Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/2da576-e416-4f3b-a2fe-97646e3957e7/1/XBKJayIxV9d0AjmeW_mZINvOIhg.roa
File: XBKJayIxV9d0AjmeW_mZINvOIhg.roa (raw, json)
Hash identifier: OQg81clKwdUHSvjCJVRjtuNxy/MM0Gm5pEwJhjs6wd0=
Subject key identifier: 5C:12:89:6B:22:31:57:D7:74:02:39:9E:5B:F9:99:20:DB:CE:22:18
Certificate issuer: /CN=165f8763fb8f2e7fd2f3b93804484fab4efab9bd
Certificate serial: 018CC26D04E818D921F08F401840448E93E4
Authority key identifier: 16:5F:87:63:FB:8F:2E:7F:D2:F3:B9:38:04:48:4F:AB:4E:FA:B9:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fl-HY_uPLn_S87k4BEhPq076ub0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/2da576-e416-4f3b-a2fe-97646e3957e7/1/XBKJayIxV9d0AjmeW_mZINvOIhg.roa
Signing time: Mon 01 Jan 2024 00:29:33 +0000
ROA not before: Mon 01 Jan 2024 00:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 22773
IP address blocks: 195.64.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:04:e8:18:d9:21:f0:8f:40:18:40:44:8e:93:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=165f8763fb8f2e7fd2f3b93804484fab4efab9bd
Validity
Not Before: Jan 1 00:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c12896b223157d77402399e5bf99920dbce2218
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:9c:e3:24:30:8b:91:b3:0a:88:e7:7f:b9:b0:
b3:24:7f:ef:a5:3f:55:39:33:27:fa:1f:fc:84:e0:
2d:32:2b:cf:75:ea:e2:84:01:36:66:7c:5f:67:fe:
db:a0:b2:6b:f8:92:15:a1:16:c4:7d:31:10:74:f0:
4c:bd:9c:55:41:3b:60:86:ea:4b:d8:7d:8e:5b:4f:
bd:41:a6:b6:4a:e3:da:65:9d:7d:52:63:39:19:c4:
62:4b:e0:8a:21:3e:c6:b8:30:98:b1:22:1b:bb:7f:
5e:29:2f:3d:f6:9b:27:59:0e:07:8a:3d:b5:e2:7c:
96:d6:d3:c3:cc:f3:9f:84:9b:93:a0:60:38:13:00:
26:af:c6:78:88:c8:b9:53:b2:58:9a:35:15:af:73:
cd:24:2b:22:a4:46:30:eb:ff:21:2d:f9:7f:58:a9:
f9:af:50:c2:19:dd:bb:fc:0e:df:f8:d1:74:a0:ff:
cf:d7:1c:82:e4:9f:be:1f:32:a1:41:b8:78:a4:6b:
f6:84:0c:5c:71:11:f7:c0:c7:8a:6b:d3:ca:5e:96:
ce:69:c6:d3:70:cf:43:a6:32:ae:72:d1:c3:0a:e0:
06:ec:2a:c1:8d:dc:8a:4b:0b:4e:fa:fe:d2:de:e6:
a2:bd:52:ea:46:c4:88:52:ac:6f:09:18:92:34:42:
1c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:12:89:6B:22:31:57:D7:74:02:39:9E:5B:F9:99:20:DB:CE:22:18
X509v3 Authority Key Identifier:
keyid:16:5F:87:63:FB:8F:2E:7F:D2:F3:B9:38:04:48:4F:AB:4E:FA:B9:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fl-HY_uPLn_S87k4BEhPq076ub0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2da576-e416-4f3b-a2fe-97646e3957e7/1/XBKJayIxV9d0AjmeW_mZINvOIhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2da576-e416-4f3b-a2fe-97646e3957e7/1/Fl-HY_uPLn_S87k4BEhPq076ub0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.120.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:6c:7d:f6:0f:3c:2f:70:da:12:1f:0e:6d:36:58:fa:b1:5e:
15:4a:7f:17:96:f1:47:ca:42:1f:04:15:8a:65:a3:2a:26:6e:
b2:69:45:24:42:dc:94:93:75:08:63:bb:89:f2:d7:9c:ff:95:
89:11:ed:50:67:cc:db:58:4a:76:99:b9:49:1b:16:e6:c2:bc:
98:6c:f6:43:fa:62:de:ff:c4:f8:d9:4e:17:96:f0:64:4c:e0:
ce:ec:9e:8c:79:e0:fd:4e:08:22:ae:0d:32:93:c8:4f:9b:1d:
02:3f:2c:de:40:02:b7:69:d8:f5:79:6a:d5:70:02:9f:30:cb:
4f:ae:f1:ad:c2:6d:52:9b:be:c7:cc:c5:73:4e:be:61:04:0b:
14:c9:51:af:b4:1e:a2:28:ff:7f:63:cd:0b:53:16:e4:93:db:
df:bf:94:bc:af:3f:e5:fd:87:e4:47:0c:c5:4b:80:97:83:1c:
bb:38:d3:ad:7f:58:af:a2:20:b3:1c:34:58:d2:a6:49:9f:1c:
93:ba:a6:25:48:e1:cb:e8:09:f9:55:fb:d6:df:3a:1e:53:18:
e8:ec:6f:ab:da:90:cd:5c:9e:f1:99:01:97:70:9e:06:0e:71:
b3:4e:e6:76:e3:b1:d3:be:93:27:96:9e:26:cb:94:77:80:1f:
ec:cd:18:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbQToGNkh8I9AGEBEjpPkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NWY4NzYzZmI4ZjJlN2ZkMmYzYjkzODA0NDg0ZmFiNGVm
YWI5YmQwHhcNMjQwMTAxMDAyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzEyODk2YjIyMzE1N2Q3NzQwMjM5OWU1YmY5OTkyMGRiY2UyMjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpzjJDCLkbMKiOd/ubCzJH/vpT9V
OTMn+h/8hOAtMivPderihAE2ZnxfZ/7boLJr+JIVoRbEfTEQdPBMvZxVQTtghupL
2H2OW0+9Qaa2SuPaZZ19UmM5GcRiS+CKIT7GuDCYsSIbu39eKS899psnWQ4Hij21
4nyW1tPDzPOfhJuToGA4EwAmr8Z4iMi5U7JYmjUVr3PNJCsipEYw6/8hLfl/WKn5
r1DCGd27/A7f+NF0oP/P1xyC5J++HzKhQbh4pGv2hAxccRH3wMeKa9PKXpbOacbT
cM9DpjKuctHDCuAG7CrBjdyKSwtO+v7S3uaivVLqRsSIUqxvCRiSNEIc0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFwSiWsiMVfXdAI5nlv5mSDbziIYMB8GA1UdIwQY
MBaAFBZfh2P7jy5/0vO5OARIT6tO+rm9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmwtSFlfdVBMbl9TODdrNEJFaFBxMDc2dWIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8yZGE1NzYtZTQxNi00ZjNiLWEyZmUt
OTc2NDZlMzk1N2U3LzEvWEJLSmF5SXhWOWQwQWptZVdfbVpJTnZPSWhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8yZGE1NzYtZTQxNi00ZjNiLWEyZmUtOTc2NDZlMzk1N2U3
LzEvRmwtSFlfdVBMbl9TODdrNEJFaFBxMDc2dWIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0B4MA0G
CSqGSIb3DQEBCwUAA4IBAQB/bH32DzwvcNoSHw5tNlj6sV4VSn8XlvFHykIfBBWK
ZaMqJm6yaUUkQtyUk3UIY7uJ8tec/5WJEe1QZ8zbWEp2mblJGxbmwryYbPZD+mLe
/8T42U4XlvBkTODO7J6MeeD9Tggirg0yk8hPmx0CPyzeQAK3adj1eWrVcAKfMMtP
rvGtwm1Sm77HzMVzTr5hBAsUyVGvtB6iKP9/Y80LUxbkk9vfv5S8rz/l/YfkRwzF
S4CXgxy7ONOtf1ivoiCzHDRY0qZJnxyTuqYlSOHL6An5VfvW3zoeUxjo7G+r2pDN
XJ7xmQGXcJ4GDnGzTuZ247HTvpMnlp4my5R3gB/szRgX
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:45 2025 by rpki-client