Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/ebc2e4-402f-47c1-9b28-14f21ae21ed3/1/ClhEwRnDYw2TQH3RNosMAuvSTaM.roa
File: ClhEwRnDYw2TQH3RNosMAuvSTaM.roa (raw, json)
Hash identifier: zVMUBbJ0ZW19QPyVy2U8+UbE5LuoimUH2oM9U+S3avI=
Subject key identifier: 0A:58:44:C1:19:C3:63:0D:93:40:7D:D1:36:8B:0C:02:EB:D2:4D:A3
Certificate issuer: /CN=dbb9bc2de36cf23b689f3c72e80abcfe482026c1
Certificate serial: 019424450E8B1544E0E80098EE365F083386
Authority key identifier: DB:B9:BC:2D:E3:6C:F2:3B:68:9F:3C:72:E8:0A:BC:FE:48:20:26:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/27m8LeNs8jtonzxy6Aq8_kggJsE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/ebc2e4-402f-47c1-9b28-14f21ae21ed3/1/ClhEwRnDYw2TQH3RNosMAuvSTaM.roa
Signing time: Wed 01 Jan 2025 23:48:13 +0000
ROA not before: Wed 01 Jan 2025 23:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60558
IP address blocks: 185.56.136.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:0e:8b:15:44:e0:e8:00:98:ee:36:5f:08:33:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbb9bc2de36cf23b689f3c72e80abcfe482026c1
Validity
Not Before: Jan 1 23:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a5844c119c3630d93407dd1368b0c02ebd24da3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ba:2d:ae:bc:9c:e0:81:7e:ae:5f:3e:e1:78:
31:a5:89:55:3d:9e:d4:fb:db:ea:39:d4:92:db:64:
69:6d:08:3d:e8:5d:92:54:aa:a6:48:60:54:72:5f:
4f:1d:49:bf:77:6d:d9:b7:2c:79:cf:7a:2a:8f:ac:
2e:f1:8f:7f:84:b8:34:c4:57:d0:4c:5f:18:ba:7b:
d2:a0:dc:de:0d:dd:27:cc:44:d6:bc:d9:34:ee:90:
b3:e7:d6:0a:f9:0f:8c:b0:28:58:1b:98:f1:71:a0:
4d:96:5b:7f:c6:49:aa:c8:08:b7:74:0c:56:1e:97:
79:d8:10:c7:72:45:f0:29:19:ae:bf:2c:9d:7d:c0:
5b:b8:8c:27:28:9a:82:c3:b9:d2:f8:06:c2:d6:82:
51:fc:52:59:07:46:b8:07:71:a3:16:a0:d7:1d:67:
70:4f:a1:76:71:ad:03:0e:bd:85:0b:aa:57:25:24:
a0:ba:cf:93:93:41:61:25:d7:41:19:7f:2e:e1:60:
72:7c:71:d4:de:57:0d:b8:51:c6:d5:31:9c:96:0e:
92:4c:47:15:1b:ff:ea:2d:07:70:a6:4f:f6:da:5f:
1d:86:ad:52:8b:30:fa:bf:d1:93:77:74:ac:10:01:
99:80:59:df:7a:24:62:a5:98:4e:8c:66:24:ba:09:
83:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:58:44:C1:19:C3:63:0D:93:40:7D:D1:36:8B:0C:02:EB:D2:4D:A3
X509v3 Authority Key Identifier:
keyid:DB:B9:BC:2D:E3:6C:F2:3B:68:9F:3C:72:E8:0A:BC:FE:48:20:26:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/27m8LeNs8jtonzxy6Aq8_kggJsE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/ebc2e4-402f-47c1-9b28-14f21ae21ed3/1/ClhEwRnDYw2TQH3RNosMAuvSTaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/ebc2e4-402f-47c1-9b28-14f21ae21ed3/1/27m8LeNs8jtonzxy6Aq8_kggJsE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.136.0/22
Signature Algorithm: sha256WithRSAEncryption
02:97:87:d5:69:92:f0:c5:69:88:36:aa:ff:00:a8:49:53:c9:
55:d2:4a:a8:c3:41:4c:3e:e5:a8:10:6e:50:80:fa:f1:c0:0b:
5c:26:68:80:64:2d:b8:15:63:4c:48:42:fa:8f:e5:e7:18:27:
0f:26:02:75:41:20:22:55:32:fb:43:d9:49:66:74:0f:92:f3:
0e:05:e1:a3:c1:07:f0:11:92:8f:cc:ac:72:fe:11:52:1b:b1:
4d:65:f9:51:36:d6:74:d0:8c:45:65:8a:52:a6:fe:4f:44:61:
ca:21:ee:4a:03:e3:9e:f7:d7:49:ed:32:40:e9:8e:7a:a7:f0:
f3:e3:5d:23:a8:17:f7:fc:48:b6:dd:bb:07:e3:37:b6:ec:6e:
bd:0a:4d:16:78:b0:d5:76:25:f9:cf:62:14:53:05:87:4b:4a:
5b:8c:ef:f8:ca:a0:c8:f2:f5:6d:b4:2b:02:63:ed:59:6f:44:
ff:f9:cc:cd:68:92:3d:70:1b:9d:74:19:33:fe:98:f4:78:45:
76:c4:ac:4e:17:47:8e:2f:fa:f9:ae:c7:63:9b:aa:5b:46:80:
6b:1c:11:d4:dd:79:c9:65:20:0a:30:3f:f5:01:38:db:06:02:
c9:4e:1f:2f:24:2c:b5:68:6a:71:92:ae:a2:7f:0f:9f:ce:4b:
0c:59:93:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRQ6LFUTg6ACY7jZfCDOGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYjliYzJkZTM2Y2YyM2I2ODlmM2M3MmU4MGFiY2ZlNDgy
MDI2YzEwHhcNMjUwMTAxMjM0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTU4NDRjMTE5YzM2MzBkOTM0MDdkZDEzNjhiMGMwMmViZDI0ZGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Lotrryc4IF+rl8+4XgxpYlVPZ7U
+9vqOdSS22RpbQg96F2SVKqmSGBUcl9PHUm/d23Ztyx5z3oqj6wu8Y9/hLg0xFfQ
TF8YunvSoNzeDd0nzETWvNk07pCz59YK+Q+MsChYG5jxcaBNllt/xkmqyAi3dAxW
Hpd52BDHckXwKRmuvyydfcBbuIwnKJqCw7nS+AbC1oJR/FJZB0a4B3GjFqDXHWdw
T6F2ca0DDr2FC6pXJSSgus+Tk0FhJddBGX8u4WByfHHU3lcNuFHG1TGclg6STEcV
G//qLQdwpk/22l8dhq1SizD6v9GTd3SsEAGZgFnfeiRipZhOjGYkugmDnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFApYRMEZw2MNk0B90TaLDALr0k2jMB8GA1UdIwQY
MBaAFNu5vC3jbPI7aJ88cugKvP5IICbBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjdtOExlTnM4anRvbnp4eTZBcThfa2dnSnNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9lYmMyZTQtNDAyZi00N2MxLTliMjgt
MTRmMjFhZTIxZWQzLzEvQ2xoRXdSbkRZdzJUUUgzUk5vc01BdXZTVGFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9lYmMyZTQtNDAyZi00N2MxLTliMjgtMTRmMjFhZTIxZWQz
LzEvMjdtOExlTnM4anRvbnp4eTZBcThfa2dnSnNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTiIMA0G
CSqGSIb3DQEBCwUAA4IBAQACl4fVaZLwxWmINqr/AKhJU8lV0kqow0FMPuWoEG5Q
gPrxwAtcJmiAZC24FWNMSEL6j+XnGCcPJgJ1QSAiVTL7Q9lJZnQPkvMOBeGjwQfw
EZKPzKxy/hFSG7FNZflRNtZ00IxFZYpSpv5PRGHKIe5KA+Oe99dJ7TJA6Y56p/Dz
410jqBf3/Ei23bsH4ze27G69Ck0WeLDVdiX5z2IUUwWHS0pbjO/4yqDI8vVttCsC
Y+1Zb0T/+czNaJI9cBuddBkz/pj0eEV2xKxOF0eOL/r5rsdjm6pbRoBrHBHU3XnJ
ZSAKMD/1ATjbBgLJTh8vJCy1aGpxkq6ifw+fzksMWZNC
-----END CERTIFICATE-----
Generated at Wed Apr 9 05:32:34 2025 by rpki-client