Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/Cs1qBn4VjrBIRHmPJXLiE1xFxCY.roa
File: Cs1qBn4VjrBIRHmPJXLiE1xFxCY.roa (raw, json)
Hash identifier: MWgCuKpBS+l+AyVioTFlRoxqt43GEYXQ/PHcMYuFOog=
Subject key identifier: 0A:CD:6A:06:7E:15:8E:B0:48:44:79:8F:25:72:E2:13:5C:45:C4:26
Certificate issuer: /CN=d1fd3436d7a19a7343fa800d87a01af183da318b
Certificate serial: 0195F5F8AC6A27E97E9E1D47E6A51DE4B75B
Authority key identifier: D1:FD:34:36:D7:A1:9A:73:43:FA:80:0D:87:A0:1A:F1:83:DA:31:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0f00NtehmnND-oANh6Aa8YPaMYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/Cs1qBn4VjrBIRHmPJXLiE1xFxCY.roa
Signing time: Wed 02 Apr 2025 10:07:49 +0000
ROA not before: Wed 02 Apr 2025 10:07:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8648
IP address blocks: 185.13.210.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f5:f8:ac:6a:27:e9:7e:9e:1d:47:e6:a5:1d:e4:b7:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1fd3436d7a19a7343fa800d87a01af183da318b
Validity
Not Before: Apr 2 10:07:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0acd6a067e158eb04844798f2572e2135c45c426
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:91:a7:b4:42:4c:a1:6e:6c:64:18:ef:dc:aa:
72:7c:2c:12:1f:44:8b:a1:f1:4b:d4:c2:fb:2c:e8:
51:4e:ec:2c:0b:e2:5f:d8:01:0e:24:f3:f3:12:68:
d2:47:56:90:88:ff:18:d6:6d:1d:91:7f:72:06:46:
41:54:d8:ea:81:6e:20:3c:45:44:ff:ab:a4:1c:59:
de:ab:59:30:c3:66:e8:3b:5e:30:94:8b:6a:af:1b:
70:aa:e2:9c:fe:bd:f8:90:64:d3:4f:59:ba:2e:4e:
a6:c2:59:1c:3c:d0:b2:c4:ed:15:f2:86:22:69:98:
ce:c3:5e:dc:ce:86:4f:e2:3e:90:d3:cc:65:e1:df:
d5:f2:c3:60:88:07:51:50:b5:da:55:4a:20:de:a1:
b1:0b:8b:e7:86:95:2d:b1:fd:8a:33:44:48:ba:66:
0e:72:23:b8:23:4a:dc:6b:37:c7:fb:b9:67:ef:c3:
c0:b3:c5:e0:f2:44:e6:29:57:25:2a:d4:fb:22:e2:
5d:40:32:8a:a0:16:ef:a1:73:fd:8b:19:e0:e2:d4:
35:81:ae:a5:ce:aa:19:67:2f:44:83:e8:e7:01:b1:
dc:8f:7e:99:75:5f:8e:d0:77:43:ec:6c:2a:d6:2a:
8d:88:70:f9:03:e1:5a:bb:72:dd:97:6a:36:25:d6:
62:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:CD:6A:06:7E:15:8E:B0:48:44:79:8F:25:72:E2:13:5C:45:C4:26
X509v3 Authority Key Identifier:
keyid:D1:FD:34:36:D7:A1:9A:73:43:FA:80:0D:87:A0:1A:F1:83:DA:31:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f00NtehmnND-oANh6Aa8YPaMYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/Cs1qBn4VjrBIRHmPJXLiE1xFxCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/0f00NtehmnND-oANh6Aa8YPaMYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.13.210.0/23
Signature Algorithm: sha256WithRSAEncryption
40:49:99:09:f5:73:04:9b:0e:24:d0:46:97:91:d1:7b:e3:8f:
69:ea:1a:ee:89:e4:5d:c0:e3:22:69:08:c1:bf:c7:2b:ba:a5:
7f:ad:f8:f3:32:13:ee:f6:75:ba:aa:8d:0d:ea:46:6e:b7:70:
cc:bd:a6:e4:d6:3d:07:31:ce:12:d0:27:d5:d9:fd:c4:fa:ec:
9e:4c:21:27:f4:e1:87:2f:26:a1:51:20:21:53:32:4f:c1:68:
99:23:a9:c3:67:41:97:cf:93:27:86:55:6f:83:ef:51:8b:69:
68:0c:30:c8:2e:c1:af:fc:8c:87:bc:9a:d0:b2:ff:4c:99:a6:
ba:2b:9e:f5:79:54:d6:7c:b5:a1:f1:11:81:05:a7:24:ac:85:
b0:a1:3b:9a:ba:cf:c0:d1:0c:34:75:76:ad:c3:9c:06:7d:ef:
18:69:90:85:56:5e:c9:dc:28:29:c0:26:ee:a9:22:f4:15:ea:
57:f9:5e:b2:02:6a:28:73:a0:79:69:fa:ae:26:c8:81:97:c8:
27:c6:15:b1:d7:2a:8f:58:10:8e:62:4d:50:80:1c:d8:5a:83:
07:bd:e3:14:86:02:f1:cc:f7:e2:3b:34:94:bc:e6:6d:07:ba:
94:48:6a:09:43:b4:83:e7:a4:69:34:94:f3:1d:db:dc:ff:af:
dd:04:d9:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZX1+KxqJ+l+nh1H5qUd5LdbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZmQzNDM2ZDdhMTlhNzM0M2ZhODAwZDg3YTAxYWYxODNk
YTMxOGIwHhcNMjUwNDAyMTAwNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWNkNmEwNjdlMTU4ZWIwNDg0NDc5OGYyNTcyZTIxMzVjNDVjNDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9ZGntEJMoW5sZBjv3KpyfCwSH0SL
ofFL1ML7LOhRTuwsC+Jf2AEOJPPzEmjSR1aQiP8Y1m0dkX9yBkZBVNjqgW4gPEVE
/6ukHFneq1kww2boO14wlItqrxtwquKc/r34kGTTT1m6Lk6mwlkcPNCyxO0V8oYi
aZjOw17czoZP4j6Q08xl4d/V8sNgiAdRULXaVUog3qGxC4vnhpUtsf2KM0RIumYO
ciO4I0rcazfH+7ln78PAs8Xg8kTmKVclKtT7IuJdQDKKoBbvoXP9ixng4tQ1ga6l
zqoZZy9Eg+jnAbHcj36ZdV+O0HdD7Gwq1iqNiHD5A+Fau3Ldl2o2JdZiVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFArNagZ+FY6wSER5jyVy4hNcRcQmMB8GA1UdIwQY
MBaAFNH9NDbXoZpzQ/qADYegGvGD2jGLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGYwME50ZWhtbk5ELW9BTmg2QWE4WVBhTVlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9iY2Q1ZTgtNWQxZi00NmIxLTk2YmMt
MzlhNjZjYmUxZTRkLzEvQ3MxcUJuNFZqckJJUkhtUEpYTGlFMXhGeENZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9iY2Q1ZTgtNWQxZi00NmIxLTk2YmMtMzlhNjZjYmUxZTRk
LzEvMGYwME50ZWhtbk5ELW9BTmg2QWE4WVBhTVlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuQ3SMA0G
CSqGSIb3DQEBCwUAA4IBAQBASZkJ9XMEmw4k0EaXkdF7449p6hruieRdwOMiaQjB
v8cruqV/rfjzMhPu9nW6qo0N6kZut3DMvabk1j0HMc4S0CfV2f3E+uyeTCEn9OGH
LyahUSAhUzJPwWiZI6nDZ0GXz5MnhlVvg+9Ri2loDDDILsGv/IyHvJrQsv9Mmaa6
K571eVTWfLWh8RGBBackrIWwoTuaus/A0Qw0dXatw5wGfe8YaZCFVl7J3CgpwCbu
qSL0FepX+V6yAmooc6B5afquJsiBl8gnxhWx1yqPWBCOYk1QgBzYWoMHveMUhgLx
zPfiOzSUvOZtB7qUSGoJQ7SD56RpNJTzHdvc/6/dBNnE
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:18 2025 by rpki-client on console.sobornost.net