Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/311bc5-3f36-4d5e-abde-b8da89406bed/1/xRvop4eDwIlWec9OLfdUtV2OZS4.roa
File: xRvop4eDwIlWec9OLfdUtV2OZS4.roa (raw, json)
Hash identifier: dMqiD2K0LVdcRyi1ti46JUn48ZtCTxuc9WQCXxg9omI=
Subject key identifier: C5:1B:E8:A7:87:83:C0:89:56:79:CF:4E:2D:F7:54:B5:5D:8E:65:2E
Certificate issuer: /CN=52e02224ffb971172e4935ed7dd965d1155089b6
Certificate serial: 0194222042E5A82C7E38ECAFD142E414F1FC
Authority key identifier: 52:E0:22:24:FF:B9:71:17:2E:49:35:ED:7D:D9:65:D1:15:50:89:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UuAiJP-5cRcuSTXtfdll0RVQibY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/311bc5-3f36-4d5e-abde-b8da89406bed/1/xRvop4eDwIlWec9OLfdUtV2OZS4.roa
Signing time: Wed 01 Jan 2025 13:48:47 +0000
ROA not before: Wed 01 Jan 2025 13:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198781
IP address blocks: 185.121.16.0/22 maxlen: 22
185.121.16.0/24 maxlen: 24
185.121.18.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:42:e5:a8:2c:7e:38:ec:af:d1:42:e4:14:f1:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52e02224ffb971172e4935ed7dd965d1155089b6
Validity
Not Before: Jan 1 13:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c51be8a78783c0895679cf4e2df754b55d8e652e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:9b:dd:78:77:7f:82:17:2c:00:01:5b:ae:26:
b4:50:af:35:47:6f:d3:60:c8:39:ba:1e:90:2a:24:
95:27:c9:be:6b:f9:a9:d1:2b:82:d4:2b:28:a0:ac:
bc:6b:ed:da:fa:ea:f4:05:3d:dc:2f:ae:08:50:9f:
a0:b5:21:34:de:c5:9f:5d:f6:4c:3d:5e:24:a8:2b:
d8:ac:8c:91:ac:8d:66:c2:64:c2:2d:ed:e7:34:bc:
01:65:a0:a8:d0:cd:87:d2:30:b9:10:26:1d:36:77:
82:95:71:91:74:24:48:a0:7f:79:04:7f:b2:dc:0f:
2d:b1:40:26:a7:9e:68:df:c8:13:8c:48:90:4b:5d:
9d:2e:2d:71:e8:fc:7d:90:1a:2f:af:02:af:7c:e0:
10:c7:2f:b0:f7:39:a1:eb:2e:15:a4:41:0f:f2:fd:
ff:d0:03:da:b6:b3:aa:5a:4d:ee:f0:b3:60:4f:44:
bd:aa:ea:1e:03:20:ed:e8:5c:23:64:50:f4:75:eb:
48:f0:a9:f3:9e:dd:1d:1a:0a:11:3d:d5:79:a6:26:
a3:63:07:70:99:f2:81:8c:8f:43:93:70:4a:54:92:
ef:f7:e0:2a:37:2e:a5:c0:66:26:b9:a7:15:d4:53:
69:0f:61:30:fd:91:4b:55:56:33:39:53:f5:2b:9e:
ed:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:1B:E8:A7:87:83:C0:89:56:79:CF:4E:2D:F7:54:B5:5D:8E:65:2E
X509v3 Authority Key Identifier:
keyid:52:E0:22:24:FF:B9:71:17:2E:49:35:ED:7D:D9:65:D1:15:50:89:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UuAiJP-5cRcuSTXtfdll0RVQibY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/311bc5-3f36-4d5e-abde-b8da89406bed/1/xRvop4eDwIlWec9OLfdUtV2OZS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/311bc5-3f36-4d5e-abde-b8da89406bed/1/UuAiJP-5cRcuSTXtfdll0RVQibY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.16.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:42:58:f0:e1:01:3d:d4:43:47:de:63:47:01:3d:3d:af:00:
06:4e:70:c0:68:05:34:68:6a:b2:7c:a1:44:37:b9:d4:74:ee:
c0:1e:bc:14:4c:bf:a2:a2:12:df:b9:e5:69:61:bf:bd:fe:3c:
e4:da:9f:ef:1b:6f:51:24:f1:ee:d4:8b:cf:45:48:2f:37:b4:
bc:82:4c:d9:f2:83:01:1b:b5:3f:72:5e:6e:69:e2:5d:9b:40:
a7:5c:7f:4d:9c:75:ca:9f:79:0e:0c:f7:f0:60:2b:e2:2b:6d:
df:58:12:4e:c8:e2:eb:d0:1a:68:9c:ca:c0:f2:99:3f:cc:2c:
d1:5b:65:b7:79:06:74:12:78:67:73:6f:f0:e8:75:2a:53:69:
9a:5c:98:e8:76:91:29:e4:60:e9:15:20:08:e0:24:ba:53:a1:
ac:59:4b:cd:82:86:18:72:81:19:c3:7a:2d:11:dd:e4:21:7b:
8c:f8:23:e0:a7:62:f6:25:0c:35:1b:af:ba:55:d1:bf:cb:33:
b7:ab:20:3a:df:d1:5d:cb:c3:0a:2c:f1:50:0c:ce:57:9a:50:
1b:c9:71:20:fe:95:0b:8f:66:16:cf:67:29:e6:ec:d5:d2:c5:
3c:ec:5a:f4:60:4f:f9:7d:b5:16:b7:5b:a2:18:ab:cb:fb:b1:
c9:7c:db:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIELlqCx+OOyv0ULkFPH8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZTAyMjI0ZmZiOTcxMTcyZTQ5MzVlZDdkZDk2NWQxMTU1
MDg5YjYwHhcNMjUwMTAxMTM0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTFiZThhNzg3ODNjMDg5NTY3OWNmNGUyZGY3NTRiNTVkOGU2NTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpvdeHd/ghcsAAFbria0UK81R2/T
YMg5uh6QKiSVJ8m+a/mp0SuC1CsooKy8a+3a+ur0BT3cL64IUJ+gtSE03sWfXfZM
PV4kqCvYrIyRrI1mwmTCLe3nNLwBZaCo0M2H0jC5ECYdNneClXGRdCRIoH95BH+y
3A8tsUAmp55o38gTjEiQS12dLi1x6Px9kBovrwKvfOAQxy+w9zmh6y4VpEEP8v3/
0APatrOqWk3u8LNgT0S9quoeAyDt6FwjZFD0detI8Knznt0dGgoRPdV5piajYwdw
mfKBjI9Dk3BKVJLv9+AqNy6lwGYmuacV1FNpD2Ew/ZFLVVYzOVP1K57trwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMUb6KeHg8CJVnnPTi33VLVdjmUuMB8GA1UdIwQY
MBaAFFLgIiT/uXEXLkk17X3ZZdEVUIm2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXVBaUpQLTVjUmN1U1RYdGZkbGwwUlZRaWJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8zMTFiYzUtM2YzNi00ZDVlLWFiZGUt
YjhkYTg5NDA2YmVkLzEveFJ2b3A0ZUR3SWxXZWM5T0xmZFV0VjJPWlM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8zMTFiYzUtM2YzNi00ZDVlLWFiZGUtYjhkYTg5NDA2YmVk
LzEvVXVBaUpQLTVjUmN1U1RYdGZkbGwwUlZRaWJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXkQMA0G
CSqGSIb3DQEBCwUAA4IBAQB6Qljw4QE91ENH3mNHAT09rwAGTnDAaAU0aGqyfKFE
N7nUdO7AHrwUTL+iohLfueVpYb+9/jzk2p/vG29RJPHu1IvPRUgvN7S8gkzZ8oMB
G7U/cl5uaeJdm0CnXH9NnHXKn3kODPfwYCviK23fWBJOyOLr0BponMrA8pk/zCzR
W2W3eQZ0Enhnc2/w6HUqU2maXJjodpEp5GDpFSAI4CS6U6GsWUvNgoYYcoEZw3ot
Ed3kIXuM+CPgp2L2JQw1G6+6VdG/yzO3qyA639Fdy8MKLPFQDM5XmlAbyXEg/pUL
j2YWz2cp5uzV0sU87Fr0YE/5fbUWt1uiGKvL+7HJfNt2
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:23 2025 by rpki-client