Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/X6FDOxTNKh52-I33xxvcwTU1qaA.roa
File: X6FDOxTNKh52-I33xxvcwTU1qaA.roa (raw, json)
Hash identifier: 2Nya6BSwofcloqYL9ndMBA+GqP5w942e0XCFOKQVeZs=
Subject key identifier: 5F:A1:43:3B:14:CD:2A:1E:76:F8:8D:F7:C7:1B:DC:C1:35:35:A9:A0
Certificate issuer: /CN=f2a253cdf507a03e1f579d202d8df11d68f5c3d7
Certificate serial: 019424B3E97CB935AE3483A352E820D507C6
Authority key identifier: F2:A2:53:CD:F5:07:A0:3E:1F:57:9D:20:2D:8D:F1:1D:68:F5:C3:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8qJTzfUHoD4fV50gLY3xHWj1w9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/X6FDOxTNKh52-I33xxvcwTU1qaA.roa
Signing time: Thu 02 Jan 2025 01:49:17 +0000
ROA not before: Thu 02 Jan 2025 01:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36231
IP address blocks: 45.88.228.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:e9:7c:b9:35:ae:34:83:a3:52:e8:20:d5:07:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2a253cdf507a03e1f579d202d8df11d68f5c3d7
Validity
Not Before: Jan 2 01:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5fa1433b14cd2a1e76f88df7c71bdcc13535a9a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:25:9d:a2:c8:bb:0a:b2:ce:1c:3d:a0:42:f0:
ef:9e:7a:ce:f4:06:36:35:62:b0:3b:2a:8e:28:f8:
49:bd:4f:23:76:6a:85:b5:1a:63:8a:c5:2b:6c:06:
95:4c:ff:94:b8:f8:d1:93:d0:27:b6:c1:eb:93:45:
a1:22:10:ef:34:d7:e9:23:8b:e7:a5:ae:09:80:6f:
4c:cb:a1:31:42:df:cc:c6:1a:97:ed:ed:73:2c:81:
c3:d0:dc:8d:ee:58:68:4e:ce:8f:27:23:de:c8:16:
9c:2d:86:ab:eb:27:e9:27:e1:b2:c7:f8:ac:84:2b:
b9:b3:3d:a2:9b:72:32:05:d8:c7:4b:58:da:52:45:
b4:cf:77:92:e4:ad:7f:4e:a8:b6:bc:37:06:45:38:
44:e9:93:d1:57:62:f9:68:93:25:f2:89:f5:5f:71:
37:b0:45:a1:70:54:46:f9:d4:a5:0f:92:92:24:a2:
15:79:f0:6e:a0:81:11:f3:c2:f4:64:6f:2e:b4:15:
68:3c:b9:03:3f:d2:fd:78:68:31:31:1d:de:87:b6:
a5:15:3e:57:c8:a6:33:56:76:a0:a3:c2:47:78:5d:
b3:1d:fe:cb:7a:33:4d:d5:4b:78:02:36:0b:19:2b:
f0:9b:31:9b:e1:ad:eb:dd:9f:bc:8f:2c:68:7a:78:
37:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:A1:43:3B:14:CD:2A:1E:76:F8:8D:F7:C7:1B:DC:C1:35:35:A9:A0
X509v3 Authority Key Identifier:
keyid:F2:A2:53:CD:F5:07:A0:3E:1F:57:9D:20:2D:8D:F1:1D:68:F5:C3:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8qJTzfUHoD4fV50gLY3xHWj1w9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/X6FDOxTNKh52-I33xxvcwTU1qaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/8qJTzfUHoD4fV50gLY3xHWj1w9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.228.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:97:e0:dd:bb:14:ce:16:a9:20:fc:cd:64:f7:61:68:5c:1a:
36:b9:84:9d:e7:d0:16:a9:3e:3d:b0:24:d0:1d:e2:fe:4e:70:
23:e0:4d:2f:d9:fb:f5:ac:3a:39:c4:61:bc:dd:6f:8f:20:47:
47:6d:50:81:0d:aa:32:5f:b3:51:44:09:89:a4:01:8f:d7:1c:
f0:c4:c6:e3:47:35:ff:8d:82:41:8c:64:e0:c9:de:e2:37:4d:
47:da:a1:f0:72:c2:91:4b:40:d9:7a:79:98:82:76:59:c9:31:
89:b8:af:bf:92:7c:09:e5:b8:ae:d9:90:1f:39:3a:8f:78:8e:
f6:56:a5:9a:43:8b:c9:8a:21:36:2d:e1:4a:8b:50:89:34:ee:
06:46:04:28:9a:d2:d1:1e:dc:5c:2f:02:59:39:fe:2a:cf:ac:
9e:3b:fa:0b:f4:9c:24:de:28:a6:c1:99:41:e7:5d:d6:25:4e:
3b:05:6d:e2:e0:53:11:3b:45:4e:53:62:7a:01:c1:a8:5e:0a:
c2:f8:b9:34:6a:ec:bc:c4:95:da:43:5e:a5:54:21:87:51:5d:
44:ae:41:66:7e:66:8e:28:2a:f1:f3:bf:55:0a:f3:10:88:0a:
37:11:db:c4:1b:c1:6a:93:c2:80:a3:72:81:3d:66:d9:dd:d8:
cd:cd:3d:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks+l8uTWuNIOjUugg1QfGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyYTI1M2NkZjUwN2EwM2UxZjU3OWQyMDJkOGRmMTFkNjhm
NWMzZDcwHhcNMjUwMTAyMDE0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmExNDMzYjE0Y2QyYTFlNzZmODhkZjdjNzFiZGNjMTM1MzVhOWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4CWdosi7CrLOHD2gQvDvnnrO9AY2
NWKwOyqOKPhJvU8jdmqFtRpjisUrbAaVTP+UuPjRk9AntsHrk0WhIhDvNNfpI4vn
pa4JgG9My6ExQt/MxhqX7e1zLIHD0NyN7lhoTs6PJyPeyBacLYar6yfpJ+Gyx/is
hCu5sz2im3IyBdjHS1jaUkW0z3eS5K1/Tqi2vDcGRThE6ZPRV2L5aJMl8on1X3E3
sEWhcFRG+dSlD5KSJKIVefBuoIER88L0ZG8utBVoPLkDP9L9eGgxMR3eh7alFT5X
yKYzVnago8JHeF2zHf7LejNN1Ut4AjYLGSvwmzGb4a3r3Z+8jyxoeng3bQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF+hQzsUzSoedviN98cb3ME1NamgMB8GA1UdIwQY
MBaAFPKiU831B6A+H1edIC2N8R1o9cPXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHFKVHpmVUhvRDRmVjUwZ0xZM3hIV2oxdzljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8xMGViZWMtMjc4NC00ZGFhLThkZjct
YmU0ZDVkMDlkNzEwLzEvWDZGRE94VE5LaDUyLUkzM3h4dmN3VFUxcWFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8xMGViZWMtMjc4NC00ZGFhLThkZjctYmU0ZDVkMDlkNzEw
LzEvOHFKVHpmVUhvRDRmVjUwZ0xZM3hIV2oxdzljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVjkMA0G
CSqGSIb3DQEBCwUAA4IBAQBel+DduxTOFqkg/M1k92FoXBo2uYSd59AWqT49sCTQ
HeL+TnAj4E0v2fv1rDo5xGG83W+PIEdHbVCBDaoyX7NRRAmJpAGP1xzwxMbjRzX/
jYJBjGTgyd7iN01H2qHwcsKRS0DZenmYgnZZyTGJuK+/knwJ5biu2ZAfOTqPeI72
VqWaQ4vJiiE2LeFKi1CJNO4GRgQomtLRHtxcLwJZOf4qz6yeO/oL9Jwk3iimwZlB
513WJU47BW3i4FMRO0VOU2J6AcGoXgrC+Lk0auy8xJXaQ16lVCGHUV1ErkFmfmaO
KCrx879VCvMQiAo3EdvEG8Fqk8KAo3KBPWbZ3djNzT30
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:08:00 2025 by rpki-client