Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/xqd3xWJCW96sJcN2e73CvA4BAEA.roa
File: xqd3xWJCW96sJcN2e73CvA4BAEA.roa (raw, json)
Hash identifier: laL7IIKjO1uC6O19XqLmeRI4pdgH1HSkOUvvYu+TK5Y=
Subject key identifier: C6:A7:77:C5:62:42:5B:DE:AC:25:C3:76:7B:BD:C2:BC:0E:01:00:40
Certificate issuer: /CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Certificate serial: 0194228E0ABF2807F0B53E7F1F5600F9140E
Authority key identifier: BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/xqd3xWJCW96sJcN2e73CvA4BAEA.roa
Signing time: Wed 01 Jan 2025 15:48:41 +0000
ROA not before: Wed 01 Jan 2025 15:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51540
IP address blocks: 176.43.128.0/24 maxlen: 24
176.43.129.0/24 maxlen: 24
176.43.130.0/24 maxlen: 24
176.43.131.0/24 maxlen: 24
176.43.132.0/24 maxlen: 24
176.43.133.0/24 maxlen: 24
176.43.134.0/24 maxlen: 24
176.43.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:0a:bf:28:07:f0:b5:3e:7f:1f:56:00:f9:14:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Validity
Not Before: Jan 1 15:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6a777c562425bdeac25c3767bbdc2bc0e010040
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a5:8f:da:d2:c3:6b:b8:09:63:a8:4b:67:ea:
6c:d6:e3:74:a7:3e:9a:3c:41:ee:b1:eb:89:21:04:
bd:c1:e5:20:64:84:59:82:a5:ec:fc:67:4b:19:73:
86:6a:86:61:cb:85:96:49:8b:fb:86:18:79:b6:1d:
03:3c:a9:5a:b0:f2:02:62:13:d4:47:b7:89:50:63:
8a:4b:5b:38:ac:8a:86:47:19:1a:e5:64:32:b9:92:
75:87:10:76:aa:29:f3:b9:3d:ac:38:ad:5a:14:43:
e5:6b:0f:8d:73:56:e3:82:0b:f1:75:b1:8a:c6:ba:
e8:2e:ee:ff:d6:e8:58:c6:28:af:d8:5f:f9:1b:d9:
86:22:86:62:fb:4f:84:e5:c9:ce:f2:fe:48:a3:f1:
90:5c:2d:78:2b:34:45:33:94:3c:e8:be:64:54:2c:
8e:67:64:58:e4:7a:72:86:30:32:e1:c2:64:b8:b8:
00:e6:24:3a:4d:0d:dc:3a:e4:9c:3f:88:08:5a:3d:
e3:67:ff:df:93:bb:08:08:b0:83:14:fd:ae:65:da:
8d:45:4d:73:0d:db:3c:18:7c:bf:94:5d:3b:25:6f:
dc:f2:e8:a8:a6:b9:28:6a:55:16:f6:9f:6f:c9:b0:
51:c5:d2:d4:7f:16:1e:f7:50:fc:0b:4e:ef:02:82:
61:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:A7:77:C5:62:42:5B:DE:AC:25:C3:76:7B:BD:C2:BC:0E:01:00:40
X509v3 Authority Key Identifier:
keyid:BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/xqd3xWJCW96sJcN2e73CvA4BAEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/up0w5gNb6Lg4YGHycUgccH4Ezis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.43.128.0/21
Signature Algorithm: sha256WithRSAEncryption
4c:1b:1e:6e:8e:47:10:5a:95:49:3d:5e:1e:a2:2c:af:37:ce:
36:cc:16:11:4a:77:af:14:18:ef:ae:2f:ba:51:2b:6e:66:05:
3a:3b:b9:7f:7e:a7:8c:47:0d:90:fb:3d:3c:4c:65:df:cd:22:
41:e5:57:4c:1b:43:e6:86:48:64:9f:64:c7:96:94:e1:a4:97:
40:44:ca:f1:ad:c9:0b:22:77:7b:68:ca:21:18:d1:3b:ec:0c:
3b:c9:f5:af:8b:7c:89:fc:e4:70:ec:42:15:e8:d7:a0:8f:23:
98:ff:b2:a5:ae:7f:74:54:ac:5f:41:d5:3b:83:3e:ca:bb:4d:
44:8d:80:b5:cc:55:bb:71:d6:8b:62:11:6e:4a:3a:49:00:48:
e9:b1:14:28:63:32:8d:bb:25:17:34:2a:42:e5:b8:67:3a:a9:
5a:92:c5:42:99:62:79:5b:e7:f3:6f:5b:29:0b:c7:56:35:55:
0a:15:69:6b:1f:1e:34:fe:3f:ad:84:19:d2:74:ae:1d:9c:3a:
6c:39:68:60:d4:8a:7c:64:80:40:08:e8:99:d7:a9:bd:75:62:
4c:72:b2:59:cd:ed:84:c0:19:85:81:85:f3:cd:39:8c:20:bc:
ab:eb:19:58:15:af:83:86:91:75:3a:62:1f:6e:90:b6:4b:a9:
40:21:5a:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijgq/KAfwtT5/H1YA+RQOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOWQzMGU2MDM1YmU4YjgzODYwNjFmMjcxNDgxYzcwN2Uw
NGNlMmIwHhcNMjUwMTAxMTU0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmE3NzdjNTYyNDI1YmRlYWMyNWMzNzY3YmJkYzJiYzBlMDEwMDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0KWP2tLDa7gJY6hLZ+ps1uN0pz6a
PEHuseuJIQS9weUgZIRZgqXs/GdLGXOGaoZhy4WWSYv7hhh5th0DPKlasPICYhPU
R7eJUGOKS1s4rIqGRxka5WQyuZJ1hxB2qinzuT2sOK1aFEPlaw+Nc1bjggvxdbGK
xrroLu7/1uhYxiiv2F/5G9mGIoZi+0+E5cnO8v5Io/GQXC14KzRFM5Q86L5kVCyO
Z2RY5HpyhjAy4cJkuLgA5iQ6TQ3cOuScP4gIWj3jZ//fk7sICLCDFP2uZdqNRU1z
Dds8GHy/lF07JW/c8uioprkoalUW9p9vybBRxdLUfxYe91D8C07vAoJhLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMand8ViQlverCXDdnu9wrwOAQBAMB8GA1UdIwQY
MBaAFLqdMOYDW+i4OGBh8nFIHHB+BM4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXAwdzVnTmI2TGc0WUdIeWNVZ2NjSDRFemlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hYzljMzItN2RiYy00ZDZjLWJjMDgt
NWQ1ODRmYmM1ZDI3LzEveHFkM3hXSkNXOTZzSmNOMmU3M0N2QTRCQUVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hYzljMzItN2RiYy00ZDZjLWJjMDgtNWQ1ODRmYmM1ZDI3
LzEvdXAwdzVnTmI2TGc0WUdIeWNVZ2NjSDRFemlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsCuAMA0G
CSqGSIb3DQEBCwUAA4IBAQBMGx5ujkcQWpVJPV4eoiyvN842zBYRSnevFBjvri+6
UStuZgU6O7l/fqeMRw2Q+z08TGXfzSJB5VdMG0Pmhkhkn2THlpThpJdARMrxrckL
Ind7aMohGNE77Aw7yfWvi3yJ/ORw7EIV6NegjyOY/7Klrn90VKxfQdU7gz7Ku01E
jYC1zFW7cdaLYhFuSjpJAEjpsRQoYzKNuyUXNCpC5bhnOqlaksVCmWJ5W+fzb1sp
C8dWNVUKFWlrHx40/j+thBnSdK4dnDpsOWhg1Ip8ZIBACOiZ16m9dWJMcrJZze2E
wBmFgYXzzTmMILyr6xlYFa+DhpF1OmIfbpC2S6lAIVqf
-----END CERTIFICATE-----
Generated at Tue Apr 8 23:48:53 2025 by rpki-client