Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/XvhOlZHhtvBRjdilS_5NmBPNA4w.roa
File: XvhOlZHhtvBRjdilS_5NmBPNA4w.roa (raw, json)
Hash identifier: zSWezqu1LMO/KPP2eAz/DBTzsd5yulT1ChdiK+lwzqk=
Subject key identifier: 5E:F8:4E:95:91:E1:B6:F0:51:8D:D8:A5:4B:FE:4D:98:13:CD:03:8C
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01942747DB21B3D93E4303E53DD5533FFD9C
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/XvhOlZHhtvBRjdilS_5NmBPNA4w.roa
Signing time: Thu 02 Jan 2025 13:50:08 +0000
ROA not before: Thu 02 Jan 2025 13:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202562
IP address blocks: 185.186.64.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:db:21:b3:d9:3e:43:03:e5:3d:d5:53:3f:fd:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 13:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ef84e9591e1b6f0518dd8a54bfe4d9813cd038c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f9:da:9c:12:9e:8e:ae:74:ee:f2:78:94:0e:
e5:fe:32:00:4d:4e:75:f1:07:41:15:8e:fb:17:c8:
b6:ab:13:b9:00:69:7b:78:c4:72:af:0a:a5:d0:7c:
53:1f:aa:bf:24:ab:2d:e9:4c:e0:60:98:d7:97:92:
0c:49:b8:08:53:af:bf:30:f3:c4:6e:8a:d3:c6:09:
b0:19:0e:4d:0c:7c:65:b6:d6:f5:54:b2:a7:b0:1f:
4b:06:86:39:b4:29:c5:05:42:6c:4e:94:70:ed:9e:
a8:87:a3:85:6f:f0:6e:51:68:47:0f:55:e6:70:28:
8c:5b:24:d3:4c:9c:ff:71:40:d8:52:dc:23:09:c8:
78:d8:3f:c4:46:df:fc:52:42:7c:5f:7d:59:d3:87:
2d:71:1a:ae:72:04:c6:69:56:31:92:c0:aa:e8:45:
a3:de:42:f0:49:29:a5:76:d6:41:b7:46:71:f4:fe:
04:d4:2b:49:55:2a:5a:e0:58:a5:d8:4b:46:7f:cb:
69:a9:ad:88:25:08:e2:8f:d0:87:bb:cb:48:05:46:
76:b1:c6:c6:55:38:55:48:0b:f5:6f:b5:26:45:63:
b3:a2:ba:1a:ce:55:a5:55:18:08:5c:15:fb:a2:8a:
26:7e:e6:15:05:f0:ea:9c:0b:0f:ac:e4:fe:b4:74:
c3:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:F8:4E:95:91:E1:B6:F0:51:8D:D8:A5:4B:FE:4D:98:13:CD:03:8C
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/XvhOlZHhtvBRjdilS_5NmBPNA4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.64.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:20:a7:09:75:e5:46:3b:35:dc:2a:49:a9:0f:ae:ec:bf:46:
0c:c4:75:7e:21:0e:0d:a8:e5:a8:18:3c:b0:1f:3d:46:53:0c:
9d:2a:11:79:af:ea:35:2b:d6:b2:66:96:d8:99:df:fa:a0:2a:
1d:5a:fe:5e:12:75:02:2b:9a:90:3c:7f:90:ae:2c:3d:c7:6c:
e6:d6:4a:f8:24:9d:9a:a5:35:66:3b:44:58:42:56:8c:72:6d:
63:3d:60:6a:8c:13:08:9e:64:f1:e3:b4:49:bb:6b:07:1f:36:
e1:71:65:ac:22:88:f9:64:0e:c6:fa:9e:79:b8:3f:cd:92:3b:
b2:b7:a4:c7:40:87:fd:28:74:2e:55:69:04:2a:f4:22:6a:cf:
a3:7b:a2:45:dc:ec:8a:98:41:26:04:21:5a:1d:5c:63:cf:3f:
85:2f:ff:e0:43:bf:48:72:74:0f:56:c6:69:cf:94:d1:f3:14:
fb:3f:24:8f:6b:5a:96:32:f8:28:fe:5d:23:04:9e:c2:39:b6:
37:37:bc:7e:a9:85:db:44:c2:2e:08:27:99:d6:8b:95:43:4a:
e5:06:b4:c8:08:f9:d3:1a:e2:b4:6a:0c:75:33:c8:de:00:4c:
f6:a9:ac:67:e0:bb:67:5f:b7:8b:17:ef:70:3e:84:20:4c:cf:
dc:73:b7:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR9shs9k+QwPlPdVTP/2cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwMTAyMTM1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWY4NGU5NTkxZTFiNmYwNTE4ZGQ4YTU0YmZlNGQ5ODEzY2QwMzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/nanBKejq507vJ4lA7l/jIATU51
8QdBFY77F8i2qxO5AGl7eMRyrwql0HxTH6q/JKst6UzgYJjXl5IMSbgIU6+/MPPE
borTxgmwGQ5NDHxlttb1VLKnsB9LBoY5tCnFBUJsTpRw7Z6oh6OFb/BuUWhHD1Xm
cCiMWyTTTJz/cUDYUtwjCch42D/ERt/8UkJ8X31Z04ctcRqucgTGaVYxksCq6EWj
3kLwSSmldtZBt0Zx9P4E1CtJVSpa4Fil2EtGf8tpqa2IJQjij9CHu8tIBUZ2scbG
VThVSAv1b7UmRWOzoroazlWlVRgIXBX7ooomfuYVBfDqnAsPrOT+tHTDkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF74TpWR4bbwUY3YpUv+TZgTzQOMMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvWHZoT2xaSGh0dkJSamRpbFNfNU5tQlBOQTR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubpAMA0G
CSqGSIb3DQEBCwUAA4IBAQAeIKcJdeVGOzXcKkmpD67sv0YMxHV+IQ4NqOWoGDyw
Hz1GUwydKhF5r+o1K9ayZpbYmd/6oCodWv5eEnUCK5qQPH+Qriw9x2zm1kr4JJ2a
pTVmO0RYQlaMcm1jPWBqjBMInmTx47RJu2sHHzbhcWWsIoj5ZA7G+p55uD/Nkjuy
t6THQIf9KHQuVWkEKvQias+je6JF3OyKmEEmBCFaHVxjzz+FL//gQ79IcnQPVsZp
z5TR8xT7PySPa1qWMvgo/l0jBJ7CObY3N7x+qYXbRMIuCCeZ1ouVQ0rlBrTICPnT
GuK0agx1M8jeAEz2qaxn4LtnX7eLF+9wPoQgTM/cc7ce
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:01:44 2025 by rpki-client