Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/xGjAXSy-rPa7gZ2kCW6E-VgMqD8.roa
File: xGjAXSy-rPa7gZ2kCW6E-VgMqD8.roa (raw, json)
Hash identifier: AKtFMHlOVM+NFVSI2WpJP3l3MsXbWpJgiU4DhcCI8gQ=
Subject key identifier: C4:68:C0:5D:2C:BE:AC:F6:BB:81:9D:A4:09:6E:84:F9:58:0C:A8:3F
Certificate issuer: /CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Certificate serial: 0194228E056C2365F4BF8599D602BDFBFBE6
Authority key identifier: BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/xGjAXSy-rPa7gZ2kCW6E-VgMqD8.roa
Signing time: Wed 01 Jan 2025 15:48:40 +0000
ROA not before: Wed 01 Jan 2025 15:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42193
IP address blocks: 213.153.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:05:6c:23:65:f4:bf:85:99:d6:02:bd:fb:fb:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Validity
Not Before: Jan 1 15:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c468c05d2cbeacf6bb819da4096e84f9580ca83f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:97:03:9c:18:68:5d:2e:1e:96:6a:17:fc:3d:
25:81:1c:d0:26:f4:33:28:71:27:32:40:54:d9:91:
bc:63:4e:5e:59:96:37:91:d2:0d:78:bc:d8:d3:9c:
65:b7:65:49:4e:9c:f1:69:a2:5f:71:e0:47:f6:eb:
f5:bb:17:f9:81:3e:05:1a:db:40:38:d9:11:20:93:
17:bd:ce:66:b7:52:2a:b8:89:99:50:5e:3a:40:1b:
7a:fc:20:68:dc:f1:be:11:fa:b0:47:0c:17:0a:1b:
b1:f0:c4:87:b5:83:bf:78:dd:c7:02:ad:77:a9:50:
26:30:ca:28:3d:a5:ef:db:d0:0d:56:a3:0d:64:b4:
f8:21:27:a3:4b:16:d2:5d:ca:6a:2f:79:73:2a:fe:
50:df:cd:37:64:9c:0d:51:42:13:ac:f8:e0:23:9c:
5d:4e:f9:92:c0:36:ec:3c:70:0c:85:58:83:c2:f8:
d3:f6:f5:07:8f:45:42:9b:ba:52:8e:81:9a:f8:0d:
77:47:46:d0:c5:ce:88:1f:5a:98:d4:a6:3c:6c:ab:
7a:d0:cd:13:f0:17:87:4c:d0:8b:e9:55:f0:fa:ab:
64:05:f3:ea:1a:16:0e:d2:69:71:57:d7:54:fb:48:
02:82:75:36:c8:f8:4f:c4:37:e5:48:07:4f:1a:2f:
0d:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:68:C0:5D:2C:BE:AC:F6:BB:81:9D:A4:09:6E:84:F9:58:0C:A8:3F
X509v3 Authority Key Identifier:
keyid:BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/xGjAXSy-rPa7gZ2kCW6E-VgMqD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/up0w5gNb6Lg4YGHycUgccH4Ezis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.153.129.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:db:55:d4:68:9f:fa:70:95:9c:db:7b:07:6c:ca:5e:4c:b7:
86:4c:b8:52:98:25:06:33:d7:c7:5f:67:74:24:62:6f:74:f2:
ec:55:3a:73:0f:53:51:d3:71:5f:d5:54:34:4e:90:09:f3:53:
79:ec:0e:36:23:8f:93:7e:4f:95:48:df:a9:24:98:2b:a7:6a:
04:fa:3d:4e:65:9d:97:02:5c:91:fe:ab:6e:5b:84:3c:a9:fb:
11:0a:71:bd:c0:a5:58:4a:70:d4:35:c8:b5:85:77:6e:9f:d5:
72:30:88:b6:bc:e0:76:4f:88:b1:2a:05:b0:d7:33:49:74:52:
52:44:b6:cd:7d:99:f0:26:a9:93:b7:21:9c:27:8c:f8:66:0e:
3b:2f:fb:69:90:66:c4:29:e4:e1:ce:43:8f:a7:ff:1d:8f:11:
88:53:ad:dc:89:62:3c:37:52:22:ad:bd:14:e4:e8:a6:ee:cd:
7a:b1:8f:47:9a:06:cb:f4:5d:83:e2:76:97:30:af:3c:7d:85:
23:cb:80:a0:cc:c3:44:b3:8e:da:eb:ac:ef:e3:a7:5e:9d:62:
63:2d:c3:b4:5c:5c:0e:c0:1a:94:76:a6:0d:e4:75:9b:5d:cf:
e2:6c:ef:20:21:ff:0a:df:a8:05:9d:25:e6:8e:bf:63:8a:c7:
a3:9b:09:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijgVsI2X0v4WZ1gK9+/vmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOWQzMGU2MDM1YmU4YjgzODYwNjFmMjcxNDgxYzcwN2Uw
NGNlMmIwHhcNMjUwMTAxMTU0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDY4YzA1ZDJjYmVhY2Y2YmI4MTlkYTQwOTZlODRmOTU4MGNhODNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05cDnBhoXS4elmoX/D0lgRzQJvQz
KHEnMkBU2ZG8Y05eWZY3kdINeLzY05xlt2VJTpzxaaJfceBH9uv1uxf5gT4FGttA
ONkRIJMXvc5mt1IquImZUF46QBt6/CBo3PG+EfqwRwwXChux8MSHtYO/eN3HAq13
qVAmMMooPaXv29ANVqMNZLT4ISejSxbSXcpqL3lzKv5Q3803ZJwNUUITrPjgI5xd
TvmSwDbsPHAMhViDwvjT9vUHj0VCm7pSjoGa+A13R0bQxc6IH1qY1KY8bKt60M0T
8BeHTNCL6VXw+qtkBfPqGhYO0mlxV9dU+0gCgnU2yPhPxDflSAdPGi8N2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMRowF0svqz2u4GdpAluhPlYDKg/MB8GA1UdIwQY
MBaAFLqdMOYDW+i4OGBh8nFIHHB+BM4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXAwdzVnTmI2TGc0WUdIeWNVZ2NjSDRFemlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hYzljMzItN2RiYy00ZDZjLWJjMDgt
NWQ1ODRmYmM1ZDI3LzEveEdqQVhTeS1yUGE3Z1oya0NXNkUtVmdNcUQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hYzljMzItN2RiYy00ZDZjLWJjMDgtNWQ1ODRmYmM1ZDI3
LzEvdXAwdzVnTmI2TGc0WUdIeWNVZ2NjSDRFemlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1ZmBMA0G
CSqGSIb3DQEBCwUAA4IBAQAq21XUaJ/6cJWc23sHbMpeTLeGTLhSmCUGM9fHX2d0
JGJvdPLsVTpzD1NR03Ff1VQ0TpAJ81N57A42I4+Tfk+VSN+pJJgrp2oE+j1OZZ2X
AlyR/qtuW4Q8qfsRCnG9wKVYSnDUNci1hXdun9VyMIi2vOB2T4ixKgWw1zNJdFJS
RLbNfZnwJqmTtyGcJ4z4Zg47L/tpkGbEKeThzkOPp/8djxGIU63ciWI8N1Iirb0U
5Oim7s16sY9HmgbL9F2D4naXMK88fYUjy4CgzMNEs47a66zv46denWJjLcO0XFwO
wBqUdqYN5HWbXc/ibO8gIf8K36gFnSXmjr9jisejmwmf
-----END CERTIFICATE-----
Generated at Wed Apr 9 12:41:19 2025 by rpki-client