Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/c1e3b4-2d61-44cc-9081-0f9d43d864bb/1/CXC2XsvDIqaanTmqd2a1qzMnjWs.roa
File: CXC2XsvDIqaanTmqd2a1qzMnjWs.roa (raw, json)
Hash identifier: QAIN6LBn+W+vlGLr5cVirBbL9u+a95dTjOFvgbUMGX4=
Subject key identifier: 09:70:B6:5E:CB:C3:22:A6:9A:9D:39:AA:77:66:B5:AB:33:27:8D:6B
Certificate issuer: /CN=4a8095927ee57ccee256aa439f163686b58c570c
Certificate serial: 019423D8030026D56B5D619626633F572F67
Authority key identifier: 4A:80:95:92:7E:E5:7C:CE:E2:56:AA:43:9F:16:36:86:B5:8C:57:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SoCVkn7lfM7iVqpDnxY2hrWMVww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/c1e3b4-2d61-44cc-9081-0f9d43d864bb/1/CXC2XsvDIqaanTmqd2a1qzMnjWs.roa
Signing time: Wed 01 Jan 2025 21:49:06 +0000
ROA not before: Wed 01 Jan 2025 21:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39582
IP address blocks: 185.29.192.0/24 maxlen: 24
185.29.193.0/24 maxlen: 24
185.29.194.0/24 maxlen: 24
185.29.195.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d8:03:00:26:d5:6b:5d:61:96:26:63:3f:57:2f:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a8095927ee57ccee256aa439f163686b58c570c
Validity
Not Before: Jan 1 21:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0970b65ecbc322a69a9d39aa7766b5ab33278d6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a1:de:74:e1:ac:e2:3f:c7:b0:96:54:c2:2f:
d6:e7:af:03:8c:f4:55:6d:a0:02:6f:b8:02:e9:5d:
64:b2:84:1f:38:06:3a:4e:05:6d:14:f5:c7:51:ea:
0d:fa:ba:a6:5d:6e:89:99:a6:8b:ea:8a:61:63:02:
52:39:53:f5:7f:12:69:12:d2:7c:b2:e3:69:8a:00:
7f:fd:46:d1:ad:da:74:46:93:19:46:57:87:b3:b8:
64:2a:bb:9a:d1:84:ce:21:e1:f3:02:7d:5b:22:7a:
be:9c:e8:2a:9f:dc:58:c3:df:e0:a0:13:16:f5:57:
55:b0:33:dd:f8:55:c0:b5:f6:49:9b:dc:09:30:a3:
a1:c9:f8:f3:95:72:9d:be:4d:e8:af:ae:03:58:08:
64:45:f0:86:66:f3:5d:ce:63:c3:76:79:9c:31:ef:
be:cf:34:1e:a1:2f:22:89:fa:43:80:c1:57:9c:fe:
d9:29:be:92:90:72:22:a6:b6:45:6b:86:41:89:5a:
d1:4f:46:c7:df:48:b9:bd:1e:41:66:32:e3:43:b1:
8f:99:c2:db:e2:ba:fe:fe:f5:07:7b:84:af:f9:34:
79:c7:c4:51:3e:e6:20:82:fc:e4:a5:a0:db:67:ff:
08:6d:6f:ac:05:40:9b:4e:8a:3f:7f:91:8e:6e:2c:
ff:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:70:B6:5E:CB:C3:22:A6:9A:9D:39:AA:77:66:B5:AB:33:27:8D:6B
X509v3 Authority Key Identifier:
keyid:4A:80:95:92:7E:E5:7C:CE:E2:56:AA:43:9F:16:36:86:B5:8C:57:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SoCVkn7lfM7iVqpDnxY2hrWMVww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/c1e3b4-2d61-44cc-9081-0f9d43d864bb/1/CXC2XsvDIqaanTmqd2a1qzMnjWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/c1e3b4-2d61-44cc-9081-0f9d43d864bb/1/SoCVkn7lfM7iVqpDnxY2hrWMVww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.29.192.0/22
Signature Algorithm: sha256WithRSAEncryption
77:aa:7b:2a:a0:cf:09:40:4d:c1:82:29:e7:f3:50:df:b1:4a:
88:3f:b5:c8:53:3a:27:83:88:08:0e:a0:79:c5:7e:58:ba:19:
14:54:34:ad:47:1f:71:9f:86:fe:e7:f4:fc:6e:7b:88:aa:48:
20:95:c6:37:4c:3e:97:5f:a1:64:46:e4:68:ad:a2:e8:00:ba:
6c:f9:78:ab:46:1c:74:65:0b:5e:ad:96:8f:5e:29:94:3a:8b:
ab:6d:09:74:cc:8f:29:bd:ea:91:1f:49:7b:d4:61:29:a2:cb:
72:a9:0f:51:06:60:08:7d:31:b9:af:a2:8e:fb:61:e4:7b:94:
20:e0:5f:84:f5:78:05:af:8a:33:52:af:43:0c:e6:21:21:ff:
95:71:52:b1:eb:ad:30:80:a3:a5:cd:22:27:c8:ac:ca:a1:77:
c0:a1:e7:5c:4a:b5:d3:bc:39:a8:67:6c:67:07:4d:b4:67:18:
51:d4:f9:ca:9f:1e:22:1f:df:72:f2:66:29:c8:26:a6:07:43:
6f:23:01:41:9a:2c:c2:98:37:13:20:f2:00:16:6e:25:de:22:
f0:67:b2:a6:8f:2b:b2:c8:6c:ca:f2:6a:af:14:00:d9:30:d3:
3e:fb:95:eb:bf:d5:57:9a:e5:50:2f:26:bc:ee:6b:f1:db:82:
9d:a6:f4:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj2AMAJtVrXWGWJmM/Vy9nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhODA5NTkyN2VlNTdjY2VlMjU2YWE0MzlmMTYzNjg2YjU4
YzU3MGMwHhcNMjUwMTAxMjE0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTcwYjY1ZWNiYzMyMmE2OWE5ZDM5YWE3NzY2YjVhYjMzMjc4ZDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqHedOGs4j/HsJZUwi/W568DjPRV
baACb7gC6V1ksoQfOAY6TgVtFPXHUeoN+rqmXW6JmaaL6ophYwJSOVP1fxJpEtJ8
suNpigB//UbRrdp0RpMZRleHs7hkKrua0YTOIeHzAn1bInq+nOgqn9xYw9/goBMW
9VdVsDPd+FXAtfZJm9wJMKOhyfjzlXKdvk3or64DWAhkRfCGZvNdzmPDdnmcMe++
zzQeoS8iifpDgMFXnP7ZKb6SkHIiprZFa4ZBiVrRT0bH30i5vR5BZjLjQ7GPmcLb
4rr+/vUHe4Sv+TR5x8RRPuYggvzkpaDbZ/8IbW+sBUCbToo/f5GObiz/+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAlwtl7LwyKmmp05qndmtaszJ41rMB8GA1UdIwQY
MBaAFEqAlZJ+5XzO4laqQ58WNoa1jFcMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU29DVmtuN2xmTTdpVnFwRG54WTJocldNVnd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9jMWUzYjQtMmQ2MS00NGNjLTkwODEt
MGY5ZDQzZDg2NGJiLzEvQ1hDMlhzdkRJcWFhblRtcWQyYTFxek1ualdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9jMWUzYjQtMmQ2MS00NGNjLTkwODEtMGY5ZDQzZDg2NGJi
LzEvU29DVmtuN2xmTTdpVnFwRG54WTJocldNVnd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuR3AMA0G
CSqGSIb3DQEBCwUAA4IBAQB3qnsqoM8JQE3Bginn81DfsUqIP7XIUzong4gIDqB5
xX5YuhkUVDStRx9xn4b+5/T8bnuIqkgglcY3TD6XX6FkRuRoraLoALps+XirRhx0
ZQterZaPXimUOourbQl0zI8pveqRH0l71GEpostyqQ9RBmAIfTG5r6KO+2Hke5Qg
4F+E9XgFr4ozUq9DDOYhIf+VcVKx660wgKOlzSInyKzKoXfAoedcSrXTvDmoZ2xn
B020ZxhR1PnKnx4iH99y8mYpyCamB0NvIwFBmizCmDcTIPIAFm4l3iLwZ7Kmjyuy
yGzK8mqvFADZMNM++5Xrv9VXmuVQLya87mvx24KdpvTG
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:36:29 2025 by rpki-client