Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/XkV_BzJ-10BB1M0sgp5kpjzCQ_0.roa
File: XkV_BzJ-10BB1M0sgp5kpjzCQ_0.roa (raw, json)
Hash identifier: 4EePChQLAU75id7JSNxKuA3gIb+9FFNSZgknDwLIyC0=
Subject key identifier: 5E:45:7F:07:32:7E:D7:40:41:D4:CD:2C:82:9E:64:A6:3C:C2:43:FD
Certificate issuer: /CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Certificate serial: 0194228DD20888199397401BF855BA3A161B
Authority key identifier: 1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/XkV_BzJ-10BB1M0sgp5kpjzCQ_0.roa
Signing time: Wed 01 Jan 2025 15:48:27 +0000
ROA not before: Wed 01 Jan 2025 15:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 142146
IP address blocks: 185.217.195.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:d2:08:88:19:93:97:40:1b:f8:55:ba:3a:16:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Validity
Not Before: Jan 1 15:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e457f07327ed74041d4cd2c829e64a63cc243fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:56:3f:aa:e6:10:84:d1:1f:03:17:87:69:48:
8f:72:5e:e9:4f:7a:77:4d:59:05:5e:44:3c:21:92:
2e:d1:d3:52:2b:34:1d:d2:7f:f8:3f:70:43:72:61:
87:43:12:12:da:d2:22:0c:c2:8a:7e:56:8f:92:56:
5f:41:4f:38:8a:25:e1:13:b3:b9:d6:3a:7b:d7:6e:
83:6e:fb:57:b2:bb:bb:a8:ff:7a:59:6f:fe:44:f5:
d0:3c:f6:8b:67:4f:42:db:a9:b6:50:c9:22:3b:26:
aa:4d:a0:a2:9c:81:dd:b7:1d:5c:75:e8:9a:b9:06:
70:39:32:d3:33:82:a7:ab:fe:da:53:db:07:15:3d:
1c:ce:cf:ac:9e:97:ee:1a:b6:01:39:2b:b7:44:f6:
71:be:38:78:c1:84:bb:b9:d6:6f:4e:04:52:e8:78:
fa:3f:f4:63:be:91:bc:c6:7c:c3:ef:ce:78:12:0d:
cc:cc:62:f0:70:a8:17:d3:cf:86:a8:3b:f7:8a:aa:
fa:b2:2a:83:7d:cd:f9:ab:4b:d1:72:fb:af:98:6c:
55:93:e8:ad:76:9c:9c:e6:fa:92:28:e9:9d:69:36:
f6:c7:b7:9c:d2:3b:97:f3:8c:54:0d:e6:4b:c8:77:
c9:d3:14:10:c4:00:40:0d:f6:9e:ac:82:d0:13:1a:
e1:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:45:7F:07:32:7E:D7:40:41:D4:CD:2C:82:9E:64:A6:3C:C2:43:FD
X509v3 Authority Key Identifier:
keyid:1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/XkV_BzJ-10BB1M0sgp5kpjzCQ_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/HHrXdUeV3dYF8og4u3zDWd96Jmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.195.0/24
Signature Algorithm: sha256WithRSAEncryption
12:aa:70:49:0c:37:e6:1f:ae:71:25:df:4a:65:26:48:b5:bf:
e2:5c:d5:d2:a8:68:b2:4d:69:3a:d1:bf:6f:8a:7f:3f:8e:20:
3d:99:82:00:93:31:58:b7:2c:9c:71:24:6c:51:fd:6a:17:76:
38:6f:2a:d9:c4:ac:eb:aa:f9:99:7f:fb:ed:d6:d1:65:4c:33:
ad:dd:4d:9f:ac:81:69:fe:29:57:02:cd:12:5e:29:4f:59:f0:
ae:44:ec:83:2d:a7:de:0b:23:a8:e4:51:2b:f8:c4:e3:1f:d3:
e1:51:e6:29:e0:0d:36:56:8b:f7:fa:fe:a7:f6:d1:b4:cb:0f:
da:8b:0a:50:b6:e7:c6:f5:68:6a:ac:d1:26:d5:ee:bc:bd:89:
9c:83:f7:16:0b:e2:a8:c5:d4:5d:3d:3a:10:17:ea:21:43:01:
28:a2:b7:5c:e4:03:f7:f3:49:c1:60:86:e0:be:5f:00:aa:23:
f0:57:2a:fd:51:c0:d7:d0:c7:1b:b1:8a:b4:34:8d:05:da:1e:
3f:9c:61:ee:b3:34:4c:01:5c:7f:68:b0:79:69:3f:aa:b1:07:
2d:80:1c:92:7f:3e:20:87:56:cc:73:e0:50:0c:4b:d9:45:1c:
77:5b:d5:07:e2:b5:88:1b:7c:b5:a6:22:41:5b:0a:cd:ea:44:
fd:02:48:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijdIIiBmTl0Ab+FW6OhYbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2FkNzc1NDc5NWRkZDYwNWYyODgzOGJiN2NjMzU5ZGY3
YTI2NmEwHhcNMjUwMTAxMTU0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTQ1N2YwNzMyN2VkNzQwNDFkNGNkMmM4MjllNjRhNjNjYzI0M2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVY/quYQhNEfAxeHaUiPcl7pT3p3
TVkFXkQ8IZIu0dNSKzQd0n/4P3BDcmGHQxIS2tIiDMKKflaPklZfQU84iiXhE7O5
1jp7126DbvtXsru7qP96WW/+RPXQPPaLZ09C26m2UMkiOyaqTaCinIHdtx1cdeia
uQZwOTLTM4Knq/7aU9sHFT0czs+snpfuGrYBOSu3RPZxvjh4wYS7udZvTgRS6Hj6
P/RjvpG8xnzD7854Eg3MzGLwcKgX08+GqDv3iqr6siqDfc35q0vRcvuvmGxVk+it
dpyc5vqSKOmdaTb2x7ec0juX84xUDeZLyHfJ0xQQxABADfaerILQExrhNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF5FfwcyftdAQdTNLIKeZKY8wkP9MB8GA1UdIwQY
MBaAFBx613VHld3WBfKIOLt8w1nfeiZqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgt
YWRhNWMyMGUzZjdiLzEvWGtWX0J6Si0xMEJCMU0wc2dwNWtwanpDUV8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgtYWRhNWMyMGUzZjdi
LzEvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudnDMA0G
CSqGSIb3DQEBCwUAA4IBAQASqnBJDDfmH65xJd9KZSZItb/iXNXSqGiyTWk60b9v
in8/jiA9mYIAkzFYtyyccSRsUf1qF3Y4byrZxKzrqvmZf/vt1tFlTDOt3U2frIFp
/ilXAs0SXilPWfCuROyDLafeCyOo5FEr+MTjH9PhUeYp4A02Vov3+v6n9tG0yw/a
iwpQtufG9WhqrNEm1e68vYmcg/cWC+KoxdRdPToQF+ohQwEoordc5AP380nBYIbg
vl8AqiPwVyr9UcDX0McbsYq0NI0F2h4/nGHuszRMAVx/aLB5aT+qsQctgBySfz4g
h1bMc+BQDEvZRRx3W9UH4rWIG3y1piJBWwrN6kT9AkgG
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:54 2025 by rpki-client