Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/xLRZQUHZoQvJtmCWLzCbxLHKZeI.roa
File: xLRZQUHZoQvJtmCWLzCbxLHKZeI.roa (raw, json)
Hash identifier: wqldljo+BYS/x7dzDCwa4nciXz2hIAFvI72KnppJBps=
Subject key identifier: C4:B4:59:41:41:D9:A1:0B:C9:B6:60:96:2F:30:9B:C4:B1:CA:65:E2
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01941FFAA8C3DFEA2A26E955E7DB4D9753B2
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/xLRZQUHZoQvJtmCWLzCbxLHKZeI.roa
Signing time: Wed 01 Jan 2025 03:48:28 +0000
ROA not before: Wed 01 Jan 2025 03:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204496
IP address blocks: 37.18.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:a8:c3:df:ea:2a:26:e9:55:e7:db:4d:97:53:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c4b4594141d9a10bc9b660962f309bc4b1ca65e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:2b:da:5b:df:d0:64:92:04:49:23:76:1f:8d:
23:10:2f:e8:6a:dc:b6:21:ab:7f:0b:5c:b7:b9:fd:
83:ef:d9:8c:f3:a8:bc:c5:06:8a:e8:e8:8c:78:a6:
17:fb:1d:73:ef:c2:25:b3:74:7d:67:cd:fb:ba:dd:
00:91:29:a8:24:d5:d1:53:13:c2:52:ab:84:c9:bc:
10:89:64:63:3c:90:69:3e:3f:4b:9e:77:aa:86:97:
49:e4:a7:83:ad:fd:ed:6d:d1:68:f9:d8:74:74:2b:
b2:6a:46:4d:40:6f:49:91:f2:e4:bc:44:83:3e:b6:
7c:d6:b5:87:87:64:f9:e2:02:37:bc:3e:72:a6:87:
8f:10:c2:46:90:86:dd:c1:df:9d:db:bd:b9:56:40:
51:dd:74:ea:91:f3:b0:ff:c5:61:4c:cc:fc:06:5c:
c8:60:ad:54:fc:4c:e9:7a:25:e4:93:e4:18:55:ea:
dc:8a:52:fa:42:4d:58:f2:b5:d0:a4:f9:2a:6e:d1:
98:2a:86:ff:f6:27:1a:2e:f0:e8:e2:f9:f2:88:76:
64:0b:48:de:f9:f0:53:ae:11:c7:f9:b0:a1:4c:e3:
87:47:11:0c:19:c5:00:e9:94:ed:0e:30:36:15:1d:
13:96:61:65:2d:54:94:c0:ac:df:83:df:a2:4b:63:
ec:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:B4:59:41:41:D9:A1:0B:C9:B6:60:96:2F:30:9B:C4:B1:CA:65:E2
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/xLRZQUHZoQvJtmCWLzCbxLHKZeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.59.0/24
Signature Algorithm: sha256WithRSAEncryption
25:67:ef:4c:be:a3:df:f2:ca:e6:44:4f:5b:58:62:39:74:fb:
11:a7:07:4c:6a:44:1e:c3:ec:d6:13:5b:da:70:c9:0c:f0:c0:
d8:be:1e:6c:e9:45:a1:df:f3:29:12:cf:fe:5c:69:0e:81:24:
bd:9a:7d:a7:e8:a0:76:c1:b7:14:6c:17:03:1a:56:88:79:14:
b0:0e:19:fe:4a:8e:bd:2e:48:61:53:5d:63:53:cd:56:16:c5:
d3:41:2f:a2:e6:4f:f6:f7:ae:a2:37:a6:ed:ad:f1:67:3f:8a:
49:30:bf:c5:a0:f0:72:aa:87:f2:8c:f9:ad:c7:bc:cb:68:fd:
f0:b4:a7:64:8c:fc:3f:81:fe:76:7f:78:04:89:76:35:b3:33:
04:4f:d2:82:62:a0:ed:60:4a:ad:3e:d4:a5:cd:3d:c7:70:ed:
be:53:11:ac:d6:29:d2:52:d6:30:d1:7e:e5:5e:64:2d:48:1b:
a0:10:6b:40:cd:fd:0f:52:3e:6f:e6:79:9b:55:a3:cb:b1:7c:
7e:b8:d6:4b:04:4c:8c:f4:82:68:9d:42:9d:e7:f1:c5:f8:3c:
79:48:bb:a1:1b:4d:e6:6f:7d:26:13:41:ca:f8:47:a6:35:1c:
6e:98:6d:fc:40:05:28:a6:4c:b3:9f:d3:56:70:e0:15:ed:fb:
78:63:f6:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+qjD3+oqJulV59tNl1OyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjUwMTAxMDM0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGI0NTk0MTQxZDlhMTBiYzliNjYwOTYyZjMwOWJjNGIxY2E2NWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9SvaW9/QZJIESSN2H40jEC/oaty2
Iat/C1y3uf2D79mM86i8xQaK6OiMeKYX+x1z78Ils3R9Z837ut0AkSmoJNXRUxPC
UquEybwQiWRjPJBpPj9LnneqhpdJ5KeDrf3tbdFo+dh0dCuyakZNQG9JkfLkvESD
PrZ81rWHh2T54gI3vD5ypoePEMJGkIbdwd+d2725VkBR3XTqkfOw/8VhTMz8BlzI
YK1U/EzpeiXkk+QYVercilL6Qk1Y8rXQpPkqbtGYKob/9icaLvDo4vnyiHZkC0je
+fBTrhHH+bChTOOHRxEMGcUA6ZTtDjA2FR0TlmFlLVSUwKzfg9+iS2PsgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMS0WUFB2aELybZgli8wm8SxymXiMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEveExSWlFVSFpvUXZKdG1DV0x6Q2J4TEhLWmVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJRI7MA0G
CSqGSIb3DQEBCwUAA4IBAQAlZ+9MvqPf8srmRE9bWGI5dPsRpwdMakQew+zWE1va
cMkM8MDYvh5s6UWh3/MpEs/+XGkOgSS9mn2n6KB2wbcUbBcDGlaIeRSwDhn+So69
LkhhU11jU81WFsXTQS+i5k/2966iN6btrfFnP4pJML/FoPByqofyjPmtx7zLaP3w
tKdkjPw/gf52f3gEiXY1szMET9KCYqDtYEqtPtSlzT3HcO2+UxGs1inSUtYw0X7l
XmQtSBugEGtAzf0PUj5v5nmbVaPLsXx+uNZLBEyM9IJonUKd5/HF+Dx5SLuhG03m
b30mE0HK+EemNRxumG38QAUopkyzn9NWcOAV7ft4Y/YJ
-----END CERTIFICATE-----
Generated at Thu Apr 10 14:08:55 2025 by rpki-client