Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/xUXBE40oIxonI2rdk7VzQpzz0LE.roa
File: xUXBE40oIxonI2rdk7VzQpzz0LE.roa (raw, json)
Hash identifier: ntMdjj60VVTzKWDb11pY1Uxeklwz6iMkL+l3QqN6Y/E=
Subject key identifier: C5:45:C1:13:8D:28:23:1A:27:23:6A:DD:93:B5:73:42:9C:F3:D0:B1
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 0194221FF0648EADA3BCE45AB1B690F5C8D1
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/xUXBE40oIxonI2rdk7VzQpzz0LE.roa
Signing time: Wed 01 Jan 2025 13:48:25 +0000
ROA not before: Wed 01 Jan 2025 13:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 147.185.197.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:f0:64:8e:ad:a3:bc:e4:5a:b1:b6:90:f5:c8:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Jan 1 13:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c545c1138d28231a27236add93b573429cf3d0b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d7:8e:e3:16:24:63:a6:0f:7d:9b:61:d0:78:
f7:63:44:25:87:9d:71:f5:69:da:da:92:ea:1a:58:
7c:2a:b6:7f:f5:05:15:f9:79:55:a4:00:ea:8d:f7:
3d:7d:c4:19:38:67:25:c3:63:c4:c5:31:52:b0:57:
2e:33:c8:da:15:d0:f9:f2:f5:cf:f5:6d:a8:41:15:
31:32:a2:f8:8c:98:62:7e:22:1d:73:92:ae:67:e0:
58:f0:41:4d:60:50:c4:f3:6a:b9:5a:eb:8f:f0:75:
92:ce:81:38:fb:2e:25:94:1f:c9:53:c5:d3:cf:e9:
c6:ce:e6:df:ac:f7:a7:19:45:d1:3f:fb:a3:0b:fa:
bb:52:c1:ac:13:99:67:82:22:7d:e8:d0:4b:ef:88:
79:e2:c0:02:9d:35:9f:8d:c5:f9:70:ef:1f:50:e7:
18:0f:cd:98:c2:85:a5:30:0c:a8:69:b5:59:f9:a9:
3e:94:67:94:b9:91:70:4f:2e:17:09:e5:0b:3a:91:
cf:e9:94:8f:cb:2e:d9:ac:a8:d5:3c:c2:2b:e5:e9:
35:59:ba:64:ee:2d:ec:d3:dd:1a:63:0f:8d:10:cd:
34:f4:4d:60:18:32:79:b7:75:f7:c6:41:31:53:3d:
ce:f8:9a:84:92:c0:db:f5:05:f8:39:b5:c0:9b:aa:
d6:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:45:C1:13:8D:28:23:1A:27:23:6A:DD:93:B5:73:42:9C:F3:D0:B1
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/xUXBE40oIxonI2rdk7VzQpzz0LE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.185.197.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:20:68:50:77:13:9e:33:a2:d3:d9:0c:1f:ff:23:1b:d3:7d:
09:48:0f:14:ed:c7:8a:43:46:3b:5f:fe:ba:f3:76:d1:53:2f:
5c:a9:f4:dd:d0:7e:bf:ea:1e:53:aa:b8:26:10:5f:04:6a:d6:
42:bc:6d:98:b2:11:3e:2a:0d:b4:36:a4:ef:65:46:40:bf:b6:
dd:e8:c0:7e:d1:12:c6:2e:cb:71:38:df:e8:78:85:34:d2:9a:
b8:89:cb:ad:a9:5b:3b:63:63:5b:ea:8f:01:4a:20:24:52:16:
86:e6:37:2b:df:50:4a:f7:7c:d3:b3:a4:94:4a:ae:b9:8b:b9:
57:6f:69:ef:1e:7c:9d:bc:c6:38:01:ca:d6:a7:d2:aa:11:ee:
ed:72:7d:71:7c:31:f9:5b:fb:19:61:5e:86:7f:bd:19:af:1c:
8c:d1:b3:e4:2a:f7:14:8b:0e:3e:36:01:4c:a8:ef:f1:1a:89:
35:91:a4:7a:1d:b6:f1:0e:52:04:13:75:e9:0a:f8:6e:e6:c1:
3f:4a:bf:cc:05:6d:c2:ce:c4:be:21:07:d5:92:9a:5a:79:89:
c5:c0:92:3d:61:e5:8b:4a:4e:e9:5f:74:84:cd:51:29:b6:18:
34:1d:3e:51:c9:b9:89:6c:72:97:51:e7:aa:25:08:67:da:af:
69:17:a6:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH/Bkjq2jvORasbaQ9cjRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjUwMTAxMTM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTQ1YzExMzhkMjgyMzFhMjcyMzZhZGQ5M2I1NzM0MjljZjNkMGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9eO4xYkY6YPfZth0Hj3Y0Qlh51x
9Wna2pLqGlh8KrZ/9QUV+XlVpADqjfc9fcQZOGclw2PExTFSsFcuM8jaFdD58vXP
9W2oQRUxMqL4jJhifiIdc5KuZ+BY8EFNYFDE82q5WuuP8HWSzoE4+y4llB/JU8XT
z+nGzubfrPenGUXRP/ujC/q7UsGsE5lngiJ96NBL74h54sACnTWfjcX5cO8fUOcY
D82YwoWlMAyoabVZ+ak+lGeUuZFwTy4XCeULOpHP6ZSPyy7ZrKjVPMIr5ek1Wbpk
7i3s090aYw+NEM009E1gGDJ5t3X3xkExUz3O+JqEksDb9QX4ObXAm6rWRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMVFwRONKCMaJyNq3ZO1c0Kc89CxMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEveFVYQkU0MG9JeG9uSTJyZGs3VnpRcHp6MExFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk7nFMA0G
CSqGSIb3DQEBCwUAA4IBAQCdIGhQdxOeM6LT2Qwf/yMb030JSA8U7ceKQ0Y7X/66
83bRUy9cqfTd0H6/6h5TqrgmEF8EatZCvG2YshE+Kg20NqTvZUZAv7bd6MB+0RLG
LstxON/oeIU00pq4icutqVs7Y2Nb6o8BSiAkUhaG5jcr31BK93zTs6SUSq65i7lX
b2nvHnydvMY4AcrWp9KqEe7tcn1xfDH5W/sZYV6Gf70ZrxyM0bPkKvcUiw4+NgFM
qO/xGok1kaR6HbbxDlIEE3XpCvhu5sE/Sr/MBW3CzsS+IQfVkppaeYnFwJI9YeWL
Sk7pX3SEzVEpthg0HT5RybmJbHKXUeeqJQhn2q9pF6Z5
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:29:04 2025 by rpki-client