Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ae3323-0a49-4d7a-8955-b6f7aed856c0/1/da7wWDdQpE5i6DJox7FoD-QEnrA.roa
File: da7wWDdQpE5i6DJox7FoD-QEnrA.roa (raw, json)
Hash identifier: 93ok4fdBSnjw6qTtlazVRgZjQmCRM/yDSLFq6NFZNeI=
Subject key identifier: 75:AE:F0:58:37:50:A4:4E:62:E8:32:68:C7:B1:68:0F:E4:04:9E:B0
Certificate issuer: /CN=5ece10f13c46806926a67946cc6a1102aa09031a
Certificate serial: 019427B371811A3D732C95D7EF1FB1F0D4CB
Authority key identifier: 5E:CE:10:F1:3C:46:80:69:26:A6:79:46:CC:6A:11:02:AA:09:03:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xs4Q8TxGgGkmpnlGzGoRAqoJAxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/ae3323-0a49-4d7a-8955-b6f7aed856c0/1/da7wWDdQpE5i6DJox7FoD-QEnrA.roa
Signing time: Thu 02 Jan 2025 15:47:38 +0000
ROA not before: Thu 02 Jan 2025 15:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205279
IP address blocks: 185.223.120.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:71:81:1a:3d:73:2c:95:d7:ef:1f:b1:f0:d4:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ece10f13c46806926a67946cc6a1102aa09031a
Validity
Not Before: Jan 2 15:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75aef0583750a44e62e83268c7b1680fe4049eb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:45:df:52:92:c4:22:17:f3:3d:a4:7f:a3:9e:
99:91:1a:49:f8:a9:f9:dc:15:b0:a3:d4:c7:1e:9c:
94:c3:22:17:be:bc:12:2a:6b:45:66:fb:8b:1a:2e:
00:42:66:57:0e:08:3d:54:b2:f4:87:50:16:be:bb:
e4:1e:da:dc:ed:bd:19:43:88:03:4e:25:9e:49:56:
c3:7e:0b:03:7b:e6:c4:53:7e:ae:d4:4a:28:b4:08:
97:57:93:0d:21:da:cb:46:87:d0:18:30:49:2f:c8:
4f:26:fc:53:f9:89:dc:4e:fe:27:12:80:b7:04:b0:
56:27:7f:72:3c:6e:f4:77:9f:7e:d2:d0:77:03:f0:
78:d2:a1:7c:c6:d2:6d:82:22:99:9c:e6:48:9b:c3:
64:44:4b:a4:9a:76:fb:ce:9a:c0:c2:a8:e7:26:75:
7e:d1:5b:ba:cd:f3:1c:b1:67:b1:ed:75:aa:72:d6:
d4:93:cc:28:27:ea:15:c7:2f:f6:06:7b:6d:e4:83:
15:00:4b:25:73:e7:ba:55:97:79:37:c5:a0:ed:4a:
56:47:4a:4a:12:93:fb:68:9e:51:f9:44:3b:c9:fd:
ff:fe:32:33:a8:ae:59:ee:1a:63:d9:00:82:ce:90:
ca:52:c4:2d:ee:de:63:c6:67:72:09:75:a2:8f:6c:
a1:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:AE:F0:58:37:50:A4:4E:62:E8:32:68:C7:B1:68:0F:E4:04:9E:B0
X509v3 Authority Key Identifier:
keyid:5E:CE:10:F1:3C:46:80:69:26:A6:79:46:CC:6A:11:02:AA:09:03:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xs4Q8TxGgGkmpnlGzGoRAqoJAxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ae3323-0a49-4d7a-8955-b6f7aed856c0/1/da7wWDdQpE5i6DJox7FoD-QEnrA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ae3323-0a49-4d7a-8955-b6f7aed856c0/1/Xs4Q8TxGgGkmpnlGzGoRAqoJAxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.120.0/22
Signature Algorithm: sha256WithRSAEncryption
59:f0:0e:ea:3f:ba:ac:ec:5e:e0:e5:2f:59:79:bf:7e:08:74:
46:92:ee:9f:d5:c8:bf:a1:2a:cd:bc:98:62:2c:8d:ad:79:0c:
2d:f8:b0:b5:1f:2b:22:1c:7f:e0:88:1f:0e:bc:e2:8f:57:09:
37:96:83:89:95:86:29:b8:39:ec:69:64:2f:ab:87:a5:b0:9a:
33:41:91:99:21:e4:69:91:9a:7e:38:3d:b9:b0:ce:90:11:ae:
6d:ea:74:18:39:fe:b5:c0:be:f4:18:4e:2d:df:21:5e:ed:75:
a9:fb:3b:78:16:70:82:1b:78:b1:3a:da:09:a6:32:fe:df:20:
d4:d3:28:a6:09:6f:c1:b5:83:56:99:f8:cf:17:9e:c7:d1:c5:
30:b6:b9:08:85:3a:1f:ad:82:85:b7:7c:62:4a:fb:24:a3:76:
93:82:7e:ad:da:3c:46:dd:49:63:9f:b9:94:e0:d8:9e:51:37:
78:d3:97:e2:e8:39:66:5e:53:a1:5c:e0:0e:65:70:28:c6:a0:
a7:50:70:68:90:38:3a:32:e8:a7:33:ee:94:78:c2:df:e1:eb:
b6:05:8e:76:1a:07:e9:1a:3c:04:d0:f1:e8:02:82:dd:36:5a:
19:77:94:3c:d3:26:c2:1d:a0:0c:88:2a:71:5e:d1:5d:7c:03:
47:be:85:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQns3GBGj1zLJXX7x+x8NTLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlY2UxMGYxM2M0NjgwNjkyNmE2Nzk0NmNjNmExMTAyYWEw
OTAzMWEwHhcNMjUwMTAyMTU0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWFlZjA1ODM3NTBhNDRlNjJlODMyNjhjN2IxNjgwZmU0MDQ5ZWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEXfUpLEIhfzPaR/o56ZkRpJ+Kn5
3BWwo9THHpyUwyIXvrwSKmtFZvuLGi4AQmZXDgg9VLL0h1AWvrvkHtrc7b0ZQ4gD
TiWeSVbDfgsDe+bEU36u1EootAiXV5MNIdrLRofQGDBJL8hPJvxT+YncTv4nEoC3
BLBWJ39yPG70d59+0tB3A/B40qF8xtJtgiKZnOZIm8NkREukmnb7zprAwqjnJnV+
0Vu6zfMcsWex7XWqctbUk8woJ+oVxy/2Bntt5IMVAEslc+e6VZd5N8Wg7UpWR0pK
EpP7aJ5R+UQ7yf3//jIzqK5Z7hpj2QCCzpDKUsQt7t5jxmdyCXWij2yhgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHWu8Fg3UKROYugyaMexaA/kBJ6wMB8GA1UdIwQY
MBaAFF7OEPE8RoBpJqZ5RsxqEQKqCQMaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHM0UThUeEdnR2ttcG5sR3pHb1JBcW9KQXhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9hZTMzMjMtMGE0OS00ZDdhLTg5NTUt
YjZmN2FlZDg1NmMwLzEvZGE3d1dEZFFwRTVpNkRKb3g3Rm9ELVFFbnJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9hZTMzMjMtMGE0OS00ZDdhLTg5NTUtYjZmN2FlZDg1NmMw
LzEvWHM0UThUeEdnR2ttcG5sR3pHb1JBcW9KQXhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCud94MA0G
CSqGSIb3DQEBCwUAA4IBAQBZ8A7qP7qs7F7g5S9Zeb9+CHRGku6f1ci/oSrNvJhi
LI2teQwt+LC1HysiHH/giB8OvOKPVwk3loOJlYYpuDnsaWQvq4elsJozQZGZIeRp
kZp+OD25sM6QEa5t6nQYOf61wL70GE4t3yFe7XWp+zt4FnCCG3ixOtoJpjL+3yDU
0yimCW/BtYNWmfjPF57H0cUwtrkIhTofrYKFt3xiSvsko3aTgn6t2jxG3Uljn7mU
4NieUTd405fi6DlmXlOhXOAOZXAoxqCnUHBokDg6MuinM+6UeMLf4eu2BY52Ggfp
GjwE0PHoAoLdNloZd5Q80ybCHaAMiCpxXtFdfANHvoVm
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:24 2025 by rpki-client