Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/XgPwQOKsd9uJBigbEk6gk3WV4gw.roa
File: XgPwQOKsd9uJBigbEk6gk3WV4gw.roa (raw, json)
Hash identifier: MfMJHXV5sXbrxV0YBc5joH+vkuSR+zLfQaFUaN552Bw=
Subject key identifier: 5E:03:F0:40:E2:AC:77:DB:89:06:28:1B:12:4E:A0:93:75:95:E2:0C
Certificate issuer: /CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Certificate serial: 019421442B40F7076956F13DD31540BA03B4
Authority key identifier: 1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/XgPwQOKsd9uJBigbEk6gk3WV4gw.roa
Signing time: Wed 01 Jan 2025 09:48:23 +0000
ROA not before: Wed 01 Jan 2025 09:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21196
IP address blocks: 80.65.172.0/24 maxlen: 24
80.65.173.0/24 maxlen: 24
80.65.174.0/24 maxlen: 24
80.65.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:2b:40:f7:07:69:56:f1:3d:d3:15:40:ba:03:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Validity
Not Before: Jan 1 09:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e03f040e2ac77db8906281b124ea0937595e20c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:43:3a:a8:7c:30:a2:e0:09:50:a9:93:2b:fc:
34:d8:66:e6:e4:e9:51:ba:42:af:04:0c:88:5e:a8:
93:20:49:db:a7:81:0f:09:4e:43:14:a4:08:a4:ce:
b4:6b:90:bd:e3:b6:3f:a9:79:3e:d5:23:3b:57:e4:
f3:51:f2:06:a7:9f:02:68:42:0a:13:a9:bf:7b:14:
77:6f:eb:3e:52:e5:8c:33:c8:78:e5:7a:a4:16:5d:
2e:46:14:ce:a7:2a:66:60:95:af:29:3e:32:a4:68:
8b:8d:f6:6a:cc:1b:03:17:a6:32:bb:56:5b:d7:f0:
9f:62:49:4a:42:af:f8:a4:5a:80:b4:7b:6f:cf:62:
85:16:0e:56:ec:81:1c:a1:69:50:36:8f:ea:11:26:
85:c0:29:b3:0d:d5:3c:60:89:b1:ab:7c:a8:8d:a2:
86:d4:f9:03:9c:c0:ed:b1:3f:e7:c1:32:ff:47:48:
7b:b6:6a:f8:1f:df:bd:83:1b:f9:89:77:1f:f4:a2:
2e:89:c3:52:10:6e:2e:c2:ff:36:dc:11:48:c1:74:
8d:63:cb:1a:ea:5d:dc:7f:23:7c:80:c3:d9:9a:30:
93:05:f3:18:c4:d4:4e:a0:f6:0b:80:93:76:ec:d4:
92:05:bb:65:3a:a4:85:6d:dc:70:8b:31:91:f5:3a:
e9:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:03:F0:40:E2:AC:77:DB:89:06:28:1B:12:4E:A0:93:75:95:E2:0C
X509v3 Authority Key Identifier:
keyid:1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/XgPwQOKsd9uJBigbEk6gk3WV4gw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/HHsGv0EwDcTTDz0OGAybldK83f8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.65.172.0/22
Signature Algorithm: sha256WithRSAEncryption
b5:6c:16:2a:ae:2e:3a:b0:fd:31:79:69:03:49:7d:4e:26:ba:
dd:02:e0:23:c0:5d:a5:e2:06:f2:24:74:b5:14:9f:3f:54:1d:
d1:59:b2:3c:be:39:2d:de:25:a2:ac:20:32:17:20:03:8b:12:
27:c1:62:6e:ff:d0:b9:f2:0a:f1:65:be:f0:d2:38:47:62:2a:
ad:44:93:19:51:f3:b4:a2:08:4f:99:af:a8:98:01:e2:34:a9:
8b:32:3f:ff:32:3f:b5:a3:d1:26:bc:d2:09:d7:a8:fe:fc:1b:
79:8d:3b:67:aa:44:da:83:e8:1d:63:ea:e9:be:30:27:e8:fb:
fc:61:bb:3a:ce:86:9a:e6:29:58:28:84:33:f1:cc:a3:38:4f:
f4:21:54:7d:38:5b:57:28:66:7a:e4:21:dc:2f:ef:66:88:d5:
a8:77:19:0a:04:bc:f9:63:2a:d9:53:fe:aa:eb:37:09:27:30:
fa:25:28:27:32:0e:f6:99:31:f4:55:82:9d:4a:54:64:42:72:
c4:27:34:ac:dc:47:3c:56:5e:8c:6a:9d:5b:d3:ce:1e:40:2b:
20:6a:f4:d5:a2:ff:05:05:51:de:4d:83:7e:a8:cc:7c:93:be:
a1:e0:6b:c5:bb:16:1a:d1:7c:c9:15:fb:4b:76:72:f2:81:ef:
36:75:18:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRCtA9wdpVvE90xVAugO0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2IwNmJmNDEzMDBkYzRkMzBmM2QwZTE4MGM5Yjk1ZDJi
Y2RkZmYwHhcNMjUwMTAxMDk0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTAzZjA0MGUyYWM3N2RiODkwNjI4MWIxMjRlYTA5Mzc1OTVlMjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEM6qHwwouAJUKmTK/w02Gbm5OlR
ukKvBAyIXqiTIEnbp4EPCU5DFKQIpM60a5C947Y/qXk+1SM7V+TzUfIGp58CaEIK
E6m/exR3b+s+UuWMM8h45XqkFl0uRhTOpypmYJWvKT4ypGiLjfZqzBsDF6Yyu1Zb
1/CfYklKQq/4pFqAtHtvz2KFFg5W7IEcoWlQNo/qESaFwCmzDdU8YImxq3yojaKG
1PkDnMDtsT/nwTL/R0h7tmr4H9+9gxv5iXcf9KIuicNSEG4uwv823BFIwXSNY8sa
6l3cfyN8gMPZmjCTBfMYxNROoPYLgJN27NSSBbtlOqSFbdxwizGR9TrpLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF4D8EDirHfbiQYoGxJOoJN1leIMMB8GA1UdIwQY
MBaAFBx7Br9BMA3E0w89DhgMm5XSvN3/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAt
MjRmZGRjNmQxNDdiLzEvWGdQd1FPS3NkOXVKQmlnYkVrNmdrM1dWNGd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAtMjRmZGRjNmQxNDdi
LzEvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUEGsMA0G
CSqGSIb3DQEBCwUAA4IBAQC1bBYqri46sP0xeWkDSX1OJrrdAuAjwF2l4gbyJHS1
FJ8/VB3RWbI8vjkt3iWirCAyFyADixInwWJu/9C58grxZb7w0jhHYiqtRJMZUfO0
oghPma+omAHiNKmLMj//Mj+1o9EmvNIJ16j+/Bt5jTtnqkTag+gdY+rpvjAn6Pv8
Ybs6zoaa5ilYKIQz8cyjOE/0IVR9OFtXKGZ65CHcL+9miNWodxkKBLz5YyrZU/6q
6zcJJzD6JSgnMg72mTH0VYKdSlRkQnLEJzSs3Ec8Vl6Map1b084eQCsgavTVov8F
BVHeTYN+qMx8k76h4GvFuxYa0XzJFftLdnLyge82dRiW
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:27:06 2025 by rpki-client