Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/9844cd-24f8-4e52-b42b-c7bf021ee664/1/wBaE5svUrTDa4cJiCAHlEwrForw.roa
File: wBaE5svUrTDa4cJiCAHlEwrForw.roa (raw, json)
Hash identifier: sNv0g7ZzW3+C7EQOHQU5ckniP/nqJPJ/xsRMEfe9338=
Subject key identifier: C0:16:84:E6:CB:D4:AD:30:DA:E1:C2:62:08:01:E5:13:0A:C5:A2:BC
Certificate issuer: /CN=7632c90ef19d2bd6f668a4826e2d0d15635e947d
Certificate serial: 0194222016D41043763E38B06E691C309D1C
Authority key identifier: 76:32:C9:0E:F1:9D:2B:D6:F6:68:A4:82:6E:2D:0D:15:63:5E:94:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/djLJDvGdK9b2aKSCbi0NFWNelH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/9844cd-24f8-4e52-b42b-c7bf021ee664/1/wBaE5svUrTDa4cJiCAHlEwrForw.roa
Signing time: Wed 01 Jan 2025 13:48:35 +0000
ROA not before: Wed 01 Jan 2025 13:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206281
IP address blocks: 185.220.172.0/24 maxlen: 24
185.220.173.0/24 maxlen: 24
185.220.174.0/24 maxlen: 24
185.220.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:16:d4:10:43:76:3e:38:b0:6e:69:1c:30:9d:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7632c90ef19d2bd6f668a4826e2d0d15635e947d
Validity
Not Before: Jan 1 13:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c01684e6cbd4ad30dae1c2620801e5130ac5a2bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:78:7a:ff:4d:5e:b9:a5:f3:79:4d:5d:fe:ec:
ea:8b:d3:00:05:cf:ab:2d:0b:d2:e0:62:8d:eb:6a:
de:1d:4c:d2:20:cb:71:79:e6:95:59:cb:d8:49:6e:
e5:c4:bd:f7:f5:e7:0f:42:ae:6d:db:5a:34:02:89:
02:26:65:9d:3a:61:9c:41:45:c0:71:63:59:03:9a:
9c:8a:78:f2:e5:5e:90:54:7b:c4:84:ff:5b:51:bb:
61:9c:a9:c0:b5:89:21:c4:da:65:60:c4:81:42:31:
51:10:1d:b4:31:c5:d6:33:df:ab:cd:7f:92:1c:bf:
da:ef:4b:cc:61:8a:64:f9:b0:6a:67:95:ff:60:aa:
a2:f7:13:04:02:30:c7:fb:0e:68:b3:23:0a:b5:aa:
69:73:67:1e:ec:c0:fb:1b:cb:4e:49:31:0e:c8:31:
cf:75:b4:27:5c:d5:67:87:4b:fc:7c:80:b8:b1:5c:
4d:0b:63:17:71:32:36:9c:6c:76:3f:54:d2:c5:a7:
f1:1d:bc:6c:9d:96:cd:e9:84:18:35:43:eb:53:70:
67:e8:4f:63:68:17:83:72:fa:24:85:2d:c0:65:c8:
84:26:41:73:8f:2a:ac:f1:bd:be:28:d2:83:a4:aa:
48:de:ce:35:c4:12:6d:d0:ff:60:79:95:37:69:32:
16:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:16:84:E6:CB:D4:AD:30:DA:E1:C2:62:08:01:E5:13:0A:C5:A2:BC
X509v3 Authority Key Identifier:
keyid:76:32:C9:0E:F1:9D:2B:D6:F6:68:A4:82:6E:2D:0D:15:63:5E:94:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/djLJDvGdK9b2aKSCbi0NFWNelH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/9844cd-24f8-4e52-b42b-c7bf021ee664/1/wBaE5svUrTDa4cJiCAHlEwrForw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/9844cd-24f8-4e52-b42b-c7bf021ee664/1/djLJDvGdK9b2aKSCbi0NFWNelH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.172.0/22
Signature Algorithm: sha256WithRSAEncryption
79:fc:58:a7:7a:96:12:32:35:dd:68:2c:7f:26:e8:93:52:67:
f6:d2:5d:36:19:b7:16:a6:d4:80:52:68:24:39:2b:30:28:9d:
cd:87:9a:25:21:5f:3c:a1:ce:a5:e4:6a:5f:50:26:ce:53:01:
44:29:87:ba:94:fc:7f:c3:a0:9e:aa:36:db:b7:fb:09:0e:69:
04:04:02:2b:91:10:db:e5:b7:12:a7:f8:75:d0:2a:72:32:35:
50:84:66:a0:33:03:96:a6:d9:16:43:f5:f9:8b:5d:52:e6:94:
52:6c:b2:b9:bb:ab:aa:c5:dd:27:4b:a3:09:d0:3e:fc:b2:52:
2b:68:8a:7b:2c:30:e6:43:a0:1b:9b:27:4a:57:21:11:ac:e3:
47:d4:6c:25:88:25:e1:01:45:1e:b5:5d:e5:d5:63:15:ac:93:
3a:b2:bc:84:d3:09:7e:7e:16:82:35:0f:98:56:13:96:c9:f9:
1b:bd:52:1c:63:7d:b9:ad:66:76:3e:d9:43:45:a2:70:c5:f5:
62:43:a2:40:e8:18:11:23:1c:44:e5:2f:1e:45:ac:a8:1e:ec:
db:b9:d3:6b:5a:5c:84:86:4c:8a:4a:32:9f:ec:c8:16:1a:4a:
3d:59:b1:a1:89:a1:23:9c:26:9e:98:4a:94:0e:a2:a8:67:92:
4f:cb:90:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIBbUEEN2PjiwbmkcMJ0cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2MzJjOTBlZjE5ZDJiZDZmNjY4YTQ4MjZlMmQwZDE1NjM1
ZTk0N2QwHhcNMjUwMTAxMTM0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDE2ODRlNmNiZDRhZDMwZGFlMWMyNjIwODAxZTUxMzBhYzVhMmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHh6/01euaXzeU1d/uzqi9MABc+r
LQvS4GKN62reHUzSIMtxeeaVWcvYSW7lxL339ecPQq5t21o0AokCJmWdOmGcQUXA
cWNZA5qcinjy5V6QVHvEhP9bUbthnKnAtYkhxNplYMSBQjFREB20McXWM9+rzX+S
HL/a70vMYYpk+bBqZ5X/YKqi9xMEAjDH+w5osyMKtappc2ce7MD7G8tOSTEOyDHP
dbQnXNVnh0v8fIC4sVxNC2MXcTI2nGx2P1TSxafxHbxsnZbN6YQYNUPrU3Bn6E9j
aBeDcvokhS3AZciEJkFzjyqs8b2+KNKDpKpI3s41xBJt0P9geZU3aTIWMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMAWhObL1K0w2uHCYggB5RMKxaK8MB8GA1UdIwQY
MBaAFHYyyQ7xnSvW9mikgm4tDRVjXpR9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGpMSkR2R2RLOWIyYUtTQ2JpME5GV05lbEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC85ODQ0Y2QtMjRmOC00ZTUyLWI0MmIt
YzdiZjAyMWVlNjY0LzEvd0JhRTVzdlVyVERhNGNKaUNBSGxFd3JGb3J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC85ODQ0Y2QtMjRmOC00ZTUyLWI0MmItYzdiZjAyMWVlNjY0
LzEvZGpMSkR2R2RLOWIyYUtTQ2JpME5GV05lbEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudysMA0G
CSqGSIb3DQEBCwUAA4IBAQB5/FinepYSMjXdaCx/JuiTUmf20l02GbcWptSAUmgk
OSswKJ3Nh5olIV88oc6l5GpfUCbOUwFEKYe6lPx/w6Ceqjbbt/sJDmkEBAIrkRDb
5bcSp/h10CpyMjVQhGagMwOWptkWQ/X5i11S5pRSbLK5u6uqxd0nS6MJ0D78slIr
aIp7LDDmQ6AbmydKVyERrONH1GwliCXhAUUetV3l1WMVrJM6sryE0wl+fhaCNQ+Y
VhOWyfkbvVIcY325rWZ2PtlDRaJwxfViQ6JA6BgRIxxE5S8eRayoHuzbudNrWlyE
hkyKSjKf7MgWGko9WbGhiaEjnCaemEqUDqKoZ5JPy5B/
-----END CERTIFICATE-----
Generated at Fri Apr 25 15:29:37 2025 by rpki-client