Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/Xx5AoKMFPro34EMu91UFlynTj2s.roa
File: Xx5AoKMFPro34EMu91UFlynTj2s.roa (raw, json)
Hash identifier: NlxbkxLq2MDyD2nlPITsFETHKzu5cELRgwcKIcBnH7U=
Subject key identifier: 5F:1E:40:A0:A3:05:3E:BA:37:E0:43:2E:F7:55:05:97:29:D3:8F:6B
Certificate issuer: /CN=53c912a0411bb0174507092d0ca35a91ad79905c
Certificate serial: 0194228D1255D5DC62B593DE7ECD8027812F
Authority key identifier: 53:C9:12:A0:41:1B:B0:17:45:07:09:2D:0C:A3:5A:91:AD:79:90:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U8kSoEEbsBdFBwktDKNaka15kFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/Xx5AoKMFPro34EMu91UFlynTj2s.roa
Signing time: Wed 01 Jan 2025 15:47:38 +0000
ROA not before: Wed 01 Jan 2025 15:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15404
IP address blocks: 194.59.137.0/24 maxlen: 24
194.59.139.0/24 maxlen: 24
2a07:cb81::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:12:55:d5:dc:62:b5:93:de:7e:cd:80:27:81:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53c912a0411bb0174507092d0ca35a91ad79905c
Validity
Not Before: Jan 1 15:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f1e40a0a3053eba37e0432ef755059729d38f6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:bd:e1:28:11:6f:dc:09:5e:b1:97:dc:1e:9e:
80:eb:bc:4e:7a:ce:4d:19:f9:af:ba:e7:6d:4e:76:
94:bf:77:d2:27:a2:7d:2c:97:35:88:2e:87:d7:3a:
01:2d:44:76:c1:04:08:8e:d0:4f:4a:1c:3e:f2:1b:
bb:b5:66:ba:e9:85:ef:66:a4:f8:cc:d2:85:32:19:
29:f5:f0:af:44:5f:05:56:64:e4:a8:d3:36:2a:c1:
1e:3d:44:1d:ca:73:35:33:fa:fc:ca:1b:82:e8:08:
c4:7c:ba:48:6c:19:10:22:7f:82:f9:ce:92:2a:1d:
72:84:83:97:f9:3f:02:0f:0d:77:e1:12:2e:fe:a0:
a4:78:27:f9:bc:92:33:77:36:05:c8:25:0b:e0:66:
f1:da:43:d1:58:43:00:f1:54:7f:de:dd:8c:5c:7d:
d1:ec:93:eb:38:19:b3:b4:c7:ca:cd:3b:42:7f:53:
8c:97:72:c0:45:a9:76:c8:a5:8d:3a:a3:1b:2c:38:
2d:51:a6:e3:8f:70:72:73:09:70:6c:00:b9:ef:78:
32:0d:46:37:d5:b3:96:6c:39:c6:76:be:c6:bb:5d:
23:96:0f:ec:24:73:7d:45:de:04:69:a9:d0:8f:48:
08:a6:ab:2a:bc:e7:6c:b5:6b:45:b1:51:98:c0:3e:
4c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:1E:40:A0:A3:05:3E:BA:37:E0:43:2E:F7:55:05:97:29:D3:8F:6B
X509v3 Authority Key Identifier:
keyid:53:C9:12:A0:41:1B:B0:17:45:07:09:2D:0C:A3:5A:91:AD:79:90:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U8kSoEEbsBdFBwktDKNaka15kFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/Xx5AoKMFPro34EMu91UFlynTj2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/U8kSoEEbsBdFBwktDKNaka15kFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.137.0/24
194.59.139.0/24
IPv6:
2a07:cb81::/32
Signature Algorithm: sha256WithRSAEncryption
6e:d2:3c:7e:c0:ea:f5:4a:46:bc:f6:89:1d:94:bc:4a:e0:f4:
48:e2:b2:10:d3:4b:58:77:5d:0d:22:42:b5:72:83:a3:9c:60:
bb:39:cd:6a:4b:c7:65:15:58:07:27:db:d1:ba:f4:c3:e5:a5:
87:da:e0:37:65:d4:e6:7e:e5:21:b5:73:1a:f3:a9:77:86:96:
c8:74:94:26:8a:bb:25:6b:67:d4:59:ff:cf:2c:90:3c:4d:cb:
f7:5c:35:12:cc:04:3a:e3:30:73:f2:97:86:13:dc:1f:1a:28:
53:18:18:3f:b4:eb:47:fd:b2:20:e7:0e:60:31:3c:ee:28:40:
36:0d:ae:77:07:d7:5c:cc:f1:5c:1b:34:66:fc:58:88:b2:8d:
4d:d8:a3:44:7f:b3:54:48:9f:95:39:18:ee:90:3c:cc:9a:48:
cb:f0:49:3f:10:33:ac:3a:4b:85:98:aa:78:d4:78:95:67:7a:
c4:c4:de:70:6b:ef:c6:8d:77:c1:e9:2f:c4:af:6f:76:0e:16:
c3:65:76:ad:ed:70:0c:94:79:f4:87:35:1d:8a:16:ee:fe:57:
a7:54:0b:4b:bc:cc:0d:12:de:d4:1a:cd:4e:8e:f3:2b:d9:04:
14:c1:0a:ea:9e:3d:ee:aa:56:77:06:ed:6d:13:d0:c9:44:75:
84:b7:1e:3d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQijRJV1dxitZPefs2AJ4EvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYzkxMmEwNDExYmIwMTc0NTA3MDkyZDBjYTM1YTkxYWQ3
OTkwNWMwHhcNMjUwMTAxMTU0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjFlNDBhMGEzMDUzZWJhMzdlMDQzMmVmNzU1MDU5NzI5ZDM4ZjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1r3hKBFv3AlesZfcHp6A67xOes5N
GfmvuudtTnaUv3fSJ6J9LJc1iC6H1zoBLUR2wQQIjtBPShw+8hu7tWa66YXvZqT4
zNKFMhkp9fCvRF8FVmTkqNM2KsEePUQdynM1M/r8yhuC6AjEfLpIbBkQIn+C+c6S
Kh1yhIOX+T8CDw134RIu/qCkeCf5vJIzdzYFyCUL4Gbx2kPRWEMA8VR/3t2MXH3R
7JPrOBmztMfKzTtCf1OMl3LARal2yKWNOqMbLDgtUabjj3BycwlwbAC573gyDUY3
1bOWbDnGdr7Gu10jlg/sJHN9Rd4EaanQj0gIpqsqvOdstWtFsVGYwD5MkQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFF8eQKCjBT66N+BDLvdVBZcp049rMB8GA1UdIwQY
MBaAFFPJEqBBG7AXRQcJLQyjWpGteZBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVThrU29FRWJzQmRGQndrdERLTmFrYTE1a0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9kNzdlNjAtODkxNi00Zjk2LThlZDAt
ZTIxYzQzNmI2MmVmLzEvWHg1QW9LTUZQcm8zNEVNdTkxVUZseW5UajJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9kNzdlNjAtODkxNi00Zjk2LThlZDAtZTIxYzQzNmI2MmVm
LzEvVThrU29FRWJzQmRGQndrdERLTmFrYTE1a0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwjuJAwQA
wjuLMA0EAgACMAcDBQAqB8uBMA0GCSqGSIb3DQEBCwUAA4IBAQBu0jx+wOr1Ska8
9okdlLxK4PRI4rIQ00tYd10NIkK1coOjnGC7Oc1qS8dlFVgHJ9vRuvTD5aWH2uA3
ZdTmfuUhtXMa86l3hpbIdJQmirsla2fUWf/PLJA8Tcv3XDUSzAQ64zBz8peGE9wf
GihTGBg/tOtH/bIg5w5gMTzuKEA2Da53B9dczPFcGzRm/FiIso1N2KNEf7NUSJ+V
ORjukDzMmkjL8Ek/EDOsOkuFmKp41HiVZ3rExN5wa+/GjXfB6S/Er292DhbDZXat
7XAMlHn0hzUdihbu/lenVAtLvMwNEt7UGs1OjvMr2QQUwQrqnj3uqlZ3Bu1tE9DJ
RHWEtx49
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:59:58 2025 by rpki-client