Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/4d53e5-6e0c-46d5-9a88-ce9c149f889b/1/xWfN2IU-diJGvyXLhrBtpHOen6U.roa
File: xWfN2IU-diJGvyXLhrBtpHOen6U.roa (raw, json)
Hash identifier: dGi8XxSgvv52xppxzLayzkV/Yel0ZIVTBr2h42n6ktI=
Subject key identifier: C5:67:CD:D8:85:3E:76:22:46:BF:25:CB:86:B0:6D:A4:73:9E:9F:A5
Certificate issuer: /CN=6a7a2c6dbe511a07472437a9a0fb4fccd12be89f
Certificate serial: 0194266BB5C5AC3C7652220C1CE7F2297AE3
Authority key identifier: 6A:7A:2C:6D:BE:51:1A:07:47:24:37:A9:A0:FB:4F:CC:D1:2B:E8:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/anosbb5RGgdHJDepoPtPzNEr6J8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/4d53e5-6e0c-46d5-9a88-ce9c149f889b/1/xWfN2IU-diJGvyXLhrBtpHOen6U.roa
Signing time: Thu 02 Jan 2025 09:49:40 +0000
ROA not before: Thu 02 Jan 2025 09:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15830
IP address blocks: 185.218.36.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:b5:c5:ac:3c:76:52:22:0c:1c:e7:f2:29:7a:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a7a2c6dbe511a07472437a9a0fb4fccd12be89f
Validity
Not Before: Jan 2 09:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c567cdd8853e762246bf25cb86b06da4739e9fa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:cc:30:6d:c1:64:e3:9c:e8:20:ca:6e:f7:74:
e1:ed:cc:80:7b:dd:66:99:2d:13:a6:cc:d5:09:f3:
cf:3b:77:78:d5:79:c3:96:b9:b6:b8:a5:ce:fe:9a:
a2:55:62:e5:f2:e2:b3:ae:40:5f:16:cf:86:bf:e5:
af:30:44:65:bd:ca:b6:ec:f6:78:ec:b0:0a:4f:22:
ec:35:44:db:d7:0d:e4:28:13:a9:c4:db:38:cb:81:
fc:a7:a1:8e:34:33:a4:13:d5:5d:47:89:24:bf:07:
25:61:d3:c6:7c:5b:6f:98:ed:cb:b0:be:71:d0:7a:
e2:28:78:4e:cb:fd:4a:e6:e8:7d:71:19:13:13:20:
90:73:e8:fc:34:77:ce:23:1b:8a:75:dc:59:5f:0e:
c2:d1:e8:b2:74:98:be:d5:93:be:e1:5e:93:c4:1e:
f3:70:36:fa:cf:28:15:a5:47:7b:9d:41:da:0c:e4:
0d:91:10:b1:22:10:01:bb:97:4f:17:63:6a:ed:42:
a3:75:68:a2:68:fe:eb:9c:68:a9:4a:9e:dd:79:5e:
18:3a:69:2c:70:aa:9e:a1:6c:d8:a3:66:a0:1d:a3:
b8:9e:d9:63:42:fd:2f:59:10:0c:87:da:92:ea:16:
58:e8:37:db:56:d8:e6:7c:ae:0d:db:0d:2c:31:3b:
f1:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:67:CD:D8:85:3E:76:22:46:BF:25:CB:86:B0:6D:A4:73:9E:9F:A5
X509v3 Authority Key Identifier:
keyid:6A:7A:2C:6D:BE:51:1A:07:47:24:37:A9:A0:FB:4F:CC:D1:2B:E8:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/anosbb5RGgdHJDepoPtPzNEr6J8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/4d53e5-6e0c-46d5-9a88-ce9c149f889b/1/xWfN2IU-diJGvyXLhrBtpHOen6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/4d53e5-6e0c-46d5-9a88-ce9c149f889b/1/anosbb5RGgdHJDepoPtPzNEr6J8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.36.0/22
Signature Algorithm: sha256WithRSAEncryption
47:bd:5b:30:60:c8:d9:c7:65:d5:c1:69:f9:c5:bd:c8:47:2d:
0f:b7:41:70:57:28:c3:88:ea:4e:6f:69:db:53:97:cd:d1:5f:
e8:a1:e8:62:b7:bb:81:15:63:32:a3:a7:e9:15:e6:0b:65:27:
2d:48:6e:0b:47:3c:c5:79:0b:c0:ae:30:fa:cb:7b:fa:ad:de:
db:7f:2b:69:aa:6c:73:6c:35:ef:d3:1d:df:82:18:b3:fb:46:
a3:ed:4a:e5:e9:44:72:9d:ae:d0:e1:5c:78:3d:43:64:20:cc:
13:9e:34:34:a5:5c:14:c2:db:93:44:d7:ec:eb:90:93:92:49:
53:c3:c1:ce:93:84:f1:f0:e9:bb:c9:59:87:47:12:cd:78:5b:
30:7f:2e:f5:54:bc:b5:d0:db:54:34:5e:3d:e9:77:d0:2c:17:
8f:c2:36:8b:ae:5a:06:bb:bc:6e:c1:79:da:60:41:54:f3:44:
c4:c9:d2:d9:f9:a5:c5:77:c9:82:6f:a2:c8:65:1b:ab:95:51:
9f:ec:2e:81:ed:8d:0a:92:10:10:01:36:ae:21:b6:f2:30:59:
39:1d:fc:58:89:ad:54:10:23:58:33:1b:8c:79:0e:5b:2a:0a:
7e:6a:27:9f:d0:c0:0d:e2:60:27:6f:71:43:ac:47:82:e1:bb:
17:92:d4:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma7XFrDx2UiIMHOfyKXrjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhN2EyYzZkYmU1MTFhMDc0NzI0MzdhOWEwZmI0ZmNjZDEy
YmU4OWYwHhcNMjUwMTAyMDk0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTY3Y2RkODg1M2U3NjIyNDZiZjI1Y2I4NmIwNmRhNDczOWU5ZmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMwwbcFk45zoIMpu93Th7cyAe91m
mS0TpszVCfPPO3d41XnDlrm2uKXO/pqiVWLl8uKzrkBfFs+Gv+WvMERlvcq27PZ4
7LAKTyLsNUTb1w3kKBOpxNs4y4H8p6GONDOkE9VdR4kkvwclYdPGfFtvmO3LsL5x
0HriKHhOy/1K5uh9cRkTEyCQc+j8NHfOIxuKddxZXw7C0eiydJi+1ZO+4V6TxB7z
cDb6zygVpUd7nUHaDOQNkRCxIhABu5dPF2Nq7UKjdWiiaP7rnGipSp7deV4YOmks
cKqeoWzYo2agHaO4ntljQv0vWRAMh9qS6hZY6DfbVtjmfK4N2w0sMTvxiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMVnzdiFPnYiRr8ly4awbaRznp+lMB8GA1UdIwQY
MBaAFGp6LG2+URoHRyQ3qaD7T8zRK+ifMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW5vc2JiNVJHZ2RISkRlcG9QdFB6TkVyNko4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS80ZDUzZTUtNmUwYy00NmQ1LTlhODgt
Y2U5YzE0OWY4ODliLzEveFdmTjJJVS1kaUpHdnlYTGhyQnRwSE9lbjZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS80ZDUzZTUtNmUwYy00NmQ1LTlhODgtY2U5YzE0OWY4ODli
LzEvYW5vc2JiNVJHZ2RISkRlcG9QdFB6TkVyNko4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudokMA0G
CSqGSIb3DQEBCwUAA4IBAQBHvVswYMjZx2XVwWn5xb3IRy0Pt0FwVyjDiOpOb2nb
U5fN0V/ooehit7uBFWMyo6fpFeYLZSctSG4LRzzFeQvArjD6y3v6rd7bfytpqmxz
bDXv0x3fghiz+0aj7Url6URyna7Q4Vx4PUNkIMwTnjQ0pVwUwtuTRNfs65CTkklT
w8HOk4Tx8Om7yVmHRxLNeFswfy71VLy10NtUNF496XfQLBePwjaLrloGu7xuwXna
YEFU80TEydLZ+aXFd8mCb6LIZRurlVGf7C6B7Y0KkhAQATauIbbyMFk5HfxYia1U
ECNYMxuMeQ5bKgp+aief0MAN4mAnb3FDrEeC4bsXktTh
-----END CERTIFICATE-----
Generated at Thu Apr 10 21:38:06 2025 by rpki-client