Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8fa78f-1d73-4c5a-9e0b-66d80ed09bc7/1/XTZ-6WhmzXiDDwFWajhChN4966c.roa
File: XTZ-6WhmzXiDDwFWajhChN4966c.roa (raw, json)
Hash identifier: 76eYyVPhyFyHfOEPHeaphAj0SWfwnKjZwUHP7osL/Jg=
Subject key identifier: 5D:36:7E:E9:68:66:CD:78:83:0F:01:56:6A:38:42:84:DE:3D:EB:A7
Certificate issuer: /CN=82e014f1c8ca3966a93ef39dbc612daac0d83dc0
Certificate serial: 019421444240F993F86B046538A0BB5C12BE
Authority key identifier: 82:E0:14:F1:C8:CA:39:66:A9:3E:F3:9D:BC:61:2D:AA:C0:D8:3D:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/guAU8cjKOWapPvOdvGEtqsDYPcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8fa78f-1d73-4c5a-9e0b-66d80ed09bc7/1/XTZ-6WhmzXiDDwFWajhChN4966c.roa
Signing time: Wed 01 Jan 2025 09:48:29 +0000
ROA not before: Wed 01 Jan 2025 09:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1299
IP address blocks: 194.56.124.0/23 maxlen: 23
194.56.126.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:42:40:f9:93:f8:6b:04:65:38:a0:bb:5c:12:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82e014f1c8ca3966a93ef39dbc612daac0d83dc0
Validity
Not Before: Jan 1 09:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d367ee96866cd78830f01566a384284de3deba7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4b:49:de:09:04:cb:a5:a2:00:67:af:3c:ac:
00:90:70:0d:b7:82:41:24:f7:b0:64:38:06:ab:de:
df:a6:72:dc:8b:0c:df:2d:f6:fc:25:09:17:a2:50:
a1:b9:e6:a8:fa:33:ff:21:2f:46:ce:6a:90:c9:bf:
d1:9c:40:63:91:47:08:05:04:49:6d:21:6d:e1:7c:
15:1a:08:16:3d:4e:f8:bb:0f:84:6b:c4:76:7c:ab:
bb:89:8b:34:a7:c4:85:a6:80:6b:c4:af:df:47:54:
bf:f0:67:b2:fc:6a:8b:82:78:e4:90:ad:93:13:5b:
f7:52:7c:d8:1a:66:e8:76:62:70:52:5c:4f:af:b8:
12:75:c0:b4:54:be:19:b1:14:55:9a:80:79:28:1a:
7c:63:1c:90:55:a3:1e:84:36:b8:da:87:8c:98:47:
52:e9:cb:a0:ae:b3:56:7b:ec:9c:be:2b:c5:c8:ca:
b3:79:66:34:17:c6:b9:aa:5e:3e:70:c0:8c:e5:9d:
d5:43:1d:a1:de:6d:01:50:bd:45:2e:7c:4e:f9:7d:
0d:56:14:a9:d2:76:c0:68:ea:b2:63:b3:12:30:63:
46:28:07:80:a8:6d:6f:33:58:b0:ec:cd:b7:0a:2d:
31:4a:0a:e0:d4:67:22:60:b8:5f:20:d3:61:fd:65:
fb:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:36:7E:E9:68:66:CD:78:83:0F:01:56:6A:38:42:84:DE:3D:EB:A7
X509v3 Authority Key Identifier:
keyid:82:E0:14:F1:C8:CA:39:66:A9:3E:F3:9D:BC:61:2D:AA:C0:D8:3D:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/guAU8cjKOWapPvOdvGEtqsDYPcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8fa78f-1d73-4c5a-9e0b-66d80ed09bc7/1/XTZ-6WhmzXiDDwFWajhChN4966c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8fa78f-1d73-4c5a-9e0b-66d80ed09bc7/1/guAU8cjKOWapPvOdvGEtqsDYPcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.56.124.0-194.56.126.255
Signature Algorithm: sha256WithRSAEncryption
0f:53:6f:3e:27:37:a1:69:ec:de:3a:e2:ea:e6:21:1f:d1:82:
64:27:e5:8c:b5:7c:64:85:2e:c3:bc:e0:72:f0:64:b8:c7:62:
93:09:c9:a4:47:95:c9:0d:0a:70:ea:d5:dc:ce:e2:97:4a:c9:
d5:8b:10:9e:ed:98:31:e3:e7:e7:5c:ea:63:72:6a:46:55:26:
fa:1c:32:93:25:ad:6b:1d:62:d4:e8:9f:cc:65:b0:c7:19:eb:
c2:61:52:7c:82:8f:e0:e2:e6:50:ac:81:d6:76:1d:d4:07:30:
dc:62:5f:b5:41:65:c6:48:a1:09:df:3a:38:ab:00:56:09:bf:
0f:81:3d:5d:f4:5c:d9:94:df:44:d5:71:85:fc:45:2e:51:f9:
22:56:a5:52:8c:26:ec:ce:99:57:fd:ae:33:0a:f1:4d:19:cf:
a3:5b:d9:4d:74:21:a0:30:12:f4:b0:09:6c:dc:f6:e3:12:74:
eb:73:70:dd:e0:d3:6e:27:0d:53:86:d6:27:e7:f1:6c:4b:54:
c2:77:56:cc:fa:67:0a:ec:36:9f:67:99:37:64:a6:db:37:f2:
89:21:b8:24:75:07:39:c0:80:68:de:b7:a2:53:2a:fa:2c:b2:
b3:07:1f:52:48:92:7c:98:a6:fd:d1:66:8c:9e:70:32:ed:d7:
48:fe:b0:ce
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQhREJA+ZP4awRlOKC7XBK+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZTAxNGYxYzhjYTM5NjZhOTNlZjM5ZGJjNjEyZGFhYzBk
ODNkYzAwHhcNMjUwMTAxMDk0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDM2N2VlOTY4NjZjZDc4ODMwZjAxNTY2YTM4NDI4NGRlM2RlYmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUtJ3gkEy6WiAGevPKwAkHANt4JB
JPewZDgGq97fpnLciwzfLfb8JQkXolChueao+jP/IS9GzmqQyb/RnEBjkUcIBQRJ
bSFt4XwVGggWPU74uw+Ea8R2fKu7iYs0p8SFpoBrxK/fR1S/8Gey/GqLgnjkkK2T
E1v3UnzYGmbodmJwUlxPr7gSdcC0VL4ZsRRVmoB5KBp8YxyQVaMehDa42oeMmEdS
6cugrrNWe+ycvivFyMqzeWY0F8a5ql4+cMCM5Z3VQx2h3m0BUL1FLnxO+X0NVhSp
0nbAaOqyY7MSMGNGKAeAqG1vM1iw7M23Ci0xSgrg1GciYLhfINNh/WX7gQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFF02fuloZs14gw8BVmo4QoTePeunMB8GA1UdIwQY
MBaAFILgFPHIyjlmqT7znbxhLarA2D3AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3VBVThjaktPV2FwUHZPZHZHRXRxc0RZUGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84ZmE3OGYtMWQ3My00YzVhLTllMGIt
NjZkODBlZDA5YmM3LzEvWFRaLTZXaG16WGlERHdGV2FqaENoTjQ5NjZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84ZmE3OGYtMWQ3My00YzVhLTllMGItNjZkODBlZDA5YmM3
LzEvZ3VBVThjaktPV2FwUHZPZHZHRXRxc0RZUGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALCOHwD
BADCOH4wDQYJKoZIhvcNAQELBQADggEBAA9Tbz4nN6Fp7N464urmIR/RgmQn5Yy1
fGSFLsO84HLwZLjHYpMJyaRHlckNCnDq1dzO4pdKydWLEJ7tmDHj5+dc6mNyakZV
JvocMpMlrWsdYtTon8xlsMcZ68JhUnyCj+Di5lCsgdZ2HdQHMNxiX7VBZcZIoQnf
OjirAFYJvw+BPV30XNmU30TVcYX8RS5R+SJWpVKMJuzOmVf9rjMK8U0Zz6Nb2U10
IaAwEvSwCWzc9uMSdOtzcN3g024nDVOG1ifn8WxLVMJ3Vsz6ZwrsNp9nmTdkpts3
8okhuCR1BznAgGjet6JTKvossrMHH1JIknyYpv3RZoyecDLt10j+sM4=
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:31:50 2025 by rpki-client