Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/a8007b-08ce-4af4-a383-c4a52dcee23d/1/wXUfdOX6EjB0BLSTWZbAN8sIV5U.roa
File: wXUfdOX6EjB0BLSTWZbAN8sIV5U.roa (raw, json)
Hash identifier: X5M9CXztllH7ErbX/wyZlqgRGjgRL+Q5EX4P/KTxnRE=
Subject key identifier: C1:75:1F:74:E5:FA:12:30:74:04:B4:93:59:96:C0:37:CB:08:57:95
Certificate issuer: /CN=df798581e73704ee38c9be15e72370f176c60311
Certificate serial: 0185724C792CB66234C5523D70932B4E09DF
Authority key identifier: DF:79:85:81:E7:37:04:EE:38:C9:BE:15:E7:23:70:F1:76:C6:03:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33mFgec3BO44yb4V5yNw8XbGAxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/a8007b-08ce-4af4-a383-c4a52dcee23d/1/wXUfdOX6EjB0BLSTWZbAN8sIV5U.roa
Signing time: Mon 02 Jan 2023 11:44:52 +0000
ROA not before: Mon 02 Jan 2023 11:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207680
IP address blocks: 185.128.83.0/24 maxlen: 24
185.128.82.0/24 maxlen: 24
185.128.81.0/24 maxlen: 24
185.128.80.0/22 maxlen: 22
185.128.80.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:79:2c:b6:62:34:c5:52:3d:70:93:2b:4e:09:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df798581e73704ee38c9be15e72370f176c60311
Validity
Not Before: Jan 2 11:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1751f74e5fa12307404b4935996c037cb085795
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:87:92:dc:0f:5c:f7:e3:ae:59:39:99:26:e5:
bb:3d:ff:92:84:2f:a7:03:ba:f9:00:cb:9b:40:9b:
95:48:7c:3d:87:3c:ff:9b:38:5d:7f:e1:31:8a:d1:
29:bf:5f:c9:7c:2f:31:35:be:45:e7:37:2e:15:59:
85:72:4b:5d:d2:59:5c:1e:24:06:96:49:ed:42:65:
b1:37:14:82:64:5f:8f:e1:b7:a2:f7:79:15:2c:ea:
d8:04:6d:30:a9:7c:37:02:52:0f:22:f6:10:89:e1:
e7:3d:a1:1e:53:2d:b7:fe:0b:c0:9d:80:99:c3:42:
bf:c2:1d:33:13:87:6c:29:bf:80:8a:5b:45:67:07:
68:0f:2b:85:db:75:6c:9f:11:5d:a4:f5:52:d7:62:
2f:fd:fd:7e:ca:8a:40:0c:e8:9f:27:87:13:65:71:
ea:37:ff:99:2f:a0:6c:6a:ca:2f:13:24:85:09:cc:
c6:49:e4:a4:02:4f:f9:99:55:a8:22:0c:63:f1:ba:
e8:c0:d8:e5:32:55:44:1b:b3:6f:6c:4e:3a:2c:4f:
01:6f:c2:14:dd:50:a0:41:da:0f:92:22:1c:c1:68:
44:02:e0:34:53:7a:af:41:db:3e:4a:7e:1c:48:11:
03:10:08:f0:dd:f2:a1:c2:6a:0b:14:3a:ff:f9:ca:
69:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:75:1F:74:E5:FA:12:30:74:04:B4:93:59:96:C0:37:CB:08:57:95
X509v3 Authority Key Identifier:
keyid:DF:79:85:81:E7:37:04:EE:38:C9:BE:15:E7:23:70:F1:76:C6:03:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33mFgec3BO44yb4V5yNw8XbGAxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/a8007b-08ce-4af4-a383-c4a52dcee23d/1/wXUfdOX6EjB0BLSTWZbAN8sIV5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/a8007b-08ce-4af4-a383-c4a52dcee23d/1/33mFgec3BO44yb4V5yNw8XbGAxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.80.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:17:84:a4:20:39:8e:39:28:1a:f3:50:43:0f:39:e8:c6:96:
9f:a9:39:50:db:8b:c8:44:b8:8c:b1:25:a2:4e:b9:ce:8a:82:
e9:4e:df:3c:46:eb:11:fc:85:23:16:8d:a1:b7:0c:3c:e9:f0:
1d:12:f9:4e:78:7f:2b:9a:31:39:6e:9d:9b:cd:29:f4:f7:81:
7f:8c:f8:30:7e:81:8f:7a:b4:32:7c:92:05:e8:9f:0c:bf:02:
af:d1:13:45:8f:64:0a:8f:e2:4e:a5:15:0f:c8:a7:76:fe:68:
20:1c:13:a7:10:ae:c2:e5:55:2a:b8:0b:3e:1a:60:e8:2e:48:
ea:88:d5:23:c5:1d:d9:59:a0:a7:fd:24:54:c1:b9:b0:02:d8:
19:a9:ec:91:96:df:5a:50:af:56:38:0d:1b:69:7b:2d:13:dd:
a4:6d:01:c6:5c:f5:bb:79:01:81:a4:7f:87:e8:78:d1:ea:95:
72:ed:41:36:3c:53:5a:7a:81:89:f1:fc:b9:8b:a8:0d:34:52:
be:18:19:8b:54:0b:57:d8:db:9c:7f:1e:aa:56:68:6b:ed:e0:
cd:d8:a2:70:0d:0a:2d:e5:36:5a:66:80:e3:41:e6:6d:62:91:
79:0d:89:88:b7:de:43:ab:ea:1c:21:9d:d6:78:f1:e1:b9:79:
d5:1f:3a:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyTHkstmI0xVI9cJMrTgnfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmNzk4NTgxZTczNzA0ZWUzOGM5YmUxNWU3MjM3MGYxNzZj
NjAzMTEwHhcNMjMwMTAyMTE0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTc1MWY3NGU1ZmExMjMwNzQwNGI0OTM1OTk2YzAzN2NiMDg1Nzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIeS3A9c9+OuWTmZJuW7Pf+ShC+n
A7r5AMubQJuVSHw9hzz/mzhdf+ExitEpv1/JfC8xNb5F5zcuFVmFcktd0llcHiQG
lkntQmWxNxSCZF+P4bei93kVLOrYBG0wqXw3AlIPIvYQieHnPaEeUy23/gvAnYCZ
w0K/wh0zE4dsKb+AiltFZwdoDyuF23VsnxFdpPVS12Iv/f1+yopADOifJ4cTZXHq
N/+ZL6BsasovEySFCczGSeSkAk/5mVWoIgxj8browNjlMlVEG7NvbE46LE8Bb8IU
3VCgQdoPkiIcwWhEAuA0U3qvQds+Sn4cSBEDEAjw3fKhwmoLFDr/+cppAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMF1H3Tl+hIwdAS0k1mWwDfLCFeVMB8GA1UdIwQY
MBaAFN95hYHnNwTuOMm+FecjcPF2xgMRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzNtRmdlYzNCTzQ0eWI0VjV5Tnc4WGJHQXhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9hODAwN2ItMDhjZS00YWY0LWEzODMt
YzRhNTJkY2VlMjNkLzEvd1hVZmRPWDZFakIwQkxTVFdaYkFOOHNJVjVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9hODAwN2ItMDhjZS00YWY0LWEzODMtYzRhNTJkY2VlMjNk
LzEvMzNtRmdlYzNCTzQ0eWI0VjV5Tnc4WGJHQXhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYBQMA0G
CSqGSIb3DQEBCwUAA4IBAQCNF4SkIDmOOSga81BDDznoxpafqTlQ24vIRLiMsSWi
TrnOioLpTt88RusR/IUjFo2htww86fAdEvlOeH8rmjE5bp2bzSn094F/jPgwfoGP
erQyfJIF6J8MvwKv0RNFj2QKj+JOpRUPyKd2/mggHBOnEK7C5VUquAs+GmDoLkjq
iNUjxR3ZWaCn/SRUwbmwAtgZqeyRlt9aUK9WOA0baXstE92kbQHGXPW7eQGBpH+H
6HjR6pVy7UE2PFNaeoGJ8fy5i6gNNFK+GBmLVAtX2Nucfx6qVmhr7eDN2KJwDQot
5TZaZoDjQeZtYpF5DYmIt95Dq+ocIZ3WePHhuXnVHzoE
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:30:55 2025 by rpki-client