Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0f39cb-6b89-4f76-9082-06483f574d12/1/XJRoXvHSdw0KLefUVsOnz3xRpjY.roa
File: XJRoXvHSdw0KLefUVsOnz3xRpjY.roa (raw, json)
Hash identifier: f3EjYiKxxC/RliHk04yzeYaYi983ealul7WuE7Qs4NA=
Subject key identifier: 5C:94:68:5E:F1:D2:77:0D:0A:2D:E7:D4:56:C3:A7:CF:7C:51:A6:36
Certificate issuer: /CN=537e8960106e9465ecc2b45bf59a31e123d39dc2
Certificate serial: 01856D41A3EB363A1D1354F965AF77F4C597
Authority key identifier: 53:7E:89:60:10:6E:94:65:EC:C2:B4:5B:F5:9A:31:E1:23:D3:9D:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U36JYBBulGXswrRb9Zox4SPTncI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0f39cb-6b89-4f76-9082-06483f574d12/1/XJRoXvHSdw0KLefUVsOnz3xRpjY.roa
Signing time: Sun 01 Jan 2023 12:14:56 +0000
ROA not before: Sun 01 Jan 2023 12:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 213.109.159.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:a3:eb:36:3a:1d:13:54:f9:65:af:77:f4:c5:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=537e8960106e9465ecc2b45bf59a31e123d39dc2
Validity
Not Before: Jan 1 12:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c94685ef1d2770d0a2de7d456c3a7cf7c51a636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f5:c4:15:7e:a2:1c:3b:86:58:97:1f:7e:00:
5e:da:39:78:81:3e:9b:48:07:fe:3e:de:f1:7e:b4:
fa:a3:ea:0c:bd:26:d3:ff:eb:9d:82:57:9e:47:9f:
c9:f2:ac:73:d1:45:de:2c:21:3c:1f:bd:c2:a8:46:
24:41:cc:a5:5b:4c:ca:02:08:64:d1:19:af:32:6b:
54:57:b7:58:4d:1c:75:aa:17:4d:8c:37:c3:5c:01:
9f:53:74:c1:c3:67:fc:c1:00:0e:31:4f:9e:09:f8:
2c:ab:bb:af:13:8f:c7:d7:7f:17:05:16:26:ce:74:
ff:65:38:4e:13:f6:fa:b9:51:ec:61:59:b9:26:e0:
40:99:01:ff:6d:b8:84:35:dd:1a:ec:cf:df:0d:93:
74:e4:63:05:37:da:1f:50:a3:dd:77:f3:c4:cd:86:
bc:ee:ef:b1:a1:00:f4:7a:4e:92:d2:ee:1e:1f:3c:
f6:37:1d:5e:2e:46:45:ce:36:4f:a1:d4:91:fd:09:
c7:d8:ac:68:18:3f:69:f3:68:e1:09:7e:8f:82:4d:
4a:aa:ee:5b:ff:c7:ad:51:14:2c:8d:d2:ff:da:34:
92:30:39:d6:81:94:0f:34:96:fe:77:dc:28:bb:03:
d2:d2:12:dc:db:11:17:61:62:18:91:aa:20:85:8c:
01:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:94:68:5E:F1:D2:77:0D:0A:2D:E7:D4:56:C3:A7:CF:7C:51:A6:36
X509v3 Authority Key Identifier:
keyid:53:7E:89:60:10:6E:94:65:EC:C2:B4:5B:F5:9A:31:E1:23:D3:9D:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U36JYBBulGXswrRb9Zox4SPTncI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0f39cb-6b89-4f76-9082-06483f574d12/1/XJRoXvHSdw0KLefUVsOnz3xRpjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0f39cb-6b89-4f76-9082-06483f574d12/1/U36JYBBulGXswrRb9Zox4SPTncI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.159.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:f2:a5:21:3c:5b:7d:ad:02:5b:8f:11:af:04:df:d1:9e:83:
85:2e:29:af:aa:89:89:95:d1:db:be:b1:af:43:43:dc:40:ad:
84:ac:2d:c2:11:52:76:c0:95:ba:a2:ee:46:dc:71:a1:ba:2e:
c9:32:34:dd:df:b7:aa:38:fc:88:ce:58:30:95:59:e7:61:50:
b8:2c:0d:38:d0:21:70:64:82:e2:e8:33:9f:8b:6b:11:cb:3e:
ad:36:6a:0a:6a:1e:dd:41:36:54:cc:78:8d:a9:59:d5:43:22:
5c:54:97:5b:5b:f6:ad:18:76:99:d4:91:49:3b:4d:58:1a:c7:
98:82:fe:12:f6:16:6b:78:c1:ae:75:0a:9b:e5:6c:de:4d:91:
78:c9:d9:0d:1d:45:e6:45:fb:e4:fb:23:c8:f4:2b:d4:a1:3c:
4d:2a:a7:0e:c3:ce:73:15:a9:f2:b9:3e:f9:ec:6f:27:d2:b0:
7a:0f:dd:70:5d:1a:6e:f2:57:e3:30:5a:9c:10:01:ef:c4:30:
9d:e7:69:ca:0e:fe:fe:25:14:d5:97:86:7a:be:8b:42:5a:9b:
1c:86:4c:1c:9c:a3:39:fa:b2:2a:c5:c8:00:05:15:39:43:c7:
91:cb:eb:32:f0:ed:36:4c:1f:d2:b3:d6:70:d5:38:4b:d5:db:
82:46:9b:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtQaPrNjodE1T5Za939MWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzN2U4OTYwMTA2ZTk0NjVlY2MyYjQ1YmY1OWEzMWUxMjNk
MzlkYzIwHhcNMjMwMTAxMTIxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzk0Njg1ZWYxZDI3NzBkMGEyZGU3ZDQ1NmMzYTdjZjdjNTFhNjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfXEFX6iHDuGWJcffgBe2jl4gT6b
SAf+Pt7xfrT6o+oMvSbT/+udgleeR5/J8qxz0UXeLCE8H73CqEYkQcylW0zKAghk
0RmvMmtUV7dYTRx1qhdNjDfDXAGfU3TBw2f8wQAOMU+eCfgsq7uvE4/H138XBRYm
znT/ZThOE/b6uVHsYVm5JuBAmQH/bbiENd0a7M/fDZN05GMFN9ofUKPdd/PEzYa8
7u+xoQD0ek6S0u4eHzz2Nx1eLkZFzjZPodSR/QnH2KxoGD9p82jhCX6Pgk1Kqu5b
/8etURQsjdL/2jSSMDnWgZQPNJb+d9wouwPS0hLc2xEXYWIYkaoghYwBhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFyUaF7x0ncNCi3n1FbDp898UaY2MB8GA1UdIwQY
MBaAFFN+iWAQbpRl7MK0W/WaMeEj053CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTM2SllCQnVsR1hzd3JSYjlab3g0U1BUbmNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wZjM5Y2ItNmI4OS00Zjc2LTkwODIt
MDY0ODNmNTc0ZDEyLzEvWEpSb1h2SFNkdzBLTGVmVVZzT256M3hScGpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wZjM5Y2ItNmI4OS00Zjc2LTkwODItMDY0ODNmNTc0ZDEy
LzEvVTM2SllCQnVsR1hzd3JSYjlab3g0U1BUbmNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1W2fMA0G
CSqGSIb3DQEBCwUAA4IBAQCl8qUhPFt9rQJbjxGvBN/RnoOFLimvqomJldHbvrGv
Q0PcQK2ErC3CEVJ2wJW6ou5G3HGhui7JMjTd37eqOPyIzlgwlVnnYVC4LA040CFw
ZILi6DOfi2sRyz6tNmoKah7dQTZUzHiNqVnVQyJcVJdbW/atGHaZ1JFJO01YGseY
gv4S9hZreMGudQqb5WzeTZF4ydkNHUXmRfvk+yPI9CvUoTxNKqcOw85zFanyuT75
7G8n0rB6D91wXRpu8lfjMFqcEAHvxDCd52nKDv7+JRTVl4Z6votCWpschkwcnKM5
+rIqxcgABRU5Q8eRy+sy8O02TB/Ss9Zw1ThL1duCRpvd
-----END CERTIFICATE-----
Generated at Mon Apr 21 03:40:20 2025 by rpki-client