Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/XB919ocHq97xZVuVpZ4XzRIFLGQ.roa
File: XB919ocHq97xZVuVpZ4XzRIFLGQ.roa (raw, json)
Hash identifier: kBK1vyUjKgG7IAMHfdW40IxRnyscJJLbi8U4SCC3Iy0=
Subject key identifier: 5C:1F:75:F6:87:07:AB:DE:F1:65:5B:95:A5:9E:17:CD:12:05:2C:64
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 0195B46CE5A28F7CA77C01D7DF8006C57818
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/XB919ocHq97xZVuVpZ4XzRIFLGQ.roa
Signing time: Thu 20 Mar 2025 16:39:50 +0000
ROA not before: Thu 20 Mar 2025 16:39:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61120
IP address blocks: 194.105.10.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b4:6c:e5:a2:8f:7c:a7:7c:01:d7:df:80:06:c5:78:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Mar 20 16:39:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c1f75f68707abdef1655b95a59e17cd12052c64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3b:29:82:ac:de:32:ee:44:ce:86:84:ef:32:
df:ed:10:8b:85:c4:e9:d1:1c:32:cb:10:df:e5:3c:
1d:ac:ee:f3:38:bd:a3:bd:51:e2:86:4f:4d:07:ff:
35:65:95:77:d9:b2:93:b3:21:96:a6:3e:08:d1:2e:
33:35:39:57:22:0c:b0:e9:d7:e1:41:7d:2c:17:7e:
de:28:b6:42:54:7c:eb:a4:1f:44:a4:15:ee:1f:6f:
6b:a3:c0:a7:d3:7d:b0:ef:a4:5e:a8:47:b1:de:98:
be:e4:96:50:49:8c:22:62:a3:ff:63:1c:0a:34:1a:
b2:81:30:f4:3e:15:bb:52:49:98:49:65:26:f7:7c:
e3:2e:42:75:82:4c:55:8a:45:2b:40:c1:37:10:fd:
33:a9:69:05:b8:a1:43:32:da:0d:8c:0d:ec:07:2d:
de:0c:0b:e1:25:65:6c:f8:20:27:f2:7e:94:05:2a:
5d:0e:3a:6b:40:c8:70:2f:cb:92:df:f6:a4:68:5f:
52:c6:8b:ae:57:99:41:4a:84:a1:0d:71:b4:28:5f:
63:02:a2:2f:36:5b:a9:ef:bd:ec:a0:87:13:9c:6f:
40:83:be:2a:85:1d:64:b5:a7:38:16:47:74:32:a1:
ad:45:51:54:0c:96:a8:62:cc:d6:56:0d:82:37:dd:
ba:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:1F:75:F6:87:07:AB:DE:F1:65:5B:95:A5:9E:17:CD:12:05:2C:64
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/XB919ocHq97xZVuVpZ4XzRIFLGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.105.10.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:1d:7f:8d:d1:33:d2:e4:b8:f0:04:7b:e0:53:0e:40:6c:50:
08:cc:6f:41:6e:91:b7:2a:51:67:f7:4b:5e:2b:40:8b:06:10:
c8:b7:51:aa:2c:a8:42:90:fd:a4:36:da:39:a4:17:64:e3:58:
b1:28:59:59:e0:f7:76:a5:7f:d4:00:59:32:4a:fe:5f:ab:c1:
e1:76:8e:ce:e6:24:dc:95:e6:78:e3:3a:90:2e:fb:0d:9a:f9:
c1:b7:97:b4:ef:a3:64:d2:47:96:12:ff:87:66:41:31:44:a9:
05:7a:29:61:c5:83:ad:ef:5d:e6:69:6a:74:19:9e:b0:83:33:
a9:84:99:aa:f9:bf:13:c6:e3:17:75:dc:18:63:3a:2c:2c:10:
74:4b:ee:05:1c:b9:c5:8e:7c:e9:40:db:1b:0c:35:b9:d2:62:
de:6c:63:df:a1:31:c5:64:6f:e9:a3:7b:ac:99:3c:3f:de:f3:
58:45:89:cb:2a:73:32:64:36:47:04:ab:32:d3:9b:d2:3e:06:
db:fd:09:de:e4:f0:04:d9:5d:8f:b2:e5:c9:d9:cf:38:92:ed:
3f:2b:c5:5b:fa:c4:5b:b8:c3:e7:90:f4:06:55:bd:f0:82:72:
7b:14:19:f6:9f:43:a0:95:da:e6:d5:01:05:7e:36:de:9b:82:
3c:95:77:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZW0bOWij3ynfAHX34AGxXgYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjUwMzIwMTYzOTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzFmNzVmNjg3MDdhYmRlZjE2NTViOTVhNTllMTdjZDEyMDUyYzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzspgqzeMu5EzoaE7zLf7RCLhcTp
0RwyyxDf5TwdrO7zOL2jvVHihk9NB/81ZZV32bKTsyGWpj4I0S4zNTlXIgyw6dfh
QX0sF37eKLZCVHzrpB9EpBXuH29ro8Cn032w76ReqEex3pi+5JZQSYwiYqP/YxwK
NBqygTD0PhW7UkmYSWUm93zjLkJ1gkxVikUrQME3EP0zqWkFuKFDMtoNjA3sBy3e
DAvhJWVs+CAn8n6UBSpdDjprQMhwL8uS3/akaF9SxouuV5lBSoShDXG0KF9jAqIv
Nlup773soIcTnG9Ag74qhR1ktac4Fkd0MqGtRVFUDJaoYszWVg2CN926EQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFwfdfaHB6ve8WVblaWeF80SBSxkMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvWEI5MTlvY0hxOTd4WlZ1VnBaNFh6UklGTEdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmkKMA0G
CSqGSIb3DQEBCwUAA4IBAQCpHX+N0TPS5LjwBHvgUw5AbFAIzG9BbpG3KlFn90te
K0CLBhDIt1GqLKhCkP2kNto5pBdk41ixKFlZ4Pd2pX/UAFkySv5fq8Hhdo7O5iTc
leZ44zqQLvsNmvnBt5e076Nk0keWEv+HZkExRKkFeilhxYOt713maWp0GZ6wgzOp
hJmq+b8TxuMXddwYYzosLBB0S+4FHLnFjnzpQNsbDDW50mLebGPfoTHFZG/po3us
mTw/3vNYRYnLKnMyZDZHBKsy05vSPgbb/Qne5PAE2V2PsuXJ2c84ku0/K8Vb+sRb
uMPnkPQGVb3wgnJ7FBn2n0Ogldrm1QEFfjbem4I8lXd1
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:51:46 2025 by rpki-client