Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/a608c5-496d-499e-af41-6dfbbde52dea/1/x4NMd_GpZKC3wjvt7UJp4kwmNNg.roa
File: x4NMd_GpZKC3wjvt7UJp4kwmNNg.roa (raw, json)
Hash identifier: KiYRpe0+Ri1YnwEQ5QKwXeajhvNgmP7QYMIxZrED/ns=
Subject key identifier: C7:83:4C:77:F1:A9:64:A0:B7:C2:3B:ED:ED:42:69:E2:4C:26:34:D8
Certificate issuer: /CN=5ab2ba9abf81d6cf8033cdcdebc8df8f7e22c28c
Certificate serial: 0194266C440021D6ED16BAAAD68594D7179A
Authority key identifier: 5A:B2:BA:9A:BF:81:D6:CF:80:33:CD:CD:EB:C8:DF:8F:7E:22:C2:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WrK6mr-B1s-AM83N68jfj34iwow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/a608c5-496d-499e-af41-6dfbbde52dea/1/x4NMd_GpZKC3wjvt7UJp4kwmNNg.roa
Signing time: Thu 02 Jan 2025 09:50:17 +0000
ROA not before: Thu 02 Jan 2025 09:50:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200020
IP address blocks: 185.228.200.0/22 maxlen: 24
2a0b:7180::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:44:00:21:d6:ed:16:ba:aa:d6:85:94:d7:17:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ab2ba9abf81d6cf8033cdcdebc8df8f7e22c28c
Validity
Not Before: Jan 2 09:50:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c7834c77f1a964a0b7c23beded4269e24c2634d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:01:c8:aa:a7:83:5a:ac:43:4e:61:da:ee:6c:
bc:f9:9a:ee:d0:5f:85:8e:61:5f:f7:a9:b7:87:f9:
1c:15:a4:68:be:0a:5f:38:c2:8a:86:7d:91:a0:92:
d2:b7:13:79:f1:fd:66:1e:3b:c8:81:e7:c5:52:e8:
de:5f:c3:95:6a:77:a7:bf:bc:2a:63:6e:38:61:3a:
f1:7d:ea:5e:78:64:bc:5b:e8:33:b6:08:ca:61:a2:
1f:28:90:d3:56:5b:1b:fb:3d:71:bd:e4:5f:40:98:
af:4a:20:07:eb:4c:ac:5f:74:dd:34:5a:08:5f:6c:
d1:ef:57:f1:ec:66:73:ba:05:9a:37:ba:ae:0c:96:
43:c5:cc:17:17:b9:b7:d3:fd:e5:a9:83:60:39:cf:
87:9d:38:0c:55:5e:3a:5b:d2:a4:bc:df:13:26:5a:
63:bb:3f:01:0a:ac:19:65:72:d4:79:6d:ce:9c:41:
7d:b6:7b:67:fd:76:ed:3a:97:22:01:78:45:dd:af:
7b:32:94:a6:0a:bc:f5:db:78:dc:b0:30:3c:77:e1:
96:ee:ed:db:7f:da:2d:42:da:7b:62:ec:ae:0a:72:
91:2f:db:e2:4f:c4:6d:d3:dd:77:d0:2b:5d:a8:67:
d4:a2:aa:48:f0:d9:96:de:48:7f:b7:f2:9c:6f:c5:
11:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:83:4C:77:F1:A9:64:A0:B7:C2:3B:ED:ED:42:69:E2:4C:26:34:D8
X509v3 Authority Key Identifier:
keyid:5A:B2:BA:9A:BF:81:D6:CF:80:33:CD:CD:EB:C8:DF:8F:7E:22:C2:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WrK6mr-B1s-AM83N68jfj34iwow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/a608c5-496d-499e-af41-6dfbbde52dea/1/x4NMd_GpZKC3wjvt7UJp4kwmNNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/a608c5-496d-499e-af41-6dfbbde52dea/1/WrK6mr-B1s-AM83N68jfj34iwow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.200.0/22
IPv6:
2a0b:7180::/32
Signature Algorithm: sha256WithRSAEncryption
0b:9b:ba:b5:13:ed:1b:16:a4:b3:de:1c:de:25:48:55:53:1b:
f8:62:aa:a9:61:ce:f0:1e:55:eb:5c:ec:43:d4:ec:79:5d:a8:
9e:f3:9f:0f:55:f4:83:5f:c7:9c:70:fb:db:1c:2c:b5:3f:57:
de:5e:b3:d7:50:cf:cc:7e:80:4d:4e:5d:37:f2:3d:8a:64:29:
4f:7b:e5:2d:d2:c2:e3:2a:d1:68:3f:b6:17:e1:a0:5f:fc:49:
4c:f9:f8:4e:f3:be:76:a4:a0:a3:24:7a:b5:7b:4f:3f:35:4e:
11:eb:04:2c:8d:03:ed:37:a0:38:41:8d:b6:3f:9b:6f:0e:e5:
e5:79:43:e2:85:56:2b:03:77:54:2d:8f:3d:87:31:3c:2e:7c:
71:ce:06:57:79:33:e0:14:d4:32:4b:36:c2:ce:f3:4b:d8:2c:
cd:a3:1e:7e:d5:1a:fd:4a:be:13:b7:c3:0d:14:b3:7c:77:81:
b1:8f:e9:65:08:64:6d:c4:7b:1f:dc:d1:ee:6e:d2:fc:c3:a1:
bc:92:6b:60:ce:3b:ea:16:bd:32:77:64:83:47:5a:f8:9b:43:
d5:e2:3b:84:12:30:16:17:c2:91:7b:63:87:ed:bf:b3:9f:c6:
3e:0f:e8:a5:c7:f9:5c:ab:06:3d:7a:b9:d6:40:ff:17:c1:a2:
72:ba:e6:30
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQmbEQAIdbtFrqq1oWU1xeaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYjJiYTlhYmY4MWQ2Y2Y4MDMzY2RjZGViYzhkZjhmN2Uy
MmMyOGMwHhcNMjUwMTAyMDk1MDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzgzNGM3N2YxYTk2NGEwYjdjMjNiZWRlZDQyNjllMjRjMjYzNGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6AHIqqeDWqxDTmHa7my8+Zru0F+F
jmFf96m3h/kcFaRovgpfOMKKhn2RoJLStxN58f1mHjvIgefFUujeX8OVanenv7wq
Y244YTrxfepeeGS8W+gztgjKYaIfKJDTVlsb+z1xveRfQJivSiAH60ysX3TdNFoI
X2zR71fx7GZzugWaN7quDJZDxcwXF7m30/3lqYNgOc+HnTgMVV46W9KkvN8TJlpj
uz8BCqwZZXLUeW3OnEF9tntn/XbtOpciAXhF3a97MpSmCrz123jcsDA8d+GW7u3b
f9otQtp7YuyuCnKRL9viT8Rt09130CtdqGfUoqpI8NmW3kh/t/Kcb8URTwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMeDTHfxqWSgt8I77e1CaeJMJjTYMB8GA1UdIwQY
MBaAFFqyupq/gdbPgDPNzevI349+IsKMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3JLNm1yLUIxcy1BTTgzTjY4amZqMzRpd293LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9hNjA4YzUtNDk2ZC00OTllLWFmNDEt
NmRmYmJkZTUyZGVhLzEveDROTWRfR3BaS0Mzd2p2dDdVSnA0a3dtTk5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9hNjA4YzUtNDk2ZC00OTllLWFmNDEtNmRmYmJkZTUyZGVh
LzEvV3JLNm1yLUIxcy1BTTgzTjY4amZqMzRpd293LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueTIMA0E
AgACMAcDBQAqC3GAMA0GCSqGSIb3DQEBCwUAA4IBAQALm7q1E+0bFqSz3hzeJUhV
Uxv4YqqpYc7wHlXrXOxD1Ox5Xaie858PVfSDX8eccPvbHCy1P1feXrPXUM/MfoBN
Tl038j2KZClPe+Ut0sLjKtFoP7YX4aBf/ElM+fhO8752pKCjJHq1e08/NU4R6wQs
jQPtN6A4QY22P5tvDuXleUPihVYrA3dULY89hzE8LnxxzgZXeTPgFNQySzbCzvNL
2CzNox5+1Rr9Sr4Tt8MNFLN8d4Gxj+llCGRtxHsf3NHubtL8w6G8kmtgzjvqFr0y
d2SDR1r4m0PV4juEEjAWF8KRe2OH7b+zn8Y+D+ilx/lcqwY9ernWQP8XwaJyuuYw
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:18:28 2025 by rpki-client