Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/0005b2-d28b-4bf9-9bce-cd81fc580f47/1/WtJONoz3Ixt7CeZPRU-hgtKyWKs.roa
File: WtJONoz3Ixt7CeZPRU-hgtKyWKs.roa (raw, json)
Hash identifier: otXlAL96Q2eQ0JoFnviTH8lX7JlMAqHtqXMBKNXMq+c=
Subject key identifier: 5A:D2:4E:36:8C:F7:23:1B:7B:09:E6:4F:45:4F:A1:82:D2:B2:58:AB
Certificate issuer: /CN=502718ba6839397c6c57eced6d509571eaeceddf
Certificate serial: 019426D9BEBDF3E9866438F97F101D8440B5
Authority key identifier: 50:27:18:BA:68:39:39:7C:6C:57:EC:ED:6D:50:95:71:EA:EC:ED:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UCcYumg5OXxsV-ztbVCVcers7d8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/0005b2-d28b-4bf9-9bce-cd81fc580f47/1/WtJONoz3Ixt7CeZPRU-hgtKyWKs.roa
Signing time: Thu 02 Jan 2025 11:49:51 +0000
ROA not before: Thu 02 Jan 2025 11:49:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206132
IP address blocks: 185.195.164.0/22 maxlen: 22
185.195.164.0/23 maxlen: 23
185.195.164.0/24 maxlen: 24
185.195.165.0/24 maxlen: 24
185.195.166.0/23 maxlen: 23
185.195.166.0/24 maxlen: 24
185.195.167.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:be:bd:f3:e9:86:64:38:f9:7f:10:1d:84:40:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=502718ba6839397c6c57eced6d509571eaeceddf
Validity
Not Before: Jan 2 11:49:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ad24e368cf7231b7b09e64f454fa182d2b258ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:70:fe:01:22:48:f6:d3:d8:13:06:c0:3f:bd:
f3:fa:a1:c3:0e:68:b9:fc:08:d4:04:8c:85:16:fe:
ba:ca:ea:da:14:4b:07:e5:46:22:4a:0d:a7:be:f7:
9d:ef:d2:de:d1:7c:58:90:71:76:94:b4:e1:43:1e:
ed:de:7e:00:1a:83:a6:d5:b3:85:1a:af:95:63:56:
9b:63:ac:09:49:84:7f:89:96:22:6a:7a:1d:8b:e6:
dc:b6:c6:7f:a5:16:95:fb:9c:5d:dd:41:02:3d:e8:
9c:a7:4d:36:e7:cf:92:ea:1d:b4:64:aa:9c:26:63:
be:55:14:2c:06:14:50:71:3e:2a:be:1e:d2:bb:9d:
7a:d8:d5:af:43:97:d4:e8:c8:6a:b0:e4:fb:9a:85:
e1:c9:a3:8f:11:65:64:e2:78:84:99:42:82:8a:bc:
30:d0:33:92:23:de:e3:9d:fc:d2:ea:90:cb:9c:bc:
28:fe:85:9a:5d:0a:dc:71:46:c3:ed:49:22:a3:47:
63:39:ac:97:fd:00:13:9f:9a:ed:bb:00:b4:05:ce:
c5:2d:d3:cb:13:9c:a6:54:96:c1:1c:6d:be:f2:eb:
c1:7f:a6:dc:f5:48:46:a5:19:59:7f:67:c1:a2:b5:
5e:04:6e:20:b4:8a:48:a1:83:30:6a:26:b4:b9:24:
90:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:D2:4E:36:8C:F7:23:1B:7B:09:E6:4F:45:4F:A1:82:D2:B2:58:AB
X509v3 Authority Key Identifier:
keyid:50:27:18:BA:68:39:39:7C:6C:57:EC:ED:6D:50:95:71:EA:EC:ED:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UCcYumg5OXxsV-ztbVCVcers7d8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/0005b2-d28b-4bf9-9bce-cd81fc580f47/1/WtJONoz3Ixt7CeZPRU-hgtKyWKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/0005b2-d28b-4bf9-9bce-cd81fc580f47/1/UCcYumg5OXxsV-ztbVCVcers7d8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.164.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:20:e8:90:5c:bc:c6:0c:fb:60:a4:af:62:a5:02:52:d8:66:
ae:b3:62:4b:59:f7:0c:a6:8c:80:11:3a:04:ef:fd:bd:ba:f8:
e6:d5:50:87:9e:d0:4a:b8:07:28:e1:e8:de:e9:d9:51:f8:1d:
00:b9:75:58:a6:c9:0e:b8:85:19:f9:99:77:bc:b5:32:94:25:
78:de:39:f5:27:73:8d:17:7b:cb:22:bc:52:33:f6:53:73:8a:
c0:95:4a:b4:a8:37:08:9a:64:64:ab:53:af:ff:71:12:2b:c2:
37:56:d0:4f:72:a5:d3:74:c2:9e:5d:fd:2f:a8:94:8a:6c:fc:
d5:a8:d0:66:cc:49:92:77:00:2b:09:52:37:aa:97:75:97:df:
6b:02:0e:c8:90:e0:05:4f:2b:b6:74:8b:00:c2:b0:71:9f:4f:
dc:07:7f:3e:3f:05:8c:bc:a9:1e:97:38:8b:53:d4:68:c2:b4:
5a:fc:5a:64:09:9b:91:84:2d:39:d5:22:f3:95:00:c8:61:59:
62:b1:5f:e9:df:53:0f:21:56:fa:2f:74:b9:01:d7:69:99:9d:
7f:5c:40:c0:7e:84:7b:9d:52:a1:02:82:d4:1d:bf:e1:e1:14:
59:3a:e9:2a:28:32:7f:28:f7:06:33:67:65:22:ec:a1:71:e4:
9a:ba:b7:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2b698+mGZDj5fxAdhEC1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMjcxOGJhNjgzOTM5N2M2YzU3ZWNlZDZkNTA5NTcxZWFl
Y2VkZGYwHhcNMjUwMTAyMTE0OTUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWQyNGUzNjhjZjcyMzFiN2IwOWU2NGY0NTRmYTE4MmQyYjI1OGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHD+ASJI9tPYEwbAP73z+qHDDmi5
/AjUBIyFFv66yuraFEsH5UYiSg2nvved79Le0XxYkHF2lLThQx7t3n4AGoOm1bOF
Gq+VY1abY6wJSYR/iZYianodi+bctsZ/pRaV+5xd3UECPeicp00258+S6h20ZKqc
JmO+VRQsBhRQcT4qvh7Su5162NWvQ5fU6MhqsOT7moXhyaOPEWVk4niEmUKCirww
0DOSI97jnfzS6pDLnLwo/oWaXQrccUbD7Ukio0djOayX/QATn5rtuwC0Bc7FLdPL
E5ymVJbBHG2+8uvBf6bc9UhGpRlZf2fBorVeBG4gtIpIoYMwaia0uSSQQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFrSTjaM9yMbewnmT0VPoYLSslirMB8GA1UdIwQY
MBaAFFAnGLpoOTl8bFfs7W1QlXHq7O3fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUNjWXVtZzVPWHhzVi16dGJWQ1ZjZXJzN2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8wMDA1YjItZDI4Yi00YmY5LTliY2Ut
Y2Q4MWZjNTgwZjQ3LzEvV3RKT05vejNJeHQ3Q2VaUFJVLWhndEt5V0tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8wMDA1YjItZDI4Yi00YmY5LTliY2UtY2Q4MWZjNTgwZjQ3
LzEvVUNjWXVtZzVPWHhzVi16dGJWQ1ZjZXJzN2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucOkMA0G
CSqGSIb3DQEBCwUAA4IBAQCmIOiQXLzGDPtgpK9ipQJS2Gaus2JLWfcMpoyAEToE
7/29uvjm1VCHntBKuAco4eje6dlR+B0AuXVYpskOuIUZ+Zl3vLUylCV43jn1J3ON
F3vLIrxSM/ZTc4rAlUq0qDcImmRkq1Ov/3ESK8I3VtBPcqXTdMKeXf0vqJSKbPzV
qNBmzEmSdwArCVI3qpd1l99rAg7IkOAFTyu2dIsAwrBxn0/cB38+PwWMvKkelziL
U9RowrRa/FpkCZuRhC051SLzlQDIYVlisV/p31MPIVb6L3S5AddpmZ1/XEDAfoR7
nVKhAoLUHb/h4RRZOukqKDJ/KPcGM2dlIuyhceSaurfR
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:38:42 2025 by rpki-client