:44:c5:26:
66:2a:be:5d:ec:30:8d:6a:ad:85:da:17:8b:70:e4:66:f4:37:
33:74:7c:c1:31:3c:c5:bd:03:bd:b1:30:69:ae:e3:74:c4:77:
69:c0:5e:52:62:63:a2:42:bc:38:d5:ac:cb:5e:75:dd:12:5a:
44:e5:5b:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQljzW5u6vZ/R/dMPLTyEDNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZGQyNDc5YmFkY2I0MGEyNGE0MzZiMWVkY2MzNjFjM2Zh
NjJhZmIwHhcNMjUwMTAyMDU0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjI5OTM4ZDgzOGZkMDRjZWIwOWE4OTIxNDE3OTlhZDRjOTZkMGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHKN/UJcIIh3ov0FYGoUOOu9kCuP
y3Y6ZMbxc1kUY60546pXgN3wXkNb4IluwLvC5/nKw7YR5Pn5aiVU7xGJtlEv5VPM
waAI+BJCy0A1hSq4GuKsJP+QagTv/V1wcM2dEd0D3ikPf3bRqwsqJlIdKYGxKQ3P
RzDJLlxJzLEX4dwETNgXt5JhY1rBxB5KObYDIKtAMe8c+3aqUWna33pbiJpjB7HC
aRoKWNI4RQQCaV/rzn75C9/y25QVjsuFFxyz4c/h+F0UixVJto8bKXFq3reekm2G
Ly0NG6b0y684PEbyl2g30My9X3EXkGfHSNyZu0vSaagwfMl54TCGjOljOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFIpk42Dj9BM6wmokhQXma1MltDXMB8GA1UdIwQY
MBaAFCfdJHm63LQKJKQ2se3MNhw/pir7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjkwa2VicmN0QW9rcERheDdjdzJIRC1tS3ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy83OTRkZTMtMzllNi00ZjJjLTg2ZjEt
YmMyYzQ1M2MwZWM4LzEvVWltVGpZT1AwRXpyQ2FpU0ZCZVpyVXlXME5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy83OTRkZTMtMzllNi00ZjJjLTg2ZjEtYmMyYzQ1M2MwZWM4
LzEvSjkwa2VicmN0QW9rcERheDdjdzJIRC1tS3ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRKoMA0G
CSqGSIb3DQEBCwUAA4IBAQAXXvW6ezgvw/ShZSDobIWXTGt8/DCyl1+MTuAB483F
OzmnxFUHF8l0VAtxzyUb9hxlzxH6EAapHv3LOiRtyQXpQC8xOr5h10W5oWFKIYTU
CemgWt5M7hjUNq10YQ0w1Vhm9hOa3zMhSKD1fsubjMW7DC420jJBzWs7PO/hvvcJ
wAaE13gLHc2eDD4h7aJ9MVnet8dPeLQe4RZw47/OI1ByzwGbKfCAOJTXN6NseuOk
m7qbR/PLzPw9hjB7Q9F71J9dosZExSZmKr5d7DCNaq2F2heLcORm9DczdHzBMTzF
vQO9sTBpruN0xHdpwF5SYmOiQrw41azLXnXdElpE5VtL
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:42:37 2025 by rpki-client