Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f0efe3-413c-43d2-bb69-d2f40de049b7/1/WOcgzm6uQCs6AkEViYONoq1N374.roa
File: WOcgzm6uQCs6AkEViYONoq1N374.roa (raw, json)
Hash identifier: nQFtl/WwmhlASNmPqjUWZCZ7o+laxk6LEJZG32/xqcY=
Subject key identifier: 58:E7:20:CE:6E:AE:40:2B:3A:02:41:15:89:83:8D:A2:AD:4D:DF:BE
Certificate issuer: /CN=c59b6dc3bc22f6c36a039855534b2d41abb12423
Certificate serial: 019422FC3FB276EF22BE3D26147B22A8121A
Authority key identifier: C5:9B:6D:C3:BC:22:F6:C3:6A:03:98:55:53:4B:2D:41:AB:B1:24:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZttw7wi9sNqA5hVU0stQauxJCM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f0efe3-413c-43d2-bb69-d2f40de049b7/1/WOcgzm6uQCs6AkEViYONoq1N374.roa
Signing time: Wed 01 Jan 2025 17:49:04 +0000
ROA not before: Wed 01 Jan 2025 17:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204309
IP address blocks: 185.253.200.0/22 maxlen: 22
185.253.200.0/24 maxlen: 24
185.253.201.0/24 maxlen: 24
185.253.202.0/24 maxlen: 24
185.253.203.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:3f:b2:76:ef:22:be:3d:26:14:7b:22:a8:12:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c59b6dc3bc22f6c36a039855534b2d41abb12423
Validity
Not Before: Jan 1 17:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=58e720ce6eae402b3a02411589838da2ad4ddfbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7e:9a:0b:b8:8e:4e:18:23:46:b6:2b:5a:fd:
c2:60:9b:b5:14:a8:0c:9d:6a:8b:bf:58:38:fc:78:
29:f9:8b:80:96:e9:ff:58:9c:33:4e:6d:79:4e:b6:
48:14:b6:f4:9f:5f:a2:1b:7d:5f:e5:bc:70:4d:ef:
2b:be:a0:3f:8f:c7:c9:68:ab:a4:fb:0c:08:f8:53:
eb:5e:30:75:bc:0c:9d:06:6e:d8:ab:91:08:a1:38:
e9:41:02:cf:1a:9f:68:6e:90:6b:ad:0b:d6:8b:14:
ff:31:ee:61:33:cb:ca:dd:fd:d1:a6:6f:ab:3f:17:
f4:0d:d8:82:13:4a:a1:14:0b:f3:aa:4a:9f:5c:a2:
f0:b5:c8:0c:54:ae:6e:dd:46:35:d1:1d:4a:f8:fa:
ba:ec:9e:bd:86:f5:11:6d:f3:e0:d5:c6:f5:b6:cb:
06:fa:cf:8a:16:7f:bf:fc:b4:fe:3b:e8:3f:15:c4:
6e:b1:31:50:fc:fc:43:9d:f6:8a:36:51:dd:8b:c4:
24:00:5f:35:b9:7d:4b:27:68:5f:5f:cd:54:71:b8:
67:a9:e2:17:ab:e6:0e:7f:40:73:fd:e4:bb:b1:4d:
c9:c2:ee:ae:38:25:8d:3e:1b:a3:71:23:13:de:0f:
56:d3:60:54:bf:42:72:c4:75:1c:a3:5f:db:aa:fe:
d7:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:E7:20:CE:6E:AE:40:2B:3A:02:41:15:89:83:8D:A2:AD:4D:DF:BE
X509v3 Authority Key Identifier:
keyid:C5:9B:6D:C3:BC:22:F6:C3:6A:03:98:55:53:4B:2D:41:AB:B1:24:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZttw7wi9sNqA5hVU0stQauxJCM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f0efe3-413c-43d2-bb69-d2f40de049b7/1/WOcgzm6uQCs6AkEViYONoq1N374.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f0efe3-413c-43d2-bb69-d2f40de049b7/1/xZttw7wi9sNqA5hVU0stQauxJCM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.200.0/22
Signature Algorithm: sha256WithRSAEncryption
66:10:de:2e:a6:ff:6a:6f:c4:fc:de:c8:5a:9c:a3:5e:af:0e:
0f:c2:d4:f6:e7:f4:be:1e:e9:d6:1b:5c:a1:a9:94:5d:1e:cb:
ee:d2:b7:81:42:24:a9:cf:b5:c7:43:0c:92:ff:a8:6c:a9:e2:
78:ff:dd:2d:9d:61:de:67:0c:7c:7a:fd:df:3a:69:1c:3e:9d:
33:ed:90:8f:75:08:a3:7e:61:1b:e8:5b:66:6b:9c:3e:c4:f1:
a0:86:cf:8b:46:d6:98:e8:c3:76:b4:c3:51:20:cd:9d:3a:ab:
14:43:49:05:ed:b7:e6:10:12:85:21:ce:5a:8e:1f:fa:25:78:
0f:13:88:ad:87:44:27:46:ae:bc:27:27:69:9a:6a:3b:25:08:
ca:b9:88:d5:f1:bf:18:6b:6f:75:18:4e:10:65:9e:ff:ad:66:
50:8c:ff:b2:6a:0b:f3:c2:ac:00:35:ef:13:6a:06:b0:18:69:
8a:1d:36:c0:34:11:86:ec:f6:35:f7:82:09:e2:1b:a9:08:1b:
36:49:7f:01:47:05:f7:68:99:3e:bd:c6:a4:03:e9:01:ce:d1:
ce:4c:6f:3f:bf:fc:97:e5:4b:3a:ad:5e:20:da:3f:ba:86:aa:
f5:f3:c5:b9:c2:78:86:92:e8:04:f5:e3:55:e6:83:84:5d:7b:
63:3e:f0:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/D+ydu8ivj0mFHsiqBIaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OWI2ZGMzYmMyMmY2YzM2YTAzOTg1NTUzNGIyZDQxYWJi
MTI0MjMwHhcNMjUwMTAxMTc0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGU3MjBjZTZlYWU0MDJiM2EwMjQxMTU4OTgzOGRhMmFkNGRkZmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx36aC7iOThgjRrYrWv3CYJu1FKgM
nWqLv1g4/Hgp+YuAlun/WJwzTm15TrZIFLb0n1+iG31f5bxwTe8rvqA/j8fJaKuk
+wwI+FPrXjB1vAydBm7Yq5EIoTjpQQLPGp9obpBrrQvWixT/Me5hM8vK3f3Rpm+r
Pxf0DdiCE0qhFAvzqkqfXKLwtcgMVK5u3UY10R1K+Pq67J69hvURbfPg1cb1tssG
+s+KFn+//LT+O+g/FcRusTFQ/PxDnfaKNlHdi8QkAF81uX1LJ2hfX81UcbhnqeIX
q+YOf0Bz/eS7sU3Jwu6uOCWNPhujcSMT3g9W02BUv0JyxHUco1/bqv7XNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFjnIM5urkArOgJBFYmDjaKtTd++MB8GA1UdIwQY
MBaAFMWbbcO8IvbDagOYVVNLLUGrsSQjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFp0dHc3d2k5c05xQTVoVlUwc3RRYXV4SkNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mMGVmZTMtNDEzYy00M2QyLWJiNjkt
ZDJmNDBkZTA0OWI3LzEvV09jZ3ptNnVRQ3M2QWtFVmlZT05vcTFOMzc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mMGVmZTMtNDEzYy00M2QyLWJiNjktZDJmNDBkZTA0OWI3
LzEveFp0dHc3d2k5c05xQTVoVlUwc3RRYXV4SkNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuf3IMA0G
CSqGSIb3DQEBCwUAA4IBAQBmEN4upv9qb8T83shanKNerw4PwtT25/S+HunWG1yh
qZRdHsvu0reBQiSpz7XHQwyS/6hsqeJ4/90tnWHeZwx8ev3fOmkcPp0z7ZCPdQij
fmEb6Ftma5w+xPGghs+LRtaY6MN2tMNRIM2dOqsUQ0kF7bfmEBKFIc5ajh/6JXgP
E4ith0QnRq68Jydpmmo7JQjKuYjV8b8Ya291GE4QZZ7/rWZQjP+yagvzwqwANe8T
agawGGmKHTbANBGG7PY194IJ4hupCBs2SX8BRwX3aJk+vcakA+kBztHOTG8/v/yX
5Us6rV4g2j+6hqr188W5wniGkugE9eNV5oOEXXtjPvDP
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:43 2025 by rpki-client on console.sobornost.net