Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/XU0RwMBZCPvgJFCns7dpX7bPPiM.roa
File: XU0RwMBZCPvgJFCns7dpX7bPPiM.roa (raw, json)
Hash identifier: 0C1h+ZFBQYSMMTVms55RRbg7g837nn/XhwHOzUQKVMQ=
Subject key identifier: 5D:4D:11:C0:C0:59:08:FB:E0:24:50:A7:B3:B7:69:5F:B6:CF:3E:23
Certificate issuer: /CN=dc6917645d9d220435f91c7e46c8110cf89acbe4
Certificate serial: 018570F083CEB2F6978F2F4D3D1E0A4C0391
Authority key identifier: DC:69:17:64:5D:9D:22:04:35:F9:1C:7E:46:C8:11:0C:F8:9A:CB:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/XU0RwMBZCPvgJFCns7dpX7bPPiM.roa
Signing time: Mon 02 Jan 2023 05:24:48 +0000
ROA not before: Mon 02 Jan 2023 05:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204661
IP address blocks: 185.172.224.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:83:ce:b2:f6:97:8f:2f:4d:3d:1e:0a:4c:03:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc6917645d9d220435f91c7e46c8110cf89acbe4
Validity
Not Before: Jan 2 05:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d4d11c0c05908fbe02450a7b3b7695fb6cf3e23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f0:eb:b8:1f:e5:b1:79:4a:84:39:17:a6:27:
cd:36:bd:a1:aa:b8:cf:5d:13:24:e9:f5:02:10:c7:
9e:0a:f9:50:69:f0:18:b0:22:7a:b6:7d:20:77:bb:
3d:d9:4b:5d:83:0f:4a:46:3b:ee:82:e8:dc:a2:50:
fd:88:f9:bc:4c:7a:e7:9b:26:a3:53:51:f3:0f:5c:
c9:8d:0c:f9:dc:10:ee:77:22:66:3c:e9:51:75:5c:
54:f3:4e:63:ee:43:99:c7:73:ce:50:f2:00:a3:76:
b4:bb:65:c1:71:cd:d0:3c:ab:40:5e:9d:bf:74:aa:
bf:98:db:da:ad:eb:6b:cd:e9:fd:39:4a:27:de:70:
33:ee:b7:73:3b:db:22:38:71:5b:87:f0:da:6a:76:
45:4f:98:da:97:8f:39:f9:89:36:4e:27:a2:aa:5d:
25:08:1b:13:0e:42:94:b9:54:50:07:21:a7:16:d6:
a7:b3:ad:10:c1:62:60:41:55:ca:20:42:3a:17:05:
b1:73:d9:ec:e1:33:0c:bd:97:9b:44:d0:6a:61:bf:
86:31:ac:4c:1c:ef:2a:02:75:15:8b:27:e9:1f:e3:
fa:c8:3f:e7:19:15:d3:e5:90:4e:a1:50:de:28:00:
9f:7c:6b:31:55:b7:80:b2:f2:65:e7:84:bb:f0:63:
e6:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:4D:11:C0:C0:59:08:FB:E0:24:50:A7:B3:B7:69:5F:B6:CF:3E:23
X509v3 Authority Key Identifier:
keyid:DC:69:17:64:5D:9D:22:04:35:F9:1C:7E:46:C8:11:0C:F8:9A:CB:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/XU0RwMBZCPvgJFCns7dpX7bPPiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.224.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:65:c0:a3:42:02:77:53:73:3b:eb:f6:67:27:7a:d0:29:af:
a0:1c:a7:d6:d2:c8:60:8b:eb:c1:7b:07:bd:c7:17:0b:ba:f0:
53:1e:8c:99:62:08:be:d3:2e:74:23:21:9c:6e:04:fc:b6:99:
5a:ae:8b:fd:03:e1:15:ff:50:6a:34:22:a7:fd:93:53:70:d3:
fc:90:0c:96:fd:7a:4d:a7:c1:28:ef:b1:f5:67:e6:c7:bd:9d:
70:92:d2:1b:6d:a1:c4:7b:b6:40:cf:e5:6f:bd:75:71:a8:84:
e5:71:6a:00:30:bc:5d:59:be:2b:14:c9:d9:c3:a2:07:36:2b:
18:5d:51:ca:4b:32:2b:a9:ed:62:8b:7f:c8:f8:52:98:f9:b2:
18:f2:b7:cf:38:0e:df:2e:ba:40:93:f6:5a:4a:4e:c5:b8:eb:
9f:45:01:79:a3:4e:69:bc:f0:3c:37:12:d7:b2:2e:43:9b:87:
18:12:31:a5:d7:e5:c4:65:d2:84:bb:ae:db:94:b1:e0:d8:67:
36:ba:90:ea:39:72:60:57:05:78:97:0d:c2:54:ca:a8:3a:37:
b8:3d:45:33:83:75:dd:d2:0c:ee:5a:c2:1a:25:86:8f:ab:03:
4f:00:39:07:57:12:df:4a:f2:ae:99:21:6b:aa:e8:76:e9:dd:
be:42:6d:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw8IPOsvaXjy9NPR4KTAORMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNjkxNzY0NWQ5ZDIyMDQzNWY5MWM3ZTQ2YzgxMTBjZjg5
YWNiZTQwHhcNMjMwMTAyMDUyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDRkMTFjMGMwNTkwOGZiZTAyNDUwYTdiM2I3Njk1ZmI2Y2YzZTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvDruB/lsXlKhDkXpifNNr2hqrjP
XRMk6fUCEMeeCvlQafAYsCJ6tn0gd7s92Utdgw9KRjvugujcolD9iPm8THrnmyaj
U1HzD1zJjQz53BDudyJmPOlRdVxU805j7kOZx3POUPIAo3a0u2XBcc3QPKtAXp2/
dKq/mNvaretrzen9OUon3nAz7rdzO9siOHFbh/DaanZFT5jal485+Yk2Tieiql0l
CBsTDkKUuVRQByGnFtans60QwWJgQVXKIEI6FwWxc9ns4TMMvZebRNBqYb+GMaxM
HO8qAnUViyfpH+P6yD/nGRXT5ZBOoVDeKACffGsxVbeAsvJl54S78GPm3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF1NEcDAWQj74CRQp7O3aV+2zz4jMB8GA1UdIwQY
MBaAFNxpF2RdnSIENfkcfkbIEQz4msvkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0drWFpGMmRJZ1ExLVJ4LVJzZ1JEUGlheS1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zNTQ0YTctZDU1Ni00NzAxLTk1N2Et
NDI4YmU5MDA4ZmJhLzEvWFUwUndNQlpDUHZnSkZDbnM3ZHBYN2JQUGlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zNTQ0YTctZDU1Ni00NzAxLTk1N2EtNDI4YmU5MDA4ZmJh
LzEvM0drWFpGMmRJZ1ExLVJ4LVJzZ1JEUGlheS1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuazgMA0G
CSqGSIb3DQEBCwUAA4IBAQB/ZcCjQgJ3U3M76/ZnJ3rQKa+gHKfW0shgi+vBewe9
xxcLuvBTHoyZYgi+0y50IyGcbgT8tplarov9A+EV/1BqNCKn/ZNTcNP8kAyW/XpN
p8Eo77H1Z+bHvZ1wktIbbaHEe7ZAz+VvvXVxqITlcWoAMLxdWb4rFMnZw6IHNisY
XVHKSzIrqe1ii3/I+FKY+bIY8rfPOA7fLrpAk/ZaSk7FuOufRQF5o05pvPA8NxLX
si5Dm4cYEjGl1+XEZdKEu67blLHg2Gc2upDqOXJgVwV4lw3CVMqoOje4PUUzg3Xd
0gzuWsIaJYaPqwNPADkHVxLfSvKumSFrquh26d2+Qm1Q
-----END CERTIFICATE-----
Generated at Tue Apr 8 01:17:40 2025 by rpki-client