Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/177564-039a-4742-8301-6cb686328240/1/Xxpy5-a0sRZ197_KpNIjK-JA65k.roa
File: Xxpy5-a0sRZ197_KpNIjK-JA65k.roa (raw, json)
Hash identifier: thf3xNE9Zg65FtYu12wPdbaKQ3EKVbURvAK1eosqFDs=
Subject key identifier: 5F:1A:72:E7:E6:B4:B1:16:75:F7:BF:CA:A4:D2:23:2B:E2:40:EB:99
Certificate issuer: /CN=23b78d77a05449b1756083d03f1fd2373a6125a6
Certificate serial: 01856D9D46037409B51516534FAD7FAD141F
Authority key identifier: 23:B7:8D:77:A0:54:49:B1:75:60:83:D0:3F:1F:D2:37:3A:61:25:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I7eNd6BUSbF1YIPQPx_SNzphJaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/177564-039a-4742-8301-6cb686328240/1/Xxpy5-a0sRZ197_KpNIjK-JA65k.roa
Signing time: Sun 01 Jan 2023 13:55:01 +0000
ROA not before: Sun 01 Jan 2023 13:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58061
IP address blocks: 212.52.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:46:03:74:09:b5:15:16:53:4f:ad:7f:ad:14:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23b78d77a05449b1756083d03f1fd2373a6125a6
Validity
Not Before: Jan 1 13:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f1a72e7e6b4b11675f7bfcaa4d2232be240eb99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:cf:e8:a5:b9:e0:92:ec:05:c9:fa:5f:95:de:
99:50:b6:69:6e:f7:8c:33:e8:38:23:08:52:61:75:
b5:a4:15:cf:4f:96:2c:d2:ac:c8:6c:2f:cc:5a:26:
c7:34:08:23:b3:dd:c7:ab:45:08:bf:2b:79:be:c4:
25:d9:8c:cb:ef:66:38:b8:1a:f5:49:2a:cd:89:fa:
39:ef:34:73:2e:cc:af:15:f3:b2:70:e3:87:4e:34:
e9:6d:af:eb:32:39:72:7b:46:2b:9c:93:5a:b0:7d:
c1:13:a3:ae:60:45:c5:eb:3f:ed:22:95:dc:ca:b2:
00:7e:3b:d2:40:8e:31:ff:1f:55:a6:6c:39:5e:90:
d2:8f:b0:98:c1:2a:23:9e:08:83:1c:b3:fc:29:fc:
b3:4a:a0:e0:59:54:b6:1b:6d:f2:21:fd:a6:1c:5a:
c5:ee:85:62:18:ef:9b:57:f4:32:75:5e:06:4e:46:
b1:2d:e7:f3:41:94:93:bb:c1:60:24:a4:ef:bf:2d:
cf:13:b7:e5:3c:78:46:dc:14:8d:93:ff:a7:d1:d1:
bb:35:81:a0:46:31:b0:a2:03:f0:0a:9f:af:56:f3:
c9:0e:4b:78:e9:f8:d3:89:ce:3b:b3:f3:f2:1b:6d:
f1:70:d0:ce:85:18:25:1f:7e:94:42:c6:9a:ba:b7:
ec:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:1A:72:E7:E6:B4:B1:16:75:F7:BF:CA:A4:D2:23:2B:E2:40:EB:99
X509v3 Authority Key Identifier:
keyid:23:B7:8D:77:A0:54:49:B1:75:60:83:D0:3F:1F:D2:37:3A:61:25:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I7eNd6BUSbF1YIPQPx_SNzphJaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/177564-039a-4742-8301-6cb686328240/1/Xxpy5-a0sRZ197_KpNIjK-JA65k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/177564-039a-4742-8301-6cb686328240/1/I7eNd6BUSbF1YIPQPx_SNzphJaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.52.5.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:02:1e:76:94:58:7b:7e:d7:8a:13:13:f4:56:1c:52:d1:f2:
54:7b:32:66:a2:b2:02:50:cf:b2:c3:78:c5:9c:90:1a:8b:56:
d9:7c:78:d9:01:e1:16:2f:28:bf:d9:b4:01:d2:9e:03:52:c3:
7f:f4:41:28:8a:16:b2:32:3a:52:81:29:8a:36:52:b7:6f:72:
8a:79:93:62:25:3c:9b:e2:90:19:8e:ea:3b:48:04:36:01:4a:
75:d6:76:51:d0:3e:56:7f:5e:d9:b7:3a:91:9f:5a:7b:25:48:
77:b4:8d:61:83:76:32:6f:39:d1:ac:e3:c6:8f:28:cb:8a:d5:
2f:06:0b:4e:cd:33:b6:ee:eb:08:ad:9e:7c:8a:f1:d5:29:1a:
2a:24:0c:45:44:4d:b1:d1:1b:bd:fc:e9:11:6f:50:8e:2b:22:
9c:37:0b:98:0e:05:23:c2:11:37:ba:1c:ca:11:1e:30:ad:6d:
2e:9a:6a:6d:48:aa:ce:ad:a1:d6:53:56:c3:fc:65:e4:42:48:
f9:6d:5b:30:4f:eb:72:7e:66:52:8a:c7:ae:72:c7:1e:5b:c0:
6d:da:1e:b9:3a:20:99:42:da:44:d8:8f:5b:b5:d5:51:c9:94:
67:b7:8a:bd:ef:5c:0f:de:e1:89:72:e9:51:fb:11:38:de:49:
e4:76:3c:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtnUYDdAm1FRZTT61/rRQfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYjc4ZDc3YTA1NDQ5YjE3NTYwODNkMDNmMWZkMjM3M2E2
MTI1YTYwHhcNMjMwMTAxMTM1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjFhNzJlN2U2YjRiMTE2NzVmN2JmY2FhNGQyMjMyYmUyNDBlYjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoM/opbngkuwFyfpfld6ZULZpbveM
M+g4IwhSYXW1pBXPT5Ys0qzIbC/MWibHNAgjs93Hq0UIvyt5vsQl2YzL72Y4uBr1
SSrNifo57zRzLsyvFfOycOOHTjTpba/rMjlye0YrnJNasH3BE6OuYEXF6z/tIpXc
yrIAfjvSQI4x/x9Vpmw5XpDSj7CYwSojngiDHLP8KfyzSqDgWVS2G23yIf2mHFrF
7oViGO+bV/QydV4GTkaxLefzQZSTu8FgJKTvvy3PE7flPHhG3BSNk/+n0dG7NYGg
RjGwogPwCp+vVvPJDkt46fjTic47s/PyG23xcNDOhRglH36UQsaaurfsEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF8acufmtLEWdfe/yqTSIyviQOuZMB8GA1UdIwQY
MBaAFCO3jXegVEmxdWCD0D8f0jc6YSWmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTdlTmQ2QlVTYkYxWUlQUVB4X1NOenBoSmFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8xNzc1NjQtMDM5YS00NzQyLTgzMDEt
NmNiNjg2MzI4MjQwLzEvWHhweTUtYTBzUloxOTdfS3BOSWpLLUpBNjVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8xNzc1NjQtMDM5YS00NzQyLTgzMDEtNmNiNjg2MzI4MjQw
LzEvSTdlTmQ2QlVTYkYxWUlQUVB4X1NOenBoSmFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1DQFMA0G
CSqGSIb3DQEBCwUAA4IBAQAuAh52lFh7fteKExP0VhxS0fJUezJmorICUM+yw3jF
nJAai1bZfHjZAeEWLyi/2bQB0p4DUsN/9EEoihayMjpSgSmKNlK3b3KKeZNiJTyb
4pAZjuo7SAQ2AUp11nZR0D5Wf17ZtzqRn1p7JUh3tI1hg3YybznRrOPGjyjLitUv
BgtOzTO27usIrZ58ivHVKRoqJAxFRE2x0Ru9/OkRb1COKyKcNwuYDgUjwhE3uhzK
ER4wrW0ummptSKrOraHWU1bD/GXkQkj5bVswT+tyfmZSiseucsceW8Bt2h65OiCZ
QtpE2I9btdVRyZRnt4q971wP3uGJculR+xE43knkdjy7
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:25 2025 by rpki-client