Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/311bc5-3f36-4d5e-abde-b8da89406bed/1/XAWoF1o6RF-O0CnxEu5_WiGXOA0.roa
File: XAWoF1o6RF-O0CnxEu5_WiGXOA0.roa (raw, json)
Hash identifier: HOK/I+6RekhxtoM3dVSYk41KWy3U6Z5NuhquO1H0w+A=
Subject key identifier: 5C:05:A8:17:5A:3A:44:5F:8E:D0:29:F1:12:EE:7F:5A:21:97:38:0D
Certificate issuer: /CN=52e02224ffb971172e4935ed7dd965d1155089b6
Certificate serial: 0194222041F0487F0924B607B401CF82E38F
Authority key identifier: 52:E0:22:24:FF:B9:71:17:2E:49:35:ED:7D:D9:65:D1:15:50:89:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UuAiJP-5cRcuSTXtfdll0RVQibY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/311bc5-3f36-4d5e-abde-b8da89406bed/1/XAWoF1o6RF-O0CnxEu5_WiGXOA0.roa
Signing time: Wed 01 Jan 2025 13:48:46 +0000
ROA not before: Wed 01 Jan 2025 13:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5413
IP address blocks: 185.121.16.0/22 maxlen: 22
185.121.16.0/24 maxlen: 24
185.121.18.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:41:f0:48:7f:09:24:b6:07:b4:01:cf:82:e3:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52e02224ffb971172e4935ed7dd965d1155089b6
Validity
Not Before: Jan 1 13:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c05a8175a3a445f8ed029f112ee7f5a2197380d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:5f:b0:a3:09:bd:3c:d4:11:77:fe:45:55:be:
3a:db:0b:97:32:9c:32:f9:7d:8b:88:20:7d:f8:a2:
ea:c3:d5:3d:be:0f:83:e1:fa:cb:db:4c:b3:d1:9c:
b1:fb:c5:a4:d7:a1:b3:6a:dc:14:3f:68:f4:c0:78:
24:a2:fb:f3:e9:39:86:a4:38:7f:40:4e:07:75:10:
44:32:1c:34:9d:11:af:de:88:f6:eb:e2:45:cb:ce:
88:43:b5:80:a7:cc:23:f4:6f:0d:f8:09:0f:27:5f:
64:2a:5e:3a:8b:ac:01:8f:08:1d:56:2e:6b:e1:73:
d5:03:89:2b:2c:64:62:63:c2:40:ce:bb:36:4a:69:
ec:49:aa:ae:8e:9f:13:6a:57:2b:d0:18:a8:c5:b3:
eb:2f:b4:15:23:25:b4:19:1e:20:f0:3e:50:56:78:
46:b3:03:e3:92:54:2d:a3:c9:d8:84:a3:6b:96:bb:
b2:c5:ab:8c:25:b1:f8:b0:83:99:6e:70:60:7b:44:
61:ff:31:2c:a1:8f:77:01:85:63:56:1e:11:2d:29:
5e:48:54:5d:4e:38:51:44:06:ae:3a:fa:cb:7b:5b:
87:37:26:27:f9:5d:19:4d:4a:0d:e9:5c:8a:04:44:
3c:c0:b2:b6:3f:4c:15:32:f9:52:96:7a:ad:23:85:
96:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:05:A8:17:5A:3A:44:5F:8E:D0:29:F1:12:EE:7F:5A:21:97:38:0D
X509v3 Authority Key Identifier:
keyid:52:E0:22:24:FF:B9:71:17:2E:49:35:ED:7D:D9:65:D1:15:50:89:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UuAiJP-5cRcuSTXtfdll0RVQibY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/311bc5-3f36-4d5e-abde-b8da89406bed/1/XAWoF1o6RF-O0CnxEu5_WiGXOA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/311bc5-3f36-4d5e-abde-b8da89406bed/1/UuAiJP-5cRcuSTXtfdll0RVQibY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.16.0/22
Signature Algorithm: sha256WithRSAEncryption
30:1e:84:3a:e6:a1:b2:b9:51:ae:92:80:ee:e7:17:b3:0c:74:
a2:07:34:68:03:25:3f:42:1a:84:a2:7c:6c:3c:06:00:3b:f4:
44:65:c3:64:7d:de:fc:7f:5d:69:ed:ae:11:ee:de:9a:74:d5:
95:00:df:7a:4b:e0:2a:2e:e6:70:56:6f:42:7d:f0:cf:89:1d:
db:8d:d4:21:34:5a:d6:7b:5c:ba:ab:b8:03:d1:ce:47:20:4b:
2b:21:f4:3e:2d:08:99:fd:88:b1:ee:b9:e0:b6:18:97:d6:b6:
39:2f:70:cf:70:d9:69:50:7e:a5:a0:3d:85:37:5e:29:16:4a:
1d:dc:81:95:8d:21:08:28:b0:1a:64:73:d1:8b:fe:ce:2f:b6:
b1:c8:41:0f:1b:2f:3c:43:2f:dc:41:2d:ec:ae:59:bb:30:58:
af:2c:d7:b4:2f:f8:eb:fe:d0:8c:7e:16:2c:42:cc:3f:32:b7:
b2:15:14:14:af:9b:35:32:19:9b:38:b3:ec:a6:20:ae:f1:1c:
df:d1:ed:b6:e7:25:d0:dd:3d:b8:d5:dc:45:9a:29:22:2c:e7:
17:f5:ec:68:48:ad:ff:c7:45:6c:d1:5a:63:dc:72:76:20:8d:
25:cd:71:3d:d6:4f:06:a6:bc:45:8b:24:63:42:ed:e4:3f:7d:
11:d4:84:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIEHwSH8JJLYHtAHPguOPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZTAyMjI0ZmZiOTcxMTcyZTQ5MzVlZDdkZDk2NWQxMTU1
MDg5YjYwHhcNMjUwMTAxMTM0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzA1YTgxNzVhM2E0NDVmOGVkMDI5ZjExMmVlN2Y1YTIxOTczODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1F+wowm9PNQRd/5FVb462wuXMpwy
+X2LiCB9+KLqw9U9vg+D4frL20yz0Zyx+8Wk16GzatwUP2j0wHgkovvz6TmGpDh/
QE4HdRBEMhw0nRGv3oj26+JFy86IQ7WAp8wj9G8N+AkPJ19kKl46i6wBjwgdVi5r
4XPVA4krLGRiY8JAzrs2SmnsSaqujp8Talcr0BioxbPrL7QVIyW0GR4g8D5QVnhG
swPjklQto8nYhKNrlruyxauMJbH4sIOZbnBge0Rh/zEsoY93AYVjVh4RLSleSFRd
TjhRRAauOvrLe1uHNyYn+V0ZTUoN6VyKBEQ8wLK2P0wVMvlSlnqtI4WWUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFwFqBdaOkRfjtAp8RLuf1ohlzgNMB8GA1UdIwQY
MBaAFFLgIiT/uXEXLkk17X3ZZdEVUIm2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXVBaUpQLTVjUmN1U1RYdGZkbGwwUlZRaWJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8zMTFiYzUtM2YzNi00ZDVlLWFiZGUt
YjhkYTg5NDA2YmVkLzEvWEFXb0YxbzZSRi1PMENueEV1NV9XaUdYT0EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8zMTFiYzUtM2YzNi00ZDVlLWFiZGUtYjhkYTg5NDA2YmVk
LzEvVXVBaUpQLTVjUmN1U1RYdGZkbGwwUlZRaWJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXkQMA0G
CSqGSIb3DQEBCwUAA4IBAQAwHoQ65qGyuVGukoDu5xezDHSiBzRoAyU/QhqEonxs
PAYAO/REZcNkfd78f11p7a4R7t6adNWVAN96S+AqLuZwVm9CffDPiR3bjdQhNFrW
e1y6q7gD0c5HIEsrIfQ+LQiZ/Yix7rngthiX1rY5L3DPcNlpUH6loD2FN14pFkod
3IGVjSEIKLAaZHPRi/7OL7axyEEPGy88Qy/cQS3srlm7MFivLNe0L/jr/tCMfhYs
Qsw/MreyFRQUr5s1MhmbOLPspiCu8Rzf0e225yXQ3T241dxFmikiLOcX9exoSK3/
x0Vs0Vpj3HJ2II0lzXE91k8GprxFiyRjQu3kP30R1IT/
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:13:03 2025 by rpki-client