Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9c5c1f-f4b6-45a8-9c9f-30733d370df3/1/x5hcCT_pnCegVho4bWAxZzf2qpw.roa
File: x5hcCT_pnCegVho4bWAxZzf2qpw.roa (raw, json)
Hash identifier: Dn/NH4vuyRdNLuvR+t3zMheYrsd6ixnhzcIiKC8V59s=
Subject key identifier: C7:98:5C:09:3F:E9:9C:27:A0:56:1A:38:6D:60:31:67:37:F6:AA:9C
Certificate issuer: /CN=3b637ccf393f52e0b56fb58ee35af54411daf644
Certificate serial: 0194221F9AFE37D8605331C17729AD1167CF
Authority key identifier: 3B:63:7C:CF:39:3F:52:E0:B5:6F:B5:8E:E3:5A:F5:44:11:DA:F6:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O2N8zzk_UuC1b7WO41r1RBHa9kQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9c5c1f-f4b6-45a8-9c9f-30733d370df3/1/x5hcCT_pnCegVho4bWAxZzf2qpw.roa
Signing time: Wed 01 Jan 2025 13:48:04 +0000
ROA not before: Wed 01 Jan 2025 13:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15830
IP address blocks: 185.63.73.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:9a:fe:37:d8:60:53:31:c1:77:29:ad:11:67:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b637ccf393f52e0b56fb58ee35af54411daf644
Validity
Not Before: Jan 1 13:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c7985c093fe99c27a0561a386d60316737f6aa9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:db:41:22:38:27:02:8f:95:c5:5e:74:91:88:
8f:d2:dd:09:74:af:65:8a:4c:d5:28:97:0f:16:40:
af:ba:e0:2d:a0:7c:b9:60:65:51:8e:4d:b3:8c:c1:
3d:3d:d7:77:df:b3:52:9f:0d:9e:a4:28:10:95:9a:
11:3e:a1:fa:42:2b:a1:79:7b:d3:c7:a1:f4:52:71:
b5:28:c3:87:b3:25:bf:d7:73:19:eb:00:22:3f:a6:
92:9c:0b:c6:a3:54:b9:3e:e7:04:ab:fc:70:4f:b1:
9a:cf:2a:0c:26:5e:38:4c:df:f5:7b:5c:ed:1c:aa:
71:fb:41:36:08:89:08:04:10:52:d0:1b:80:c6:80:
19:45:84:97:f7:1a:fc:60:69:6e:0c:ef:23:68:e4:
90:eb:05:0f:98:e5:eb:bf:d5:ab:42:b9:41:5d:e5:
94:8b:08:3f:1b:93:57:f9:b5:c5:bc:ff:27:9e:1d:
69:01:27:d8:15:22:e4:21:79:b2:b1:85:b7:66:14:
52:41:db:99:76:48:32:8b:5c:97:bc:97:0e:24:d1:
a7:d3:3e:f8:05:bb:85:43:77:a8:0d:74:fa:2d:fc:
69:1e:81:c5:4c:7f:42:bd:cf:56:7e:3f:b1:e6:a1:
ee:1c:ea:13:5b:08:ae:5b:93:6c:8f:c4:e1:fe:9b:
62:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:98:5C:09:3F:E9:9C:27:A0:56:1A:38:6D:60:31:67:37:F6:AA:9C
X509v3 Authority Key Identifier:
keyid:3B:63:7C:CF:39:3F:52:E0:B5:6F:B5:8E:E3:5A:F5:44:11:DA:F6:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O2N8zzk_UuC1b7WO41r1RBHa9kQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9c5c1f-f4b6-45a8-9c9f-30733d370df3/1/x5hcCT_pnCegVho4bWAxZzf2qpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9c5c1f-f4b6-45a8-9c9f-30733d370df3/1/O2N8zzk_UuC1b7WO41r1RBHa9kQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.73.0/24
Signature Algorithm: sha256WithRSAEncryption
37:f7:59:79:3f:43:2b:74:00:ef:bc:19:6c:56:da:01:c3:58:
6d:1a:f4:6c:a1:de:a4:78:56:8b:cc:4e:16:d8:fc:48:ea:fa:
9f:66:e3:5b:07:80:6f:6c:1f:27:ac:1b:1b:db:91:ad:bd:2b:
9d:33:bc:ed:16:d5:77:71:2d:03:70:27:09:cf:af:e4:2a:dd:
56:8d:76:26:de:22:d9:68:e1:f7:b8:7a:b9:7f:27:2e:d6:d0:
71:a8:b0:f0:d2:c8:56:63:62:cb:82:c6:68:7b:0c:2d:bc:01:
88:d0:ee:03:16:b8:db:40:48:17:da:1d:52:d2:9e:29:c2:15:
13:0b:15:9d:a3:c3:f4:52:9c:b4:4d:c0:7d:b7:ee:dd:46:a9:
49:70:7d:ec:df:4c:2f:16:06:6e:6b:08:ba:e9:4f:50:60:32:
0b:94:69:cd:9d:86:9a:da:11:99:4a:16:f7:7f:71:79:6a:19:
4e:e9:f5:35:6c:e4:07:f6:75:0c:2d:37:e6:7c:0c:aa:a1:db:
cb:20:c6:98:6c:5a:d6:42:05:45:ac:f8:da:1f:e0:ae:69:54:
e4:d6:7c:a6:e9:98:87:c5:7b:46:7a:9e:a3:d5:23:ed:c4:36:
ad:9d:20:f1:57:ef:a3:5b:8c:67:98:6e:ab:89:1e:40:ab:16:
bf:ae:c8:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH5r+N9hgUzHBdymtEWfPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNjM3Y2NmMzkzZjUyZTBiNTZmYjU4ZWUzNWFmNTQ0MTFk
YWY2NDQwHhcNMjUwMTAxMTM0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzk4NWMwOTNmZTk5YzI3YTA1NjFhMzg2ZDYwMzE2NzM3ZjZhYTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNtBIjgnAo+VxV50kYiP0t0JdK9l
ikzVKJcPFkCvuuAtoHy5YGVRjk2zjME9Pdd337NSnw2epCgQlZoRPqH6QiuheXvT
x6H0UnG1KMOHsyW/13MZ6wAiP6aSnAvGo1S5PucEq/xwT7GazyoMJl44TN/1e1zt
HKpx+0E2CIkIBBBS0BuAxoAZRYSX9xr8YGluDO8jaOSQ6wUPmOXrv9WrQrlBXeWU
iwg/G5NX+bXFvP8nnh1pASfYFSLkIXmysYW3ZhRSQduZdkgyi1yXvJcOJNGn0z74
BbuFQ3eoDXT6LfxpHoHFTH9Cvc9Wfj+x5qHuHOoTWwiuW5Nsj8Th/pti2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMeYXAk/6ZwnoFYaOG1gMWc39qqcMB8GA1UdIwQY
MBaAFDtjfM85P1LgtW+1juNa9UQR2vZEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzJOOHp6a19VdUMxYjdXTzQxcjFSQkhhOWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85YzVjMWYtZjRiNi00NWE4LTljOWYt
MzA3MzNkMzcwZGYzLzEveDVoY0NUX3BuQ2VnVmhvNGJXQXhaemYycXB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85YzVjMWYtZjRiNi00NWE4LTljOWYtMzA3MzNkMzcwZGYz
LzEvTzJOOHp6a19VdUMxYjdXTzQxcjFSQkhhOWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuT9JMA0G
CSqGSIb3DQEBCwUAA4IBAQA391l5P0MrdADvvBlsVtoBw1htGvRsod6keFaLzE4W
2PxI6vqfZuNbB4BvbB8nrBsb25GtvSudM7ztFtV3cS0DcCcJz6/kKt1WjXYm3iLZ
aOH3uHq5fycu1tBxqLDw0shWY2LLgsZoewwtvAGI0O4DFrjbQEgX2h1S0p4pwhUT
CxWdo8P0Upy0TcB9t+7dRqlJcH3s30wvFgZuawi66U9QYDILlGnNnYaa2hGZShb3
f3F5ahlO6fU1bOQH9nUMLTfmfAyqodvLIMaYbFrWQgVFrPjaH+CuaVTk1nym6ZiH
xXtGep6j1SPtxDatnSDxV++jW4xnmG6riR5Aqxa/rsgf
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:44:15 2025 by rpki-client