Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/xcjIZOA8jY7byP-flru-cibOYXI.roa
File: xcjIZOA8jY7byP-flru-cibOYXI.roa (raw, json)
Hash identifier: Ba1Ow09BLM/CKdmUj9NdR6ItGuQtCUmUpwjnknl0o5c=
Subject key identifier: C5:C8:C8:64:E0:3C:8D:8E:DB:C8:FF:9F:96:BB:BE:72:26:CE:61:72
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 01949A2951EDCADC47E2609C74C1F6C31FF1
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/xcjIZOA8jY7byP-flru-cibOYXI.roa
Signing time: Fri 24 Jan 2025 21:13:06 +0000
ROA not before: Fri 24 Jan 2025 21:13:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39900
IP address blocks: 95.164.91.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:9a:29:51:ed:ca:dc:47:e2:60:9c:74:c1:f6:c3:1f:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 24 21:13:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5c8c864e03c8d8edbc8ff9f96bbbe7226ce6172
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:18:7b:71:7d:03:04:de:6d:e1:34:a3:6a:11:
4e:b3:ed:16:c6:6a:4d:2b:dc:6d:27:45:7b:3b:29:
25:f1:f6:09:a6:5c:2d:57:19:fe:9f:89:78:ae:1b:
a3:8d:4c:02:82:f6:af:e9:9d:61:c7:a5:e1:a6:d4:
61:0c:4c:44:fb:02:9d:7b:a6:93:25:d5:11:e7:bf:
82:27:c8:73:21:ad:c0:9a:f6:f4:4a:dd:45:92:85:
4b:ca:e6:f1:24:fe:7b:19:a0:2f:55:c5:d5:eb:8f:
06:7a:85:af:c0:ed:88:01:97:44:39:fe:a8:ab:72:
fd:c0:b7:1f:af:2c:74:8b:34:cf:4b:10:69:59:d3:
71:ef:32:37:30:d9:3a:49:80:57:55:5d:9a:04:c7:
f9:21:32:88:14:4e:96:4f:8d:38:d9:d9:5c:41:6c:
e7:71:4e:23:79:fa:49:ae:55:75:88:8a:e6:93:66:
2c:36:fd:35:7a:25:3b:79:ce:b2:7e:a9:be:29:0a:
39:6b:9f:ea:5f:96:a3:be:26:0b:62:3e:4e:88:10:
c0:ab:84:5f:6c:d0:dc:8e:96:48:84:31:5d:f8:0e:
b5:1d:db:4d:89:e5:59:02:c2:39:bf:68:8a:63:92:
0d:2f:0b:68:39:a6:06:f0:7b:36:71:b2:e6:7c:ac:
2b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:C8:C8:64:E0:3C:8D:8E:DB:C8:FF:9F:96:BB:BE:72:26:CE:61:72
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/xcjIZOA8jY7byP-flru-cibOYXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.91.0/24
Signature Algorithm: sha256WithRSAEncryption
27:20:f8:02:b7:6b:8a:01:9b:66:50:c0:f0:7a:13:11:01:16:
e8:30:ea:6b:cb:03:18:ca:1c:d9:59:b2:cc:af:1a:b5:24:cd:
ce:dc:3d:82:34:38:cd:94:06:b0:14:e4:e0:72:0a:ae:9f:d7:
f7:b7:54:b3:5c:b9:5d:7e:98:c9:83:c6:33:d0:a3:0f:0c:e0:
31:ce:18:70:52:b9:c5:e4:27:b4:93:90:cb:31:58:52:f9:9a:
a2:0b:a8:3f:6b:f1:72:d3:66:5b:5e:7d:c1:e9:7b:38:35:62:
1c:ea:08:61:e3:83:11:b0:d9:56:38:94:a3:c4:eb:af:07:e1:
b2:8e:63:ca:b9:6b:1f:da:30:de:5c:c0:56:72:fe:fe:a0:c6:
e3:01:83:7f:06:7d:ff:6d:49:fa:2a:0c:87:ce:51:47:ce:af:
39:74:8a:c7:f8:9e:56:6a:a2:96:ee:60:83:7e:e3:c8:48:e6:
d1:6d:8c:5b:2a:99:10:61:06:05:b4:d3:4e:56:62:31:91:06:
5f:0e:fb:bd:00:c3:96:72:61:26:a9:fe:62:26:74:e1:e5:70:
8b:3d:81:f5:0d:9e:6e:0f:a0:ef:a9:5d:46:d7:63:32:fa:74:
48:d8:20:e0:41:25:ab:46:bc:58:6e:0c:1d:65:f5:ff:b7:4a:
b0:6a:5e:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSaKVHtytxH4mCcdMH2wx/xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjUwMTI0MjExMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWM4Yzg2NGUwM2M4ZDhlZGJjOGZmOWY5NmJiYmU3MjI2Y2U2MTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxh7cX0DBN5t4TSjahFOs+0WxmpN
K9xtJ0V7Oykl8fYJplwtVxn+n4l4rhujjUwCgvav6Z1hx6XhptRhDExE+wKde6aT
JdUR57+CJ8hzIa3Amvb0St1FkoVLyubxJP57GaAvVcXV648GeoWvwO2IAZdEOf6o
q3L9wLcfryx0izTPSxBpWdNx7zI3MNk6SYBXVV2aBMf5ITKIFE6WT4042dlcQWzn
cU4jefpJrlV1iIrmk2YsNv01eiU7ec6yfqm+KQo5a5/qX5ajviYLYj5OiBDAq4Rf
bNDcjpZIhDFd+A61HdtNieVZAsI5v2iKY5INLwtoOaYG8Hs2cbLmfKwrbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMXIyGTgPI2O28j/n5a7vnImzmFyMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEveGNqSVpPQThqWTdieVAtZmxydS1jaWJPWVhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX6RbMA0G
CSqGSIb3DQEBCwUAA4IBAQAnIPgCt2uKAZtmUMDwehMRARboMOprywMYyhzZWbLM
rxq1JM3O3D2CNDjNlAawFOTgcgqun9f3t1SzXLldfpjJg8Yz0KMPDOAxzhhwUrnF
5Ce0k5DLMVhS+ZqiC6g/a/Fy02ZbXn3B6Xs4NWIc6ghh44MRsNlWOJSjxOuvB+Gy
jmPKuWsf2jDeXMBWcv7+oMbjAYN/Bn3/bUn6KgyHzlFHzq85dIrH+J5WaqKW7mCD
fuPISObRbYxbKpkQYQYFtNNOVmIxkQZfDvu9AMOWcmEmqf5iJnTh5XCLPYH1DZ5u
D6DvqV1G12My+nRI2CDgQSWrRrxYbgwdZfX/t0qwal75
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:26:16 2025 by rpki-client