Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/XL50N9M0J1--wEhwrmcq5FsqyYY.roa
File: XL50N9M0J1--wEhwrmcq5FsqyYY.roa (raw, json)
Hash identifier: 2AIXM56irqEYvO+6v6ID+4GPMcpfADS5q8X+DPjd03I=
Subject key identifier: 5C:BE:74:37:D3:34:27:5F:BE:C0:48:70:AE:67:2A:E4:5B:2A:C9:86
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 0193CEF8F6E9825DFF912B2C1A30C4209B76
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/XL50N9M0J1--wEhwrmcq5FsqyYY.roa
Signing time: Mon 16 Dec 2024 10:17:22 +0000
ROA not before: Mon 16 Dec 2024 10:17:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9924
IP address blocks: 2.18.16.0/23 maxlen: 23
2.21.16.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ce:f8:f6:e9:82:5d:ff:91:2b:2c:1a:30:c4:20:9b:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Dec 16 10:17:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5cbe7437d334275fbec04870ae672ae45b2ac986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:10:f0:f4:92:fa:ce:55:3f:71:93:4c:c9:58:
06:ae:d6:36:55:15:09:b4:69:90:57:9c:42:f7:fc:
30:6d:5f:33:7b:e2:9d:f3:9a:6b:f1:c2:56:76:d0:
76:76:52:3a:da:f0:1e:5f:9b:fb:a8:c8:2d:27:99:
5b:e2:9f:62:68:56:2e:d2:5b:95:fb:cb:f2:37:89:
43:8f:ce:ac:b5:64:01:ea:61:58:88:11:0b:89:77:
50:92:0f:49:6f:f6:04:cc:85:a9:70:8a:54:8d:d1:
a7:77:2a:a4:57:3b:8d:41:9e:82:77:d8:11:52:60:
4d:31:89:23:78:fe:9d:37:7a:14:ef:4c:64:f7:34:
b0:9f:29:5c:dd:b3:cb:f6:49:24:ca:ec:76:5f:2a:
df:bc:c0:47:7b:11:52:24:db:ff:f2:9f:3a:34:f3:
be:63:99:f3:f7:41:af:6b:37:ca:87:ac:3f:86:76:
ed:b2:b1:34:dc:86:25:3e:52:be:cc:85:c8:82:1f:
04:a7:5f:5d:db:df:d8:3e:f4:ea:cc:32:ac:15:d5:
e5:c3:c6:ce:fd:84:33:49:dc:02:cb:68:dc:61:17:
33:f8:72:eb:e8:8e:f8:32:33:56:aa:f1:c5:4c:0d:
7e:b9:a4:1a:5d:f4:46:96:e7:51:02:38:a7:5a:9c:
70:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:BE:74:37:D3:34:27:5F:BE:C0:48:70:AE:67:2A:E4:5B:2A:C9:86
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/XL50N9M0J1--wEhwrmcq5FsqyYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.18.16.0/23
2.21.16.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:5d:cf:e8:60:66:65:f5:03:5e:ab:f2:4e:a9:3a:c0:4f:aa:
af:0c:eb:28:6c:6a:ab:6d:ce:85:4e:cd:f0:f5:00:01:df:be:
37:ca:10:50:fe:ad:ce:8e:bc:56:06:25:1c:80:6a:fa:ed:c6:
93:d1:c3:22:a5:16:38:94:90:04:26:fa:82:b8:a5:eb:e5:d0:
dc:1d:e1:48:5c:e4:94:09:c8:35:6a:bb:ea:84:92:5a:4a:04:
3f:fc:91:a2:aa:40:8a:85:59:cb:e2:8e:63:30:56:26:c0:6c:
ec:05:0b:3a:6a:91:d0:56:0c:6e:2b:b1:07:a7:59:76:d2:d4:
af:47:37:31:e7:70:29:a1:1b:6a:f7:ba:ed:65:ec:97:1c:69:
8a:70:d6:ed:7d:64:76:a9:ab:64:f7:4f:f9:7f:99:6a:ba:14:
2d:22:10:60:d3:8d:95:f5:4e:05:6f:60:c1:be:b4:77:60:81:
ed:e2:8e:4b:d4:35:58:97:54:2e:36:dd:8a:32:78:53:2e:3f:
7b:76:1b:55:fd:c3:dc:f8:2a:86:b1:b3:03:ca:3f:ce:67:fc:
60:68:7b:56:e7:fa:3e:97:0b:7d:33:23:06:8c:07:b4:29:5d:
00:16:57:ec:a6:be:3a:8e:fb:c9:b8:f2:89:6a:f9:8f:19:db:
0e:79:dd:4d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZPO+Pbpgl3/kSssGjDEIJt2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQxMjE2MTAxNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2JlNzQzN2QzMzQyNzVmYmVjMDQ4NzBhZTY3MmFlNDViMmFjOTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRDw9JL6zlU/cZNMyVgGrtY2VRUJ
tGmQV5xC9/wwbV8ze+Kd85pr8cJWdtB2dlI62vAeX5v7qMgtJ5lb4p9iaFYu0luV
+8vyN4lDj86stWQB6mFYiBELiXdQkg9Jb/YEzIWpcIpUjdGndyqkVzuNQZ6Cd9gR
UmBNMYkjeP6dN3oU70xk9zSwnylc3bPL9kkkyux2XyrfvMBHexFSJNv/8p86NPO+
Y5nz90GvazfKh6w/hnbtsrE03IYlPlK+zIXIgh8Ep19d29/YPvTqzDKsFdXlw8bO
/YQzSdwCy2jcYRcz+HLr6I74MjNWqvHFTA1+uaQaXfRGludRAjinWpxw/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFy+dDfTNCdfvsBIcK5nKuRbKsmGMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvWEw1ME45TTBKMS0td0Vod3JtY3E1RnNxeVlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBAhIQAwQC
AhUQMA0GCSqGSIb3DQEBCwUAA4IBAQB/Xc/oYGZl9QNeq/JOqTrAT6qvDOsobGqr
bc6FTs3w9QAB3743yhBQ/q3OjrxWBiUcgGr67caT0cMipRY4lJAEJvqCuKXr5dDc
HeFIXOSUCcg1arvqhJJaSgQ//JGiqkCKhVnL4o5jMFYmwGzsBQs6apHQVgxuK7EH
p1l20tSvRzcx53ApoRtq97rtZeyXHGmKcNbtfWR2qatk90/5f5lquhQtIhBg042V
9U4Fb2DBvrR3YIHt4o5L1DVYl1QuNt2KMnhTLj97dhtV/cPc+CqGsbMDyj/OZ/xg
aHtW5/o+lwt9MyMGjAe0KV0AFlfspr46jvvJuPKJavmPGdsOed1N
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:41:57 2025 by rpki-client