Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/3f28cb-e3fc-4a74-9d5f-c6be9347003d/1/xmM-ccAvLWOwyLEsC4sc-ZGuFVs.roa
File: xmM-ccAvLWOwyLEsC4sc-ZGuFVs.roa (raw, json)
Hash identifier: Jh1Z7hMpXjUQmEl/k/DegJjPwbavtkTfrL2z5jQ3nA4=
Subject key identifier: C6:63:3E:71:C0:2F:2D:63:B0:C8:B1:2C:0B:8B:1C:F9:91:AE:15:5B
Certificate issuer: /CN=ce5bc0eeae1b6b0bda936c5d0689f6a7e875d742
Certificate serial: 018572835B8325E7240585AE367C3F572AE5
Authority key identifier: CE:5B:C0:EE:AE:1B:6B:0B:DA:93:6C:5D:06:89:F6:A7:E8:75:D7:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zlvA7q4bawvak2xdBon2p-h110I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/3f28cb-e3fc-4a74-9d5f-c6be9347003d/1/xmM-ccAvLWOwyLEsC4sc-ZGuFVs.roa
Signing time: Mon 02 Jan 2023 12:44:49 +0000
ROA not before: Mon 02 Jan 2023 12:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58061
IP address blocks: 185.251.22.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:83:5b:83:25:e7:24:05:85:ae:36:7c:3f:57:2a:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce5bc0eeae1b6b0bda936c5d0689f6a7e875d742
Validity
Not Before: Jan 2 12:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6633e71c02f2d63b0c8b12c0b8b1cf991ae155b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:74:26:62:0a:cc:3c:d0:3d:26:1a:2f:f4:6d:
cb:c1:c5:83:25:be:96:c2:08:7a:a0:8f:5c:14:5f:
8d:d6:18:33:96:c9:a2:e0:b0:8e:c7:2c:a8:92:0c:
a5:71:c7:6d:3f:a4:21:2c:33:32:f1:10:28:78:4e:
fb:ee:78:76:3b:0f:bb:05:8b:d9:ae:49:0d:a5:6f:
df:84:1b:89:9c:04:df:63:9d:1a:99:7f:9f:9b:db:
fa:c8:36:01:15:80:63:8c:a3:56:d9:f0:1a:d1:8f:
5e:60:c6:d3:a9:eb:d1:c5:70:33:f3:a8:21:78:6b:
45:50:ef:b8:59:a6:1c:98:7c:98:80:86:40:1c:b9:
af:d2:b0:e6:8a:11:2a:7f:cd:c4:49:1b:c3:dc:16:
20:85:0f:61:25:ae:04:e9:3f:b8:f7:b5:3e:05:25:
d6:80:be:36:8e:c5:9b:cd:08:d9:4b:b2:b5:3c:8e:
b5:ff:08:10:93:e3:2e:62:7f:e6:c5:b9:66:16:68:
0c:62:3e:9c:2a:a6:66:84:f6:8b:48:50:05:37:21:
c4:08:7b:13:de:51:81:b2:d8:14:e1:99:f5:a6:31:
cf:d0:83:fd:fe:79:8b:97:bf:7c:ca:88:2a:ce:46:
1e:6b:e5:56:29:2f:0e:78:11:8b:68:7f:e6:86:3e:
ac:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:63:3E:71:C0:2F:2D:63:B0:C8:B1:2C:0B:8B:1C:F9:91:AE:15:5B
X509v3 Authority Key Identifier:
keyid:CE:5B:C0:EE:AE:1B:6B:0B:DA:93:6C:5D:06:89:F6:A7:E8:75:D7:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zlvA7q4bawvak2xdBon2p-h110I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/3f28cb-e3fc-4a74-9d5f-c6be9347003d/1/xmM-ccAvLWOwyLEsC4sc-ZGuFVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/3f28cb-e3fc-4a74-9d5f-c6be9347003d/1/zlvA7q4bawvak2xdBon2p-h110I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.22.0/24
Signature Algorithm: sha256WithRSAEncryption
13:90:94:e9:8b:22:7b:28:ea:96:09:9b:b0:b0:86:de:2c:41:
2d:a8:27:cb:c5:4d:9d:da:69:2e:fd:6e:cf:90:a3:52:cf:b1:
f2:ae:ea:35:e9:92:83:18:7e:31:54:51:e6:d8:2d:98:5e:0a:
fd:76:69:4a:fc:c8:2f:f0:95:a5:33:8d:8d:55:b8:c7:cd:ae:
c4:df:ad:5b:d4:fd:fd:13:cd:0e:2a:d4:cd:b6:c4:62:78:f5:
85:91:c4:3c:f6:05:6d:b1:32:bc:e1:d7:91:6a:df:b9:41:b3:
05:50:47:c8:d8:c2:bd:a4:0b:99:1a:c3:d0:2f:53:da:3e:25:
61:25:5a:0a:d0:9a:08:e7:5a:2d:15:89:f5:35:d9:12:85:c9:
89:fc:57:a0:3b:87:d3:71:7e:b6:0a:bb:78:87:6b:f4:eb:30:
4d:d4:da:18:24:98:d0:84:29:71:02:31:fd:d0:0f:f4:a6:88:
81:8d:e0:99:a2:e8:eb:6d:5a:6b:33:51:eb:bb:a2:90:3f:61:
46:d8:b6:2f:d4:ea:b2:52:58:96:7d:11:39:b3:ac:ad:cd:f1:
50:d1:08:94:11:b5:fc:db:a7:0b:dc:34:70:ad:13:ec:2a:9a:
b9:71:7f:86:24:5d:a4:a0:1b:cd:3a:17:d6:62:0f:d8:85:5b:
be:a3:cb:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyg1uDJeckBYWuNnw/VyrlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNWJjMGVlYWUxYjZiMGJkYTkzNmM1ZDA2ODlmNmE3ZTg3
NWQ3NDIwHhcNMjMwMTAyMTI0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjYzM2U3MWMwMmYyZDYzYjBjOGIxMmMwYjhiMWNmOTkxYWUxNTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHQmYgrMPNA9Jhov9G3LwcWDJb6W
wgh6oI9cFF+N1hgzlsmi4LCOxyyokgylccdtP6QhLDMy8RAoeE777nh2Ow+7BYvZ
rkkNpW/fhBuJnATfY50amX+fm9v6yDYBFYBjjKNW2fAa0Y9eYMbTqevRxXAz86gh
eGtFUO+4WaYcmHyYgIZAHLmv0rDmihEqf83ESRvD3BYghQ9hJa4E6T+497U+BSXW
gL42jsWbzQjZS7K1PI61/wgQk+MuYn/mxblmFmgMYj6cKqZmhPaLSFAFNyHECHsT
3lGBstgU4Zn1pjHP0IP9/nmLl798yogqzkYea+VWKS8OeBGLaH/mhj6s1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMZjPnHALy1jsMixLAuLHPmRrhVbMB8GA1UdIwQY
MBaAFM5bwO6uG2sL2pNsXQaJ9qfodddCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemx2QTdxNGJhd3ZhazJ4ZEJvbjJwLWgxMTBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8zZjI4Y2ItZTNmYy00YTc0LTlkNWYt
YzZiZTkzNDcwMDNkLzEveG1NLWNjQXZMV093eUxFc0M0c2MtWkd1RlZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8zZjI4Y2ItZTNmYy00YTc0LTlkNWYtYzZiZTkzNDcwMDNk
LzEvemx2QTdxNGJhd3ZhazJ4ZEJvbjJwLWgxMTBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufsWMA0G
CSqGSIb3DQEBCwUAA4IBAQATkJTpiyJ7KOqWCZuwsIbeLEEtqCfLxU2d2mku/W7P
kKNSz7Hyruo16ZKDGH4xVFHm2C2YXgr9dmlK/Mgv8JWlM42NVbjHza7E361b1P39
E80OKtTNtsRiePWFkcQ89gVtsTK84deRat+5QbMFUEfI2MK9pAuZGsPQL1PaPiVh
JVoK0JoI51otFYn1NdkShcmJ/FegO4fTcX62Crt4h2v06zBN1NoYJJjQhClxAjH9
0A/0poiBjeCZoujrbVprM1Hru6KQP2FG2LYv1OqyUliWfRE5s6ytzfFQ0QiUEbX8
26cL3DRwrRPsKpq5cX+GJF2koBvNOhfWYg/YhVu+o8u7
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:59 2025 by rpki-client