Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/c67d90-d304-481b-8a64-1e326deba4d0/1/CXV5h4NnxextID8ps-zs1B6iIxg.roa
File: CXV5h4NnxextID8ps-zs1B6iIxg.roa (raw, json)
Hash identifier: H0fWCwenw+LaQh1zQTvHX9xYl9ZHHPd/qzueTxfRIcY=
Subject key identifier: 09:75:79:87:83:67:C5:EC:6D:20:3F:29:B3:EC:EC:D4:1E:A2:23:18
Certificate issuer: /CN=8bdea2d4ab1380f0a3b7fe7d4fa7828e1c943558
Certificate serial: 019420D5BED9BF8BFCE952B9AB7929F6D7B4
Authority key identifier: 8B:DE:A2:D4:AB:13:80:F0:A3:B7:FE:7D:4F:A7:82:8E:1C:94:35:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i96i1KsTgPCjt_59T6eCjhyUNVg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/c67d90-d304-481b-8a64-1e326deba4d0/1/CXV5h4NnxextID8ps-zs1B6iIxg.roa
Signing time: Wed 01 Jan 2025 07:47:46 +0000
ROA not before: Wed 01 Jan 2025 07:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43824
IP address blocks: 185.252.100.0/24 maxlen: 24
185.252.101.0/24 maxlen: 24
185.252.102.0/24 maxlen: 24
185.252.103.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:be:d9:bf:8b:fc:e9:52:b9:ab:79:29:f6:d7:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdea2d4ab1380f0a3b7fe7d4fa7828e1c943558
Validity
Not Before: Jan 1 07:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=097579878367c5ec6d203f29b3ececd41ea22318
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:68:ab:74:c0:21:0d:e7:e1:ad:b7:29:47:2a:
f0:01:69:ae:17:77:1f:ba:8c:73:dd:3b:bf:1e:d9:
99:a0:eb:f5:2c:3f:23:29:b7:6b:83:13:ea:20:43:
a5:c3:47:e4:4a:1d:71:37:cc:cd:f1:23:61:36:b6:
ee:c1:11:2c:f0:07:e4:93:aa:13:0d:fa:65:ba:47:
c0:27:8e:60:bc:38:5f:5a:67:9f:3c:08:a1:80:06:
6d:cc:80:5a:d9:6c:38:cc:09:f4:31:ce:5e:fd:d1:
72:0a:e8:bd:38:97:f7:ad:78:80:f0:a3:39:ec:ff:
22:3b:38:a1:51:cb:4c:b0:ad:2f:57:56:58:0d:8f:
cd:03:c5:01:26:f9:24:69:f5:53:7d:43:22:30:11:
25:a0:b1:c8:81:91:d8:3c:b0:85:40:e6:55:22:43:
e7:d8:ba:0b:df:b9:f5:06:38:2e:0b:03:1f:5f:c2:
dd:3c:95:8d:ae:d1:b2:b0:c2:1a:5b:fb:5a:18:45:
f0:ad:da:be:dc:29:51:cf:ee:c7:3f:0b:95:fd:ef:
ba:be:77:68:af:1b:f0:3c:41:5b:93:24:3b:56:0d:
0b:7f:1f:e9:2f:23:6b:2a:73:09:09:8b:1e:1e:dc:
3c:40:eb:49:dd:91:be:93:12:dd:57:7e:b2:a9:ac:
20:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:75:79:87:83:67:C5:EC:6D:20:3F:29:B3:EC:EC:D4:1E:A2:23:18
X509v3 Authority Key Identifier:
keyid:8B:DE:A2:D4:AB:13:80:F0:A3:B7:FE:7D:4F:A7:82:8E:1C:94:35:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i96i1KsTgPCjt_59T6eCjhyUNVg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c67d90-d304-481b-8a64-1e326deba4d0/1/CXV5h4NnxextID8ps-zs1B6iIxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c67d90-d304-481b-8a64-1e326deba4d0/1/i96i1KsTgPCjt_59T6eCjhyUNVg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.100.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:69:c6:91:c8:ec:42:8d:7b:7f:61:d7:29:d1:08:9f:f1:5d:
b3:cc:60:bf:c6:b5:73:0d:53:67:58:bb:d8:da:64:77:08:a5:
a2:e3:fd:f2:34:c8:44:05:b2:e5:c9:31:71:2b:54:9d:b8:e0:
f5:f5:fa:f0:5e:9f:a3:ea:bf:d8:5e:86:f1:5d:3a:dd:92:9b:
b5:4d:93:0c:07:94:b7:b0:63:c2:27:55:00:03:1d:68:08:f9:
45:35:c9:ad:8e:27:c1:5e:47:74:f6:aa:92:5f:16:c2:77:ac:
8b:99:7d:22:91:a1:a7:1d:ab:17:57:fc:a7:2c:52:5a:ea:23:
55:11:e7:5a:d1:fe:cd:a8:51:92:c6:c1:36:a7:61:83:00:48:
5b:7b:50:3f:ac:c8:bc:25:4d:6a:08:ae:97:74:d2:f7:32:1d:
35:76:b1:c8:d4:e3:fb:7d:db:22:c6:35:f4:91:2e:ef:2f:88:
5c:ac:09:66:86:f5:f8:46:91:e5:a0:a5:48:f4:ac:80:66:e2:
70:f6:d6:8a:44:df:6b:19:44:60:d7:fe:37:45:93:e7:1b:19:
3c:12:33:a0:84:3d:e4:ea:62:5b:e9:28:ea:b4:4f:6f:ff:1c:
a9:d7:18:9a:6d:70:23:81:2b:a5:fa:ca:8d:00:67:96:1d:ad:
96:2e:7a:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1b7Zv4v86VK5q3kp9te0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGVhMmQ0YWIxMzgwZjBhM2I3ZmU3ZDRmYTc4MjhlMWM5
NDM1NTgwHhcNMjUwMTAxMDc0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTc1Nzk4NzgzNjdjNWVjNmQyMDNmMjliM2VjZWNkNDFlYTIyMzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4GirdMAhDefhrbcpRyrwAWmuF3cf
uoxz3Tu/HtmZoOv1LD8jKbdrgxPqIEOlw0fkSh1xN8zN8SNhNrbuwREs8Afkk6oT
DfplukfAJ45gvDhfWmefPAihgAZtzIBa2Ww4zAn0Mc5e/dFyCui9OJf3rXiA8KM5
7P8iOzihUctMsK0vV1ZYDY/NA8UBJvkkafVTfUMiMBEloLHIgZHYPLCFQOZVIkPn
2LoL37n1BjguCwMfX8LdPJWNrtGysMIaW/taGEXwrdq+3ClRz+7HPwuV/e+6vndo
rxvwPEFbkyQ7Vg0Lfx/pLyNrKnMJCYseHtw8QOtJ3ZG+kxLdV36yqawgBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAl1eYeDZ8XsbSA/KbPs7NQeoiMYMB8GA1UdIwQY
MBaAFIveotSrE4Dwo7f+fU+ngo4clDVYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTk2aTFLc1RnUENqdF81OVQ2ZUNqaHlVTlZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9jNjdkOTAtZDMwNC00ODFiLThhNjQt
MWUzMjZkZWJhNGQwLzEvQ1hWNWg0Tm54ZXh0SUQ4cHMtenMxQjZpSXhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9jNjdkOTAtZDMwNC00ODFiLThhNjQtMWUzMjZkZWJhNGQw
LzEvaTk2aTFLc1RnUENqdF81OVQ2ZUNqaHlVTlZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufxkMA0G
CSqGSIb3DQEBCwUAA4IBAQBqacaRyOxCjXt/Ydcp0Qif8V2zzGC/xrVzDVNnWLvY
2mR3CKWi4/3yNMhEBbLlyTFxK1SduOD19frwXp+j6r/YXobxXTrdkpu1TZMMB5S3
sGPCJ1UAAx1oCPlFNcmtjifBXkd09qqSXxbCd6yLmX0ikaGnHasXV/ynLFJa6iNV
Eeda0f7NqFGSxsE2p2GDAEhbe1A/rMi8JU1qCK6XdNL3Mh01drHI1OP7fdsixjX0
kS7vL4hcrAlmhvX4RpHloKVI9KyAZuJw9taKRN9rGURg1/43RZPnGxk8EjOghD3k
6mJb6SjqtE9v/xyp1xiabXAjgSul+sqNAGeWHa2WLnp2
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:11:12 2025 by rpki-client