Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/5d0278-216e-4712-9487-19b3d1544c39/1/XmZzj7JcB6jd6mOFVB5P5PDKL5E.roa
File: XmZzj7JcB6jd6mOFVB5P5PDKL5E.roa (raw, json)
Hash identifier: 0790uLZ+/UaE4zF4DtLMPcWHd+AL9SLdbKcmlMREbOY=
Subject key identifier: 5E:66:73:8F:B2:5C:07:A8:DD:EA:63:85:54:1E:4F:E4:F0:CA:2F:91
Certificate issuer: /CN=095dff1f6bd8813de5ff9af167247f78b88439bd
Certificate serial: 0194206820CDF198A79ED9F668B59B447767
Authority key identifier: 09:5D:FF:1F:6B:D8:81:3D:E5:FF:9A:F1:67:24:7F:78:B8:84:39:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CV3_H2vYgT3l_5rxZyR_eLiEOb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/5d0278-216e-4712-9487-19b3d1544c39/1/XmZzj7JcB6jd6mOFVB5P5PDKL5E.roa
Signing time: Wed 01 Jan 2025 05:48:02 +0000
ROA not before: Wed 01 Jan 2025 05:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197116
IP address blocks: 94.126.224.0/21 maxlen: 24
2a11:f400::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:20:cd:f1:98:a7:9e:d9:f6:68:b5:9b:44:77:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=095dff1f6bd8813de5ff9af167247f78b88439bd
Validity
Not Before: Jan 1 05:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e66738fb25c07a8ddea6385541e4fe4f0ca2f91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:1e:de:24:c5:48:75:4d:f6:04:24:56:61:6d:
c5:b5:c8:2d:b3:f0:6b:6e:e1:c9:03:2f:53:dc:2c:
7c:07:45:94:83:e8:97:dd:e9:c6:db:81:0a:c8:dd:
b5:4a:91:23:ac:5a:d1:ba:80:73:b5:df:42:59:a1:
e7:98:dc:b3:cf:2e:43:22:2e:f6:8c:f4:c9:91:a8:
47:0f:54:de:6a:60:54:bb:4a:af:60:2b:a1:73:42:
c7:ca:3a:b9:50:bc:0a:73:4e:d4:e1:7f:47:ea:0b:
f1:7f:d5:36:f3:e4:75:1f:22:aa:64:ab:45:90:72:
8e:7d:b7:2f:d7:49:75:db:28:3c:e5:cc:35:cc:88:
12:b5:7a:2a:0a:6f:d3:09:a6:59:9e:c6:2f:e7:6a:
85:c6:49:cc:4d:66:c2:24:df:70:ba:40:8f:15:f5:
e8:f6:e8:db:49:1a:72:a7:62:77:72:14:7f:19:d2:
a5:a9:6d:02:92:c9:e6:49:ce:1b:6b:60:8f:f5:04:
11:5e:e2:d7:73:51:0d:80:7a:9f:4d:45:0a:56:48:
d0:64:f8:18:85:db:60:0a:db:33:a0:d3:b6:b6:ac:
57:70:ac:c4:98:e2:be:74:11:6c:2f:cc:7c:f7:6d:
b8:c9:32:fc:b5:1a:5b:e0:86:77:63:82:b4:47:21:
d8:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:66:73:8F:B2:5C:07:A8:DD:EA:63:85:54:1E:4F:E4:F0:CA:2F:91
X509v3 Authority Key Identifier:
keyid:09:5D:FF:1F:6B:D8:81:3D:E5:FF:9A:F1:67:24:7F:78:B8:84:39:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CV3_H2vYgT3l_5rxZyR_eLiEOb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5d0278-216e-4712-9487-19b3d1544c39/1/XmZzj7JcB6jd6mOFVB5P5PDKL5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5d0278-216e-4712-9487-19b3d1544c39/1/CV3_H2vYgT3l_5rxZyR_eLiEOb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.126.224.0/21
IPv6:
2a11:f400::/32
Signature Algorithm: sha256WithRSAEncryption
04:0c:e9:f8:b7:f3:c9:28:ab:c7:0d:bd:77:3c:53:30:1e:b3:
6d:21:d8:04:4a:14:94:d4:80:5b:93:8d:83:ce:f5:64:03:5c:
a0:c7:45:f1:c9:51:f9:5f:c2:57:7c:0b:05:d7:56:1d:d4:4f:
00:c4:1f:46:54:d2:ff:08:ec:96:7d:1f:8e:48:19:60:0b:26:
86:fc:ed:76:2c:98:f3:ac:89:88:4c:f1:57:e7:3f:fa:da:13:
b9:45:47:62:a7:df:c6:99:72:92:5e:0e:d2:00:7a:9d:8e:49:
23:93:b9:96:d1:3a:e4:2e:26:32:83:ac:b0:47:64:50:1f:72:
b0:84:3e:16:cf:79:85:0f:55:ae:a9:e8:95:07:fa:a5:51:14:
46:4e:fc:5b:50:55:f2:91:b8:bd:78:99:8d:65:ff:4e:61:e3:
6d:48:0c:b8:dc:30:d2:dd:9b:2a:de:6a:40:af:12:22:81:89:
5d:72:f3:a1:a7:1b:2f:d1:cd:af:b1:4d:58:db:e7:94:53:04:
2e:44:de:a9:e4:98:5a:12:c7:77:a8:5f:98:a7:8b:e8:59:b3:
ac:fc:5f:64:a3:ab:f6:2c:8c:48:07:b6:20:d7:91:06:16:49:
f8:8a:a4:d2:0a:9f:c8:f0:1f:80:07:e8:9d:1f:af:1d:f2:47:
96:ab:a3:36
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQgaCDN8Zinntn2aLWbRHdnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NWRmZjFmNmJkODgxM2RlNWZmOWFmMTY3MjQ3Zjc4Yjg4
NDM5YmQwHhcNMjUwMTAxMDU0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTY2NzM4ZmIyNWMwN2E4ZGRlYTYzODU1NDFlNGZlNGYwY2EyZjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7h7eJMVIdU32BCRWYW3Ftcgts/Br
buHJAy9T3Cx8B0WUg+iX3enG24EKyN21SpEjrFrRuoBztd9CWaHnmNyzzy5DIi72
jPTJkahHD1TeamBUu0qvYCuhc0LHyjq5ULwKc07U4X9H6gvxf9U28+R1HyKqZKtF
kHKOfbcv10l12yg85cw1zIgStXoqCm/TCaZZnsYv52qFxknMTWbCJN9wukCPFfXo
9ujbSRpyp2J3chR/GdKlqW0CksnmSc4ba2CP9QQRXuLXc1ENgHqfTUUKVkjQZPgY
hdtgCtszoNO2tqxXcKzEmOK+dBFsL8x89224yTL8tRpb4IZ3Y4K0RyHYBQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF5mc4+yXAeo3epjhVQeT+Twyi+RMB8GA1UdIwQY
MBaAFAld/x9r2IE95f+a8Wckf3i4hDm9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1YzX0gydllnVDNsXzVyeFp5Ul9lTGlFT2IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81ZDAyNzgtMjE2ZS00NzEyLTk0ODct
MTliM2QxNTQ0YzM5LzEvWG1aemo3SmNCNmpkNm1PRlZCNVA1UERLTDVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81ZDAyNzgtMjE2ZS00NzEyLTk0ODctMTliM2QxNTQ0YzM5
LzEvQ1YzX0gydllnVDNsXzVyeFp5Ul9lTGlFT2IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDXn7gMA0E
AgACMAcDBQAqEfQAMA0GCSqGSIb3DQEBCwUAA4IBAQAEDOn4t/PJKKvHDb13PFMw
HrNtIdgEShSU1IBbk42DzvVkA1ygx0XxyVH5X8JXfAsF11Yd1E8AxB9GVNL/COyW
fR+OSBlgCyaG/O12LJjzrImITPFX5z/62hO5RUdip9/GmXKSXg7SAHqdjkkjk7mW
0TrkLiYyg6ywR2RQH3KwhD4Wz3mFD1WuqeiVB/qlURRGTvxbUFXykbi9eJmNZf9O
YeNtSAy43DDS3Zsq3mpArxIigYldcvOhpxsv0c2vsU1Y2+eUUwQuRN6p5JhaEsd3
qF+Yp4voWbOs/F9ko6v2LIxIB7Yg15EGFkn4iqTSCp/I8B+AB+idH68d8keWq6M2
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:51:11 2025 by rpki-client