Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/921536-ee46-4e80-a51f-b667ec0d6d0f/1/X-helCc4sOU9J8kSMxWABWhCBuI.roa
File: X-helCc4sOU9J8kSMxWABWhCBuI.roa (raw, json)
Hash identifier: R3wg1PybPhKKauTYA+XFanHBRKq6lUINf1DwA8aMfHo=
Subject key identifier: 5F:E8:5E:94:27:38:B0:E5:3D:27:C9:12:33:15:80:05:68:42:06:E2
Certificate issuer: /CN=0abeafd556595e8840ca8ebd19bbd2ac591b4ca8
Certificate serial: 0185E7D1ACD95A5019C7AADC648E74C6D1C0
Authority key identifier: 0A:BE:AF:D5:56:59:5E:88:40:CA:8E:BD:19:BB:D2:AC:59:1B:4C:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cr6v1VZZXohAyo69GbvSrFkbTKg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/921536-ee46-4e80-a51f-b667ec0d6d0f/1/X-helCc4sOU9J8kSMxWABWhCBuI.roa
Signing time: Wed 25 Jan 2023 07:25:56 +0000
ROA not before: Wed 25 Jan 2023 07:25:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57567
IP address blocks: 185.86.44.0/24 maxlen: 24
185.86.44.0/23 maxlen: 23
185.86.47.0/24 maxlen: 24
185.86.46.0/24 maxlen: 24
185.86.46.0/23 maxlen: 23
185.86.45.0/24 maxlen: 24
103.39.41.0/24 maxlen: 24
103.39.40.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e7:d1:ac:d9:5a:50:19:c7:aa:dc:64:8e:74:c6:d1:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0abeafd556595e8840ca8ebd19bbd2ac591b4ca8
Validity
Not Before: Jan 25 07:25:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5fe85e942738b0e53d27c91233158005684206e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:43:86:cf:b0:fc:bf:8c:af:80:71:cf:6f:79:
3e:df:77:39:ba:9c:81:dc:41:99:09:12:39:40:62:
1e:11:73:3a:79:6a:5b:4d:fe:f4:e8:af:de:29:ad:
1c:0e:08:3f:b2:e8:15:48:a9:f2:36:8e:d3:e1:fd:
92:48:48:76:90:2e:f2:32:f8:35:96:c7:e1:b8:40:
6a:06:5d:97:56:25:d3:6b:c2:bf:f0:9f:a4:2d:74:
00:14:72:b5:9c:d1:6b:a1:9e:fa:c8:fa:7d:c4:a7:
7f:61:f6:20:78:94:09:48:2b:ed:fa:02:4b:7d:ce:
7b:3e:39:d1:c0:b2:13:d7:75:63:b9:3a:12:ce:05:
c2:47:89:8d:c1:7e:db:dd:f0:a8:38:73:84:b8:ae:
69:e0:38:e3:52:00:af:cf:1c:60:21:b2:e5:55:62:
f9:f8:2b:8a:a4:78:90:e8:70:ba:6f:62:bb:f6:5e:
5a:bc:b8:7e:03:1f:c3:60:0f:e4:ce:24:6f:7a:2f:
00:ec:0a:3d:67:df:58:91:72:10:e0:48:cc:ae:e2:
5b:fa:d6:89:d3:46:3f:c8:8d:a6:4e:fb:82:fd:a6:
60:42:a2:60:e4:cb:3a:e2:55:dd:68:46:57:f4:87:
7d:40:19:26:04:e1:2e:40:83:42:32:4d:3d:a6:e2:
6b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:E8:5E:94:27:38:B0:E5:3D:27:C9:12:33:15:80:05:68:42:06:E2
X509v3 Authority Key Identifier:
keyid:0A:BE:AF:D5:56:59:5E:88:40:CA:8E:BD:19:BB:D2:AC:59:1B:4C:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cr6v1VZZXohAyo69GbvSrFkbTKg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/921536-ee46-4e80-a51f-b667ec0d6d0f/1/X-helCc4sOU9J8kSMxWABWhCBuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/921536-ee46-4e80-a51f-b667ec0d6d0f/1/Cr6v1VZZXohAyo69GbvSrFkbTKg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.39.40.0/23
185.86.44.0/22
Signature Algorithm: sha256WithRSAEncryption
35:99:d0:83:81:ed:2a:89:72:b4:f2:42:00:6d:d8:1d:c9:81:
0c:96:96:ac:65:72:66:3c:dd:50:1e:71:57:13:52:b6:e7:9c:
ad:17:c9:37:bf:24:03:a7:c3:60:da:98:5b:f4:e2:57:13:7b:
93:3c:0c:9c:5f:9b:35:a8:2d:1c:1c:a7:8d:77:0a:b5:dc:5f:
24:84:91:e2:ba:5b:28:c9:d4:7d:1f:12:99:4e:9d:f2:7e:39:
9c:ce:70:32:35:48:dc:83:5c:68:91:82:e4:9c:65:09:b0:83:
45:4d:83:c9:b3:e3:37:66:95:b7:90:3b:bd:f6:e6:3c:78:09:
41:68:af:16:ac:ba:f2:92:70:f8:85:b4:6a:12:f9:75:6c:58:
d3:db:28:8c:c7:18:01:e2:95:44:a7:92:1a:1b:78:91:f7:bd:
f3:2b:22:cc:31:be:9c:b5:b0:82:42:fd:ac:c0:91:af:54:9d:
5a:12:16:5d:b1:ef:93:ba:20:51:5a:7a:e0:e8:99:fd:4e:84:
26:de:ea:16:26:ce:67:5c:01:26:22:0a:8e:8d:e5:86:1a:24:
4a:7c:66:47:2b:16:5a:be:4e:2f:89:fa:92:d1:d4:bb:9e:cc:
a5:22:ca:40:2e:68:a3:39:e6:da:4a:83:3b:be:55:90:36:9a:
2f:8d:63:7f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYXn0azZWlAZx6rcZI50xtHAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhYmVhZmQ1NTY1OTVlODg0MGNhOGViZDE5YmJkMmFjNTkx
YjRjYTgwHhcNMjMwMTI1MDcyNTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmU4NWU5NDI3MzhiMGU1M2QyN2M5MTIzMzE1ODAwNTY4NDIwNmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkOGz7D8v4yvgHHPb3k+33c5upyB
3EGZCRI5QGIeEXM6eWpbTf706K/eKa0cDgg/sugVSKnyNo7T4f2SSEh2kC7yMvg1
lsfhuEBqBl2XViXTa8K/8J+kLXQAFHK1nNFroZ76yPp9xKd/YfYgeJQJSCvt+gJL
fc57PjnRwLIT13VjuToSzgXCR4mNwX7b3fCoOHOEuK5p4DjjUgCvzxxgIbLlVWL5
+CuKpHiQ6HC6b2K79l5avLh+Ax/DYA/kziRvei8A7Ao9Z99YkXIQ4EjMruJb+taJ
00Y/yI2mTvuC/aZgQqJg5Ms64lXdaEZX9Id9QBkmBOEuQINCMk09puJrTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF/oXpQnOLDlPSfJEjMVgAVoQgbiMB8GA1UdIwQY
MBaAFAq+r9VWWV6IQMqOvRm70qxZG0yoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3I2djFWWlpYb2hBeW82OUdidlNyRmtiVEtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85MjE1MzYtZWU0Ni00ZTgwLWE1MWYt
YjY2N2VjMGQ2ZDBmLzEvWC1oZWxDYzRzT1U5SjhrU014V0FCV2hDQnVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85MjE1MzYtZWU0Ni00ZTgwLWE1MWYtYjY2N2VjMGQ2ZDBm
LzEvQ3I2djFWWlpYb2hBeW82OUdidlNyRmtiVEtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBZycoAwQC
uVYsMA0GCSqGSIb3DQEBCwUAA4IBAQA1mdCDge0qiXK08kIAbdgdyYEMlpasZXJm
PN1QHnFXE1K255ytF8k3vyQDp8Ng2phb9OJXE3uTPAycX5s1qC0cHKeNdwq13F8k
hJHiulsoydR9HxKZTp3yfjmcznAyNUjcg1xokYLknGUJsINFTYPJs+M3ZpW3kDu9
9uY8eAlBaK8WrLryknD4hbRqEvl1bFjT2yiMxxgB4pVEp5IaG3iR973zKyLMMb6c
tbCCQv2swJGvVJ1aEhZdse+TuiBRWnrg6Jn9ToQm3uoWJs5nXAEmIgqOjeWGGiRK
fGZHKxZavk4vifqS0dS7nsylIspALmijOebaSoM7vlWQNpovjWN/
-----END CERTIFICATE-----
Generated at Mon Apr 21 03:46:23 2025 by rpki-client