Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/XQaqTPOxclifFOuQtn2VW5fj0ts.roa
File: XQaqTPOxclifFOuQtn2VW5fj0ts.roa (raw, json)
Hash identifier: UeaEtLxjVd4UjMzPQ2Hu6fJWttLljACYmOv+01+aqTY=
Subject key identifier: 5D:06:AA:4C:F3:B1:72:58:9F:14:EB:90:B6:7D:95:5B:97:E3:D2:DB
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 01857355D929CD1C336CB15B50F47EAFA0DF
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/XQaqTPOxclifFOuQtn2VW5fj0ts.roa
Signing time: Mon 02 Jan 2023 16:34:44 +0000
ROA not before: Mon 02 Jan 2023 16:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24693
IP address blocks: 85.95.80.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:55:d9:29:cd:1c:33:6c:b1:5b:50:f4:7e:af:a0:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Jan 2 16:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d06aa4cf3b172589f14eb90b67d955b97e3d2db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:0d:e4:ff:3f:16:a9:7b:09:a6:60:d3:47:a2:
49:c0:45:d4:36:cb:4d:da:c8:0f:ad:be:39:a8:31:
e1:30:13:06:4a:3f:a6:e8:25:b9:06:52:f4:32:6f:
5c:4d:10:a0:22:27:21:c8:56:85:38:66:b1:df:b1:
5a:40:66:90:ce:90:52:ac:88:26:f0:aa:1b:3a:cd:
61:d5:64:7e:8a:46:67:bf:83:79:76:50:da:16:8c:
ad:f7:45:db:ea:37:9d:ba:a3:cb:d4:3e:a8:87:d6:
73:45:9e:24:15:f2:db:e3:be:0b:6a:87:36:a4:db:
8c:17:65:7a:a8:15:8d:87:a7:cb:6c:4d:03:50:4d:
23:33:14:e6:00:5f:32:62:c1:e9:fa:e0:35:5f:ff:
bc:4f:b8:28:51:bb:ad:ba:40:3c:98:02:e0:5b:1b:
d0:67:e4:6f:43:fc:ac:92:de:46:fb:93:8b:13:5a:
87:4c:71:91:14:20:ab:8a:aa:e1:9f:f8:10:9d:56:
95:c7:d7:72:4c:db:aa:3e:f3:1b:52:4f:9a:51:36:
5d:89:b9:7e:8c:a3:b1:3c:7e:99:be:e1:b6:29:1a:
1f:6e:b3:b9:bb:6c:d7:0d:8d:cf:0b:21:1f:02:1b:
30:20:05:70:53:16:ed:8c:ac:e8:4e:79:6b:15:c0:
48:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:06:AA:4C:F3:B1:72:58:9F:14:EB:90:B6:7D:95:5B:97:E3:D2:DB
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/XQaqTPOxclifFOuQtn2VW5fj0ts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.95.80.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:05:05:06:03:7d:b4:35:59:07:f3:53:66:f7:6e:c8:94:7f:
7e:0f:31:03:7c:47:a1:37:0b:38:b1:9d:73:b4:dd:a7:27:51:
55:96:e1:73:6d:6e:09:d9:c2:48:b2:38:f7:26:86:74:a5:aa:
d3:0b:93:9e:78:32:1d:4f:bf:d3:47:e7:9d:4e:12:36:67:4b:
f4:83:14:62:13:24:02:6c:76:02:f2:6a:12:45:6b:f8:04:33:
d3:d3:9c:4a:19:ef:39:16:0c:0a:b9:25:4d:bc:ca:72:e7:5c:
69:b2:33:02:b4:13:d4:10:43:1f:5e:41:2e:e9:03:e5:c8:6d:
d4:5a:64:88:cd:6f:10:9a:fe:05:51:c4:66:86:a3:15:64:1d:
17:50:0d:78:55:8e:7b:29:07:5a:7c:af:93:c6:4d:96:75:2f:
8c:23:9b:b3:37:d6:ac:8b:ca:0c:30:5e:f7:34:fa:4b:4a:02:
05:e2:50:b2:2a:2b:e4:96:4d:cc:bb:e0:15:20:fb:35:e7:9d:
da:d5:93:4b:2a:92:1e:d1:39:6c:a3:41:5f:e1:36:3e:7a:b0:
20:3a:f8:7e:60:d5:76:8d:6d:0d:0b:c6:40:13:18:96:4e:00:
2b:f7:ae:08:3d:a8:4b:5b:2b:5e:37:9e:89:3b:cb:12:16:ac:
1a:23:83:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzVdkpzRwzbLFbUPR+r6DfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjMwMTAyMTYzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDA2YWE0Y2YzYjE3MjU4OWYxNGViOTBiNjdkOTU1Yjk3ZTNkMmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQ3k/z8WqXsJpmDTR6JJwEXUNstN
2sgPrb45qDHhMBMGSj+m6CW5BlL0Mm9cTRCgIichyFaFOGax37FaQGaQzpBSrIgm
8KobOs1h1WR+ikZnv4N5dlDaFoyt90Xb6jeduqPL1D6oh9ZzRZ4kFfLb474Laoc2
pNuMF2V6qBWNh6fLbE0DUE0jMxTmAF8yYsHp+uA1X/+8T7goUbutukA8mALgWxvQ
Z+RvQ/yskt5G+5OLE1qHTHGRFCCriqrhn/gQnVaVx9dyTNuqPvMbUk+aUTZdibl+
jKOxPH6ZvuG2KRofbrO5u2zXDY3PCyEfAhswIAVwUxbtjKzoTnlrFcBIkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF0GqkzzsXJYnxTrkLZ9lVuX49LbMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvWFFhcVRQT3hjbGlmRk91UXRuMlZXNWZqMHRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVV9QMA0G
CSqGSIb3DQEBCwUAA4IBAQBMBQUGA320NVkH81Nm927IlH9+DzEDfEehNws4sZ1z
tN2nJ1FVluFzbW4J2cJIsjj3JoZ0parTC5OeeDIdT7/TR+edThI2Z0v0gxRiEyQC
bHYC8moSRWv4BDPT05xKGe85FgwKuSVNvMpy51xpsjMCtBPUEEMfXkEu6QPlyG3U
WmSIzW8Qmv4FUcRmhqMVZB0XUA14VY57KQdafK+Txk2WdS+MI5uzN9asi8oMMF73
NPpLSgIF4lCyKivklk3Mu+AVIPs1553a1ZNLKpIe0Tlso0Ff4TY+erAgOvh+YNV2
jW0NC8ZAExiWTgAr964IPahLWyteN56JO8sSFqwaI4P1
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:24:47 2025 by rpki-client