Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/6cdb63-9cfd-4984-877e-09210212714c/1/xSRj9AL7LP2z8yZaMDfviXxDydk.roa
File: xSRj9AL7LP2z8yZaMDfviXxDydk.roa (raw, json)
Hash identifier: 2o2eUqaQbQdiuk4n3UmnVUKsg19YQAtxvu//olNpHNs=
Subject key identifier: C5:24:63:F4:02:FB:2C:FD:B3:F3:26:5A:30:37:EF:89:7C:43:C9:D9
Certificate issuer: /CN=195997a8bfc698b8eb9e8728ecaf12a527b357df
Certificate serial: 0194C2B1E77EFEC0CDAD73DD8F6A176BEED0
Authority key identifier: 19:59:97:A8:BF:C6:98:B8:EB:9E:87:28:EC:AF:12:A5:27:B3:57:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GVmXqL_GmLjrnoco7K8SpSezV98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/6cdb63-9cfd-4984-877e-09210212714c/1/xSRj9AL7LP2z8yZaMDfviXxDydk.roa
Signing time: Sat 01 Feb 2025 18:07:06 +0000
ROA not before: Sat 01 Feb 2025 18:07:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207992
IP address blocks: 185.152.52.0/22 maxlen: 22
185.152.52.0/24 maxlen: 24
2a07:7f00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c2:b1:e7:7e:fe:c0:cd:ad:73:dd:8f:6a:17:6b:ee:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=195997a8bfc698b8eb9e8728ecaf12a527b357df
Validity
Not Before: Feb 1 18:07:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c52463f402fb2cfdb3f3265a3037ef897c43c9d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e9:83:a8:9f:e0:48:49:cc:90:d6:06:86:f7:
ad:12:4f:a5:4c:e8:35:b0:f8:7c:4d:37:71:c7:f4:
02:24:06:04:6b:3c:d7:de:9d:b7:f0:f8:eb:ea:f1:
0a:c6:18:58:4b:a0:3a:71:9d:92:53:cc:a0:b1:18:
2c:15:ce:38:0e:e6:60:12:50:bc:c6:79:76:96:98:
5d:de:b0:6b:7c:44:32:21:7d:e3:bc:42:12:99:c7:
8f:47:a8:76:a7:d0:c1:1b:6c:97:80:71:3c:07:8f:
5c:67:e3:2c:1e:58:86:ca:10:58:58:ae:a8:69:e4:
fa:31:b8:1e:37:a9:45:88:f6:50:c3:b4:75:98:2a:
cf:45:aa:50:d4:f2:04:12:57:43:37:4e:8f:65:36:
14:b0:1c:ab:1d:c5:95:de:87:83:e4:c3:f4:5f:31:
ec:cd:8d:bb:49:17:8d:94:17:f1:63:63:d9:40:80:
e1:90:52:a5:50:80:49:25:4c:fb:13:c1:a3:4e:ae:
37:d1:85:c5:5a:7f:ed:57:e1:49:97:67:89:2b:63:
bb:48:27:54:17:0a:0c:a7:75:6f:8d:ca:c3:44:ff:
73:71:00:88:cf:4b:9d:92:9c:f4:09:8c:86:5d:45:
34:04:a1:4d:9a:ad:bd:14:c7:27:96:73:fd:7c:c1:
66:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:24:63:F4:02:FB:2C:FD:B3:F3:26:5A:30:37:EF:89:7C:43:C9:D9
X509v3 Authority Key Identifier:
keyid:19:59:97:A8:BF:C6:98:B8:EB:9E:87:28:EC:AF:12:A5:27:B3:57:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GVmXqL_GmLjrnoco7K8SpSezV98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6cdb63-9cfd-4984-877e-09210212714c/1/xSRj9AL7LP2z8yZaMDfviXxDydk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6cdb63-9cfd-4984-877e-09210212714c/1/GVmXqL_GmLjrnoco7K8SpSezV98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.52.0/22
IPv6:
2a07:7f00::/29
Signature Algorithm: sha256WithRSAEncryption
ce:55:8e:f1:78:5f:0c:2d:9e:d1:06:69:e4:a9:dd:a5:d0:8d:
db:06:c4:56:3e:70:4c:da:27:81:ea:f0:bd:e7:75:91:f0:19:
01:a0:71:ed:b3:c8:68:32:6e:35:f3:42:03:df:58:b3:7a:e7:
93:8c:42:72:81:d8:07:99:b8:2d:38:7b:0e:29:a3:f5:18:2c:
3e:3d:5f:f8:cd:ea:48:ed:ca:ed:c4:d0:90:5a:03:19:04:e0:
e0:b4:45:24:6d:fd:c8:1a:3e:dc:0e:57:d8:18:4b:11:bb:d8:
76:8f:be:7a:75:00:f4:7b:8c:87:fe:ca:4c:b7:60:cd:b8:ef:
07:dc:ba:e1:67:08:45:ca:d5:d9:79:16:4b:1d:d6:ce:28:44:
d5:74:3c:42:54:69:a3:36:4f:01:36:c0:c1:0d:9e:18:61:df:
06:fa:c9:d0:8a:2e:a8:95:db:c0:a0:30:ee:11:44:5a:26:bd:
f4:b8:41:38:4a:bd:ea:d0:46:98:7b:20:f6:33:27:73:8e:6d:
fa:f0:a2:68:e0:29:01:18:14:cd:0d:c1:93:30:99:bc:ef:ae:
d9:f1:7c:f0:65:95:86:69:46:ae:7b:e5:ed:18:2b:57:10:e1:
c3:b0:b3:67:e7:c2:9a:b8:48:e9:3a:b7:f1:91:3f:7e:fe:6f:
4c:60:0d:d6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZTCsed+/sDNrXPdj2oXa+7QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NTk5N2E4YmZjNjk4YjhlYjllODcyOGVjYWYxMmE1Mjdi
MzU3ZGYwHhcNMjUwMjAxMTgwNzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTI0NjNmNDAyZmIyY2ZkYjNmMzI2NWEzMDM3ZWY4OTdjNDNjOWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1umDqJ/gSEnMkNYGhvetEk+lTOg1
sPh8TTdxx/QCJAYEazzX3p238Pjr6vEKxhhYS6A6cZ2SU8ygsRgsFc44DuZgElC8
xnl2lphd3rBrfEQyIX3jvEISmcePR6h2p9DBG2yXgHE8B49cZ+MsHliGyhBYWK6o
aeT6MbgeN6lFiPZQw7R1mCrPRapQ1PIEEldDN06PZTYUsByrHcWV3oeD5MP0XzHs
zY27SReNlBfxY2PZQIDhkFKlUIBJJUz7E8GjTq430YXFWn/tV+FJl2eJK2O7SCdU
FwoMp3VvjcrDRP9zcQCIz0udkpz0CYyGXUU0BKFNmq29FMcnlnP9fMFmmwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMUkY/QC+yz9s/MmWjA374l8Q8nZMB8GA1UdIwQY
MBaAFBlZl6i/xpi4656HKOyvEqUns1ffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1ZtWHFMX0dtTGpybm9jbzdLOFNwU2V6Vjk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82Y2RiNjMtOWNmZC00OTg0LTg3N2Ut
MDkyMTAyMTI3MTRjLzEveFNSajlBTDdMUDJ6OHlaYU1EZnZpWHhEeWRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82Y2RiNjMtOWNmZC00OTg0LTg3N2UtMDkyMTAyMTI3MTRj
LzEvR1ZtWHFMX0dtTGpybm9jbzdLOFNwU2V6Vjk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZg0MA0E
AgACMAcDBQMqB38AMA0GCSqGSIb3DQEBCwUAA4IBAQDOVY7xeF8MLZ7RBmnkqd2l
0I3bBsRWPnBM2ieB6vC953WR8BkBoHHts8hoMm4180ID31izeueTjEJygdgHmbgt
OHsOKaP1GCw+PV/4zepI7crtxNCQWgMZBODgtEUkbf3IGj7cDlfYGEsRu9h2j756
dQD0e4yH/spMt2DNuO8H3LrhZwhFytXZeRZLHdbOKETVdDxCVGmjNk8BNsDBDZ4Y
Yd8G+snQii6oldvAoDDuEURaJr30uEE4Sr3q0EaYeyD2Mydzjm368KJo4CkBGBTN
DcGTMJm8767Z8XzwZZWGaUaue+XtGCtXEOHDsLNn58KauEjpOrfxkT9+/m9MYA3W
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:42:51 2025 by rpki-client