Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/7d66de-5f0c-4765-a0f6-67fbf2155e4e/1/Cr1GM2aFxsaZd-ImInN4uI7kXRc.roa
File: Cr1GM2aFxsaZd-ImInN4uI7kXRc.roa (raw, json)
Hash identifier: PpfCM8zWq8dmU00l723EMPcIhVPj7pc1erECtwg1IFw=
Subject key identifier: 0A:BD:46:33:66:85:C6:C6:99:77:E2:26:22:73:78:B8:8E:E4:5D:17
Certificate issuer: /CN=607e5caff4f47b2b8dc81cc36c8e346662639898
Certificate serial: 01942368FF21C07B95DC94F61C025E0F83B2
Authority key identifier: 60:7E:5C:AF:F4:F4:7B:2B:8D:C8:1C:C3:6C:8E:34:66:62:63:98:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YH5cr_T0eyuNyBzDbI40ZmJjmJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/7d66de-5f0c-4765-a0f6-67fbf2155e4e/1/Cr1GM2aFxsaZd-ImInN4uI7kXRc.roa
Signing time: Wed 01 Jan 2025 19:47:51 +0000
ROA not before: Wed 01 Jan 2025 19:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211953
IP address blocks: 185.189.52.0/24 maxlen: 24
185.189.53.0/24 maxlen: 24
185.189.54.0/24 maxlen: 24
185.189.55.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:ff:21:c0:7b:95:dc:94:f6:1c:02:5e:0f:83:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=607e5caff4f47b2b8dc81cc36c8e346662639898
Validity
Not Before: Jan 1 19:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0abd46336685c6c69977e226227378b88ee45d17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:46:74:ce:5d:44:75:a8:d7:cb:2d:a1:2d:74:
67:29:a7:02:18:f0:97:3d:84:f2:b8:67:69:d4:c9:
58:05:4d:11:db:b4:0c:35:14:51:81:43:dd:43:dc:
45:4a:44:fd:e0:35:cf:20:eb:68:9b:1b:29:57:95:
f7:4b:e7:24:30:7c:fe:1b:32:bf:8a:24:29:aa:4a:
5f:ba:1e:fe:1a:64:c3:83:84:1c:8a:c6:2c:bc:fa:
d6:b4:30:91:0c:c6:57:2b:cb:c0:4e:01:ed:72:a8:
eb:60:e8:7e:f2:16:7e:2c:69:c8:fe:fc:03:b2:3f:
eb:ca:d9:b6:8f:17:6c:3d:19:99:14:28:ea:76:aa:
c2:06:3c:3e:02:ac:18:35:76:02:53:77:2c:bf:14:
e8:0c:2b:c5:c8:60:75:eb:ac:65:60:0e:2b:a7:fb:
87:23:38:37:cb:88:13:8a:dc:df:e1:f2:be:33:87:
1d:5c:af:b9:3b:da:7e:09:82:15:8e:ff:d4:e6:c3:
2d:ad:ff:3a:8b:cb:f5:00:11:44:46:1c:84:b9:98:
cd:33:ae:77:1a:c1:2d:12:6a:dd:cf:1f:67:63:f0:
bb:d1:47:20:aa:fa:4f:f1:11:f7:b5:61:dc:bd:14:
0b:c7:9f:bd:41:c9:0b:b8:1f:af:99:4d:41:71:f6:
ee:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:BD:46:33:66:85:C6:C6:99:77:E2:26:22:73:78:B8:8E:E4:5D:17
X509v3 Authority Key Identifier:
keyid:60:7E:5C:AF:F4:F4:7B:2B:8D:C8:1C:C3:6C:8E:34:66:62:63:98:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YH5cr_T0eyuNyBzDbI40ZmJjmJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/7d66de-5f0c-4765-a0f6-67fbf2155e4e/1/Cr1GM2aFxsaZd-ImInN4uI7kXRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/7d66de-5f0c-4765-a0f6-67fbf2155e4e/1/YH5cr_T0eyuNyBzDbI40ZmJjmJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.52.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:4b:8c:02:d2:f3:84:c1:8a:94:3d:fe:63:c6:01:fd:90:b1:
5a:68:7d:b1:ee:7f:c9:57:93:ac:ae:7d:e3:88:20:b7:be:79:
82:59:e1:41:f0:d2:fb:be:c5:01:dc:7c:01:b2:8e:bf:0d:5b:
b4:07:c7:aa:82:16:dc:9b:0e:9b:16:d2:df:a3:ce:b5:0e:ee:
81:e8:f4:b2:9c:00:a4:6c:3f:c7:37:8b:45:9f:d4:6b:10:79:
aa:c8:2b:a6:f0:d1:58:f0:ac:80:a6:1f:5c:48:c1:d5:a9:f8:
fc:2d:c9:08:d4:5f:bb:94:e4:20:81:06:32:a2:11:a8:9e:0e:
7c:21:f9:0e:11:59:1a:4e:32:36:af:e2:3a:54:61:10:91:88:
03:f9:d5:17:d4:da:25:4c:6c:9d:7a:2c:04:82:a9:ad:c7:a0:
65:9c:a7:57:5d:74:2f:3b:59:69:b0:6d:34:41:b6:27:4a:9b:
b1:23:c3:b2:d2:d7:c5:32:c7:aa:fc:f9:fd:7a:f7:62:b5:e3:
90:d4:0b:b5:48:fa:7b:56:a2:72:15:7a:9f:b4:a2:6b:75:b2:
95:bf:ab:15:98:02:f7:8d:61:4f:8b:99:b5:1a:a0:6a:c7:a6:
52:48:99:95:60:56:38:53:38:e1:d5:04:53:cd:74:e1:27:58:
cb:68:61:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaP8hwHuV3JT2HAJeD4OyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwN2U1Y2FmZjRmNDdiMmI4ZGM4MWNjMzZjOGUzNDY2NjI2
Mzk4OTgwHhcNMjUwMTAxMTk0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWJkNDYzMzY2ODVjNmM2OTk3N2UyMjYyMjczNzhiODhlZTQ1ZDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkZ0zl1EdajXyy2hLXRnKacCGPCX
PYTyuGdp1MlYBU0R27QMNRRRgUPdQ9xFSkT94DXPIOtomxspV5X3S+ckMHz+GzK/
iiQpqkpfuh7+GmTDg4QcisYsvPrWtDCRDMZXK8vATgHtcqjrYOh+8hZ+LGnI/vwD
sj/rytm2jxdsPRmZFCjqdqrCBjw+AqwYNXYCU3csvxToDCvFyGB166xlYA4rp/uH
Izg3y4gTitzf4fK+M4cdXK+5O9p+CYIVjv/U5sMtrf86i8v1ABFERhyEuZjNM653
GsEtEmrdzx9nY/C70UcgqvpP8RH3tWHcvRQLx5+9QckLuB+vmU1BcfbupwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAq9RjNmhcbGmXfiJiJzeLiO5F0XMB8GA1UdIwQY
MBaAFGB+XK/09Hsrjcgcw2yONGZiY5iYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUg1Y3JfVDBleXVOeUJ6RGJJNDBabUpqbUpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi83ZDY2ZGUtNWYwYy00NzY1LWEwZjYt
NjdmYmYyMTU1ZTRlLzEvQ3IxR00yYUZ4c2FaZC1JbUluTjR1STdrWFJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi83ZDY2ZGUtNWYwYy00NzY1LWEwZjYtNjdmYmYyMTU1ZTRl
LzEvWUg1Y3JfVDBleXVOeUJ6RGJJNDBabUpqbUpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCub00MA0G
CSqGSIb3DQEBCwUAA4IBAQCiS4wC0vOEwYqUPf5jxgH9kLFaaH2x7n/JV5Osrn3j
iCC3vnmCWeFB8NL7vsUB3HwBso6/DVu0B8eqghbcmw6bFtLfo861Du6B6PSynACk
bD/HN4tFn9RrEHmqyCum8NFY8KyAph9cSMHVqfj8LckI1F+7lOQggQYyohGong58
IfkOEVkaTjI2r+I6VGEQkYgD+dUX1NolTGydeiwEgqmtx6BlnKdXXXQvO1lpsG00
QbYnSpuxI8Oy0tfFMseq/Pn9evditeOQ1Au1SPp7VqJyFXqftKJrdbKVv6sVmAL3
jWFPi5m1GqBqx6ZSSJmVYFY4Uzjh1QRTzXThJ1jLaGE3
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:25:10 2025 by rpki-client