Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/bd6b11-c523-43d1-af58-f679bd812747/1/XKiGOIjyx608s7BtDrzDxiedoqU.roa
File: XKiGOIjyx608s7BtDrzDxiedoqU.roa (raw, json)
Hash identifier: sAuJlV2PvUi7cjc0sONjYcL7JXQdQzm0ELxG4/pYazU=
Subject key identifier: 5C:A8:86:38:88:F2:C7:AD:3C:B3:B0:6D:0E:BC:C3:C6:27:9D:A2:A5
Certificate issuer: /CN=3cb78e7191bc7639e287f516a6f4019e1a418dd7
Certificate serial: 018571B0C2BEB4F687302C95957BD484A0F2
Authority key identifier: 3C:B7:8E:71:91:BC:76:39:E2:87:F5:16:A6:F4:01:9E:1A:41:8D:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PLeOcZG8djnih_UWpvQBnhpBjdc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/bd6b11-c523-43d1-af58-f679bd812747/1/XKiGOIjyx608s7BtDrzDxiedoqU.roa
Signing time: Mon 02 Jan 2023 08:54:47 +0000
ROA not before: Mon 02 Jan 2023 08:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41106
IP address blocks: 89.200.176.0/24 maxlen: 24
89.200.177.0/24 maxlen: 24
89.200.178.0/23 maxlen: 23
89.200.180.0/23 maxlen: 23
89.200.182.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:c2:be:b4:f6:87:30:2c:95:95:7b:d4:84:a0:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cb78e7191bc7639e287f516a6f4019e1a418dd7
Validity
Not Before: Jan 2 08:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ca8863888f2c7ad3cb3b06d0ebcc3c6279da2a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a7:52:d6:62:36:ab:9e:bd:12:ed:84:a6:95:
01:7d:88:bc:01:e0:37:79:5d:cf:c6:2a:38:17:0a:
5c:80:41:42:c5:de:c4:9c:41:d0:41:af:45:7d:e5:
b7:56:ef:f3:9a:dc:58:99:ed:fc:6e:c4:ef:00:58:
1c:a8:87:51:60:29:9c:28:ce:a5:7e:d8:22:12:68:
e2:f7:81:c4:44:6d:df:87:fc:08:88:57:9a:36:a5:
ee:6e:7b:fe:a0:0d:55:b6:b2:3b:ca:43:2f:42:57:
1d:c9:84:60:8d:2d:a4:cb:63:89:b9:63:56:63:22:
c1:4a:ac:9e:2b:9f:71:bb:82:75:b4:77:05:d8:8f:
03:f6:ad:ec:a3:50:02:e2:c7:34:33:59:2f:73:2c:
2f:cc:2a:60:6e:e3:52:76:1f:86:ee:c0:11:d2:91:
80:26:59:6c:8c:63:01:f4:60:37:44:13:21:da:06:
e6:2a:56:d7:35:aa:34:71:f2:0d:4e:6a:b9:f4:4a:
73:aa:27:27:90:23:16:92:8b:32:eb:9e:3c:9c:b3:
3f:18:d4:2d:6e:18:47:3e:a4:c1:1c:61:17:09:a9:
63:d4:d6:43:8e:66:e6:db:2f:bb:77:9d:d7:4d:d9:
bc:f9:88:df:5e:4b:05:1d:7b:82:d6:47:9e:8c:47:
a6:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:A8:86:38:88:F2:C7:AD:3C:B3:B0:6D:0E:BC:C3:C6:27:9D:A2:A5
X509v3 Authority Key Identifier:
keyid:3C:B7:8E:71:91:BC:76:39:E2:87:F5:16:A6:F4:01:9E:1A:41:8D:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PLeOcZG8djnih_UWpvQBnhpBjdc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/bd6b11-c523-43d1-af58-f679bd812747/1/XKiGOIjyx608s7BtDrzDxiedoqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/bd6b11-c523-43d1-af58-f679bd812747/1/PLeOcZG8djnih_UWpvQBnhpBjdc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.200.176.0/21
Signature Algorithm: sha256WithRSAEncryption
18:5a:4c:77:27:96:49:5f:89:57:ff:cc:31:91:0e:5a:a3:ae:
63:30:ac:ec:c3:bf:f3:9e:f1:97:d3:92:8d:99:83:4d:77:05:
58:92:ea:67:0a:54:cb:d9:0e:6b:22:b5:64:74:e8:26:d5:2a:
77:95:2d:16:55:ae:a6:9c:c2:e8:48:4f:52:a7:a7:dd:66:b6:
b3:7c:d5:03:19:06:9f:70:96:e8:30:6e:f3:1d:40:df:36:6e:
5c:f4:78:8c:6e:2b:e9:a5:6c:ce:f4:33:f1:52:24:0d:aa:33:
44:51:52:0c:08:1f:1b:56:53:04:4a:cc:bc:08:21:e1:83:b7:
08:8d:f1:78:2c:2a:d4:f5:2d:b9:69:de:1a:0c:8e:46:cc:e4:
4d:24:a2:2e:4d:43:12:cc:e8:62:ea:47:f1:98:50:2e:01:f9:
d0:cf:80:58:0c:8f:26:c3:9e:ad:21:4a:95:f2:28:23:09:ef:
24:13:87:e6:2e:e6:a7:d1:e0:3f:47:a3:59:ce:cd:e1:50:3e:
91:65:23:60:7e:9a:3e:05:bf:e6:24:6b:54:7b:b2:c0:d3:90:
6a:06:0a:54:b0:25:32:b8:6f:2d:7c:05:94:b9:7f:c3:be:7a:
15:8f:ad:0d:87:66:6a:34:7a:87:a0:a1:18:5e:78:f9:42:d1:
36:a9:2b:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxsMK+tPaHMCyVlXvUhKDyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjYjc4ZTcxOTFiYzc2MzllMjg3ZjUxNmE2ZjQwMTllMWE0
MThkZDcwHhcNMjMwMTAyMDg1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2E4ODYzODg4ZjJjN2FkM2NiM2IwNmQwZWJjYzNjNjI3OWRhMmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6dS1mI2q569Eu2EppUBfYi8AeA3
eV3Pxio4FwpcgEFCxd7EnEHQQa9FfeW3Vu/zmtxYme38bsTvAFgcqIdRYCmcKM6l
ftgiEmji94HERG3fh/wIiFeaNqXubnv+oA1VtrI7ykMvQlcdyYRgjS2ky2OJuWNW
YyLBSqyeK59xu4J1tHcF2I8D9q3so1AC4sc0M1kvcywvzCpgbuNSdh+G7sAR0pGA
JllsjGMB9GA3RBMh2gbmKlbXNao0cfINTmq59EpzqicnkCMWkosy6548nLM/GNQt
bhhHPqTBHGEXCalj1NZDjmbm2y+7d53XTdm8+YjfXksFHXuC1keejEemuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFyohjiI8setPLOwbQ68w8YnnaKlMB8GA1UdIwQY
MBaAFDy3jnGRvHY54of1Fqb0AZ4aQY3XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUExlT2NaRzhkam5paF9VV3B2UUJuaHBCamRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9iZDZiMTEtYzUyMy00M2QxLWFmNTgt
ZjY3OWJkODEyNzQ3LzEvWEtpR09Janl4NjA4czdCdERyekR4aWVkb3FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9iZDZiMTEtYzUyMy00M2QxLWFmNTgtZjY3OWJkODEyNzQ3
LzEvUExlT2NaRzhkam5paF9VV3B2UUJuaHBCamRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDWciwMA0G
CSqGSIb3DQEBCwUAA4IBAQAYWkx3J5ZJX4lX/8wxkQ5ao65jMKzsw7/znvGX05KN
mYNNdwVYkupnClTL2Q5rIrVkdOgm1Sp3lS0WVa6mnMLoSE9Sp6fdZrazfNUDGQaf
cJboMG7zHUDfNm5c9HiMbivppWzO9DPxUiQNqjNEUVIMCB8bVlMESsy8CCHhg7cI
jfF4LCrU9S25ad4aDI5GzORNJKIuTUMSzOhi6kfxmFAuAfnQz4BYDI8mw56tIUqV
8igjCe8kE4fmLuan0eA/R6NZzs3hUD6RZSNgfpo+Bb/mJGtUe7LA05BqBgpUsCUy
uG8tfAWUuX/DvnoVj60Nh2ZqNHqHoKEYXnj5QtE2qSsQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:31 2025 by rpki-client