Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/68cfc5-2ec6-4b59-b12e-6e36b2f1706b/1/XGSaAvPj_7ZKK3N0e0ECGhx2VrQ.roa
File: XGSaAvPj_7ZKK3N0e0ECGhx2VrQ.roa (raw, json)
Hash identifier: 4J6msExKcBt3FvPoWt2N5Sp5wauv+dD5ByMN6L0xjog=
Subject key identifier: 5C:64:9A:02:F3:E3:FF:B6:4A:2B:73:74:7B:41:02:1A:1C:76:56:B4
Certificate issuer: /CN=cbe3da3582a22830ec4e67547e75fa3b9da20b23
Certificate serial: 01941FFA5F21BC3CA5C317F914A899E19390
Authority key identifier: CB:E3:DA:35:82:A2:28:30:EC:4E:67:54:7E:75:FA:3B:9D:A2:0B:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y-PaNYKiKDDsTmdUfnX6O52iCyM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/68cfc5-2ec6-4b59-b12e-6e36b2f1706b/1/XGSaAvPj_7ZKK3N0e0ECGhx2VrQ.roa
Signing time: Wed 01 Jan 2025 03:48:09 +0000
ROA not before: Wed 01 Jan 2025 03:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51658
IP address blocks: 185.202.133.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:5f:21:bc:3c:a5:c3:17:f9:14:a8:99:e1:93:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbe3da3582a22830ec4e67547e75fa3b9da20b23
Validity
Not Before: Jan 1 03:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c649a02f3e3ffb64a2b73747b41021a1c7656b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:f9:96:51:fb:0c:12:af:4f:b4:53:da:2a:04:
85:f5:0e:77:27:7b:c1:f6:c1:48:a8:98:95:37:1a:
0b:f1:91:43:89:2d:2e:c4:a3:bd:d7:26:9a:82:7c:
cb:1f:50:cb:6a:97:bb:88:68:ea:a5:54:dc:30:07:
9f:63:2f:a7:f8:48:c1:4a:44:28:55:7e:a1:48:bf:
f8:47:25:4c:ed:ae:22:51:66:43:b8:88:85:f2:5f:
84:35:06:d8:6a:33:46:1e:ac:71:23:08:86:92:8f:
e7:29:f9:33:87:e2:c1:d2:69:04:f3:68:d6:d9:e6:
de:85:c6:cd:e7:55:31:67:4c:e5:d8:29:2f:45:7c:
23:eb:ef:88:33:bd:6f:b3:3c:1f:cf:77:3c:73:6e:
76:37:83:f2:50:ab:38:5c:30:0c:a1:42:5e:af:2f:
71:f6:ac:ee:e7:b5:a7:b3:28:9b:8e:7c:99:18:ff:
f3:f2:76:50:57:be:42:a3:25:75:2b:ce:fd:c1:01:
11:8e:1b:cd:49:94:df:98:cf:ab:c9:7b:96:24:4c:
43:21:c6:bf:2c:ab:0b:36:95:f0:bb:df:60:de:40:
56:51:63:24:c5:95:ca:97:f8:af:16:82:c0:c6:e9:
81:49:81:56:e8:0f:f2:c7:f8:07:48:a3:8c:ea:62:
d9:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:64:9A:02:F3:E3:FF:B6:4A:2B:73:74:7B:41:02:1A:1C:76:56:B4
X509v3 Authority Key Identifier:
keyid:CB:E3:DA:35:82:A2:28:30:EC:4E:67:54:7E:75:FA:3B:9D:A2:0B:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y-PaNYKiKDDsTmdUfnX6O52iCyM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/68cfc5-2ec6-4b59-b12e-6e36b2f1706b/1/XGSaAvPj_7ZKK3N0e0ECGhx2VrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/68cfc5-2ec6-4b59-b12e-6e36b2f1706b/1/y-PaNYKiKDDsTmdUfnX6O52iCyM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.133.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:85:4d:10:43:8d:88:86:64:59:ba:15:ea:a6:f2:03:ea:47:
d4:46:b7:65:fc:65:2c:4b:9a:7a:fc:a9:4a:e1:9f:ac:b9:7a:
7f:75:4e:cb:97:bc:6f:34:bb:8f:e3:b1:18:1c:a4:69:8e:31:
a5:4d:9c:0c:82:1c:0c:99:db:69:3e:7f:a5:f7:f0:dc:76:24:
ce:6c:8a:9c:cd:e0:9e:99:7f:e6:d1:42:97:7d:80:2d:64:ae:
46:5f:d9:3d:2f:d0:54:9c:b1:aa:cb:93:d7:6d:ed:cf:43:72:
11:e7:cb:4b:f9:07:fa:cf:ec:e5:71:5f:17:58:8d:e2:39:31:
9f:4e:9a:89:83:09:41:41:70:ca:2e:04:5a:78:0e:cd:38:05:
0e:04:6a:94:01:3e:85:0f:ad:2f:a2:e7:6f:2c:4a:51:41:b6:
10:93:50:ef:88:36:ca:99:00:f5:ce:17:11:15:c1:55:cc:e9:
ea:d0:23:71:12:4c:54:30:04:5b:d6:32:9b:47:92:5e:db:7f:
36:1a:ba:4f:90:2a:9e:a2:4c:28:d4:5f:53:95:fe:b3:b7:b4:
22:3c:8c:b9:2f:66:a5:83:c9:12:d9:3b:7f:74:d9:59:b4:70:
f3:2d:33:a9:41:6e:ea:d8:11:4b:a3:18:51:f6:95:29:a5:ab:
29:1d:b1:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+l8hvDylwxf5FKiZ4ZOQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZTNkYTM1ODJhMjI4MzBlYzRlNjc1NDdlNzVmYTNiOWRh
MjBiMjMwHhcNMjUwMTAxMDM0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzY0OWEwMmYzZTNmZmI2NGEyYjczNzQ3YjQxMDIxYTFjNzY1NmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8/mWUfsMEq9PtFPaKgSF9Q53J3vB
9sFIqJiVNxoL8ZFDiS0uxKO91yaagnzLH1DLape7iGjqpVTcMAefYy+n+EjBSkQo
VX6hSL/4RyVM7a4iUWZDuIiF8l+ENQbYajNGHqxxIwiGko/nKfkzh+LB0mkE82jW
2ebehcbN51UxZ0zl2CkvRXwj6++IM71vszwfz3c8c252N4PyUKs4XDAMoUJery9x
9qzu57WnsyibjnyZGP/z8nZQV75CoyV1K879wQERjhvNSZTfmM+ryXuWJExDIca/
LKsLNpXwu99g3kBWUWMkxZXKl/ivFoLAxumBSYFW6A/yx/gHSKOM6mLZjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFxkmgLz4/+2SitzdHtBAhocdla0MB8GA1UdIwQY
MBaAFMvj2jWCoigw7E5nVH51+judogsjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveS1QYU5ZS2lLRERzVG1kVWZuWDZPNTJpQ3lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC82OGNmYzUtMmVjNi00YjU5LWIxMmUt
NmUzNmIyZjE3MDZiLzEvWEdTYUF2UGpfN1pLSzNOMGUwRUNHaHgyVnJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC82OGNmYzUtMmVjNi00YjU5LWIxMmUtNmUzNmIyZjE3MDZi
LzEveS1QYU5ZS2lLRERzVG1kVWZuWDZPNTJpQ3lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucqFMA0G
CSqGSIb3DQEBCwUAA4IBAQCzhU0QQ42IhmRZuhXqpvID6kfURrdl/GUsS5p6/KlK
4Z+suXp/dU7Ll7xvNLuP47EYHKRpjjGlTZwMghwMmdtpPn+l9/DcdiTObIqczeCe
mX/m0UKXfYAtZK5GX9k9L9BUnLGqy5PXbe3PQ3IR58tL+Qf6z+zlcV8XWI3iOTGf
TpqJgwlBQXDKLgRaeA7NOAUOBGqUAT6FD60voudvLEpRQbYQk1DviDbKmQD1zhcR
FcFVzOnq0CNxEkxUMARb1jKbR5Je2382GrpPkCqeokwo1F9Tlf6zt7QiPIy5L2al
g8kS2Tt/dNlZtHDzLTOpQW7q2BFLoxhR9pUppaspHbEO
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:50:34 2025 by rpki-client