Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/27911b-064f-4d62-ba1c-e6626af759b7/1/Xihi8aGiKGmm1wm5o0bdg-SFO4M.roa
File: Xihi8aGiKGmm1wm5o0bdg-SFO4M.roa (raw, json)
Hash identifier: UB6flWnnaqdKwm5uBg0CvnmFwbf9VSTpt0Wz6M2wzJs=
Subject key identifier: 5E:28:62:F1:A1:A2:28:69:A6:D7:09:B9:A3:46:DD:83:E4:85:3B:83
Certificate issuer: /CN=59602e4b08594c5caffbeb50d1e0a9d470eb92e5
Certificate serial: 019420D651E3A26D4A719A351855A0B5E0B6
Authority key identifier: 59:60:2E:4B:08:59:4C:5C:AF:FB:EB:50:D1:E0:A9:D4:70:EB:92:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WWAuSwhZTFyv--tQ0eCp1HDrkuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/27911b-064f-4d62-ba1c-e6626af759b7/1/Xihi8aGiKGmm1wm5o0bdg-SFO4M.roa
Signing time: Wed 01 Jan 2025 07:48:24 +0000
ROA not before: Wed 01 Jan 2025 07:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56923
IP address blocks: 185.200.16.0/22 maxlen: 22
185.200.16.0/24 maxlen: 24
185.200.17.0/24 maxlen: 24
185.200.18.0/24 maxlen: 24
185.200.19.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:51:e3:a2:6d:4a:71:9a:35:18:55:a0:b5:e0:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59602e4b08594c5caffbeb50d1e0a9d470eb92e5
Validity
Not Before: Jan 1 07:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e2862f1a1a22869a6d709b9a346dd83e4853b83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:8a:83:05:67:f5:8e:55:4e:bd:cb:64:80:09:
49:eb:ae:f4:4b:65:37:58:69:9f:dc:8d:fe:c5:c0:
2f:92:e7:3f:05:e4:f1:ae:7b:2a:95:e7:33:db:2f:
e4:d9:b4:16:66:8b:17:12:da:7b:3f:a5:eb:61:b8:
19:52:09:2e:68:9c:cd:13:63:a2:8e:5d:ea:ed:e5:
7e:56:29:d6:99:a5:13:3f:ea:1f:1e:a2:c5:d9:c7:
89:f3:6c:1f:19:69:fa:f4:c5:24:aa:f4:4e:77:26:
1b:1b:ac:8c:87:d9:14:35:a1:e3:2e:62:21:67:92:
40:79:fb:58:58:71:8d:bd:17:9e:f4:7f:e4:06:8c:
c3:9a:88:95:6a:6e:ef:17:e7:28:92:9f:2a:cd:0f:
a5:ba:f6:c2:44:c4:91:71:53:78:b4:d9:80:0a:51:
a1:93:82:f2:43:11:0a:53:92:6c:89:fb:a9:fa:08:
b6:89:a8:10:e5:d1:3b:e8:22:88:1e:63:2d:06:26:
ce:5d:1d:3a:2c:7d:56:51:4c:36:89:c2:2d:06:a1:
d5:d6:d7:d1:1c:60:6c:33:dc:ed:ec:40:9f:96:3b:
0d:b5:e0:86:0e:50:e0:6a:89:96:5d:39:c0:b0:4c:
31:13:21:8f:d2:59:89:7c:ee:a4:88:0c:dd:91:11:
24:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:28:62:F1:A1:A2:28:69:A6:D7:09:B9:A3:46:DD:83:E4:85:3B:83
X509v3 Authority Key Identifier:
keyid:59:60:2E:4B:08:59:4C:5C:AF:FB:EB:50:D1:E0:A9:D4:70:EB:92:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WWAuSwhZTFyv--tQ0eCp1HDrkuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/27911b-064f-4d62-ba1c-e6626af759b7/1/Xihi8aGiKGmm1wm5o0bdg-SFO4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/27911b-064f-4d62-ba1c-e6626af759b7/1/WWAuSwhZTFyv--tQ0eCp1HDrkuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.16.0/22
Signature Algorithm: sha256WithRSAEncryption
22:20:47:37:a9:15:33:a3:1a:b5:04:6d:91:42:92:d6:01:ed:
54:cf:66:d2:5a:a6:94:81:c8:5e:98:94:db:70:d9:0b:87:0b:
f0:6f:b6:51:92:ab:f4:67:a2:54:57:0e:a9:50:a9:e4:0c:f2:
73:cc:c0:9f:3f:bf:55:33:5c:ce:b1:77:35:e0:93:ee:41:5e:
60:f6:78:9c:de:cc:9d:a7:d2:26:bc:70:36:40:82:87:0c:f2:
d8:43:72:5c:af:50:b2:39:91:54:da:ca:b4:30:be:c9:af:25:
c5:05:22:82:ee:6b:7d:87:e9:6b:35:f3:91:cc:7c:8a:cb:11:
64:d7:34:a6:1d:80:b4:7f:2a:c0:cf:cd:dd:4e:19:4d:d5:5a:
aa:5f:e1:1a:65:20:d1:cd:75:6b:6e:ad:fe:45:5b:f4:27:df:
55:2f:02:32:54:69:e8:40:f3:d6:7b:20:81:b5:8a:b2:28:8b:
00:ac:3d:20:44:cc:4d:a3:6e:f8:4c:48:54:77:63:8c:88:4f:
bd:2e:e1:70:27:04:7a:93:6d:49:60:59:88:90:a1:df:0a:db:
4a:74:26:ba:07:f0:1c:bf:c1:56:a6:95:2f:ce:f6:87:63:1f:
a3:0b:a4:13:76:c1:47:56:1e:06:b5:17:e7:c0:31:88:0c:77:
5c:8b:89:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1lHjom1KcZo1GFWgteC2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NjAyZTRiMDg1OTRjNWNhZmZiZWI1MGQxZTBhOWQ0NzBl
YjkyZTUwHhcNMjUwMTAxMDc0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTI4NjJmMWExYTIyODY5YTZkNzA5YjlhMzQ2ZGQ4M2U0ODUzYjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4qDBWf1jlVOvctkgAlJ6670S2U3
WGmf3I3+xcAvkuc/BeTxrnsqlecz2y/k2bQWZosXEtp7P6XrYbgZUgkuaJzNE2Oi
jl3q7eV+VinWmaUTP+ofHqLF2ceJ82wfGWn69MUkqvROdyYbG6yMh9kUNaHjLmIh
Z5JAeftYWHGNvRee9H/kBozDmoiVam7vF+cokp8qzQ+luvbCRMSRcVN4tNmAClGh
k4LyQxEKU5Jsifup+gi2iagQ5dE76CKIHmMtBibOXR06LH1WUUw2icItBqHV1tfR
HGBsM9zt7ECfljsNteCGDlDgaomWXTnAsEwxEyGP0lmJfO6kiAzdkREkqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF4oYvGhoihpptcJuaNG3YPkhTuDMB8GA1UdIwQY
MBaAFFlgLksIWUxcr/vrUNHgqdRw65LlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1dBdVN3aFpURnl2LS10UTBlQ3AxSERya3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8yNzkxMWItMDY0Zi00ZDYyLWJhMWMt
ZTY2MjZhZjc1OWI3LzEvWGloaThhR2lLR21tMXdtNW8wYmRnLVNGTzRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8yNzkxMWItMDY0Zi00ZDYyLWJhMWMtZTY2MjZhZjc1OWI3
LzEvV1dBdVN3aFpURnl2LS10UTBlQ3AxSERya3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucgQMA0G
CSqGSIb3DQEBCwUAA4IBAQAiIEc3qRUzoxq1BG2RQpLWAe1Uz2bSWqaUgchemJTb
cNkLhwvwb7ZRkqv0Z6JUVw6pUKnkDPJzzMCfP79VM1zOsXc14JPuQV5g9nic3syd
p9ImvHA2QIKHDPLYQ3Jcr1CyOZFU2sq0ML7JryXFBSKC7mt9h+lrNfORzHyKyxFk
1zSmHYC0fyrAz83dThlN1VqqX+EaZSDRzXVrbq3+RVv0J99VLwIyVGnoQPPWeyCB
tYqyKIsArD0gRMxNo274TEhUd2OMiE+9LuFwJwR6k21JYFmIkKHfCttKdCa6B/Ac
v8FWppUvzvaHYx+jC6QTdsFHVh4GtRfnwDGIDHdci4le
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:51:20 2025 by rpki-client