Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/3796fa-c02e-45f9-a1a4-622bb4899887/1/XKbuE11HMiW-d3-7SHwE1VaECgw.roa
File: XKbuE11HMiW-d3-7SHwE1VaECgw.roa (raw, json)
Hash identifier: iROyh9ucuOmjws3pOPkYjHDlUGlInLoKUEPjUvuWoZE=
Subject key identifier: 5C:A6:EE:13:5D:47:32:25:BE:77:7F:BB:48:7C:04:D5:56:84:0A:0C
Certificate issuer: /CN=0e086b67d8989653baeb68b8d24ab9e9bd0caf2a
Certificate serial: 019426D9D9C4B525457B7F460EED376F8A14
Authority key identifier: 0E:08:6B:67:D8:98:96:53:BA:EB:68:B8:D2:4A:B9:E9:BD:0C:AF:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DghrZ9iYllO662i40kq56b0Mryo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/3796fa-c02e-45f9-a1a4-622bb4899887/1/XKbuE11HMiW-d3-7SHwE1VaECgw.roa
Signing time: Thu 02 Jan 2025 11:49:58 +0000
ROA not before: Thu 02 Jan 2025 11:49:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51964
IP address blocks: 193.17.48.0/24 maxlen: 24
194.9.141.0/24 maxlen: 24
194.9.142.0/24 maxlen: 24
194.9.145.0/24 maxlen: 24
194.9.149.0/24 maxlen: 24
194.9.164.0/24 maxlen: 24
194.9.166.0/24 maxlen: 24
2a04:1447::/45 maxlen: 45
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:d9:c4:b5:25:45:7b:7f:46:0e:ed:37:6f:8a:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e086b67d8989653baeb68b8d24ab9e9bd0caf2a
Validity
Not Before: Jan 2 11:49:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ca6ee135d473225be777fbb487c04d556840a0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:97:0d:3b:dc:31:8d:e4:3a:05:48:f9:09:28:
d0:c9:97:b2:a4:39:d6:d2:69:d6:23:e1:d1:f8:35:
6d:43:de:ce:38:59:b8:64:0e:0c:ae:e7:ce:c4:93:
f6:8a:1f:d6:57:96:33:9c:a2:39:f1:3a:ad:3d:e6:
95:c2:7f:c5:1f:1b:07:b5:28:98:41:b2:9e:7c:09:
bc:17:70:42:90:e4:b8:3a:e1:f8:06:89:de:2a:64:
1e:b7:53:d3:03:b7:05:34:3c:39:55:5f:37:bd:27:
09:d9:0f:2a:66:15:f5:1a:eb:aa:e4:8c:c4:79:29:
f7:fa:9d:9f:25:12:69:e5:20:c2:5f:2f:26:88:6c:
40:5d:1b:3c:b6:78:70:4c:a9:d4:3c:f7:61:05:1b:
9d:4f:4d:c5:e1:c1:96:b1:03:0d:38:a9:c2:bd:46:
df:42:63:a0:1d:b0:9b:5d:76:7a:29:4a:65:e2:1d:
94:89:e0:91:6e:20:0e:35:00:30:02:4b:a0:5d:eb:
2c:5c:50:15:84:a1:63:82:97:c0:4c:67:31:6f:5f:
85:66:27:55:f6:4a:d8:9f:ee:76:9e:3b:40:ad:ed:
66:36:12:18:03:b7:ae:da:cb:cf:35:35:3c:5b:ee:
ff:fd:bc:b3:e2:3c:aa:8a:f4:13:e3:b7:89:73:53:
99:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:A6:EE:13:5D:47:32:25:BE:77:7F:BB:48:7C:04:D5:56:84:0A:0C
X509v3 Authority Key Identifier:
keyid:0E:08:6B:67:D8:98:96:53:BA:EB:68:B8:D2:4A:B9:E9:BD:0C:AF:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DghrZ9iYllO662i40kq56b0Mryo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/3796fa-c02e-45f9-a1a4-622bb4899887/1/XKbuE11HMiW-d3-7SHwE1VaECgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/3796fa-c02e-45f9-a1a4-622bb4899887/1/DghrZ9iYllO662i40kq56b0Mryo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.48.0/24
194.9.141.0-194.9.142.255
194.9.145.0/24
194.9.149.0/24
194.9.164.0/24
194.9.166.0/24
IPv6:
2a04:1447::/45
Signature Algorithm: sha256WithRSAEncryption
33:1c:f7:11:2e:96:d0:06:6c:32:8c:1c:88:41:63:16:0a:9a:
8c:2d:7f:f7:25:56:09:68:f2:ac:22:43:5d:0d:5d:58:c4:6f:
fc:a5:99:1b:47:a7:f4:75:0b:62:c0:05:ef:ef:0f:b7:45:25:
5a:54:d0:6a:c4:59:c0:42:b2:d8:5d:d4:75:ea:59:c4:ba:f9:
ce:52:a9:85:09:ff:af:bb:c1:e3:a4:f8:aa:23:9d:43:80:d9:
95:3c:9d:97:b2:cb:d0:5e:40:d1:46:6c:18:23:22:f9:30:fa:
88:33:61:b9:09:43:26:f7:42:6b:1a:30:3b:76:5c:25:93:78:
d7:e3:ad:fc:2b:b5:07:bd:89:9c:e6:35:07:41:cd:14:e4:25:
1f:af:27:15:c6:65:dd:d6:b8:a7:9e:d1:5d:9a:3b:52:b3:d5:
6f:f1:97:7d:c0:64:91:aa:0a:a9:2e:a6:46:ad:fa:c9:90:74:
4c:7e:69:aa:d6:ad:a0:85:26:43:e8:de:e3:41:69:c5:e0:12:
84:91:88:85:16:64:36:6a:83:de:0d:b3:47:f8:dd:c6:0b:54:
80:19:de:de:78:dd:cc:3c:c4:b2:81:c9:78:5f:a2:e2:0e:c1:
ba:be:51:0e:8c:38:53:4e:ae:f1:c1:85:6c:54:26:fb:56:8c:
ba:ba:f5:bc
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAZQm2dnEtSVFe39GDu03b4oUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMDg2YjY3ZDg5ODk2NTNiYWViNjhiOGQyNGFiOWU5YmQw
Y2FmMmEwHhcNMjUwMTAyMTE0OTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2E2ZWUxMzVkNDczMjI1YmU3NzdmYmI0ODdjMDRkNTU2ODQwYTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZcNO9wxjeQ6BUj5CSjQyZeypDnW
0mnWI+HR+DVtQ97OOFm4ZA4MrufOxJP2ih/WV5YznKI58TqtPeaVwn/FHxsHtSiY
QbKefAm8F3BCkOS4OuH4BoneKmQet1PTA7cFNDw5VV83vScJ2Q8qZhX1Guuq5IzE
eSn3+p2fJRJp5SDCXy8miGxAXRs8tnhwTKnUPPdhBRudT03F4cGWsQMNOKnCvUbf
QmOgHbCbXXZ6KUpl4h2UieCRbiAONQAwAkugXessXFAVhKFjgpfATGcxb1+FZidV
9krYn+52njtAre1mNhIYA7eu2svPNTU8W+7//byz4jyqivQT47eJc1OZhQIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFFym7hNdRzIlvnd/u0h8BNVWhAoMMB8GA1UdIwQY
MBaAFA4Ia2fYmJZTuutouNJKuem9DK8qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGdoclo5aVlsbE82NjJpNDBrcTU2YjBNcnlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8zNzk2ZmEtYzAyZS00NWY5LWExYTQt
NjIyYmI0ODk5ODg3LzEvWEtidUUxMUhNaVctZDMtN1NId0UxVmFFQ2d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8zNzk2ZmEtYzAyZS00NWY5LWExYTQtNjIyYmI0ODk5ODg3
LzEvRGdoclo5aVlsbE82NjJpNDBrcTU2YjBNcnlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAyBAIAATAsAwQAwREwMAwD
BADCCY0DBADCCY4DBADCCZEDBADCCZUDBADCCaQDBADCCaYwDwQCAAIwCQMHAyoE
FEcAADANBgkqhkiG9w0BAQsFAAOCAQEAMxz3ES6W0AZsMowciEFjFgqajC1/9yVW
CWjyrCJDXQ1dWMRv/KWZG0en9HULYsAF7+8Pt0UlWlTQasRZwEKy2F3UdepZxLr5
zlKphQn/r7vB46T4qiOdQ4DZlTydl7LL0F5A0UZsGCMi+TD6iDNhuQlDJvdCaxow
O3ZcJZN41+Ot/Cu1B72JnOY1B0HNFOQlH68nFcZl3da4p57RXZo7UrPVb/GXfcBk
kaoKqS6mRq36yZB0TH5pqtatoIUmQ+je40FpxeAShJGIhRZkNmqD3g2zR/jdxgtU
gBne3njdzDzEsoHJeF+i4g7Bur5RDow4U06u8cGFbFQm+1aMurr1vA==
-----END CERTIFICATE-----
Generated at Thu Apr 10 04:46:06 2025 by rpki-client