Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/419d1b-58b0-4483-92d2-86c1ee2a9eba/1/w615yHcEezdQXkk5bJMuXNNGnmw.roa
File: w615yHcEezdQXkk5bJMuXNNGnmw.roa (raw, json)
Hash identifier: p0UxBQlYSryqgOgUAQoPwr5CjcDR4gbkF5cznxboiuc=
Subject key identifier: C3:AD:79:C8:77:04:7B:37:50:5E:49:39:6C:93:2E:5C:D3:46:9E:6C
Certificate issuer: /CN=bd972d44276ea4102ef6aed30f2ae58e99b3e751
Certificate serial: 018CC64B6F126C527761941A71E5780FD62C
Authority key identifier: BD:97:2D:44:27:6E:A4:10:2E:F6:AE:D3:0F:2A:E5:8E:99:B3:E7:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vZctRCdupBAu9q7TDyrljpmz51E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/419d1b-58b0-4483-92d2-86c1ee2a9eba/1/w615yHcEezdQXkk5bJMuXNNGnmw.roa
Signing time: Mon 01 Jan 2024 18:31:21 +0000
ROA not before: Mon 01 Jan 2024 18:31:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200852
IP address blocks: 185.93.196.0/22 maxlen: 22
185.93.196.0/23 maxlen: 23
185.93.197.0/24 maxlen: 24
185.93.198.0/23 maxlen: 23
2a02:ea00::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:6f:12:6c:52:77:61:94:1a:71:e5:78:0f:d6:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd972d44276ea4102ef6aed30f2ae58e99b3e751
Validity
Not Before: Jan 1 18:31:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c3ad79c877047b37505e49396c932e5cd3469e6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ed:b7:1c:f4:ed:f7:49:3c:9f:16:7c:84:6f:
b5:64:80:cb:81:30:27:5b:c6:45:ad:7e:e7:8b:2e:
61:ab:07:95:c5:12:8d:d4:2a:2d:70:11:d9:70:4e:
7c:b6:bb:97:41:54:e9:02:27:99:3b:b0:2c:7d:ab:
2e:27:af:2d:7e:aa:38:5c:28:83:9f:90:86:9f:51:
04:20:4a:b2:75:0a:62:a8:32:79:9e:c6:a9:f4:40:
2b:14:a3:33:73:e0:f5:05:85:19:59:77:b2:f2:6d:
9e:f1:9c:91:a6:e8:5b:4d:f1:3c:d2:24:93:11:d5:
f6:2b:75:15:07:c5:b5:60:77:19:a8:a0:16:86:8c:
03:a7:66:9c:b2:a0:58:a6:b2:7f:fb:c5:10:57:5e:
2d:f8:2a:4c:93:b8:2c:1b:ba:83:c6:df:d1:bc:7a:
6a:c3:f5:c3:ed:18:77:a7:82:93:d0:38:2b:af:d9:
45:31:a6:4a:dc:dc:d4:53:e3:44:fc:33:81:ff:e1:
3f:e2:40:78:b7:de:66:d0:8e:39:22:e7:09:60:74:
17:fb:a4:33:8e:f6:d0:78:ed:b9:ae:ae:4b:3a:fb:
de:2b:af:d0:b1:46:37:fc:1f:03:03:40:6b:5b:94:
02:d3:da:88:fa:fd:d9:bf:b9:85:60:3d:c2:6b:91:
87:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:AD:79:C8:77:04:7B:37:50:5E:49:39:6C:93:2E:5C:D3:46:9E:6C
X509v3 Authority Key Identifier:
keyid:BD:97:2D:44:27:6E:A4:10:2E:F6:AE:D3:0F:2A:E5:8E:99:B3:E7:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vZctRCdupBAu9q7TDyrljpmz51E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/419d1b-58b0-4483-92d2-86c1ee2a9eba/1/w615yHcEezdQXkk5bJMuXNNGnmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/419d1b-58b0-4483-92d2-86c1ee2a9eba/1/vZctRCdupBAu9q7TDyrljpmz51E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.196.0/22
IPv6:
2a02:ea00::/29
Signature Algorithm: sha256WithRSAEncryption
02:5b:a8:65:d2:b3:5e:7f:3e:a0:86:bf:ca:f3:e5:11:44:1a:
93:17:f9:90:b7:b2:b7:28:e2:2d:d2:10:98:bb:24:92:8b:3e:
58:57:d5:ed:b1:ea:b0:7f:c5:44:0e:70:21:79:ab:49:39:ef:
7b:72:dc:37:f1:aa:2a:c8:99:bc:23:7c:d1:1c:dd:24:ca:8a:
58:46:3e:8a:31:fc:e7:9c:fd:5c:dc:2c:0a:a5:43:59:c3:be:
f7:0a:99:38:e0:82:02:d1:b2:6f:0a:26:f7:50:be:22:2e:f4:
f8:7d:a1:a6:8f:4b:4d:4b:fc:74:1d:4c:c6:d8:7a:8e:ee:1f:
22:df:f3:59:21:bf:63:01:7b:91:b1:2e:42:c5:34:e8:c3:78:
52:bb:2d:de:c7:f4:b5:cb:12:33:c7:af:90:3b:ab:63:32:59:
ed:51:1b:2e:99:be:35:14:e5:21:7c:5e:c1:a1:87:6e:60:b6:
85:4e:b8:2a:8f:59:2e:df:75:96:a4:7d:c1:3f:02:db:63:2a:
72:cb:c6:77:4a:ea:4f:94:6c:70:d5:d7:3e:2d:ae:d1:9a:d1:
50:ba:87:ab:4f:d0:0e:34:d0:f4:44:33:09:4f:03:e7:5b:14:
72:31:d6:20:2b:84:1d:0d:22:59:9d:eb:26:fc:ed:e9:46:ec:
44:be:27:4a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGS28SbFJ3YZQaceV4D9YsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkOTcyZDQ0Mjc2ZWE0MTAyZWY2YWVkMzBmMmFlNThlOTli
M2U3NTEwHhcNMjQwMTAxMTgzMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2FkNzljODc3MDQ3YjM3NTA1ZTQ5Mzk2YzkzMmU1Y2QzNDY5ZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmO23HPTt90k8nxZ8hG+1ZIDLgTAn
W8ZFrX7niy5hqweVxRKN1CotcBHZcE58truXQVTpAieZO7AsfasuJ68tfqo4XCiD
n5CGn1EEIEqydQpiqDJ5nsap9EArFKMzc+D1BYUZWXey8m2e8ZyRpuhbTfE80iST
EdX2K3UVB8W1YHcZqKAWhowDp2acsqBYprJ/+8UQV14t+CpMk7gsG7qDxt/RvHpq
w/XD7Rh3p4KT0Dgrr9lFMaZK3NzUU+NE/DOB/+E/4kB4t95m0I45IucJYHQX+6Qz
jvbQeO25rq5LOvveK6/QsUY3/B8DA0BrW5QC09qI+v3Zv7mFYD3Ca5GHXwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMOtech3BHs3UF5JOWyTLlzTRp5sMB8GA1UdIwQY
MBaAFL2XLUQnbqQQLvau0w8q5Y6Zs+dRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlpjdFJDZHVwQkF1OXE3VER5cmxqcG16NTFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80MTlkMWItNThiMC00NDgzLTkyZDIt
ODZjMWVlMmE5ZWJhLzEvdzYxNXlIY0VlemRRWGtrNWJKTXVYTk5Hbm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80MTlkMWItNThiMC00NDgzLTkyZDItODZjMWVlMmE5ZWJh
LzEvdlpjdFJDZHVwQkF1OXE3VER5cmxqcG16NTFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuV3EMA0E
AgACMAcDBQMqAuoAMA0GCSqGSIb3DQEBCwUAA4IBAQACW6hl0rNefz6ghr/K8+UR
RBqTF/mQt7K3KOIt0hCYuySSiz5YV9Xtseqwf8VEDnAheatJOe97ctw38aoqyJm8
I3zRHN0kyopYRj6KMfznnP1c3CwKpUNZw773Cpk44IIC0bJvCib3UL4iLvT4faGm
j0tNS/x0HUzG2HqO7h8i3/NZIb9jAXuRsS5CxTTow3hSuy3ex/S1yxIzx6+QO6tj
MlntURsumb41FOUhfF7BoYduYLaFTrgqj1ku33WWpH3BPwLbYypyy8Z3SupPlGxw
1dc+La7RmtFQuoerT9AONND0RDMJTwPnWxRyMdYgK4QdDSJZnesm/O3pRuxEvidK
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:29:20 2025 by rpki-client