Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/668437-97c2-48c2-b7c8-cc7746719406/1/XwmnQ9xqPRkuLArWSFnpHEebGQg.roa
File: XwmnQ9xqPRkuLArWSFnpHEebGQg.roa (raw, json)
Hash identifier: Y7Tgn3WDH0rYWGZT30S1SX34Yy+8g/AzLBEDrpEo5zI=
Subject key identifier: 5F:09:A7:43:DC:6A:3D:19:2E:2C:0A:D6:48:59:E9:1C:47:9B:19:08
Certificate issuer: /CN=43af2e987d2b63addaa5adc178f31e90d876aaa7
Certificate serial: 0194282795816635DE00F128508F6CDB4606
Authority key identifier: 43:AF:2E:98:7D:2B:63:AD:DA:A5:AD:C1:78:F3:1E:90:D8:76:AA:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q68umH0rY63apa3BePMekNh2qqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/668437-97c2-48c2-b7c8-cc7746719406/1/XwmnQ9xqPRkuLArWSFnpHEebGQg.roa
Signing time: Thu 02 Jan 2025 17:54:30 +0000
ROA not before: Thu 02 Jan 2025 17:54:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48728
IP address blocks: 185.2.246.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:95:81:66:35:de:00:f1:28:50:8f:6c:db:46:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43af2e987d2b63addaa5adc178f31e90d876aaa7
Validity
Not Before: Jan 2 17:54:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f09a743dc6a3d192e2c0ad64859e91c479b1908
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b3:6c:3d:32:bd:9f:dd:d4:f3:fd:05:de:3b:
94:02:22:0c:e3:45:8b:44:aa:33:f0:de:bd:28:ab:
c8:67:74:77:55:f8:b1:5b:57:f9:e9:4d:69:27:7a:
4a:c4:38:fc:a5:9f:21:0c:90:4a:fe:d0:4c:a4:c0:
55:51:67:76:40:4e:75:20:6b:75:4e:cd:f0:76:1b:
ab:d9:8c:c6:33:76:b8:a7:7c:49:fc:cc:08:f5:b3:
63:73:d6:a4:b3:70:c3:26:27:f3:36:01:8f:6e:f5:
b4:a9:85:b9:76:3d:2b:78:8d:29:4f:2f:7c:56:8c:
3f:5d:6e:a4:82:9d:0e:3a:9b:a4:e0:39:09:dc:a4:
9a:10:ce:bd:7d:ec:0b:d1:1c:5c:c0:7a:01:ab:2b:
62:29:a4:cd:6e:e4:74:81:7d:63:43:67:54:be:0f:
d3:67:ab:14:93:18:3c:9e:cf:01:d4:23:9b:d1:c1:
86:9e:53:5d:e0:bd:ca:05:58:01:49:e3:61:49:bf:
85:0a:c0:2e:ca:cc:14:af:8e:51:19:38:81:c5:69:
ab:63:47:40:16:ec:e1:df:23:3f:f2:7a:60:ec:bd:
ca:30:05:4d:b1:8e:e6:04:bb:80:49:d8:6d:6d:70:
c8:fe:5d:15:f1:fd:36:49:5f:69:01:f4:ce:07:22:
40:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:09:A7:43:DC:6A:3D:19:2E:2C:0A:D6:48:59:E9:1C:47:9B:19:08
X509v3 Authority Key Identifier:
keyid:43:AF:2E:98:7D:2B:63:AD:DA:A5:AD:C1:78:F3:1E:90:D8:76:AA:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q68umH0rY63apa3BePMekNh2qqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/668437-97c2-48c2-b7c8-cc7746719406/1/XwmnQ9xqPRkuLArWSFnpHEebGQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/668437-97c2-48c2-b7c8-cc7746719406/1/Q68umH0rY63apa3BePMekNh2qqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.246.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:ae:b7:39:b9:8c:72:5f:8d:a6:3d:1a:d4:06:5b:28:d5:4c:
a2:aa:fd:38:6d:81:97:66:e9:6b:01:2e:32:ae:86:3e:97:93:
55:23:05:17:d8:b8:d9:32:23:0d:e8:95:84:75:cf:41:3e:fd:
d1:8b:ad:c0:62:ba:3d:d9:8b:61:8c:53:c7:84:3d:ea:04:65:
3f:2e:79:82:a4:76:ad:e1:83:56:e5:31:c4:1b:05:a4:36:8e:
ac:22:00:b0:39:8e:26:c1:e8:dc:20:aa:d6:a9:4d:96:53:8c:
cd:d3:8a:43:fa:18:0c:27:0e:af:eb:08:bb:48:89:32:61:21:
88:bd:3d:3e:a6:58:33:ab:30:46:4f:b9:31:0d:2e:1d:4e:69:
5d:7e:3f:00:0e:e3:4d:7c:32:30:f7:8d:53:f2:5c:a0:0e:45:
30:09:89:38:36:34:94:c5:6a:ad:9e:d4:7e:59:e3:e2:88:00:
cf:42:d5:9c:ab:d8:0c:f7:1f:e4:d5:78:1e:32:8f:4d:cf:be:
26:06:7e:65:02:10:97:fb:0b:19:c4:dc:5c:b8:51:62:1c:cb:
e7:36:f7:d7:2a:af:21:5d:de:b6:e1:72:71:65:73:d9:66:d0:
18:6e:1a:1f:01:de:a4:51:9e:97:1a:9b:74:73:43:5e:fe:37:
2d:d6:95:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJ5WBZjXeAPEoUI9s20YGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzYWYyZTk4N2QyYjYzYWRkYWE1YWRjMTc4ZjMxZTkwZDg3
NmFhYTcwHhcNMjUwMTAyMTc1NDMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjA5YTc0M2RjNmEzZDE5MmUyYzBhZDY0ODU5ZTkxYzQ3OWIxOTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurNsPTK9n93U8/0F3juUAiIM40WL
RKoz8N69KKvIZ3R3VfixW1f56U1pJ3pKxDj8pZ8hDJBK/tBMpMBVUWd2QE51IGt1
Ts3wdhur2YzGM3a4p3xJ/MwI9bNjc9aks3DDJifzNgGPbvW0qYW5dj0reI0pTy98
Vow/XW6kgp0OOpuk4DkJ3KSaEM69fewL0RxcwHoBqytiKaTNbuR0gX1jQ2dUvg/T
Z6sUkxg8ns8B1COb0cGGnlNd4L3KBVgBSeNhSb+FCsAuyswUr45RGTiBxWmrY0dA
Fuzh3yM/8npg7L3KMAVNsY7mBLuASdhtbXDI/l0V8f02SV9pAfTOByJANQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF8Jp0Pcaj0ZLiwK1khZ6RxHmxkIMB8GA1UdIwQY
MBaAFEOvLph9K2Ot2qWtwXjzHpDYdqqnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTY4dW1IMHJZNjNhcGEzQmVQTWVrTmgycXFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82Njg0MzctOTdjMi00OGMyLWI3Yzgt
Y2M3NzQ2NzE5NDA2LzEvWHdtblE5eHFQUmt1TEFyV1NGbnBIRWViR1FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82Njg0MzctOTdjMi00OGMyLWI3YzgtY2M3NzQ2NzE5NDA2
LzEvUTY4dW1IMHJZNjNhcGEzQmVQTWVrTmgycXFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQL2MA0G
CSqGSIb3DQEBCwUAA4IBAQAOrrc5uYxyX42mPRrUBlso1Uyiqv04bYGXZulrAS4y
roY+l5NVIwUX2LjZMiMN6JWEdc9BPv3Ri63AYro92YthjFPHhD3qBGU/LnmCpHat
4YNW5THEGwWkNo6sIgCwOY4mwejcIKrWqU2WU4zN04pD+hgMJw6v6wi7SIkyYSGI
vT0+plgzqzBGT7kxDS4dTmldfj8ADuNNfDIw941T8lygDkUwCYk4NjSUxWqtntR+
WePiiADPQtWcq9gM9x/k1XgeMo9Nz74mBn5lAhCX+wsZxNxcuFFiHMvnNvfXKq8h
Xd624XJxZXPZZtAYbhofAd6kUZ6XGpt0c0Ne/jct1pV0
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:23:36 2025 by rpki-client