Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/XJQW6cjujhEORDl3asfzceRsQq8.roa
File: XJQW6cjujhEORDl3asfzceRsQq8.roa (raw, json)
Hash identifier: YLe1WKPBAxaQWWhGaDY3bNQMSMuaVm8vzXhx0IIMUzM=
Subject key identifier: 5C:94:16:E9:C8:EE:8E:11:0E:44:39:77:6A:C7:F3:71:E4:6C:42:AF
Certificate issuer: /CN=8eb441dadbbecb6965d4ea1f046cc5c8e28817fc
Certificate serial: 019424B3E81E648EBA13667168C4047E5002
Authority key identifier: 8E:B4:41:DA:DB:BE:CB:69:65:D4:EA:1F:04:6C:C5:C8:E2:88:17:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/XJQW6cjujhEORDl3asfzceRsQq8.roa
Signing time: Thu 02 Jan 2025 01:49:17 +0000
ROA not before: Thu 02 Jan 2025 01:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214284
IP address blocks: 185.235.216.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:e8:1e:64:8e:ba:13:66:71:68:c4:04:7e:50:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8eb441dadbbecb6965d4ea1f046cc5c8e28817fc
Validity
Not Before: Jan 2 01:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c9416e9c8ee8e110e4439776ac7f371e46c42af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:12:5b:42:a0:62:b6:78:03:74:72:74:aa:59:
ab:b2:1f:41:45:4c:40:0b:c7:59:7c:ab:a9:66:2d:
9d:07:aa:dc:20:10:59:76:10:2a:cd:41:37:d3:f8:
09:23:d3:1a:57:e4:9a:77:59:f2:5f:1d:b2:71:90:
1b:cc:6b:e3:a8:df:c4:31:50:58:d7:73:13:ef:8b:
90:f6:88:d9:cb:b2:52:4a:6e:10:b5:ef:16:4b:7c:
57:66:0d:85:11:d1:b2:63:b0:fa:a3:36:11:cb:0b:
0f:15:e0:4b:2c:cf:e2:f1:b1:17:3f:c9:81:c6:6d:
6d:50:b8:e7:5c:5b:41:b9:fb:5c:53:8c:e7:8c:76:
78:4c:40:c3:62:0d:e9:39:0e:dc:a0:af:41:bc:14:
f8:ab:af:66:1f:89:49:e3:99:90:de:77:04:2a:e8:
1f:71:14:97:f3:76:2b:0c:c5:27:24:7b:11:1a:db:
e3:93:88:bf:5f:34:4b:72:4f:62:fa:b3:9e:93:c7:
9f:ce:f2:97:6b:fe:d1:6e:32:d4:96:67:68:bb:ec:
85:63:8f:bd:38:ce:c8:8a:91:3d:dc:27:ff:ff:a5:
6b:65:0f:0f:5c:dc:64:84:43:58:70:b7:3c:47:06:
da:09:ae:79:99:4d:15:35:f0:a7:27:ce:fc:98:3f:
28:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:94:16:E9:C8:EE:8E:11:0E:44:39:77:6A:C7:F3:71:E4:6C:42:AF
X509v3 Authority Key Identifier:
keyid:8E:B4:41:DA:DB:BE:CB:69:65:D4:EA:1F:04:6C:C5:C8:E2:88:17:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/XJQW6cjujhEORDl3asfzceRsQq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/jrRB2tu-y2ll1OofBGzFyOKIF_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.216.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:6d:42:a0:f0:57:c1:ef:13:01:3e:6f:22:cc:5e:77:40:c2:
93:ff:ae:f9:34:8b:64:a8:1d:30:94:76:e9:6b:a2:5a:93:2d:
72:49:f9:9d:39:ff:fb:3b:75:76:f7:d6:67:5a:83:ac:d8:87:
fd:17:26:03:ab:8d:22:c8:6f:fc:e2:bc:8e:4f:6b:f7:2c:ca:
3d:2d:8d:62:34:e3:03:2f:80:f9:7f:44:58:df:2f:95:61:c7:
f9:93:35:9b:84:b1:34:24:18:2d:64:55:0f:84:29:fd:f2:75:
d3:9b:87:3f:65:d6:7f:f7:23:6a:2d:af:de:32:89:6b:10:a3:
f6:bd:eb:09:3d:b4:55:b4:97:e9:f1:90:6f:11:28:0d:95:6c:
09:86:dc:8c:f0:a7:a5:72:67:68:69:14:a5:31:e7:f3:9e:84:
58:4b:26:7b:f5:a0:aa:27:63:63:8f:91:6c:80:da:83:48:83:
ea:ef:19:e3:b2:3b:9d:f1:3a:c6:76:ff:e2:4b:2b:22:7b:75:
2a:a4:7b:ae:a8:08:96:3d:99:d4:4f:f3:c9:16:fa:55:ec:85:
54:5b:bc:e6:8d:e2:f2:e1:d6:e6:52:91:bf:80:3a:d4:cd:66:
e2:40:f3:22:3f:21:9a:9b:c7:1d:a4:fa:0b:78:84:20:0a:07:
2b:af:50:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks+geZI66E2ZxaMQEflACMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYjQ0MWRhZGJiZWNiNjk2NWQ0ZWExZjA0NmNjNWM4ZTI4
ODE3ZmMwHhcNMjUwMTAyMDE0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzk0MTZlOWM4ZWU4ZTExMGU0NDM5Nzc2YWM3ZjM3MWU0NmM0MmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshJbQqBitngDdHJ0qlmrsh9BRUxA
C8dZfKupZi2dB6rcIBBZdhAqzUE30/gJI9MaV+Sad1nyXx2ycZAbzGvjqN/EMVBY
13MT74uQ9ojZy7JSSm4Qte8WS3xXZg2FEdGyY7D6ozYRywsPFeBLLM/i8bEXP8mB
xm1tULjnXFtBuftcU4znjHZ4TEDDYg3pOQ7coK9BvBT4q69mH4lJ45mQ3ncEKugf
cRSX83YrDMUnJHsRGtvjk4i/XzRLck9i+rOek8efzvKXa/7RbjLUlmdou+yFY4+9
OM7IipE93Cf//6VrZQ8PXNxkhENYcLc8RwbaCa55mU0VNfCnJ878mD8okQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFyUFunI7o4RDkQ5d2rH83HkbEKvMB8GA1UdIwQY
MBaAFI60QdrbvstpZdTqHwRsxcjiiBf8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanJSQjJ0dS15MmxsMU9vZkJHekZ5T0tJRl93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85NzhkMGYtOTI5Ny00YzcxLTljZmIt
NDZiOTQ5MDkyY2JlLzEvWEpRVzZjanVqaEVPUkRsM2FzZnpjZVJzUXE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85NzhkMGYtOTI5Ny00YzcxLTljZmItNDZiOTQ5MDkyY2Jl
LzEvanJSQjJ0dS15MmxsMU9vZkJHekZ5T0tJRl93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuevYMA0G
CSqGSIb3DQEBCwUAA4IBAQA+bUKg8FfB7xMBPm8izF53QMKT/675NItkqB0wlHbp
a6Jaky1ySfmdOf/7O3V299ZnWoOs2If9FyYDq40iyG/84ryOT2v3LMo9LY1iNOMD
L4D5f0RY3y+VYcf5kzWbhLE0JBgtZFUPhCn98nXTm4c/ZdZ/9yNqLa/eMolrEKP2
vesJPbRVtJfp8ZBvESgNlWwJhtyM8KelcmdoaRSlMefznoRYSyZ79aCqJ2Njj5Fs
gNqDSIPq7xnjsjud8TrGdv/iSysie3UqpHuuqAiWPZnUT/PJFvpV7IVUW7zmjeLy
4dbmUpG/gDrUzWbiQPMiPyGam8cdpPoLeIQgCgcrr1Aq
-----END CERTIFICATE-----
Generated at Sun Apr 27 02:11:59 2025 by rpki-client