Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/xCwC0ruPjNW76bEQ25__qiX8bTI.roa
File: xCwC0ruPjNW76bEQ25__qiX8bTI.roa (raw, json)
Hash identifier: /PNuMEC0HX9r4nNg0Hwe56qDotvTcrptdJE+VRq+wv0=
Subject key identifier: C4:2C:02:D2:BB:8F:8C:D5:BB:E9:B1:10:DB:9F:FF:AA:25:FC:6D:32
Certificate issuer: /CN=8b47aa09f2c610f6f44b4e75c1cd9dcd3884e55d
Certificate serial: 019426D951E754AEA2BA1E127667CAA7B76F
Authority key identifier: 8B:47:AA:09:F2:C6:10:F6:F4:4B:4E:75:C1:CD:9D:CD:38:84:E5:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/xCwC0ruPjNW76bEQ25__qiX8bTI.roa
Signing time: Thu 02 Jan 2025 11:49:23 +0000
ROA not before: Thu 02 Jan 2025 11:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204393
IP address blocks: 185.86.182.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:51:e7:54:ae:a2:ba:1e:12:76:67:ca:a7:b7:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b47aa09f2c610f6f44b4e75c1cd9dcd3884e55d
Validity
Not Before: Jan 2 11:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c42c02d2bb8f8cd5bbe9b110db9fffaa25fc6d32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:48:83:af:11:e0:a5:59:da:6f:c5:b2:f4:4c:
fa:e3:eb:93:a4:77:5f:2b:a6:7d:c2:1d:0e:08:62:
84:4a:1c:f5:f8:65:88:07:87:09:2c:01:63:83:cc:
88:20:e9:29:ba:98:8b:3e:6e:2d:c4:a3:83:7a:ff:
64:cd:83:42:b1:81:16:04:13:f0:fa:80:fd:bf:05:
74:ca:e2:00:f4:61:27:78:fe:62:4e:ab:af:96:d5:
b4:83:5d:01:fb:ff:cd:eb:9c:c6:ed:f5:1c:80:87:
0c:a1:6c:be:af:57:42:f8:d4:03:38:cf:f8:83:72:
3e:0c:74:13:4a:4e:02:f4:35:a0:26:47:d6:09:cd:
8c:27:81:99:9f:86:ab:63:22:9f:47:96:0b:1e:f9:
5b:62:f7:cc:19:32:9c:0e:bf:dd:63:dc:83:b7:b5:
37:6b:a9:dd:b6:99:10:0e:8a:3a:ae:6a:ad:76:e7:
01:f9:f4:ac:5d:ff:6e:e2:e7:37:0e:48:1a:d6:43:
39:b8:9a:ed:ca:d5:82:fe:ca:72:1e:6a:c9:d6:1c:
73:26:54:02:f2:4e:3b:8e:35:ce:b6:04:72:f4:93:
2e:98:2a:06:43:71:e1:3f:90:f0:ff:20:29:9e:78:
bf:e2:ae:84:dd:8e:dc:e6:cf:e5:17:ad:d2:37:c9:
93:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:2C:02:D2:BB:8F:8C:D5:BB:E9:B1:10:DB:9F:FF:AA:25:FC:6D:32
X509v3 Authority Key Identifier:
keyid:8B:47:AA:09:F2:C6:10:F6:F4:4B:4E:75:C1:CD:9D:CD:38:84:E5:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/xCwC0ruPjNW76bEQ25__qiX8bTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/i0eqCfLGEPb0S051wc2dzTiE5V0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.182.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:72:7b:a0:32:82:99:31:04:5e:81:be:ad:4a:e8:27:62:c4:
a0:b9:7a:bd:df:64:08:f6:6b:ce:97:93:fe:87:b0:71:9a:d2:
9f:23:66:63:a2:6a:9b:ef:48:80:ef:0c:02:cc:a3:6e:3c:59:
89:1f:92:89:fc:11:54:9f:5f:4c:92:e3:ef:b8:cd:1b:fd:37:
be:4d:12:32:bd:43:b6:3c:8a:be:58:f3:2f:5c:9b:2f:9b:dd:
54:d8:50:cc:cc:92:7b:d9:e2:72:34:c7:1e:53:2d:98:40:81:
20:66:7a:25:89:01:98:44:83:fe:dc:fe:f6:46:84:cb:b6:a4:
8e:4b:b9:92:53:ac:2d:d6:a2:00:fe:8a:46:80:b9:30:f5:95:
64:99:c3:86:81:89:ba:43:b9:25:2b:58:b7:b1:86:52:90:e3:
67:d8:04:1e:81:d7:8a:83:00:04:25:a7:8c:2c:82:53:c5:8d:
79:d2:d0:d1:61:48:52:c8:79:f2:65:7a:2f:64:46:9e:15:19:
8f:6c:ef:9c:b5:cc:32:24:b9:e7:1b:b8:00:ee:f1:de:00:0c:
86:90:e6:1e:2c:7e:6c:ed:a2:ec:85:44:77:cd:f3:a1:16:25:
1e:39:a3:87:99:4f:46:10:9d:6a:53:da:da:15:29:c0:0c:d8:
06:44:bb:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2VHnVK6iuh4SdmfKp7dvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNDdhYTA5ZjJjNjEwZjZmNDRiNGU3NWMxY2Q5ZGNkMzg4
NGU1NWQwHhcNMjUwMTAyMTE0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDJjMDJkMmJiOGY4Y2Q1YmJlOWIxMTBkYjlmZmZhYTI1ZmM2ZDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0iDrxHgpVnab8Wy9Ez64+uTpHdf
K6Z9wh0OCGKEShz1+GWIB4cJLAFjg8yIIOkpupiLPm4txKODev9kzYNCsYEWBBPw
+oD9vwV0yuIA9GEneP5iTquvltW0g10B+//N65zG7fUcgIcMoWy+r1dC+NQDOM/4
g3I+DHQTSk4C9DWgJkfWCc2MJ4GZn4arYyKfR5YLHvlbYvfMGTKcDr/dY9yDt7U3
a6ndtpkQDoo6rmqtducB+fSsXf9u4uc3Dkga1kM5uJrtytWC/spyHmrJ1hxzJlQC
8k47jjXOtgRy9JMumCoGQ3HhP5Dw/yApnni/4q6E3Y7c5s/lF63SN8mT5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMQsAtK7j4zVu+mxENuf/6ol/G0yMB8GA1UdIwQY
MBaAFItHqgnyxhD29EtOdcHNnc04hOVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTBlcUNmTEdFUGIwUzA1MXdjMmR6VGlFNVYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9mNTYwZTEtNzg0MC00OTUxLWFiNzgt
NTAwMTUzOWQ3MTg1LzEveEN3QzBydVBqTlc3NmJFUTI1X19xaVg4YlRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9mNTYwZTEtNzg0MC00OTUxLWFiNzgtNTAwMTUzOWQ3MTg1
LzEvaTBlcUNmTEdFUGIwUzA1MXdjMmR6VGlFNVYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVa2MA0G
CSqGSIb3DQEBCwUAA4IBAQCKcnugMoKZMQRegb6tSugnYsSguXq932QI9mvOl5P+
h7BxmtKfI2Zjomqb70iA7wwCzKNuPFmJH5KJ/BFUn19MkuPvuM0b/Te+TRIyvUO2
PIq+WPMvXJsvm91U2FDMzJJ72eJyNMceUy2YQIEgZnoliQGYRIP+3P72RoTLtqSO
S7mSU6wt1qIA/opGgLkw9ZVkmcOGgYm6Q7klK1i3sYZSkONn2AQegdeKgwAEJaeM
LIJTxY150tDRYUhSyHnyZXovZEaeFRmPbO+ctcwyJLnnG7gA7vHeAAyGkOYeLH5s
7aLshUR3zfOhFiUeOaOHmU9GEJ1qU9raFSnADNgGRLtG
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:25 2025 by rpki-client on console.sobornost.net