Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/xTFnVkjcOucRhDr4fL3KOLXx4vc.roa
File: xTFnVkjcOucRhDr4fL3KOLXx4vc.roa (raw, json)
Hash identifier: s89ZuO3Y4dLbBDkPwE0lOqmzwVZElmt6SuqnjBMK7D4=
Subject key identifier: C5:31:67:56:48:DC:3A:E7:11:84:3A:F8:7C:BD:CA:38:B5:F1:E2:F7
Certificate issuer: /CN=dc44e19e2bb4e7023cc1ba10d49b74ede4bf865c
Certificate serial: 018AADE2173D0C46C5E12E350B956D924539
Authority key identifier: DC:44:E1:9E:2B:B4:E7:02:3C:C1:BA:10:D4:9B:74:ED:E4:BF:86:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3EThniu05wI8wboQ1Jt07eS_hlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/xTFnVkjcOucRhDr4fL3KOLXx4vc.roa
Signing time: Tue 19 Sep 2023 14:39:50 +0000
ROA not before: Tue 19 Sep 2023 14:39:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206747
IP address blocks: 195.130.28.0/24 maxlen: 24
25.129.198.0/23 maxlen: 23
2a08:600:ee::/47 maxlen: 47
2a08:600:99::/48 maxlen: 48
2a08:600:1::/48 maxlen: 48
2a08:600:e0::/47 maxlen: 47
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ad:e2:17:3d:0c:46:c5:e1:2e:35:0b:95:6d:92:45:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc44e19e2bb4e7023cc1ba10d49b74ede4bf865c
Validity
Not Before: Sep 19 14:39:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c531675648dc3ae711843af87cbdca38b5f1e2f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:4e:46:af:ca:6f:2e:4b:8d:7c:ee:62:ac:65:
e5:17:64:80:4c:f0:84:b0:45:9d:2c:ff:32:d9:9e:
2e:84:2f:b8:c3:3e:c9:24:18:a7:24:0e:ba:e4:55:
3c:11:ac:e7:7c:f8:b3:cb:7d:2a:fd:ae:67:51:bf:
2e:9e:e8:44:78:3a:95:be:30:5f:80:71:1d:5b:c6:
7f:b3:c2:f5:55:75:db:50:1a:5c:e1:6a:15:ee:9e:
2c:52:88:eb:02:fb:77:ed:bb:b3:b3:52:ba:b9:01:
53:c9:d9:40:50:91:07:2f:5c:38:07:75:93:dd:6b:
9d:ce:4f:bd:2e:a2:17:7a:c3:1a:c6:90:00:14:ea:
31:79:8c:d8:a3:1b:da:8f:be:14:7c:83:70:9c:df:
65:fa:57:f3:13:19:22:b1:0f:65:f3:7b:5b:6f:f1:
b7:64:5a:b9:15:66:26:b5:f6:a0:5a:88:fb:a5:34:
2d:f4:a2:67:ac:d7:7b:c7:db:b9:ed:1a:e3:60:a2:
57:74:f5:1b:d3:9a:4f:84:56:f1:6c:fa:48:1e:d7:
bc:94:d5:3b:08:3f:8d:14:3c:67:72:3e:94:ae:68:
a1:89:31:ba:c2:5e:df:65:48:e1:22:c4:28:45:b9:
7d:33:7e:32:3e:43:a2:06:b4:ba:8a:67:5f:a5:c6:
00:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:31:67:56:48:DC:3A:E7:11:84:3A:F8:7C:BD:CA:38:B5:F1:E2:F7
X509v3 Authority Key Identifier:
keyid:DC:44:E1:9E:2B:B4:E7:02:3C:C1:BA:10:D4:9B:74:ED:E4:BF:86:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3EThniu05wI8wboQ1Jt07eS_hlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/xTFnVkjcOucRhDr4fL3KOLXx4vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/3EThniu05wI8wboQ1Jt07eS_hlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
25.129.198.0/23
195.130.28.0/24
IPv6:
2a08:600:1::/48
2a08:600:99::/48
2a08:600:e0::/47
2a08:600:ee::/47
Signature Algorithm: sha256WithRSAEncryption
7e:af:b1:e6:3d:87:3c:c8:cc:c6:6e:fe:1d:fe:c4:19:4b:dd:
4a:2d:4e:6f:d9:32:b3:ce:91:21:9e:bc:c3:de:29:3b:fd:c7:
85:7f:c3:c3:7b:4f:94:2a:74:6b:cf:6a:11:60:52:c5:d3:65:
8a:3e:50:2a:a2:ec:9c:b5:9b:3d:5b:59:c9:fd:47:a0:bb:81:
5d:26:6f:ad:96:4d:b7:f1:82:9d:76:02:d1:95:40:b3:40:2a:
cc:83:a6:a4:38:13:22:f1:16:ff:16:0a:d5:4a:65:26:44:23:
10:42:33:8c:f6:f5:a3:6b:a0:2a:01:13:29:f8:f2:fb:d8:0d:
db:12:89:36:39:4a:86:21:0d:f3:15:b5:af:48:f1:34:d8:34:
c5:a8:d7:2e:f8:b6:af:85:5f:f5:aa:6c:e4:ab:43:36:b0:47:
7c:3f:c2:2f:a7:c4:a7:94:60:a3:93:56:7d:a9:36:ce:f8:15:
ca:6f:b3:d6:c4:79:8f:3d:e1:52:51:d8:22:bf:56:92:b0:b3:
f9:d7:c6:31:50:75:72:62:67:6f:34:e9:b5:35:cf:86:12:29:
5c:64:57:aa:27:d4:d1:c9:71:6e:9f:e4:22:07:de:02:ab:d0:
69:01:25:bb:59:ba:dd:4a:f1:bf:e1:4c:f5:0a:9d:e9:bc:09:
4b:c4:7e:b2
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYqt4hc9DEbF4S41C5VtkkU5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNDRlMTllMmJiNGU3MDIzY2MxYmExMGQ0OWI3NGVkZTRi
Zjg2NWMwHhcNMjMwOTE5MTQzOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTMxNjc1NjQ4ZGMzYWU3MTE4NDNhZjg3Y2JkY2EzOGI1ZjFlMmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmU5Gr8pvLkuNfO5irGXlF2SATPCE
sEWdLP8y2Z4uhC+4wz7JJBinJA665FU8EaznfPizy30q/a5nUb8unuhEeDqVvjBf
gHEdW8Z/s8L1VXXbUBpc4WoV7p4sUojrAvt37buzs1K6uQFTydlAUJEHL1w4B3WT
3Wudzk+9LqIXesMaxpAAFOoxeYzYoxvaj74UfINwnN9l+lfzExkisQ9l83tbb/G3
ZFq5FWYmtfagWoj7pTQt9KJnrNd7x9u57RrjYKJXdPUb05pPhFbxbPpIHte8lNU7
CD+NFDxncj6UrmihiTG6wl7fZUjhIsQoRbl9M34yPkOiBrS6imdfpcYA3QIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFMUxZ1ZI3DrnEYQ6+Hy9yji18eL3MB8GA1UdIwQY
MBaAFNxE4Z4rtOcCPMG6ENSbdO3kv4ZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0VUaG5pdTA1d0k4d2JvUTFKdDA3ZVNfaGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS80NmY1YjktNjAwMC00MDcyLTg5ZjIt
NGM4MmFjZTcyYzg1LzEveFRGblZramNPdWNSaERyNGZMM0tPTFh4NHZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS80NmY1YjktNjAwMC00MDcyLTg5ZjItNGM4MmFjZTcyYzg1
LzEvM0VUaG5pdTA1d0k4d2JvUTFKdDA3ZVNfaGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDASBAIAATAMAwQBGYHGAwQA
w4IcMCoEAgACMCQDBwAqCAYAAAEDBwAqCAYAAJkDBwEqCAYAAOADBwEqCAYAAO4w
DQYJKoZIhvcNAQELBQADggEBAH6vseY9hzzIzMZu/h3+xBlL3UotTm/ZMrPOkSGe
vMPeKTv9x4V/w8N7T5QqdGvPahFgUsXTZYo+UCqi7Jy1mz1bWcn9R6C7gV0mb62W
Tbfxgp12AtGVQLNAKsyDpqQ4EyLxFv8WCtVKZSZEIxBCM4z29aNroCoBEyn48vvY
DdsSiTY5SoYhDfMVta9I8TTYNMWo1y74tq+FX/WqbOSrQzawR3w/wi+nxKeUYKOT
Vn2pNs74Fcpvs9bEeY894VJR2CK/VpKws/nXxjFQdXJiZ2806bU1z4YSKVxkV6on
1NHJcW6f5CIH3gKr0GkBJbtZut1K8b/hTPUKnem8CUvEfrI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:48 2025 by rpki-client