Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/5edaaf-3327-43ed-90b1-dc01f4b4bae4/1/XWOSrFlYBz01u9ZbsC7SaVbGNk0.roa
File: XWOSrFlYBz01u9ZbsC7SaVbGNk0.roa (raw, json)
Hash identifier: cXF9VQeB5aeojhDFULFIh/R4knNnDgR602re3Gn7FPU=
Subject key identifier: 5D:63:92:AC:59:58:07:3D:35:BB:D6:5B:B0:2E:D2:69:56:C6:36:4D
Certificate issuer: /CN=3ac78f33e8e1187327667fa94fd7446b8d91e5b4
Certificate serial: 01941F8C8B98EFEC9FCBD0F5AD67981B430A
Authority key identifier: 3A:C7:8F:33:E8:E1:18:73:27:66:7F:A9:4F:D7:44:6B:8D:91:E5:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OsePM-jhGHMnZn-pT9dEa42R5bQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/5edaaf-3327-43ed-90b1-dc01f4b4bae4/1/XWOSrFlYBz01u9ZbsC7SaVbGNk0.roa
Signing time: Wed 01 Jan 2025 01:48:11 +0000
ROA not before: Wed 01 Jan 2025 01:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206398
IP address blocks: 185.178.187.0/24 maxlen: 24
2a0a:6680:a000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:8b:98:ef:ec:9f:cb:d0:f5:ad:67:98:1b:43:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ac78f33e8e1187327667fa94fd7446b8d91e5b4
Validity
Not Before: Jan 1 01:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d6392ac5958073d35bbd65bb02ed26956c6364d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:3a:fc:32:ff:6f:1e:7f:48:77:16:ae:5c:83:
e2:1c:5c:52:d0:4e:9f:76:ae:ff:f6:50:c2:2b:f5:
9b:84:5c:8f:45:6c:cf:28:3c:d3:af:40:47:07:f5:
d0:30:b5:18:32:3d:62:b0:48:7a:f0:4d:bf:a5:54:
ca:70:0b:84:ee:40:f9:93:40:46:8f:c1:9e:d0:9a:
41:c9:48:49:4e:a5:bf:0c:af:7f:b8:63:5a:91:45:
e8:47:d0:a6:44:7a:e1:e5:86:c6:f4:d8:47:c7:1c:
c1:fa:28:f6:8d:bb:7a:35:2b:e1:3f:3e:a5:9a:0d:
d0:9f:62:5a:6e:22:1c:aa:ff:d8:1d:45:47:1e:6b:
9b:71:3c:e1:35:8f:11:18:a8:73:4a:de:42:59:fa:
4a:20:ec:76:a8:cf:be:1e:10:c6:96:e2:3d:32:ed:
9f:f2:dc:66:0f:f3:c3:f6:92:35:09:60:6e:45:53:
e8:80:b6:d0:c7:b7:25:31:d5:e9:b6:d1:8b:88:e6:
f9:b9:23:76:27:e6:7d:0a:dd:90:de:b1:52:05:f9:
83:75:ff:92:b2:ae:a1:e8:48:cd:34:85:4e:d0:d2:
ae:5a:c0:a3:22:83:7d:e3:f4:4f:f1:61:43:b9:55:
3e:f9:b2:85:8c:a4:25:77:65:7b:4f:0e:56:4f:90:
2c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:63:92:AC:59:58:07:3D:35:BB:D6:5B:B0:2E:D2:69:56:C6:36:4D
X509v3 Authority Key Identifier:
keyid:3A:C7:8F:33:E8:E1:18:73:27:66:7F:A9:4F:D7:44:6B:8D:91:E5:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OsePM-jhGHMnZn-pT9dEa42R5bQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5edaaf-3327-43ed-90b1-dc01f4b4bae4/1/XWOSrFlYBz01u9ZbsC7SaVbGNk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5edaaf-3327-43ed-90b1-dc01f4b4bae4/1/OsePM-jhGHMnZn-pT9dEa42R5bQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.187.0/24
IPv6:
2a0a:6680:a000::/36
Signature Algorithm: sha256WithRSAEncryption
50:40:13:9f:b7:b2:b3:13:26:89:ef:9d:e3:a1:24:fd:c4:1a:
1f:f1:4a:b6:14:27:9b:f4:51:33:00:6d:0f:ab:9f:5f:90:bf:
6d:79:31:30:a6:e3:2f:05:09:66:2b:47:f2:79:67:48:9f:cf:
f3:d0:f1:5e:89:ad:4e:2b:54:7d:91:8c:9a:ae:3a:81:94:92:
c7:fd:36:47:e9:98:52:e3:9d:63:5c:f1:0e:57:6a:21:77:40:
d3:0e:16:9d:c0:f2:38:c4:a5:87:27:d6:6b:ba:e0:34:9e:d2:
bf:30:4e:f6:d5:4e:e5:d8:2d:67:b3:96:8a:0e:9b:c1:61:91:
32:b5:06:63:ec:e5:cd:94:27:bc:69:bf:79:ac:f3:bf:12:de:
19:3e:79:ad:13:d5:06:45:0e:dc:14:9c:04:73:c4:b2:0a:17:
e5:eb:6d:6f:23:a1:e9:97:57:20:9e:8e:d8:6c:ae:04:dd:cf:
0e:71:30:60:44:be:dc:3b:ad:11:9a:b6:75:0c:d0:ba:2b:35:
e5:fc:bb:42:0f:52:2a:e3:ae:7b:42:2d:84:e6:c7:99:d3:3c:
73:f2:4a:6f:86:f5:88:ed:a0:99:88:a8:47:a6:42:27:fe:8a:
fe:ac:0f:0e:f0:9a:38:87:fb:95:71:20:18:4c:05:cb:05:80:
1f:54:20:08
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQfjIuY7+yfy9D1rWeYG0MKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYzc4ZjMzZThlMTE4NzMyNzY2N2ZhOTRmZDc0NDZiOGQ5
MWU1YjQwHhcNMjUwMTAxMDE0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDYzOTJhYzU5NTgwNzNkMzViYmQ2NWJiMDJlZDI2OTU2YzYzNjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Dr8Mv9vHn9IdxauXIPiHFxS0E6f
dq7/9lDCK/WbhFyPRWzPKDzTr0BHB/XQMLUYMj1isEh68E2/pVTKcAuE7kD5k0BG
j8Ge0JpByUhJTqW/DK9/uGNakUXoR9CmRHrh5YbG9NhHxxzB+ij2jbt6NSvhPz6l
mg3Qn2JabiIcqv/YHUVHHmubcTzhNY8RGKhzSt5CWfpKIOx2qM++HhDGluI9Mu2f
8txmD/PD9pI1CWBuRVPogLbQx7clMdXpttGLiOb5uSN2J+Z9Ct2Q3rFSBfmDdf+S
sq6h6EjNNIVO0NKuWsCjIoN94/RP8WFDuVU++bKFjKQld2V7Tw5WT5AsVwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFF1jkqxZWAc9NbvWW7Au0mlWxjZNMB8GA1UdIwQY
MBaAFDrHjzPo4RhzJ2Z/qU/XRGuNkeW0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3NlUE0tamhHSE1uWm4tcFQ5ZEVhNDJSNWJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy81ZWRhYWYtMzMyNy00M2VkLTkwYjEt
ZGMwMWY0YjRiYWU0LzEvWFdPU3JGbFlCejAxdTlaYnNDN1NhVmJHTmswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy81ZWRhYWYtMzMyNy00M2VkLTkwYjEtZGMwMWY0YjRiYWU0
LzEvT3NlUE0tamhHSE1uWm4tcFQ5ZEVhNDJSNWJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAubK7MA4E
AgACMAgDBgQqCmaAoDANBgkqhkiG9w0BAQsFAAOCAQEAUEATn7eysxMmie+d46Ek
/cQaH/FKthQnm/RRMwBtD6ufX5C/bXkxMKbjLwUJZitH8nlnSJ/P89DxXomtTitU
fZGMmq46gZSSx/02R+mYUuOdY1zxDldqIXdA0w4WncDyOMSlhyfWa7rgNJ7SvzBO
9tVO5dgtZ7OWig6bwWGRMrUGY+zlzZQnvGm/eazzvxLeGT55rRPVBkUO3BScBHPE
sgoX5ettbyOh6ZdXIJ6O2GyuBN3PDnEwYES+3DutEZq2dQzQuis15fy7Qg9SKuOu
e0IthObHmdM8c/JKb4b1iO2gmYioR6ZCJ/6K/qwPDvCaOIf7lXEgGEwFywWAH1Qg
CA==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:05 2025 by rpki-client