Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/xEa4lOPB3bjnu1SnOn4eI9yQqRE.roa
File: xEa4lOPB3bjnu1SnOn4eI9yQqRE.roa (raw, json)
Hash identifier: reLPTqFNRs54aWpTAFJXpSPsvwAK5kWTGvx3BqwsrnI=
Subject key identifier: C4:46:B8:94:E3:C1:DD:B8:E7:BB:54:A7:3A:7E:1E:23:DC:90:A9:11
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018D3EADC48D90774EF2F60326842805155B
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/xEa4lOPB3bjnu1SnOn4eI9yQqRE.roa
Signing time: Thu 25 Jan 2024 03:33:11 +0000
ROA not before: Thu 25 Jan 2024 03:33:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 267507
IP address blocks: 185.21.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3e:ad:c4:8d:90:77:4e:f2:f6:03:26:84:28:05:15:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jan 25 03:33:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c446b894e3c1ddb8e7bb54a73a7e1e23dc90a911
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:45:d9:d3:40:30:5e:73:44:5c:2e:55:1c:19:
8e:ab:46:a0:e8:33:0b:ae:56:89:12:9c:f6:45:b9:
fe:0c:b6:aa:4b:2d:27:d6:16:95:cf:87:e6:70:28:
d4:16:61:77:d6:9e:0b:bb:92:44:56:e5:75:19:56:
89:6c:92:49:e0:98:f0:6b:c2:16:2e:c8:0e:4b:15:
95:ad:27:2e:23:f9:07:38:ce:3c:ce:f7:27:43:e0:
e6:61:b9:ed:8a:30:35:1a:aa:94:75:f3:d0:b9:a6:
0b:a0:23:8e:c7:84:25:41:b5:98:1e:d4:d3:bd:00:
41:c7:7a:bc:4d:59:a8:fb:39:2b:e8:4b:9d:44:90:
a6:29:16:8c:fd:6a:76:61:5d:58:72:47:d8:cd:7a:
1f:d5:b7:66:be:2d:d4:6d:7a:22:4c:9b:d5:93:27:
38:1f:71:01:cc:3b:f6:27:b8:19:1e:8e:5c:ac:2d:
99:a4:bb:6d:3b:5a:ba:86:3d:44:a0:5d:42:9a:42:
2c:4a:10:2b:e8:c9:50:af:ad:ec:99:cc:23:05:54:
6f:c4:e8:19:76:3f:a8:ab:94:e8:a4:aa:0d:6d:64:
98:80:11:9d:30:b6:75:06:cb:30:97:9c:1b:69:e1:
d2:08:b6:1b:22:44:b7:5b:a1:a6:05:38:72:51:c4:
f2:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:46:B8:94:E3:C1:DD:B8:E7:BB:54:A7:3A:7E:1E:23:DC:90:A9:11
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/xEa4lOPB3bjnu1SnOn4eI9yQqRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.252.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:14:02:61:c1:af:19:13:05:18:a9:39:ee:23:0e:e0:5c:e4:
40:f4:4a:31:a5:4c:06:18:3b:b9:7a:7e:7a:cb:8d:21:4c:53:
ec:cb:0b:57:0a:42:58:bb:de:f7:e7:b8:30:b9:eb:fa:6e:e9:
39:bc:62:8b:54:f7:0a:e5:f9:93:c6:1f:81:0f:58:b1:7d:46:
93:b0:fa:2c:7d:d0:8c:00:ed:d4:ad:b1:33:a0:ff:39:99:b0:
de:56:ad:f4:6e:9c:9f:ec:7a:2e:39:af:5a:b2:16:23:85:97:
74:c4:fd:7d:ba:ad:b2:ba:cd:41:c9:68:81:24:bf:72:80:3c:
54:79:fb:47:6f:ea:c7:4c:20:30:36:8d:2c:b1:b1:3b:35:69:
3b:7d:ac:0a:cb:76:1a:43:e9:55:f9:12:14:d4:87:5b:e5:fa:
2e:ff:d5:39:8a:44:d9:6e:54:76:4c:ea:88:0d:20:7c:11:75:
1c:8b:bc:e1:84:9c:cd:80:42:08:ee:bf:5a:fa:59:c4:30:a1:
d9:ad:03:16:28:a1:c3:73:b3:48:67:ee:55:4d:d1:d8:3f:a1:
f4:2a:11:31:c8:3b:ee:5d:15:7f:b4:e8:a4:39:73:42:46:40:
7f:54:a9:20:32:88:f5:bc:f9:ce:05:d7:57:cc:ed:d9:48:52:
9d:b7:86:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0+rcSNkHdO8vYDJoQoBRVbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwMTI1MDMzMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDQ2Yjg5NGUzYzFkZGI4ZTdiYjU0YTczYTdlMWUyM2RjOTBhOTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEXZ00AwXnNEXC5VHBmOq0ag6DML
rlaJEpz2Rbn+DLaqSy0n1haVz4fmcCjUFmF31p4Lu5JEVuV1GVaJbJJJ4Jjwa8IW
LsgOSxWVrScuI/kHOM48zvcnQ+DmYbntijA1GqqUdfPQuaYLoCOOx4QlQbWYHtTT
vQBBx3q8TVmo+zkr6EudRJCmKRaM/Wp2YV1YckfYzXof1bdmvi3UbXoiTJvVkyc4
H3EBzDv2J7gZHo5crC2ZpLttO1q6hj1EoF1CmkIsShAr6MlQr63smcwjBVRvxOgZ
dj+oq5TopKoNbWSYgBGdMLZ1Bsswl5wbaeHSCLYbIkS3W6GmBThyUcTyzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMRGuJTjwd2457tUpzp+HiPckKkRMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEveEVhNGxPUEIzYmpudTFTbk9uNGVJOXlRcVJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRX8MA0G
CSqGSIb3DQEBCwUAA4IBAQAeFAJhwa8ZEwUYqTnuIw7gXORA9EoxpUwGGDu5en56
y40hTFPsywtXCkJYu97357gwuev6buk5vGKLVPcK5fmTxh+BD1ixfUaTsPosfdCM
AO3UrbEzoP85mbDeVq30bpyf7HouOa9ashYjhZd0xP19uq2yus1ByWiBJL9ygDxU
eftHb+rHTCAwNo0ssbE7NWk7fawKy3YaQ+lV+RIU1Idb5fou/9U5ikTZblR2TOqI
DSB8EXUci7zhhJzNgEII7r9a+lnEMKHZrQMWKKHDc7NIZ+5VTdHYP6H0KhExyDvu
XRV/tOikOXNCRkB/VKkgMoj1vPnOBddXzO3ZSFKdt4aH
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:34 2025 by rpki-client