Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/WNXcUWyOPw_jgwsMhjt3tr-DAXY.roa
File: WNXcUWyOPw_jgwsMhjt3tr-DAXY.roa (raw, json)
Hash identifier: xCXJ3TCSOan9saMZR5HLRDriokOQriL1DMFUL1E2Cpg=
Subject key identifier: 58:D5:DC:51:6C:8E:3F:0F:E3:83:0B:0C:86:3B:77:B6:BF:83:01:76
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 019498592526FB821D7CC8D30ADE8F2DDA7E
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/WNXcUWyOPw_jgwsMhjt3tr-DAXY.roa
Signing time: Fri 24 Jan 2025 12:46:06 +0000
ROA not before: Fri 24 Jan 2025 12:46:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21396
IP address blocks: 185.181.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:98:59:25:26:fb:82:1d:7c:c8:d3:0a:de:8f:2d:da:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Jan 24 12:46:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=58d5dc516c8e3f0fe3830b0c863b77b6bf830176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:a7:08:21:31:a1:7b:92:8d:aa:dd:11:21:84:
8c:e0:ff:0e:8b:c4:c2:75:3d:28:f5:11:c8:a3:6a:
8c:e2:fe:b4:19:74:be:4b:c8:ec:c7:f4:97:cf:c5:
d3:d3:a3:c9:c3:d1:98:b4:d9:d5:00:b2:13:92:99:
99:be:bb:07:d3:52:f1:f8:3c:6d:6b:ef:6e:6f:7a:
45:21:bd:49:b6:11:94:ba:b4:ab:00:63:e1:64:dc:
a2:eb:f8:28:24:36:47:5c:fe:8c:64:2d:a7:77:77:
8e:28:8e:cc:55:48:c6:e9:ba:5e:86:3d:21:88:9b:
64:9f:44:84:70:a8:f1:88:7a:e7:9a:5b:a5:cd:ba:
74:3d:84:32:ce:9a:63:d9:f9:c3:db:9a:d0:8b:b0:
df:6f:70:a4:87:77:20:78:c8:41:a6:c6:f4:6b:5c:
d3:7b:3c:4d:a8:2e:bc:39:a4:a9:d8:6b:98:95:34:
8f:5b:5f:f4:7d:42:b0:b1:25:bf:14:1b:7a:bb:c1:
b1:16:d5:bb:0c:19:3f:04:a9:43:60:16:c0:88:a1:
e5:ec:ed:f3:5c:4c:6e:64:ea:21:f2:37:49:f6:9c:
8b:4f:da:c5:b0:38:b6:f2:69:7b:80:cb:55:70:11:
d3:c2:16:9b:9f:b1:fa:a1:59:68:18:09:e4:33:5d:
2c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:D5:DC:51:6C:8E:3F:0F:E3:83:0B:0C:86:3B:77:B6:BF:83:01:76
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/WNXcUWyOPw_jgwsMhjt3tr-DAXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.181.252.0/24
Signature Algorithm: sha256WithRSAEncryption
23:ee:17:d1:71:99:84:75:bb:32:d1:2b:6a:bd:74:41:0d:7c:
d4:2f:3c:5c:2e:32:94:95:72:b4:4f:f7:ee:2a:ca:e0:12:13:
17:fd:14:df:90:77:75:88:e1:92:16:6a:1b:f3:f4:ea:82:a6:
cd:24:4e:ed:27:5f:6a:5c:4b:fb:15:27:94:df:ba:50:12:21:
d4:b0:bb:fb:c9:80:4b:da:5d:5c:16:78:68:b3:ac:0a:72:11:
11:37:e8:b0:30:c3:8b:ec:84:50:c2:27:e8:f0:a3:f4:d7:cd:
72:df:5e:5f:e8:38:ef:c7:a0:58:06:9e:b5:87:23:cc:31:98:
ff:22:71:ef:d7:15:dc:b4:7f:ef:8d:09:cb:44:21:a4:46:ac:
4e:be:fb:6b:87:b9:a7:e9:2b:26:e4:69:bd:2e:fd:e6:48:76:
1b:91:db:1a:06:9b:8a:31:9d:44:62:0f:51:6e:a1:25:4a:80:
94:65:95:b3:aa:cc:7f:77:e6:2c:38:af:02:b5:c7:13:88:84:
95:77:f7:f4:70:4f:ce:c8:35:4e:76:88:95:c2:ef:6a:e0:5c:
71:12:cb:cd:85:b7:c6:2c:24:36:f2:05:5f:c3:66:cd:89:81:
80:7f:09:4f:8e:11:2f:a9:20:7f:ca:71:8a:ae:cf:e1:d6:a0:
62:11:1b:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSYWSUm+4IdfMjTCt6PLdp+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjUwMTI0MTI0NjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGQ1ZGM1MTZjOGUzZjBmZTM4MzBiMGM4NjNiNzdiNmJmODMwMTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KcIITGhe5KNqt0RIYSM4P8Oi8TC
dT0o9RHIo2qM4v60GXS+S8jsx/SXz8XT06PJw9GYtNnVALITkpmZvrsH01Lx+Dxt
a+9ub3pFIb1JthGUurSrAGPhZNyi6/goJDZHXP6MZC2nd3eOKI7MVUjG6bpehj0h
iJtkn0SEcKjxiHrnmlulzbp0PYQyzppj2fnD25rQi7Dfb3Ckh3cgeMhBpsb0a1zT
ezxNqC68OaSp2GuYlTSPW1/0fUKwsSW/FBt6u8GxFtW7DBk/BKlDYBbAiKHl7O3z
XExuZOoh8jdJ9pyLT9rFsDi28ml7gMtVcBHTwhabn7H6oVloGAnkM10skQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFjV3FFsjj8P44MLDIY7d7a/gwF2MB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvV05YY1VXeU9Qd19qZ3dzTWhqdDN0ci1EQVhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubX8MA0G
CSqGSIb3DQEBCwUAA4IBAQAj7hfRcZmEdbsy0StqvXRBDXzULzxcLjKUlXK0T/fu
KsrgEhMX/RTfkHd1iOGSFmob8/TqgqbNJE7tJ19qXEv7FSeU37pQEiHUsLv7yYBL
2l1cFnhos6wKchERN+iwMMOL7IRQwifo8KP0181y315f6Djvx6BYBp61hyPMMZj/
InHv1xXctH/vjQnLRCGkRqxOvvtrh7mn6Ssm5Gm9Lv3mSHYbkdsaBpuKMZ1EYg9R
bqElSoCUZZWzqsx/d+YsOK8CtccTiISVd/f0cE/OyDVOdoiVwu9q4FxxEsvNhbfG
LCQ28gVfw2bNiYGAfwlPjhEvqSB/ynGKrs/h1qBiERsy
-----END CERTIFICATE-----
Generated at Mon Apr 7 14:37:32 2025 by rpki-client