Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/b73781-247e-41f8-ba33-93f2860a212b/1/W-mdYXyGyNG56mn9a6N3pMEBwMY.roa
File: W-mdYXyGyNG56mn9a6N3pMEBwMY.roa (raw, json)
Hash identifier: ZHcNO2c/fN/AnSX7blHMQMDMfSdNie9N27X+awey9kI=
Subject key identifier: 5B:E9:9D:61:7C:86:C8:D1:B9:EA:69:FD:6B:A3:77:A4:C1:01:C0:C6
Certificate issuer: /CN=a5cae6a01d854abdf9256dcc2429617d55f03bd9
Certificate serial: 018CC6B7ACB9BD885C15000D84CD35164ABC
Authority key identifier: A5:CA:E6:A0:1D:85:4A:BD:F9:25:6D:CC:24:29:61:7D:55:F0:3B:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pcrmoB2FSr35JW3MJClhfVXwO9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/b73781-247e-41f8-ba33-93f2860a212b/1/W-mdYXyGyNG56mn9a6N3pMEBwMY.roa
Signing time: Mon 01 Jan 2024 20:29:35 +0000
ROA not before: Mon 01 Jan 2024 20:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57013
IP address blocks: 185.187.18.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:ac:b9:bd:88:5c:15:00:0d:84:cd:35:16:4a:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5cae6a01d854abdf9256dcc2429617d55f03bd9
Validity
Not Before: Jan 1 20:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5be99d617c86c8d1b9ea69fd6ba377a4c101c0c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:42:c5:21:95:01:72:0b:43:a5:f5:de:7f:4d:
c0:60:b8:c8:3d:f7:5e:52:0e:27:0b:8b:0f:a4:ae:
eb:a4:1b:da:d3:3b:1b:90:ef:ae:eb:a9:f7:49:e6:
80:eb:82:5a:56:5d:23:43:21:ab:4f:ae:39:de:ec:
c1:af:c8:12:ae:42:b2:94:75:9a:0f:d0:5f:82:f9:
1e:19:ac:18:e9:23:26:64:31:d6:f4:20:dc:b8:7b:
30:3d:15:09:6f:2a:42:03:31:04:14:c9:02:b2:36:
5f:21:f3:80:10:99:c1:b6:b0:9a:54:bb:53:84:b9:
73:18:29:17:ad:15:7f:f7:58:34:43:77:bf:ef:d9:
48:66:77:96:2d:52:b2:e0:9d:1c:b0:31:ab:39:17:
d4:7e:08:c5:4f:a8:5b:3c:d5:55:0a:95:b1:d3:df:
3a:58:02:9e:2c:00:3e:70:83:84:ec:ba:f5:ec:7a:
97:79:26:d3:5c:9c:04:8b:d2:4c:ff:13:03:51:c8:
53:d0:7f:6f:de:d0:4b:38:7e:2e:ce:0e:63:89:df:
f1:0e:1f:b4:05:f4:ed:04:5c:cf:c4:7b:4e:ac:50:
2d:34:d3:65:2c:d2:d8:e0:37:f1:62:6e:01:f1:96:
c0:29:77:aa:b7:93:df:59:6d:62:25:81:60:d4:34:
03:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:E9:9D:61:7C:86:C8:D1:B9:EA:69:FD:6B:A3:77:A4:C1:01:C0:C6
X509v3 Authority Key Identifier:
keyid:A5:CA:E6:A0:1D:85:4A:BD:F9:25:6D:CC:24:29:61:7D:55:F0:3B:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pcrmoB2FSr35JW3MJClhfVXwO9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/b73781-247e-41f8-ba33-93f2860a212b/1/W-mdYXyGyNG56mn9a6N3pMEBwMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/b73781-247e-41f8-ba33-93f2860a212b/1/pcrmoB2FSr35JW3MJClhfVXwO9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.18.0/24
Signature Algorithm: sha256WithRSAEncryption
55:74:e1:f4:a9:99:17:41:13:c7:97:cc:af:de:b5:ae:e7:d3:
1e:3a:2d:88:56:2a:2b:8d:e4:91:9c:fb:9d:5d:c6:f5:61:16:
41:eb:bf:00:67:83:17:fe:3f:d8:38:98:1e:54:7f:c5:1b:b9:
67:04:e6:5c:75:d7:ef:16:32:01:80:d8:52:3f:f7:f7:0e:3b:
63:f3:a9:e3:7c:23:52:97:f9:43:d8:0f:c6:ed:03:41:c5:d2:
54:f6:fb:52:3c:48:41:73:ee:79:8d:b1:48:a3:d2:a1:50:41:
a6:7d:59:84:5b:7f:fe:38:d0:31:e1:3b:86:23:28:1d:a1:c9:
fe:dd:5e:1b:a8:50:af:a9:70:19:56:dd:59:86:29:68:b3:b8:
f0:db:31:f1:38:c7:91:23:31:2e:9f:65:30:3d:fb:86:b6:47:
9f:bf:83:ac:a5:64:31:c5:50:8f:42:23:7b:42:d7:41:13:f4:
02:16:d3:42:be:ce:22:06:be:0e:d9:bf:c7:37:28:2e:c8:5a:
87:4b:83:b5:f6:a4:da:b1:0e:63:cd:b9:af:19:65:2a:76:0e:
39:04:14:bd:20:db:85:7e:db:9b:26:7b:c6:5b:87:a3:c2:5e:
0e:00:cb:53:ad:a0:17:42:dc:95:0c:ad:21:a1:89:c8:73:81:
cd:0e:64:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt6y5vYhcFQANhM01Fkq8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1Y2FlNmEwMWQ4NTRhYmRmOTI1NmRjYzI0Mjk2MTdkNTVm
MDNiZDkwHhcNMjQwMTAxMjAyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmU5OWQ2MTdjODZjOGQxYjllYTY5ZmQ2YmEzNzdhNGMxMDFjMGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkLFIZUBcgtDpfXef03AYLjIPfde
Ug4nC4sPpK7rpBva0zsbkO+u66n3SeaA64JaVl0jQyGrT6453uzBr8gSrkKylHWa
D9BfgvkeGawY6SMmZDHW9CDcuHswPRUJbypCAzEEFMkCsjZfIfOAEJnBtrCaVLtT
hLlzGCkXrRV/91g0Q3e/79lIZneWLVKy4J0csDGrORfUfgjFT6hbPNVVCpWx0986
WAKeLAA+cIOE7Lr17HqXeSbTXJwEi9JM/xMDUchT0H9v3tBLOH4uzg5jid/xDh+0
BfTtBFzPxHtOrFAtNNNlLNLY4DfxYm4B8ZbAKXeqt5PfWW1iJYFg1DQDdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFvpnWF8hsjRuepp/Wujd6TBAcDGMB8GA1UdIwQY
MBaAFKXK5qAdhUq9+SVtzCQpYX1V8DvZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGNybW9CMkZTcjM1SlczTUpDbGhmVlh3TzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9iNzM3ODEtMjQ3ZS00MWY4LWJhMzMt
OTNmMjg2MGEyMTJiLzEvVy1tZFlYeUd5Tkc1Nm1uOWE2TjNwTUVCd01ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9iNzM3ODEtMjQ3ZS00MWY4LWJhMzMtOTNmMjg2MGEyMTJi
LzEvcGNybW9CMkZTcjM1SlczTUpDbGhmVlh3TzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubsSMA0G
CSqGSIb3DQEBCwUAA4IBAQBVdOH0qZkXQRPHl8yv3rWu59MeOi2IViorjeSRnPud
Xcb1YRZB678AZ4MX/j/YOJgeVH/FG7lnBOZcddfvFjIBgNhSP/f3Djtj86njfCNS
l/lD2A/G7QNBxdJU9vtSPEhBc+55jbFIo9KhUEGmfVmEW3/+ONAx4TuGIygdocn+
3V4bqFCvqXAZVt1Zhilos7jw2zHxOMeRIzEun2UwPfuGtkefv4OspWQxxVCPQiN7
QtdBE/QCFtNCvs4iBr4O2b/HNyguyFqHS4O19qTasQ5jzbmvGWUqdg45BBS9INuF
ftubJnvGW4ejwl4OAMtTraAXQtyVDK0hoYnIc4HNDmRJ
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:30:06 2025 by rpki-client