Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/xSS92RJP_9kDYA2uBQZz6tpYK1I.roa
File: xSS92RJP_9kDYA2uBQZz6tpYK1I.roa (raw, json)
Hash identifier: rR5n4U9xDx2H85hw0wOs3NY+BK3tAcVO4QlJE3rUQXA=
Subject key identifier: C5:24:BD:D9:12:4F:FF:D9:03:60:0D:AE:05:06:73:EA:DA:58:2B:52
Certificate issuer: /CN=864abd435f899d570a8e5fb83bdad1153455dee0
Certificate serial: 0194258F565F30B1956CA731499A6EB9B61A
Authority key identifier: 86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/xSS92RJP_9kDYA2uBQZz6tpYK1I.roa
Signing time: Thu 02 Jan 2025 05:48:58 +0000
ROA not before: Thu 02 Jan 2025 05:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 38924
IP address blocks: 95.87.0.0/18 maxlen: 24
2a00:fc40::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:56:5f:30:b1:95:6c:a7:31:49:9a:6e:b9:b6:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=864abd435f899d570a8e5fb83bdad1153455dee0
Validity
Not Before: Jan 2 05:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c524bdd9124fffd903600dae050673eada582b52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ed:5a:54:58:50:b2:06:67:e2:4a:04:1c:a6:
6b:4a:eb:7f:b5:1c:6d:09:52:2c:26:ba:8e:75:0e:
9d:02:08:88:ce:3e:a1:7c:53:f9:e7:e6:32:35:38:
3a:f6:7e:a8:b6:df:2d:d5:83:23:54:50:ab:5a:84:
14:ec:49:4e:f1:a6:9b:6a:80:43:a6:c8:a6:25:4e:
c0:09:64:60:69:22:b3:df:95:ab:ce:7f:a1:5f:f9:
ff:d2:ee:23:5e:5e:eb:cf:8f:c6:31:d9:8c:f3:83:
e7:ea:23:b1:d9:3c:bb:6d:dd:26:ac:96:c0:9a:1b:
6a:a9:8d:17:a1:91:1c:8f:3a:31:46:c8:34:07:9e:
8e:00:62:ad:d4:8e:ee:af:14:e2:15:26:f2:ec:e9:
30:64:c6:6e:4f:a3:09:9f:36:94:ac:5b:e6:c0:d3:
3d:00:c3:0f:a6:8b:bc:1a:7d:2b:96:5b:ce:3e:95:
ef:3b:d0:2b:8a:02:e0:7c:d3:4d:d1:c2:20:ff:51:
03:89:00:ab:2f:d8:17:4f:45:62:0b:cb:d6:ec:9c:
9c:75:9a:94:05:66:99:15:2e:d6:42:0c:dd:54:7c:
84:82:ed:d1:1d:e2:98:91:d6:12:b0:4c:6e:8f:cd:
7e:c3:48:13:4f:3a:c6:1b:b2:7e:15:3b:ee:7b:80:
48:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:24:BD:D9:12:4F:FF:D9:03:60:0D:AE:05:06:73:EA:DA:58:2B:52
X509v3 Authority Key Identifier:
keyid:86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/xSS92RJP_9kDYA2uBQZz6tpYK1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.87.0.0/18
IPv6:
2a00:fc40::/32
Signature Algorithm: sha256WithRSAEncryption
4a:0a:ad:e3:04:93:f9:6b:62:bd:07:28:25:a4:af:c0:ba:51:
21:4c:42:59:ee:ec:18:ba:84:40:2b:d5:ce:d4:d6:04:3f:e9:
ec:e6:cf:c2:dc:37:63:db:d4:d1:bf:0e:bc:db:36:37:d8:b2:
ba:96:1c:96:65:8c:3d:59:c2:70:47:b2:d0:88:dd:de:57:f3:
24:7a:91:64:54:90:14:ce:bc:df:95:90:07:02:6b:0b:95:5e:
0f:9c:1e:9d:10:7b:db:66:1b:ee:d0:18:56:22:bd:df:14:88:
ef:0d:42:41:97:2a:54:fe:78:cc:55:7e:da:d1:2d:ed:36:07:
1f:35:65:87:fe:cc:15:66:08:d8:2b:d7:56:4f:59:99:0b:56:
44:71:34:dc:d7:b0:21:44:7b:35:35:ec:53:50:5e:76:6d:2c:
ea:3d:49:ed:83:58:78:03:4e:f1:89:47:d2:26:98:2c:53:6c:
31:d0:d0:54:a2:8a:36:17:47:ce:8a:a3:aa:b3:f1:8b:3f:52:
fc:12:92:1b:e4:b4:d3:b9:07:99:fb:54:8d:ca:f3:c2:c3:37:
1e:78:33:da:65:cb:46:41:c4:8b:fd:1d:c3:ca:da:8f:82:2d:
a2:b2:0d:60:37:3e:33:ca:62:2b:dd:01:12:7e:fe:fc:34:d0:
fb:7a:8d:5f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlj1ZfMLGVbKcxSZpuubYaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NGFiZDQzNWY4OTlkNTcwYThlNWZiODNiZGFkMTE1MzQ1
NWRlZTAwHhcNMjUwMTAyMDU0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTI0YmRkOTEyNGZmZmQ5MDM2MDBkYWUwNTA2NzNlYWRhNTgyYjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAve1aVFhQsgZn4koEHKZrSut/tRxt
CVIsJrqOdQ6dAgiIzj6hfFP55+YyNTg69n6ott8t1YMjVFCrWoQU7ElO8aabaoBD
psimJU7ACWRgaSKz35Wrzn+hX/n/0u4jXl7rz4/GMdmM84Pn6iOx2Ty7bd0mrJbA
mhtqqY0XoZEcjzoxRsg0B56OAGKt1I7urxTiFSby7OkwZMZuT6MJnzaUrFvmwNM9
AMMPpou8Gn0rllvOPpXvO9ArigLgfNNN0cIg/1EDiQCrL9gXT0ViC8vW7JycdZqU
BWaZFS7WQgzdVHyEgu3RHeKYkdYSsExuj81+w0gTTzrGG7J+FTvue4BI1wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMUkvdkST//ZA2ANrgUGc+raWCtSMB8GA1UdIwQY
MBaAFIZKvUNfiZ1XCo5fuDva0RU0Vd7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUt
M2UzNjQ2NTkxYWEwLzEveFNTOTJSSlBfOWtEWUEydUJRWno2dHBZSzFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUtM2UzNjQ2NTkxYWEw
LzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQGX1cAMA0E
AgACMAcDBQAqAPxAMA0GCSqGSIb3DQEBCwUAA4IBAQBKCq3jBJP5a2K9ByglpK/A
ulEhTEJZ7uwYuoRAK9XO1NYEP+ns5s/C3Ddj29TRvw682zY32LK6lhyWZYw9WcJw
R7LQiN3eV/MkepFkVJAUzrzflZAHAmsLlV4PnB6dEHvbZhvu0BhWIr3fFIjvDUJB
lypU/njMVX7a0S3tNgcfNWWH/swVZgjYK9dWT1mZC1ZEcTTc17AhRHs1NexTUF52
bSzqPUntg1h4A07xiUfSJpgsU2wx0NBUooo2F0fOiqOqs/GLP1L8EpIb5LTTuQeZ
+1SNyvPCwzceeDPaZctGQcSL/R3DytqPgi2isg1gNz4zymIr3QESfv78NND7eo1f
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:12:20 2025 by rpki-client