Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/2be009-1ef1-4d57-8f01-7e184b070bbd/1/xWr5Uv-m_2n6jrRfiUwYnyQQGpc.roa
File: xWr5Uv-m_2n6jrRfiUwYnyQQGpc.roa (raw, json)
Hash identifier: i1R3GX2qn3HUs47acSt8qqkjUz+ff6QT9CroD89ajl8=
Subject key identifier: C5:6A:F9:52:FF:A6:FF:69:FA:8E:B4:5F:89:4C:18:9F:24:10:1A:97
Certificate issuer: /CN=ce46ea629afb0c2d54200b5a65727be18cbb45a4
Certificate serial: 019426D9C13B17F13B6F1DFF7FC7527425A7
Authority key identifier: CE:46:EA:62:9A:FB:0C:2D:54:20:0B:5A:65:72:7B:E1:8C:BB:45:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zkbqYpr7DC1UIAtaZXJ74Yy7RaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/2be009-1ef1-4d57-8f01-7e184b070bbd/1/xWr5Uv-m_2n6jrRfiUwYnyQQGpc.roa
Signing time: Thu 02 Jan 2025 11:49:52 +0000
ROA not before: Thu 02 Jan 2025 11:49:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206854
IP address blocks: 185.172.212.0/22 maxlen: 22
185.172.212.0/24 maxlen: 24
185.172.213.0/24 maxlen: 24
185.172.214.0/24 maxlen: 24
185.172.215.0/24 maxlen: 24
2a0f:c7c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:c1:3b:17:f1:3b:6f:1d:ff:7f:c7:52:74:25:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce46ea629afb0c2d54200b5a65727be18cbb45a4
Validity
Not Before: Jan 2 11:49:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c56af952ffa6ff69fa8eb45f894c189f24101a97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:70:cf:89:2a:b8:11:42:79:1f:6b:69:c7:0f:
13:fa:69:d4:8f:13:4f:9a:a5:7f:ec:19:62:9a:a6:
a6:f4:17:1b:0d:da:96:4d:9b:5f:8d:37:f0:76:9d:
38:1e:ad:b8:ba:6b:c8:a9:7a:67:99:05:20:9d:57:
d2:8a:5e:7c:f1:06:c3:ac:cb:da:e2:42:c4:c4:48:
12:26:be:61:9a:30:bc:ee:cb:f6:cb:b4:3c:4d:30:
59:1c:8d:65:c8:09:df:98:a1:58:f6:65:f3:1c:db:
72:96:dc:83:cc:db:21:39:5e:f0:87:bd:aa:58:cd:
a3:57:e2:23:4f:75:b8:41:65:3f:a5:63:d3:6c:b9:
bd:07:0c:1a:5d:87:22:ea:cd:84:e6:1f:9c:28:fb:
64:52:32:8d:52:e4:58:19:97:ce:1e:be:49:ce:e9:
dc:d2:1b:8a:dd:2c:ed:cc:26:6d:53:40:9c:1d:22:
77:82:7e:1e:f0:6c:dd:04:90:50:69:87:cd:2c:60:
a4:19:93:87:a9:90:c1:9e:c6:ba:54:b2:4c:2d:59:
05:15:6a:60:a9:04:20:f2:59:6c:e8:0f:3e:cd:0d:
e1:d6:e7:23:19:5c:38:c5:a4:66:e7:3f:b2:d3:cb:
0f:d9:42:b9:a2:d4:e5:b7:3e:cb:c7:46:c2:8f:96:
9d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:6A:F9:52:FF:A6:FF:69:FA:8E:B4:5F:89:4C:18:9F:24:10:1A:97
X509v3 Authority Key Identifier:
keyid:CE:46:EA:62:9A:FB:0C:2D:54:20:0B:5A:65:72:7B:E1:8C:BB:45:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkbqYpr7DC1UIAtaZXJ74Yy7RaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/2be009-1ef1-4d57-8f01-7e184b070bbd/1/xWr5Uv-m_2n6jrRfiUwYnyQQGpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/2be009-1ef1-4d57-8f01-7e184b070bbd/1/zkbqYpr7DC1UIAtaZXJ74Yy7RaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.212.0/22
IPv6:
2a0f:c7c0::/29
Signature Algorithm: sha256WithRSAEncryption
03:e4:79:76:cf:b0:bf:33:96:65:b9:d2:90:a6:95:67:58:7a:
90:59:66:22:30:ba:97:d9:5d:5f:d8:a5:3c:4d:c2:40:50:fa:
72:c0:c7:90:82:d5:e7:58:3b:4a:de:98:f5:84:4b:a4:ae:45:
35:33:52:88:cf:45:14:88:4e:52:5a:71:a3:85:fc:f7:11:71:
1d:59:8f:18:83:ac:32:27:e0:7c:8e:03:4c:a2:71:87:6b:38:
f9:00:73:cc:ef:30:94:7a:4c:f8:a4:14:63:2b:27:35:c1:c7:
d4:c2:94:41:58:a2:3b:ee:ec:4f:81:3f:52:97:f6:87:90:e7:
ad:e4:20:c8:76:f4:ef:5d:6d:7e:db:b1:17:4f:06:f8:f1:4b:
ff:39:35:24:30:0a:f1:ec:75:c7:68:05:eb:f9:69:82:27:5f:
aa:0e:d1:63:d7:04:aa:b3:46:93:d2:9d:f5:08:ab:13:d7:86:
cf:9e:f0:ce:ca:18:eb:eb:05:49:ec:6a:7a:e0:a4:8d:23:da:
35:69:c0:c9:26:f8:cd:fd:75:a1:9a:33:59:79:b8:78:4c:9f:
26:8a:e9:39:2b:cf:d4:6a:2e:82:11:d5:fb:60:9a:b2:9c:a3:
25:bb:ac:01:5c:86:f4:b4:8f:6e:8b:b7:0d:41:97:92:b1:52:
09:9f:fa:30
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQm2cE7F/E7bx3/f8dSdCWnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNDZlYTYyOWFmYjBjMmQ1NDIwMGI1YTY1NzI3YmUxOGNi
YjQ1YTQwHhcNMjUwMTAyMTE0OTUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTZhZjk1MmZmYTZmZjY5ZmE4ZWI0NWY4OTRjMTg5ZjI0MTAxYTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHDPiSq4EUJ5H2tpxw8T+mnUjxNP
mqV/7Blimqam9BcbDdqWTZtfjTfwdp04Hq24umvIqXpnmQUgnVfSil588QbDrMva
4kLExEgSJr5hmjC87sv2y7Q8TTBZHI1lyAnfmKFY9mXzHNtyltyDzNshOV7wh72q
WM2jV+IjT3W4QWU/pWPTbLm9BwwaXYci6s2E5h+cKPtkUjKNUuRYGZfOHr5Jzunc
0huK3SztzCZtU0CcHSJ3gn4e8GzdBJBQaYfNLGCkGZOHqZDBnsa6VLJMLVkFFWpg
qQQg8lls6A8+zQ3h1ucjGVw4xaRm5z+y08sP2UK5otTltz7Lx0bCj5adaQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMVq+VL/pv9p+o60X4lMGJ8kEBqXMB8GA1UdIwQY
MBaAFM5G6mKa+wwtVCALWmVye+GMu0WkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemticVlwcjdEQzFVSUF0YVpYSjc0WXk3UmFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8yYmUwMDktMWVmMS00ZDU3LThmMDEt
N2UxODRiMDcwYmJkLzEveFdyNVV2LW1fMm42anJSZmlVd1lueVFRR3BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8yYmUwMDktMWVmMS00ZDU3LThmMDEtN2UxODRiMDcwYmJk
LzEvemticVlwcjdEQzFVSUF0YVpYSjc0WXk3UmFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuazUMA0E
AgACMAcDBQMqD8fAMA0GCSqGSIb3DQEBCwUAA4IBAQAD5Hl2z7C/M5ZludKQppVn
WHqQWWYiMLqX2V1f2KU8TcJAUPpywMeQgtXnWDtK3pj1hEukrkU1M1KIz0UUiE5S
WnGjhfz3EXEdWY8Yg6wyJ+B8jgNMonGHazj5AHPM7zCUekz4pBRjKyc1wcfUwpRB
WKI77uxPgT9Sl/aHkOet5CDIdvTvXW1+27EXTwb48Uv/OTUkMArx7HXHaAXr+WmC
J1+qDtFj1wSqs0aT0p31CKsT14bPnvDOyhjr6wVJ7Gp64KSNI9o1acDJJvjN/XWh
mjNZebh4TJ8miuk5K8/Uai6CEdX7YJqynKMlu6wBXIb0tI9ui7cNQZeSsVIJn/ow
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:56:10 2025 by rpki-client