Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/c36836-a2c8-4771-a958-974fcfef263b/1/cXeJCUogAaEPl1tXX88SkxpGNt0.roa
File: cXeJCUogAaEPl1tXX88SkxpGNt0.roa (raw, json)
Hash identifier: Dh4HnPXXYE7MyBz3BsCQMLZhlOfs6wXwyiVfb9zL+aE=
Subject key identifier: 71:77:89:09:4A:20:01:A1:0F:97:5B:57:5F:CF:12:93:1A:46:36:DD
Certificate issuer: /CN=1b2646828a9ea7bf8d40b4f9f0ba44ccdcb2cedd
Certificate serial: 019421B2237914FBE6F64A135AFD5E7B8C00
Authority key identifier: 1B:26:46:82:8A:9E:A7:BF:8D:40:B4:F9:F0:BA:44:CC:DC:B2:CE:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GyZGgoqep7-NQLT58LpEzNyyzt0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/c36836-a2c8-4771-a958-974fcfef263b/1/cXeJCUogAaEPl1tXX88SkxpGNt0.roa
Signing time: Wed 01 Jan 2025 11:48:29 +0000
ROA not before: Wed 01 Jan 2025 11:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212889
IP address blocks: 185.238.69.0/24 maxlen: 24
185.238.70.0/24 maxlen: 24
185.238.71.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:23:79:14:fb:e6:f6:4a:13:5a:fd:5e:7b:8c:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2646828a9ea7bf8d40b4f9f0ba44ccdcb2cedd
Validity
Not Before: Jan 1 11:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=717789094a2001a10f975b575fcf12931a4636dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:e1:39:50:31:62:37:35:24:c3:2c:74:b3:37:
8c:50:24:56:cd:ad:d6:1a:3f:11:f8:7a:8c:7a:a0:
ed:bd:30:cb:83:6f:1b:e1:13:b9:19:8a:7a:0d:bc:
32:c7:ef:58:75:07:a1:e8:e5:73:71:03:70:25:ca:
34:59:a4:4b:49:1a:bf:22:12:cc:59:5f:70:03:16:
d3:91:46:c6:a2:f8:9e:83:5c:75:c0:5c:d6:96:38:
1f:f9:c1:a0:6e:cb:4d:20:cc:ad:fa:6f:b9:72:33:
36:94:2b:42:dd:2b:08:a3:71:f2:04:af:41:d0:4a:
0f:85:7c:3a:57:d6:7a:59:da:7d:3b:30:13:cc:c6:
a3:14:aa:6c:2c:3d:e0:6b:33:8d:ad:ad:52:f4:f2:
27:2a:98:ba:b5:73:7a:10:6a:ab:c8:30:0f:b8:e7:
f9:72:e9:ab:5b:0d:5b:8b:6c:9a:de:8d:cb:d5:00:
f8:bb:46:02:80:73:aa:f3:bc:25:72:db:ce:3c:ac:
59:25:3c:d6:dd:02:0d:76:d0:68:67:2f:63:0d:60:
69:9a:e5:77:37:84:59:e2:84:a6:3c:ab:88:9a:e9:
1d:35:c6:55:23:6e:67:26:8a:78:e7:82:38:0e:fe:
c8:39:76:79:ed:79:42:96:dd:0f:ed:64:a8:7e:8a:
31:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:77:89:09:4A:20:01:A1:0F:97:5B:57:5F:CF:12:93:1A:46:36:DD
X509v3 Authority Key Identifier:
keyid:1B:26:46:82:8A:9E:A7:BF:8D:40:B4:F9:F0:BA:44:CC:DC:B2:CE:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GyZGgoqep7-NQLT58LpEzNyyzt0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/c36836-a2c8-4771-a958-974fcfef263b/1/cXeJCUogAaEPl1tXX88SkxpGNt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/c36836-a2c8-4771-a958-974fcfef263b/1/GyZGgoqep7-NQLT58LpEzNyyzt0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.69.0-185.238.71.255
Signature Algorithm: sha256WithRSAEncryption
20:09:a2:16:82:81:f2:25:25:24:1b:e6:4e:37:2e:37:f5:c6:
d3:81:3f:dc:d1:eb:9a:12:e8:94:76:1b:72:29:c5:27:0f:3b:
95:70:c2:5d:7e:dd:51:6d:ee:80:5f:d5:08:49:f8:68:7c:8e:
9e:3c:7a:38:6e:fc:67:49:f0:cb:bd:8f:cd:dc:e6:e0:02:9f:
aa:26:6e:3e:f9:d6:71:78:8c:5e:f9:c4:87:40:6c:38:d0:3a:
d8:00:02:85:db:7f:8e:52:53:fa:22:b4:b0:76:87:a3:6d:4b:
1b:8a:39:0c:4a:c4:7a:3d:db:ea:78:dd:91:0a:09:50:ce:f2:
8d:51:ab:9b:15:bc:fa:94:40:43:67:af:af:3e:74:86:ec:87:
7a:cb:be:7b:09:8e:81:01:c7:8d:90:a6:f0:2a:4f:27:b4:c1:
62:ae:bf:22:10:28:0e:b9:f8:6e:25:b3:e0:7e:cb:cb:7b:0b:
90:27:59:ad:a6:9c:8c:1d:9e:fc:6b:00:df:72:54:d2:ca:eb:
a6:49:63:5a:47:29:a3:7e:17:57:79:9b:3d:b7:01:4f:32:41:
83:30:f8:b8:6e:d5:7b:b1:cd:32:01:4e:ba:d1:25:5c:f3:d6:
68:3a:94:89:84:53:3f:af:a6:5d:c0:fd:ea:27:d4:46:b5:98:
99:ef:19:67
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQhsiN5FPvm9koTWv1ee4wAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMjY0NjgyOGE5ZWE3YmY4ZDQwYjRmOWYwYmE0NGNjZGNi
MmNlZGQwHhcNMjUwMTAxMTE0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTc3ODkwOTRhMjAwMWExMGY5NzViNTc1ZmNmMTI5MzFhNDYzNmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4uE5UDFiNzUkwyx0szeMUCRWza3W
Gj8R+HqMeqDtvTDLg28b4RO5GYp6Dbwyx+9YdQeh6OVzcQNwJco0WaRLSRq/IhLM
WV9wAxbTkUbGovieg1x1wFzWljgf+cGgbstNIMyt+m+5cjM2lCtC3SsIo3HyBK9B
0EoPhXw6V9Z6Wdp9OzATzMajFKpsLD3gazONra1S9PInKpi6tXN6EGqryDAPuOf5
cumrWw1bi2ya3o3L1QD4u0YCgHOq87wlctvOPKxZJTzW3QINdtBoZy9jDWBpmuV3
N4RZ4oSmPKuImukdNcZVI25nJop454I4Dv7IOXZ57XlClt0P7WSofooxiQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHF3iQlKIAGhD5dbV1/PEpMaRjbdMB8GA1UdIwQY
MBaAFBsmRoKKnqe/jUC0+fC6RMzcss7dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3laR2dvcWVwNy1OUUxUNThMcEV6Tnl5enQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9jMzY4MzYtYTJjOC00NzcxLWE5NTgt
OTc0ZmNmZWYyNjNiLzEvY1hlSkNVb2dBYUVQbDF0WFg4OFNreHBHTnQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9jMzY4MzYtYTJjOC00NzcxLWE5NTgtOTc0ZmNmZWYyNjNi
LzEvR3laR2dvcWVwNy1OUUxUNThMcEV6Tnl5enQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC57kUD
BAO57kAwDQYJKoZIhvcNAQELBQADggEBACAJohaCgfIlJSQb5k43Ljf1xtOBP9zR
65oS6JR2G3IpxScPO5Vwwl1+3VFt7oBf1QhJ+Gh8jp48ejhu/GdJ8Mu9j83c5uAC
n6ombj751nF4jF75xIdAbDjQOtgAAoXbf45SU/oitLB2h6NtSxuKOQxKxHo92+p4
3ZEKCVDO8o1Rq5sVvPqUQENnr68+dIbsh3rLvnsJjoEBx42QpvAqTye0wWKuvyIQ
KA65+G4ls+B+y8t7C5AnWa2mnIwdnvxrAN9yVNLK66ZJY1pHKaN+F1d5mz23AU8y
QYMw+Lhu1XuxzTIBTrrRJVzz1mg6lImEUz+vpl3A/eon1Ea1mJnvGWc=
-----END CERTIFICATE-----
Generated at Wed Apr 16 07:55:14 2025 by rpki-client