Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/XSGE2n2dKWY3M_jq3MngIc3i_t8.roa
File: XSGE2n2dKWY3M_jq3MngIc3i_t8.roa (raw, json)
Hash identifier: pwMRSRLzn3jyPbMLShLv8HDNQd5Gm8ws1AjCFBEAHaU=
Subject key identifier: 5D:21:84:DA:7D:9D:29:66:37:33:F8:EA:DC:C9:E0:21:CD:E2:FE:DF
Certificate issuer: /CN=68231a500a0a8108dc7a4358b1002b1fdbf07995
Certificate serial: 019423D6E680EF4EDDAB0D607D6F71AB4617
Authority key identifier: 68:23:1A:50:0A:0A:81:08:DC:7A:43:58:B1:00:2B:1F:DB:F0:79:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/XSGE2n2dKWY3M_jq3MngIc3i_t8.roa
Signing time: Wed 01 Jan 2025 21:47:53 +0000
ROA not before: Wed 01 Jan 2025 21:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202735
IP address blocks: 185.155.236.0/22 maxlen: 22
185.155.236.0/24 maxlen: 24
185.155.237.0/24 maxlen: 24
185.155.238.0/24 maxlen: 24
185.155.239.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:e6:80:ef:4e:dd:ab:0d:60:7d:6f:71:ab:46:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68231a500a0a8108dc7a4358b1002b1fdbf07995
Validity
Not Before: Jan 1 21:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d2184da7d9d29663733f8eadcc9e021cde2fedf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:01:01:45:22:db:48:4d:90:82:eb:79:f4:a2:
4f:fd:82:f3:73:c2:47:1f:ba:42:71:16:af:c4:fa:
25:20:ae:a0:8d:51:86:3c:cf:24:15:b5:c6:af:46:
08:b0:02:57:4a:c4:6d:79:7a:8d:cc:89:b9:1f:2c:
a2:4b:55:b1:e3:21:d0:6a:d8:34:aa:03:19:92:4d:
39:3a:77:bd:75:49:03:70:25:ef:29:0a:f3:94:ee:
9a:90:45:91:32:19:97:21:84:27:23:94:a4:12:e0:
b9:5f:e7:90:7c:fb:c9:1b:0e:82:18:fe:4a:9d:f6:
eb:70:47:c6:bb:56:96:a1:d6:d4:e3:b7:f7:a5:a3:
64:95:56:c1:b0:1a:b5:b9:9d:08:eb:ae:b7:b8:ab:
db:8f:24:76:71:74:e2:8a:36:66:86:a2:de:60:84:
64:7c:61:28:1e:46:1e:5d:25:92:da:bd:b2:2a:88:
4e:7e:81:ae:e7:c3:c9:e8:ac:72:4a:78:a0:4a:aa:
23:71:9b:51:c0:59:b1:e3:ed:9a:07:67:50:59:14:
c6:50:f3:6a:81:02:43:b5:9c:db:96:69:c9:19:6f:
28:0f:98:69:47:66:21:a7:49:a6:88:ce:66:78:45:
b7:7b:bb:34:bd:5c:a2:cd:5d:15:8b:29:4d:93:bc:
2e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:21:84:DA:7D:9D:29:66:37:33:F8:EA:DC:C9:E0:21:CD:E2:FE:DF
X509v3 Authority Key Identifier:
keyid:68:23:1A:50:0A:0A:81:08:DC:7A:43:58:B1:00:2B:1F:DB:F0:79:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/XSGE2n2dKWY3M_jq3MngIc3i_t8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.236.0/22
Signature Algorithm: sha256WithRSAEncryption
69:8e:9b:a0:c4:db:39:fa:b2:39:c3:4e:a3:3c:26:53:46:e9:
08:4c:7b:69:f1:c8:98:ea:12:07:14:98:72:8b:ba:f1:b2:3b:
90:96:71:25:4b:12:69:a4:5e:7a:b1:13:bf:c0:7f:9c:c3:56:
45:00:be:ea:79:e1:72:a4:52:0e:88:fb:69:22:96:3f:2a:e6:
1d:47:96:d8:91:9e:a7:29:90:16:72:29:84:48:33:c2:c3:bc:
2f:94:ff:5e:f4:b1:5a:47:ae:05:7b:93:f5:ab:70:6a:6e:ff:
ff:3d:2a:df:03:01:23:76:c4:51:44:e9:1c:10:e6:ee:54:ba:
ca:e1:0e:13:6e:b2:1c:6f:9a:cc:f5:cc:e1:bf:af:96:b7:d1:
6f:f5:77:d1:8b:47:ea:3c:00:d0:1f:b4:d9:6a:8e:28:8b:d0:
f4:2c:a7:9a:dc:1c:18:aa:fc:1d:c6:a4:63:03:a1:e1:45:25:
25:8e:b9:05:f5:0b:cc:0c:1a:ae:21:91:67:fd:18:74:66:47:
f9:9e:b3:ec:66:0c:db:b2:fa:cd:9b:92:2a:6b:6e:ed:e0:9f:
9c:33:c3:2d:85:17:5a:0f:79:18:62:54:87:b8:e0:6b:09:46:
8c:8b:31:0a:52:5c:c1:55:55:21:a4:f4:1f:e1:1c:ad:df:07:
4b:bf:18:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1uaA707dqw1gfW9xq0YXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MjMxYTUwMGEwYTgxMDhkYzdhNDM1OGIxMDAyYjFmZGJm
MDc5OTUwHhcNMjUwMTAxMjE0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDIxODRkYTdkOWQyOTY2MzczM2Y4ZWFkY2M5ZTAyMWNkZTJmZWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4AEBRSLbSE2Qgut59KJP/YLzc8JH
H7pCcRavxPolIK6gjVGGPM8kFbXGr0YIsAJXSsRteXqNzIm5HyyiS1Wx4yHQatg0
qgMZkk05One9dUkDcCXvKQrzlO6akEWRMhmXIYQnI5SkEuC5X+eQfPvJGw6CGP5K
nfbrcEfGu1aWodbU47f3paNklVbBsBq1uZ0I6663uKvbjyR2cXTiijZmhqLeYIRk
fGEoHkYeXSWS2r2yKohOfoGu58PJ6KxySnigSqojcZtRwFmx4+2aB2dQWRTGUPNq
gQJDtZzblmnJGW8oD5hpR2Yhp0mmiM5meEW3e7s0vVyizV0ViylNk7wunwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF0hhNp9nSlmNzP46tzJ4CHN4v7fMB8GA1UdIwQY
MBaAFGgjGlAKCoEI3HpDWLEAKx/b8HmVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUNNYVVBb0tnUWpjZWtOWXNRQXJIOXZ3ZVpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8wMGIwODUtOTk2Ni00Mjc1LWE1MmIt
N2YyM2IzNDY4NmMyLzEvWFNHRTJuMmRLV1kzTV9qcTNNbmdJYzNpX3Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8wMGIwODUtOTk2Ni00Mjc1LWE1MmItN2YyM2IzNDY4NmMy
LzEvYUNNYVVBb0tnUWpjZWtOWXNRQXJIOXZ3ZVpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZvsMA0G
CSqGSIb3DQEBCwUAA4IBAQBpjpugxNs5+rI5w06jPCZTRukITHtp8ciY6hIHFJhy
i7rxsjuQlnElSxJppF56sRO/wH+cw1ZFAL7qeeFypFIOiPtpIpY/KuYdR5bYkZ6n
KZAWcimESDPCw7wvlP9e9LFaR64Fe5P1q3Bqbv//PSrfAwEjdsRRROkcEObuVLrK
4Q4TbrIcb5rM9czhv6+Wt9Fv9XfRi0fqPADQH7TZao4oi9D0LKea3BwYqvwdxqRj
A6HhRSUljrkF9QvMDBquIZFn/Rh0Zkf5nrPsZgzbsvrNm5Iqa27t4J+cM8MthRda
D3kYYlSHuOBrCUaMizEKUlzBVVUhpPQf4Ryt3wdLvxju
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:17 2025 by rpki-client on console.sobornost.net