Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/XfZZR_2FfbmcTCDqh8YB7ukHChU.roa
File: XfZZR_2FfbmcTCDqh8YB7ukHChU.roa (raw, json)
Hash identifier: qIIEx0fwjjqTdiQ160yJWGELXKdKRH39DjIU1xmNQYg=
Subject key identifier: 5D:F6:59:47:FD:85:7D:B9:9C:4C:20:EA:87:C6:01:EE:E9:07:0A:15
Certificate issuer: /CN=331bce2ee806e93621112dbd618536f775f44fba
Certificate serial: 019421B1C13827DDCCF32FB5A1BC99AD136C
Authority key identifier: 33:1B:CE:2E:E8:06:E9:36:21:11:2D:BD:61:85:36:F7:75:F4:4F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MxvOLugG6TYhES29YYU293X0T7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/XfZZR_2FfbmcTCDqh8YB7ukHChU.roa
Signing time: Wed 01 Jan 2025 11:48:04 +0000
ROA not before: Wed 01 Jan 2025 11:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25145
IP address blocks: 185.198.73.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:c1:38:27:dd:cc:f3:2f:b5:a1:bc:99:ad:13:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=331bce2ee806e93621112dbd618536f775f44fba
Validity
Not Before: Jan 1 11:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5df65947fd857db99c4c20ea87c601eee9070a15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:9b:9c:36:1f:ff:8c:6b:b1:4e:3e:5d:4f:89:
ed:06:62:05:ca:7c:96:f7:73:34:e8:17:69:f8:a3:
06:64:a6:70:36:df:8b:75:ca:be:c7:b8:f2:19:80:
95:63:47:e6:85:cc:2d:84:78:17:1c:d5:8b:34:14:
33:37:52:ed:a2:aa:bc:40:97:cd:15:b6:67:ce:0b:
b2:60:84:69:7d:14:d5:94:f7:6b:9a:a1:4d:7f:2d:
cf:cc:85:f8:81:1b:bc:62:fb:9b:16:80:8e:ae:29:
ea:3f:b0:1b:ee:d8:a7:db:9d:82:34:f2:17:09:28:
71:e3:f2:2b:77:37:27:46:45:7c:d0:e3:3e:d9:88:
56:ef:18:de:16:cd:e8:8f:15:d1:69:2c:b7:3e:4c:
6c:0b:ca:70:a1:2a:ae:cc:39:8b:9e:68:af:0e:de:
a3:e3:b6:6e:46:c0:fe:bf:e8:24:2d:2b:cc:3b:db:
57:98:fa:a6:13:4e:df:2a:67:22:dd:72:22:53:dc:
48:9c:ce:08:05:a0:69:9a:7e:27:dd:bf:48:fd:e5:
bf:de:d7:4f:e2:41:50:70:41:ac:a4:07:24:85:12:
1f:0a:1e:b1:85:d6:cb:e6:4d:bd:1a:1f:b9:86:ae:
45:73:44:4e:26:08:ce:21:3b:da:6c:44:b1:35:bc:
06:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:F6:59:47:FD:85:7D:B9:9C:4C:20:EA:87:C6:01:EE:E9:07:0A:15
X509v3 Authority Key Identifier:
keyid:33:1B:CE:2E:E8:06:E9:36:21:11:2D:BD:61:85:36:F7:75:F4:4F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MxvOLugG6TYhES29YYU293X0T7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/XfZZR_2FfbmcTCDqh8YB7ukHChU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/MxvOLugG6TYhES29YYU293X0T7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.73.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:70:47:02:0c:16:7c:3a:e0:f3:30:d9:31:20:8a:94:9c:dd:
70:f2:a2:aa:ed:81:43:51:b5:e0:74:af:17:a5:af:6f:4a:58:
a7:23:aa:9c:25:84:1b:28:be:59:4d:11:e6:28:1d:f4:38:da:
b3:e5:eb:fb:4a:fa:05:7b:59:1f:60:69:fe:f3:e8:51:bc:d5:
44:83:30:a1:b7:f1:cd:cf:88:b7:17:c7:1f:96:b0:8f:5d:ea:
b7:03:c6:97:b0:3d:45:97:ff:14:bf:4c:9f:86:89:c5:6f:2d:
ea:e0:0d:82:42:68:36:a5:8a:bf:06:6f:02:84:4c:30:21:a5:
08:6e:2e:5e:3d:b8:b7:80:1f:1f:64:8c:80:03:bf:87:07:e1:
ad:05:54:00:20:29:fb:98:5c:f2:44:c5:6d:67:38:7c:c0:61:
bc:22:00:0c:b1:e1:90:8b:77:ff:c2:8e:35:2e:65:5e:63:c4:
35:3a:3f:56:b0:be:bc:9e:d7:92:a7:a7:9c:fa:4e:ef:8e:6f:
bb:5f:8e:7c:e1:92:c3:be:21:b2:55:25:87:a8:2e:54:95:a4:
6b:0d:f6:3e:b8:87:28:9f:f7:90:1f:de:92:f0:1e:00:c8:e7:
ad:19:dc:78:99:49:f3:a8:71:f4:c2:b4:bf:56:33:18:4f:72:
ce:16:d2:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhscE4J93M8y+1obyZrRNsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMWJjZTJlZTgwNmU5MzYyMTExMmRiZDYxODUzNmY3NzVm
NDRmYmEwHhcNMjUwMTAxMTE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGY2NTk0N2ZkODU3ZGI5OWM0YzIwZWE4N2M2MDFlZWU5MDcwYTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZucNh//jGuxTj5dT4ntBmIFynyW
93M06Bdp+KMGZKZwNt+Ldcq+x7jyGYCVY0fmhcwthHgXHNWLNBQzN1Ltoqq8QJfN
FbZnzguyYIRpfRTVlPdrmqFNfy3PzIX4gRu8YvubFoCOrinqP7Ab7tin252CNPIX
CShx4/IrdzcnRkV80OM+2YhW7xjeFs3ojxXRaSy3PkxsC8pwoSquzDmLnmivDt6j
47ZuRsD+v+gkLSvMO9tXmPqmE07fKmci3XIiU9xInM4IBaBpmn4n3b9I/eW/3tdP
4kFQcEGspAckhRIfCh6xhdbL5k29Gh+5hq5Fc0ROJgjOITvabESxNbwGuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF32WUf9hX25nEwg6ofGAe7pBwoVMB8GA1UdIwQY
MBaAFDMbzi7oBuk2IREtvWGFNvd19E+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXh2T0x1Z0c2VFloRVMyOVlZVTI5M1gwVDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS80YmEzY2EtZDZmZC00MTE2LTkxNDYt
YWVhYzE2MjI3YzI1LzEvWGZaWlJfMkZmYm1jVENEcWg4WUI3dWtIQ2hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS80YmEzY2EtZDZmZC00MTE2LTkxNDYtYWVhYzE2MjI3YzI1
LzEvTXh2T0x1Z0c2VFloRVMyOVlZVTI5M1gwVDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucZJMA0G
CSqGSIb3DQEBCwUAA4IBAQA8cEcCDBZ8OuDzMNkxIIqUnN1w8qKq7YFDUbXgdK8X
pa9vSlinI6qcJYQbKL5ZTRHmKB30ONqz5ev7SvoFe1kfYGn+8+hRvNVEgzCht/HN
z4i3F8cflrCPXeq3A8aXsD1Fl/8Uv0yfhonFby3q4A2CQmg2pYq/Bm8ChEwwIaUI
bi5ePbi3gB8fZIyAA7+HB+GtBVQAICn7mFzyRMVtZzh8wGG8IgAMseGQi3f/wo41
LmVeY8Q1Oj9WsL68nteSp6ec+k7vjm+7X4584ZLDviGyVSWHqC5UlaRrDfY+uIco
n/eQH96S8B4AyOetGdx4mUnzqHH0wrS/VjMYT3LOFtJU
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:32 2025 by rpki-client