Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/75465f-6797-4141-b961-8b7c57c56215/1/XfcUo_pFgzzQK3LpHanDAL6qsm8.roa
File: XfcUo_pFgzzQK3LpHanDAL6qsm8.roa (raw, json)
Hash identifier: PqM9+rcTrXNoQwaCLTQL6oXgVIvAF+akxeev/02act4=
Subject key identifier: 5D:F7:14:A3:FA:45:83:3C:D0:2B:72:E9:1D:A9:C3:00:BE:AA:B2:6F
Certificate issuer: /CN=3f273b6861cf7cf4646cc5e04275d6617635f07b
Certificate serial: 019423D746C069653D5F7440B5950CD72720
Authority key identifier: 3F:27:3B:68:61:CF:7C:F4:64:6C:C5:E0:42:75:D6:61:76:35:F0:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pyc7aGHPfPRkbMXgQnXWYXY18Hs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/75465f-6797-4141-b961-8b7c57c56215/1/XfcUo_pFgzzQK3LpHanDAL6qsm8.roa
Signing time: Wed 01 Jan 2025 21:48:18 +0000
ROA not before: Wed 01 Jan 2025 21:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20776
IP address blocks: 94.124.219.0/24 maxlen: 24
109.203.224.0/20 maxlen: 20
109.203.224.0/23 maxlen: 23
109.203.226.0/23 maxlen: 23
109.203.228.0/24 maxlen: 24
109.203.230.0/23 maxlen: 23
109.203.232.0/23 maxlen: 23
109.203.234.0/24 maxlen: 24
109.203.235.0/24 maxlen: 24
109.203.240.0/20 maxlen: 20
109.203.240.0/24 maxlen: 24
109.203.241.0/24 maxlen: 24
109.203.242.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:46:c0:69:65:3d:5f:74:40:b5:95:0c:d7:27:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f273b6861cf7cf4646cc5e04275d6617635f07b
Validity
Not Before: Jan 1 21:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5df714a3fa45833cd02b72e91da9c300beaab26f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:52:fb:62:9b:7e:2e:70:b1:fd:5a:18:b2:3a:
b1:24:24:3e:94:32:2d:34:50:c9:9c:cf:04:97:dd:
32:5e:f4:de:f2:a8:8a:03:e4:b2:be:43:80:1d:4c:
53:5e:81:7d:df:37:3b:d3:38:f8:06:e2:1a:1d:c6:
49:3f:29:5c:c4:d4:1b:74:54:b5:dd:9b:e2:b4:a9:
96:6b:04:f5:bc:8d:71:e5:f1:8a:f7:27:a9:59:89:
e0:04:1e:e7:f7:c7:77:d1:55:0a:f3:44:f7:70:29:
5b:44:7a:d8:05:19:50:f2:7a:1a:a8:92:df:0e:32:
81:89:ba:f9:a8:dd:1f:1e:41:9d:87:58:90:1f:7d:
70:a6:29:7c:6a:ee:7d:43:64:18:03:29:04:47:06:
a3:f8:de:a8:ab:d7:b3:9e:51:87:35:0f:0f:a8:d9:
01:99:ae:d6:98:c3:0a:a2:df:05:39:12:a1:5f:e7:
9d:c9:be:6d:60:c9:eb:06:4d:a1:93:32:61:74:94:
51:99:30:39:01:7b:bb:1e:60:96:a5:75:af:9a:72:
2c:af:e5:5d:57:e5:28:b4:0f:05:1b:5c:de:17:bd:
5c:88:c2:ed:8e:e5:80:36:bb:42:3d:05:06:63:ec:
36:28:a0:96:cb:f3:ff:4e:41:96:93:70:5a:04:4d:
02:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:F7:14:A3:FA:45:83:3C:D0:2B:72:E9:1D:A9:C3:00:BE:AA:B2:6F
X509v3 Authority Key Identifier:
keyid:3F:27:3B:68:61:CF:7C:F4:64:6C:C5:E0:42:75:D6:61:76:35:F0:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pyc7aGHPfPRkbMXgQnXWYXY18Hs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/75465f-6797-4141-b961-8b7c57c56215/1/XfcUo_pFgzzQK3LpHanDAL6qsm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/75465f-6797-4141-b961-8b7c57c56215/1/Pyc7aGHPfPRkbMXgQnXWYXY18Hs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.124.219.0/24
109.203.224.0/19
Signature Algorithm: sha256WithRSAEncryption
15:f4:26:99:3e:0c:8b:23:98:2e:f4:4f:b1:fc:01:2e:c0:c9:
2a:29:66:26:38:18:2b:d4:8e:35:c4:d5:e7:ee:74:c1:5d:14:
3e:83:bb:a3:15:f7:0a:2e:82:1f:48:eb:7f:f0:4c:27:05:28:
fa:03:b8:6a:54:a4:c9:26:bd:cd:e5:d6:6c:2e:6c:d9:d9:4d:
74:55:34:00:06:7d:01:62:9b:bb:30:94:19:c0:67:9f:b7:cf:
d1:bd:b1:02:d4:e0:8a:d1:91:e0:14:8c:77:fb:7b:07:ac:e2:
42:54:a8:8f:de:8d:d7:9a:c8:5b:86:c5:a8:c8:29:40:7a:0d:
0f:e7:68:ed:79:d4:3b:b2:b1:f0:57:b1:88:30:48:24:55:d3:
7e:06:ed:6e:b9:dd:a6:a5:e0:15:4f:b9:59:83:3d:f7:01:57:
22:80:e7:37:e0:58:c6:3e:b3:f3:6e:13:08:7d:6f:74:19:75:
20:2e:5b:2c:dd:68:a4:e8:45:b6:54:15:62:93:e4:bb:46:d6:
93:66:ae:cf:68:7f:c8:03:4a:1e:25:b8:1a:af:06:4d:47:76:
e5:0d:8d:d9:b2:ab:a3:e0:21:02:bc:6c:d5:a6:96:12:94:9e:
a2:ca:8a:f3:11:19:20:e6:b7:9f:d9:95:13:10:7d:1a:1a:08:
57:f1:75:5a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj10bAaWU9X3RAtZUM1ycgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMjczYjY4NjFjZjdjZjQ2NDZjYzVlMDQyNzVkNjYxNzYz
NWYwN2IwHhcNMjUwMTAxMjE0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGY3MTRhM2ZhNDU4MzNjZDAyYjcyZTkxZGE5YzMwMGJlYWFiMjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9VL7Ypt+LnCx/VoYsjqxJCQ+lDIt
NFDJnM8El90yXvTe8qiKA+SyvkOAHUxTXoF93zc70zj4BuIaHcZJPylcxNQbdFS1
3ZvitKmWawT1vI1x5fGK9yepWYngBB7n98d30VUK80T3cClbRHrYBRlQ8noaqJLf
DjKBibr5qN0fHkGdh1iQH31wpil8au59Q2QYAykERwaj+N6oq9eznlGHNQ8PqNkB
ma7WmMMKot8FORKhX+edyb5tYMnrBk2hkzJhdJRRmTA5AXu7HmCWpXWvmnIsr+Vd
V+UotA8FG1zeF71ciMLtjuWANrtCPQUGY+w2KKCWy/P/TkGWk3BaBE0C6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF33FKP6RYM80Cty6R2pwwC+qrJvMB8GA1UdIwQY
MBaAFD8nO2hhz3z0ZGzF4EJ11mF2NfB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHljN2FHSFBmUFJrYk1YZ1FuWFdZWFkxOEhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC83NTQ2NWYtNjc5Ny00MTQxLWI5NjEt
OGI3YzU3YzU2MjE1LzEvWGZjVW9fcEZnenpRSzNMcEhhbkRBTDZxc204LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC83NTQ2NWYtNjc5Ny00MTQxLWI5NjEtOGI3YzU3YzU2MjE1
LzEvUHljN2FHSFBmUFJrYk1YZ1FuWFdZWFkxOEhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXnzbAwQF
bcvgMA0GCSqGSIb3DQEBCwUAA4IBAQAV9CaZPgyLI5gu9E+x/AEuwMkqKWYmOBgr
1I41xNXn7nTBXRQ+g7ujFfcKLoIfSOt/8EwnBSj6A7hqVKTJJr3N5dZsLmzZ2U10
VTQABn0BYpu7MJQZwGeft8/RvbEC1OCK0ZHgFIx3+3sHrOJCVKiP3o3XmshbhsWo
yClAeg0P52jtedQ7srHwV7GIMEgkVdN+Bu1uud2mpeAVT7lZgz33AVcigOc34FjG
PrPzbhMIfW90GXUgLlss3Wik6EW2VBVik+S7RtaTZq7PaH/IA0oeJbgarwZNR3bl
DY3Zsquj4CECvGzVppYSlJ6iyorzERkg5ref2ZUTEH0aGghX8XVa
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:34:46 2025 by rpki-client