Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/XAVwLaEqk7pGEMqEwFel4ja5q6M.roa
File: XAVwLaEqk7pGEMqEwFel4ja5q6M.roa (raw, json)
Hash identifier: TdnTu8VWh2j/830N5bWvG7hdw0Fc6gzXbIEjdE0N4Dk=
Subject key identifier: 5C:05:70:2D:A1:2A:93:BA:46:10:CA:84:C0:57:A5:E2:36:B9:AB:A3
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 01941FFA93FEE0EB9C0E1119A77754E55380
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/XAVwLaEqk7pGEMqEwFel4ja5q6M.roa
Signing time: Wed 01 Jan 2025 03:48:22 +0000
ROA not before: Wed 01 Jan 2025 03:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400909
IP address blocks: 176.221.30.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:93:fe:e0:eb:9c:0e:11:19:a7:77:54:e5:53:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Jan 1 03:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c05702da12a93ba4610ca84c057a5e236b9aba3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:91:90:2b:d8:6d:cb:51:1a:33:70:b9:c4:49:
fe:07:9d:9c:8b:a9:e7:cc:00:6e:be:26:af:8e:aa:
1d:3d:41:0e:9a:96:4a:9b:64:d3:a9:04:39:c1:c1:
5b:e0:54:0e:c8:03:07:a1:c5:85:86:96:eb:eb:d5:
8d:f2:58:2f:aa:b2:91:42:bd:d4:58:23:dc:c1:0f:
b2:5f:d8:95:09:0e:64:4a:10:5a:60:be:56:e7:e3:
66:21:fc:87:25:ef:e7:0b:b0:43:16:f1:81:25:a7:
ac:b0:b8:69:06:4e:52:7c:51:d4:ea:d1:d8:41:5c:
aa:dd:c8:2d:2e:27:0b:72:d4:aa:a3:f6:3a:f7:59:
27:66:0c:06:69:06:c1:48:f4:3d:a7:a1:88:16:c5:
f5:c2:57:31:81:b7:33:ae:dc:d1:1f:b5:9c:61:df:
43:56:1a:71:d7:9f:76:6a:54:20:12:84:ef:93:7a:
24:a0:5a:2b:22:a5:64:aa:e1:0d:68:a4:ef:45:11:
b2:7a:39:cb:f3:26:5b:eb:ca:02:22:c8:4d:80:0b:
b0:24:52:5e:0c:f1:c5:80:e5:c6:78:62:36:43:d9:
63:fa:30:2b:65:5c:50:a3:d1:22:33:e7:78:89:58:
56:83:0b:4f:b2:89:ae:da:13:8c:5c:11:f8:cf:2d:
92:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:05:70:2D:A1:2A:93:BA:46:10:CA:84:C0:57:A5:E2:36:B9:AB:A3
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/XAVwLaEqk7pGEMqEwFel4ja5q6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.221.30.0/23
Signature Algorithm: sha256WithRSAEncryption
6c:77:2a:37:5d:13:ef:35:ce:89:5d:74:7a:5a:22:3b:8b:f7:
48:f6:82:c9:76:97:98:e4:df:7b:8b:e0:1e:f3:88:f0:6a:f7:
c9:87:f9:35:1a:4e:f9:66:46:b6:f0:2c:3d:b4:d4:f7:0d:36:
95:fa:36:7e:d7:11:e9:4c:ef:9b:c1:41:68:c3:d3:5e:17:81:
6a:01:18:4f:76:23:c7:25:51:cd:83:74:63:3b:82:90:b3:d6:
81:8e:1b:b0:5f:32:0e:dc:81:22:3a:24:ec:ff:5a:f0:3a:4c:
64:aa:11:e3:f4:9f:24:87:ec:ee:d3:b7:4d:50:bd:85:34:2d:
44:f2:5a:6e:cd:12:b8:98:de:3a:22:d3:1c:18:e1:37:b8:fb:
c3:98:dc:af:4e:62:34:02:be:8a:75:b7:d3:6e:55:3a:09:d4:
0a:a1:6c:50:5f:e4:20:d1:96:9a:bc:c5:6b:2f:c6:dc:75:73:
05:bc:4a:b5:f8:78:f6:3b:a0:44:f5:ca:a0:14:fc:1c:76:84:
88:ab:16:8d:3e:d0:ba:74:7e:a3:c6:14:71:85:28:91:a1:2f:
7c:ff:4d:00:ed:03:f4:87:a8:c0:a5:e5:11:72:97:9c:5d:1a:
00:b2:32:33:dc:94:81:84:cf:40:c7:d9:0a:c1:68:7e:fd:9b:
fa:aa:68:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+pP+4OucDhEZp3dU5VOAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjUwMTAxMDM0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzA1NzAyZGExMmE5M2JhNDYxMGNhODRjMDU3YTVlMjM2YjlhYmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpGQK9hty1EaM3C5xEn+B52ci6nn
zABuviavjqodPUEOmpZKm2TTqQQ5wcFb4FQOyAMHocWFhpbr69WN8lgvqrKRQr3U
WCPcwQ+yX9iVCQ5kShBaYL5W5+NmIfyHJe/nC7BDFvGBJaessLhpBk5SfFHU6tHY
QVyq3cgtLicLctSqo/Y691knZgwGaQbBSPQ9p6GIFsX1wlcxgbczrtzRH7WcYd9D
Vhpx1592alQgEoTvk3okoForIqVkquENaKTvRRGyejnL8yZb68oCIshNgAuwJFJe
DPHFgOXGeGI2Q9lj+jArZVxQo9EiM+d4iVhWgwtPsomu2hOMXBH4zy2SAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFwFcC2hKpO6RhDKhMBXpeI2uaujMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvWEFWd0xhRXFrN3BHRU1xRXdGZWw0amE1cTZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsN0eMA0G
CSqGSIb3DQEBCwUAA4IBAQBsdyo3XRPvNc6JXXR6WiI7i/dI9oLJdpeY5N97i+Ae
84jwavfJh/k1Gk75Zka28Cw9tNT3DTaV+jZ+1xHpTO+bwUFow9NeF4FqARhPdiPH
JVHNg3RjO4KQs9aBjhuwXzIO3IEiOiTs/1rwOkxkqhHj9J8kh+zu07dNUL2FNC1E
8lpuzRK4mN46ItMcGOE3uPvDmNyvTmI0Ar6KdbfTblU6CdQKoWxQX+Qg0ZaavMVr
L8bcdXMFvEq1+Hj2O6BE9cqgFPwcdoSIqxaNPtC6dH6jxhRxhSiRoS98/00A7QP0
h6jApeURcpecXRoAsjIz3JSBhM9Ax9kKwWh+/Zv6qmgH
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:26:49 2025 by rpki-client