Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/5ef060-f473-4043-b8a2-e1b7c7649fa3/1/eXFZQO35x46hI1_B-kM0oX7ba3w.roa
File: eXFZQO35x46hI1_B-kM0oX7ba3w.roa (raw, json)
Hash identifier: IKEAMPDMrBLKazuRwlONi5mwZJ2E45qg/Wd4/iF4QYg=
Subject key identifier: 79:71:59:40:ED:F9:C7:8E:A1:23:5F:C1:FA:43:34:A1:7E:DB:6B:7C
Certificate issuer: /CN=87c37d035d95fefba1d47f98b9ff4973f17df6cd
Certificate serial: 0194228E12B1FC76DD7E0D3427145058A32E
Authority key identifier: 87:C3:7D:03:5D:95:FE:FB:A1:D4:7F:98:B9:FF:49:73:F1:7D:F6:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h8N9A12V_vuh1H-Yuf9Jc_F99s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/5ef060-f473-4043-b8a2-e1b7c7649fa3/1/eXFZQO35x46hI1_B-kM0oX7ba3w.roa
Signing time: Wed 01 Jan 2025 15:48:43 +0000
ROA not before: Wed 01 Jan 2025 15:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200286
IP address blocks: 185.59.52.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:12:b1:fc:76:dd:7e:0d:34:27:14:50:58:a3:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87c37d035d95fefba1d47f98b9ff4973f17df6cd
Validity
Not Before: Jan 1 15:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=79715940edf9c78ea1235fc1fa4334a17edb6b7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c9:63:59:f4:43:06:3f:1f:24:e2:91:22:ea:
47:c6:82:b8:3b:e6:ea:99:25:fe:2c:c9:66:b9:4c:
24:3a:ec:36:1f:98:89:ef:58:4e:44:3b:9e:f0:ea:
23:df:2e:ba:a6:3f:52:17:a2:c0:87:c3:89:9c:0c:
a0:96:14:43:47:65:79:c5:80:19:79:aa:7b:b2:33:
01:43:64:fc:c2:16:7c:61:52:74:5d:ae:04:2b:3a:
22:cb:68:dd:bf:3d:41:0d:96:17:c9:37:8e:19:d5:
9d:e7:99:b9:3e:35:22:0c:ed:43:96:f7:4b:6d:c2:
08:c3:46:89:a6:4f:9a:f7:d7:95:e3:d5:18:ff:1b:
6b:8c:bf:89:35:31:b3:dd:b2:a0:67:1f:45:2b:92:
84:84:e4:96:3a:4a:4b:62:51:d7:31:8c:50:10:91:
60:f3:f2:ef:31:1a:e4:17:29:76:a9:8f:b1:4e:5b:
24:0c:60:85:43:5e:b3:06:2e:ea:d7:f4:e3:39:53:
b8:a8:d2:bd:0b:73:77:e4:2b:fb:91:7e:0d:f7:fc:
16:b5:f2:cc:a1:4e:4a:ab:79:1d:6d:34:1d:e3:31:
78:e4:57:ef:6d:a3:c0:60:99:3f:ec:32:9c:2e:96:
5b:39:07:79:63:73:c7:79:a2:d2:34:dd:92:8b:2c:
64:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:71:59:40:ED:F9:C7:8E:A1:23:5F:C1:FA:43:34:A1:7E:DB:6B:7C
X509v3 Authority Key Identifier:
keyid:87:C3:7D:03:5D:95:FE:FB:A1:D4:7F:98:B9:FF:49:73:F1:7D:F6:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h8N9A12V_vuh1H-Yuf9Jc_F99s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/5ef060-f473-4043-b8a2-e1b7c7649fa3/1/eXFZQO35x46hI1_B-kM0oX7ba3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/5ef060-f473-4043-b8a2-e1b7c7649fa3/1/h8N9A12V_vuh1H-Yuf9Jc_F99s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.59.52.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:a3:b7:09:6c:2e:7e:d1:f5:b8:23:63:c4:61:c2:6d:f9:24:
26:14:5a:b8:1c:04:55:d8:df:06:6b:8d:d9:f7:6f:d8:ae:9a:
ad:51:ab:d0:1b:11:6d:17:68:4d:68:6f:59:8f:47:2b:88:05:
9f:86:93:99:13:b8:02:c5:5e:3c:38:22:1c:1d:1e:f6:af:9e:
ac:cb:6e:90:78:a5:87:c9:1d:25:53:f7:a9:05:99:6c:9f:89:
ee:ce:9d:28:8d:9f:5b:d0:c8:2d:50:8a:3a:1a:aa:12:f5:24:
3f:28:87:80:a8:02:a5:87:44:ab:fc:ad:db:c7:9e:fe:23:50:
f9:4f:66:bf:a9:ad:7e:86:d3:73:7d:42:6f:bf:c3:83:e5:4f:
23:06:7e:48:99:48:59:df:05:e1:7b:80:85:95:f3:d3:3b:26:
04:f2:48:ba:6f:72:1c:54:22:98:1d:da:ae:23:88:f6:ad:31:
74:08:52:00:12:5a:97:5e:03:c2:f8:3d:d0:f0:65:c4:29:c2:
d4:14:c9:5b:6e:64:e2:3e:20:30:0f:dd:5d:4a:a8:9b:86:fc:
45:76:ce:43:1d:73:29:c4:97:6e:e4:23:0a:16:57:6c:17:8e:
3d:4e:ff:ef:af:5b:1f:4e:29:74:46:c2:fe:07:f5:2f:c0:13:
64:86:e3:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijhKx/Hbdfg00JxRQWKMuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YzM3ZDAzNWQ5NWZlZmJhMWQ0N2Y5OGI5ZmY0OTczZjE3
ZGY2Y2QwHhcNMjUwMTAxMTU0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTcxNTk0MGVkZjljNzhlYTEyMzVmYzFmYTQzMzRhMTdlZGI2YjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMljWfRDBj8fJOKRIupHxoK4O+bq
mSX+LMlmuUwkOuw2H5iJ71hORDue8Ooj3y66pj9SF6LAh8OJnAyglhRDR2V5xYAZ
eap7sjMBQ2T8whZ8YVJ0Xa4EKzoiy2jdvz1BDZYXyTeOGdWd55m5PjUiDO1DlvdL
bcIIw0aJpk+a99eV49UY/xtrjL+JNTGz3bKgZx9FK5KEhOSWOkpLYlHXMYxQEJFg
8/LvMRrkFyl2qY+xTlskDGCFQ16zBi7q1/TjOVO4qNK9C3N35Cv7kX4N9/wWtfLM
oU5Kq3kdbTQd4zF45FfvbaPAYJk/7DKcLpZbOQd5Y3PHeaLSNN2SiyxkKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHlxWUDt+ceOoSNfwfpDNKF+22t8MB8GA1UdIwQY
MBaAFIfDfQNdlf77odR/mLn/SXPxffbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDhOOUExMlZfdnVoMUgtWXVmOUpjX0Y5OXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS81ZWYwNjAtZjQ3My00MDQzLWI4YTIt
ZTFiN2M3NjQ5ZmEzLzEvZVhGWlFPMzV4NDZoSTFfQi1rTTBvWDdiYTN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS81ZWYwNjAtZjQ3My00MDQzLWI4YTItZTFiN2M3NjQ5ZmEz
LzEvaDhOOUExMlZfdnVoMUgtWXVmOUpjX0Y5OXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTs0MA0G
CSqGSIb3DQEBCwUAA4IBAQAKo7cJbC5+0fW4I2PEYcJt+SQmFFq4HARV2N8Ga43Z
92/YrpqtUavQGxFtF2hNaG9Zj0criAWfhpOZE7gCxV48OCIcHR72r56sy26QeKWH
yR0lU/epBZlsn4nuzp0ojZ9b0MgtUIo6GqoS9SQ/KIeAqAKlh0Sr/K3bx57+I1D5
T2a/qa1+htNzfUJvv8OD5U8jBn5ImUhZ3wXhe4CFlfPTOyYE8ki6b3IcVCKYHdqu
I4j2rTF0CFIAElqXXgPC+D3Q8GXEKcLUFMlbbmTiPiAwD91dSqibhvxFds5DHXMp
xJdu5CMKFldsF449Tv/vr1sfTil0RsL+B/UvwBNkhuPj
-----END CERTIFICATE-----
Generated at Mon Apr 7 22:23:55 2025 by rpki-client