Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/XzOJosFV0mUuv5iVpLjRFrhIVoo.roa
File: XzOJosFV0mUuv5iVpLjRFrhIVoo.roa (raw, json)
Hash identifier: 9Ml1v+EdNGqhPo6ss7cMabRy2XzLWdbQFDxVc38WcOE=
Subject key identifier: 5F:33:89:A2:C1:55:D2:65:2E:BF:98:95:A4:B8:D1:16:B8:48:56:8A
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019527520AD23E5F1AF72620E32E7C3D6FAD
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/XzOJosFV0mUuv5iVpLjRFrhIVoo.roa
Signing time: Fri 21 Feb 2025 07:04:02 +0000
ROA not before: Fri 21 Feb 2025 07:04:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62300
IP address blocks: 31.40.201.0/24 maxlen: 24
195.216.154.0/24 maxlen: 24
213.166.93.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:27:52:0a:d2:3e:5f:1a:f7:26:20:e3:2e:7c:3d:6f:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Feb 21 07:04:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f3389a2c155d2652ebf9895a4b8d116b848568a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7e:c4:ae:de:28:e1:00:09:5e:c3:71:45:c1:
a9:ef:a4:8d:c3:86:16:21:c7:44:d7:74:b6:e9:b1:
13:dc:9c:c0:15:3a:09:58:b3:23:ff:e3:51:75:81:
a2:78:fd:11:7f:74:73:fa:98:8e:eb:f1:07:57:b1:
42:1f:00:0e:b2:33:36:5b:8c:d6:d2:2b:1c:fb:dd:
90:29:ef:02:6b:01:34:38:3a:5c:b6:50:ee:f6:e4:
56:49:76:9d:5b:32:7a:65:76:a1:91:cc:3e:21:35:
e2:a2:d2:ed:8c:07:a2:9b:b1:37:1e:fc:8a:39:4d:
ad:90:02:93:1a:69:a7:f0:f8:1e:c9:c0:d4:7e:64:
a9:4c:00:40:c3:09:38:4a:2e:9a:7d:9e:c1:14:9b:
bb:ef:ac:57:55:2e:61:64:6e:c2:88:35:95:79:d4:
6b:0e:5c:cc:74:9c:4c:d4:7f:7a:fb:d3:40:ea:dd:
23:71:b6:65:b9:ec:18:3a:b9:29:ef:af:e1:3b:f5:
11:f6:65:8e:09:d2:52:a5:77:32:cf:3f:78:50:44:
e1:f2:dc:a6:28:55:31:c7:f0:80:c3:d3:0f:6a:13:
18:3a:10:17:0f:ab:66:dd:ca:a3:42:6c:e1:75:4c:
7c:5a:2d:b3:2c:4a:c8:25:2b:a1:96:ec:8b:7a:da:
2d:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:33:89:A2:C1:55:D2:65:2E:BF:98:95:A4:B8:D1:16:B8:48:56:8A
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/XzOJosFV0mUuv5iVpLjRFrhIVoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.201.0/24
195.216.154.0/24
213.166.93.0/24
Signature Algorithm: sha256WithRSAEncryption
63:08:b4:22:c0:2a:8e:a4:c3:f8:7f:1e:6f:12:19:d0:39:5a:
bb:5f:5f:bb:1c:53:a3:f6:46:3f:4b:73:5e:2a:0e:b5:89:cf:
31:d9:c7:81:c3:3c:18:55:e3:8f:ab:dd:06:b8:20:d4:ae:8c:
07:9b:91:04:5d:19:a2:6e:03:9d:b1:de:0a:cc:78:f9:cd:33:
df:0f:d4:6d:35:f2:88:84:e1:58:0f:a5:39:d8:88:46:51:3e:
79:a2:75:9e:c3:f6:95:ca:9b:da:7d:a0:0a:ad:f3:06:7c:be:
9f:4e:53:df:83:08:b8:fe:ca:ea:9d:91:6b:96:4d:57:a2:7b:
54:8c:ec:0e:8f:9b:da:3f:69:b4:84:c8:f7:ec:f6:27:e4:be:
25:68:55:b6:80:ac:ad:73:8a:90:e0:1a:da:49:12:dd:83:48:
fb:9d:60:9c:87:6b:06:f0:9b:93:93:9f:16:06:ca:46:fc:c2:
87:25:35:3d:c5:c7:34:d6:65:06:ad:ab:5b:2c:b4:2a:26:60:
b9:59:c2:0a:e7:fb:94:0e:c4:8e:d0:d6:f7:5c:9c:c8:78:97:
4c:e8:a0:83:94:2d:e0:d4:b6:0a:52:95:de:5e:a6:df:74:c7:
dd:f3:3f:83:43:ce:86:90:37:f7:4d:4b:fd:4f:f5:73:93:9f:
ba:e4:b4:db
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZUnUgrSPl8a9yYg4y58PW+tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwMjIxMDcwNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjMzODlhMmMxNTVkMjY1MmViZjk4OTVhNGI4ZDExNmI4NDg1NjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsH7Ert4o4QAJXsNxRcGp76SNw4YW
IcdE13S26bET3JzAFToJWLMj/+NRdYGieP0Rf3Rz+piO6/EHV7FCHwAOsjM2W4zW
0isc+92QKe8CawE0ODpctlDu9uRWSXadWzJ6ZXahkcw+ITXiotLtjAeim7E3HvyK
OU2tkAKTGmmn8PgeycDUfmSpTABAwwk4Si6afZ7BFJu776xXVS5hZG7CiDWVedRr
DlzMdJxM1H96+9NA6t0jcbZluewYOrkp76/hO/UR9mWOCdJSpXcyzz94UETh8tym
KFUxx/CAw9MPahMYOhAXD6tm3cqjQmzhdUx8Wi2zLErIJSuhluyLetoteQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF8ziaLBVdJlLr+YlaS40Ra4SFaKMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvWHpPSm9zRlYwbVV1djVpVnBMalJGcmhJVm9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHyjJAwQA
w9iaAwQA1aZdMA0GCSqGSIb3DQEBCwUAA4IBAQBjCLQiwCqOpMP4fx5vEhnQOVq7
X1+7HFOj9kY/S3NeKg61ic8x2ceBwzwYVeOPq90GuCDUrowHm5EEXRmibgOdsd4K
zHj5zTPfD9RtNfKIhOFYD6U52IhGUT55onWew/aVypvafaAKrfMGfL6fTlPfgwi4
/srqnZFrlk1XontUjOwOj5vaP2m0hMj37PYn5L4laFW2gKytc4qQ4BraSRLdg0j7
nWCch2sG8JuTk58WBspG/MKHJTU9xcc01mUGratbLLQqJmC5WcIK5/uUDsSO0Nb3
XJzIeJdM6KCDlC3g1LYKUpXeXqbfdMfd8z+DQ86GkDf3TUv9T/Vzk5+65LTb
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:36:54 2025 by rpki-client