Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/deb903-26da-47a8-9b05-38a385f35e3b/1/IXT2ShwYMDTPNqnR-lmJPCt_hM0.roa
File: IXT2ShwYMDTPNqnR-lmJPCt_hM0.roa (raw, json)
Hash identifier: YktH9Y4fzOrvY5vhhRnBY1iI8LZ09iZ8zTmc5w1S0Jw=
Subject key identifier: 21:74:F6:4A:1C:18:30:34:CF:36:A9:D1:FA:59:89:3C:2B:7F:84:CD
Certificate issuer: /CN=de1139218c52e8fe7f7c314b6639e7f87e5679c8
Certificate serial: 01942067F2C75853F602A769E9FCCAFE9DBC
Authority key identifier: DE:11:39:21:8C:52:E8:FE:7F:7C:31:4B:66:39:E7:F8:7E:56:79:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3hE5IYxS6P5_fDFLZjnn-H5Wecg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/deb903-26da-47a8-9b05-38a385f35e3b/1/IXT2ShwYMDTPNqnR-lmJPCt_hM0.roa
Signing time: Wed 01 Jan 2025 05:47:50 +0000
ROA not before: Wed 01 Jan 2025 05:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201293
IP address blocks: 185.79.188.0/22 maxlen: 22
185.79.188.0/24 maxlen: 24
185.79.189.0/24 maxlen: 24
185.79.190.0/23 maxlen: 23
185.79.190.0/24 maxlen: 24
185.79.191.0/24 maxlen: 24
2a03:5da0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:f2:c7:58:53:f6:02:a7:69:e9:fc:ca:fe:9d:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de1139218c52e8fe7f7c314b6639e7f87e5679c8
Validity
Not Before: Jan 1 05:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2174f64a1c183034cf36a9d1fa59893c2b7f84cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b3:6e:ba:a5:31:c9:27:68:47:cc:01:b2:1d:
51:1c:69:3f:15:f9:79:8b:34:93:ce:db:95:2a:68:
39:34:c9:9c:54:2a:65:ee:b5:bd:56:43:ec:6c:b8:
e5:1e:b4:c7:44:b3:72:39:ab:23:b9:f7:5e:35:1b:
8b:45:e7:c6:ab:6d:a0:79:a9:48:be:85:2f:dc:56:
f3:ae:1a:6f:5a:8a:98:f4:f7:61:4c:2a:4d:0f:2e:
1d:cd:a9:aa:df:69:99:e3:48:cf:c4:f2:31:67:5e:
e3:26:98:af:37:c5:b9:41:de:1c:72:cc:ac:00:84:
ac:62:86:86:81:b0:8d:89:a7:4c:b5:f8:2b:e8:9d:
3f:0a:57:c4:82:49:50:d4:d7:3a:e8:30:13:0c:1f:
2d:e5:a8:64:d4:a8:73:28:02:f7:19:38:b6:1a:7d:
ba:59:80:ff:eb:1c:9d:35:32:e4:be:fd:ee:df:c3:
47:8f:f8:0a:41:f6:03:ed:36:ff:88:22:98:52:a9:
81:57:c7:ce:c3:ee:ab:26:cd:e1:83:4d:57:18:e5:
e4:f1:88:9e:6c:6a:6f:5b:75:1d:a5:b7:6f:c7:57:
54:67:32:cb:63:4c:5d:c4:02:ec:ac:bd:25:53:c0:
f1:d2:2a:4f:f0:cd:db:8c:2d:f3:da:0e:85:6f:f3:
85:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:74:F6:4A:1C:18:30:34:CF:36:A9:D1:FA:59:89:3C:2B:7F:84:CD
X509v3 Authority Key Identifier:
keyid:DE:11:39:21:8C:52:E8:FE:7F:7C:31:4B:66:39:E7:F8:7E:56:79:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hE5IYxS6P5_fDFLZjnn-H5Wecg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/deb903-26da-47a8-9b05-38a385f35e3b/1/IXT2ShwYMDTPNqnR-lmJPCt_hM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/deb903-26da-47a8-9b05-38a385f35e3b/1/3hE5IYxS6P5_fDFLZjnn-H5Wecg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.188.0/22
IPv6:
2a03:5da0::/32
Signature Algorithm: sha256WithRSAEncryption
63:9b:ad:6c:74:77:dd:60:58:ef:db:df:62:76:94:1f:61:8f:
fa:f1:1c:fc:95:a1:e7:f1:b9:7a:4c:f6:eb:db:82:ec:86:84:
2e:c0:21:45:f7:85:da:b1:e8:e8:13:f6:49:0c:ce:42:8c:e8:
33:29:91:e5:28:21:31:74:3e:b7:11:7a:5e:a0:a1:72:b2:9c:
6c:97:cd:43:c5:95:87:b5:a7:6f:23:78:b1:5f:d2:c1:db:c7:
31:27:c6:5a:00:45:40:c1:41:3f:78:44:bf:af:8a:f1:4c:4a:
57:ed:85:af:5b:91:3a:fd:96:af:d4:bc:3b:cd:90:f2:1e:0a:
3e:ca:73:0b:08:2a:af:11:12:41:c1:ea:8f:ab:ae:a0:02:ce:
ed:bd:1b:24:35:24:9e:ee:1b:c0:2b:5a:09:18:81:20:e3:98:
39:1c:d7:15:bb:9b:9f:dd:ab:c4:06:6c:7c:ab:6e:a7:4d:1c:
70:f0:13:f9:90:0c:c5:9f:bb:d2:41:e5:3e:8a:7a:1f:12:d4:
a1:b2:f2:a3:6e:31:90:0a:e1:78:4b:3e:be:43:e2:21:f6:a7:
f8:45:69:1b:6b:38:18:1b:8a:69:f1:a9:97:14:b9:19:b9:4c:
c8:5a:6a:e4:82:a1:3a:b3:34:0a:31:e0:d1:39:e8:c8:6e:69:
ca:dd:82:8a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQgZ/LHWFP2Aqdp6fzK/p28MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTEzOTIxOGM1MmU4ZmU3ZjdjMzE0YjY2MzllN2Y4N2U1
Njc5YzgwHhcNMjUwMTAxMDU0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTc0ZjY0YTFjMTgzMDM0Y2YzNmE5ZDFmYTU5ODkzYzJiN2Y4NGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbNuuqUxySdoR8wBsh1RHGk/Ffl5
izSTztuVKmg5NMmcVCpl7rW9VkPsbLjlHrTHRLNyOasjufdeNRuLRefGq22gealI
voUv3FbzrhpvWoqY9PdhTCpNDy4dzamq32mZ40jPxPIxZ17jJpivN8W5Qd4ccsys
AISsYoaGgbCNiadMtfgr6J0/ClfEgklQ1Nc66DATDB8t5ahk1KhzKAL3GTi2Gn26
WYD/6xydNTLkvv3u38NHj/gKQfYD7Tb/iCKYUqmBV8fOw+6rJs3hg01XGOXk8Yie
bGpvW3Udpbdvx1dUZzLLY0xdxALsrL0lU8Dx0ipP8M3bjC3z2g6Fb/OFQwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCF09kocGDA0zzap0fpZiTwrf4TNMB8GA1UdIwQY
MBaAFN4ROSGMUuj+f3wxS2Y55/h+VnnIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hFNUlZeFM2UDVfZkRGTFpqbm4tSDVXZWNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9kZWI5MDMtMjZkYS00N2E4LTliMDUt
MzhhMzg1ZjM1ZTNiLzEvSVhUMlNod1lNRFRQTnFuUi1sbUpQQ3RfaE0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9kZWI5MDMtMjZkYS00N2E4LTliMDUtMzhhMzg1ZjM1ZTNi
LzEvM2hFNUlZeFM2UDVfZkRGTFpqbm4tSDVXZWNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuU+8MA0E
AgACMAcDBQAqA12gMA0GCSqGSIb3DQEBCwUAA4IBAQBjm61sdHfdYFjv299idpQf
YY/68Rz8laHn8bl6TPbr24LshoQuwCFF94XasejoE/ZJDM5CjOgzKZHlKCExdD63
EXpeoKFyspxsl81DxZWHtadvI3ixX9LB28cxJ8ZaAEVAwUE/eES/r4rxTEpX7YWv
W5E6/Zav1Lw7zZDyHgo+ynMLCCqvERJBweqPq66gAs7tvRskNSSe7hvAK1oJGIEg
45g5HNcVu5uf3avEBmx8q26nTRxw8BP5kAzFn7vSQeU+inofEtShsvKjbjGQCuF4
Sz6+Q+Ih9qf4RWkbazgYG4pp8amXFLkZuUzIWmrkgqE6szQKMeDROejIbmnK3YKK
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:38:10 2025 by rpki-client