Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/720394-cf71-40a3-a538-ed01ed7c129b/1/XNVTHPEtEvJEQtfosSseCOClX9E.roa
File: XNVTHPEtEvJEQtfosSseCOClX9E.roa (raw, json)
Hash identifier: ncfHiY3VCS5auvhcc8v+Uwg/prPyczVTt0Pq4DfPjJw=
Subject key identifier: 5C:D5:53:1C:F1:2D:12:F2:44:42:D7:E8:B1:2B:1E:08:E0:A5:5F:D1
Certificate issuer: /CN=c255989d579c4b5eade852f97f62e9bf2cfbde3c
Certificate serial: 019420D62838B9C24FDB9D6D104D6287D6CD
Authority key identifier: C2:55:98:9D:57:9C:4B:5E:AD:E8:52:F9:7F:62:E9:BF:2C:FB:DE:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wlWYnVecS16t6FL5f2Lpvyz73jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/720394-cf71-40a3-a538-ed01ed7c129b/1/XNVTHPEtEvJEQtfosSseCOClX9E.roa
Signing time: Wed 01 Jan 2025 07:48:13 +0000
ROA not before: Wed 01 Jan 2025 07:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51088
IP address blocks: 188.95.143.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:28:38:b9:c2:4f:db:9d:6d:10:4d:62:87:d6:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c255989d579c4b5eade852f97f62e9bf2cfbde3c
Validity
Not Before: Jan 1 07:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5cd5531cf12d12f24442d7e8b12b1e08e0a55fd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:fa:72:59:9b:8d:dc:00:c8:dc:80:86:6f:06:
d6:ca:38:c8:1b:cd:40:e1:d9:a8:08:d5:8a:80:64:
32:7f:35:0e:ab:65:7a:29:1d:08:6d:ec:77:1b:7f:
f2:3d:e1:dd:72:17:77:be:96:80:e4:7e:19:25:cd:
1b:0e:da:2c:2f:c0:78:5d:ef:57:bd:62:a0:fb:8b:
26:94:8b:f1:93:c9:ab:4b:3c:c1:58:3c:cd:87:89:
3c:8d:6b:f4:68:01:44:de:f9:39:28:f0:bf:89:4a:
ea:2b:f0:d1:61:13:1f:a4:ac:1d:3e:25:0b:d0:dc:
87:fc:dc:91:ef:de:31:c6:e8:89:ca:08:ee:20:78:
75:96:b6:c1:bc:79:14:f8:1a:d7:9d:86:52:e3:aa:
80:ed:b4:61:e6:9e:36:54:27:54:ea:0c:4e:f1:f3:
1c:0f:64:c2:66:ff:e2:7b:e6:07:2a:20:ea:85:92:
a6:b4:fb:53:a6:f2:ab:ea:46:7a:47:ba:68:e4:c6:
75:08:84:26:9d:03:1b:a3:a4:a2:2d:ae:9e:f9:90:
b7:eb:ff:37:79:6b:56:d7:67:c5:5c:3c:e0:71:25:
59:32:f1:b0:e7:25:59:01:66:43:84:a7:33:35:f1:
17:2e:65:48:e8:6b:7f:06:a7:67:95:7f:79:06:21:
ed:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:D5:53:1C:F1:2D:12:F2:44:42:D7:E8:B1:2B:1E:08:E0:A5:5F:D1
X509v3 Authority Key Identifier:
keyid:C2:55:98:9D:57:9C:4B:5E:AD:E8:52:F9:7F:62:E9:BF:2C:FB:DE:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wlWYnVecS16t6FL5f2Lpvyz73jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/720394-cf71-40a3-a538-ed01ed7c129b/1/XNVTHPEtEvJEQtfosSseCOClX9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/720394-cf71-40a3-a538-ed01ed7c129b/1/wlWYnVecS16t6FL5f2Lpvyz73jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.95.143.0/24
Signature Algorithm: sha256WithRSAEncryption
44:20:c5:79:85:f2:ea:a3:81:80:10:5e:d1:2c:f0:a8:1d:a2:
78:e4:4e:ad:91:97:71:ac:c3:2d:c3:45:76:c2:1f:e7:65:c8:
64:de:73:83:9c:78:ae:8e:62:f7:6b:c8:14:ab:ac:50:e9:8b:
54:5c:21:48:9e:d2:af:20:8a:b6:89:4a:6b:f3:b8:26:67:33:
73:4b:5f:cd:b5:76:d2:30:09:b3:9f:b3:cb:e6:ee:a9:58:79:
9a:f4:6e:42:f0:e8:40:be:bf:0e:37:09:37:0d:d6:33:4a:93:
2b:ff:c9:c4:7a:b5:db:27:c4:12:77:22:77:2e:87:08:53:7d:
51:84:93:0e:8a:31:c7:31:ba:c8:43:ac:b7:5d:07:37:c3:a0:
2b:7f:07:3b:09:ad:23:20:d9:a7:b6:c8:f4:52:06:2b:b8:d0:
54:39:71:18:f9:7e:83:3c:a5:90:36:0f:fc:71:06:f1:29:0a:
af:b5:43:6c:29:e6:c6:00:40:e5:19:bd:8b:b2:9e:e7:15:48:
01:ae:ab:2a:b5:b2:61:ad:3b:0b:e0:e8:46:b0:ce:2f:08:9e:
3a:da:63:36:48:57:d4:06:c8:95:d9:30:69:8d:bf:14:5c:e3:
25:b6:3d:2b:62:be:d5:31:d0:1c:16:8f:e8:1f:bd:c4:29:a2:
66:71:35:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1ig4ucJP251tEE1ih9bNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNTU5ODlkNTc5YzRiNWVhZGU4NTJmOTdmNjJlOWJmMmNm
YmRlM2MwHhcNMjUwMTAxMDc0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2Q1NTMxY2YxMmQxMmYyNDQ0MmQ3ZThiMTJiMWUwOGUwYTU1ZmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/pyWZuN3ADI3ICGbwbWyjjIG81A
4dmoCNWKgGQyfzUOq2V6KR0Ibex3G3/yPeHdchd3vpaA5H4ZJc0bDtosL8B4Xe9X
vWKg+4smlIvxk8mrSzzBWDzNh4k8jWv0aAFE3vk5KPC/iUrqK/DRYRMfpKwdPiUL
0NyH/NyR794xxuiJygjuIHh1lrbBvHkU+BrXnYZS46qA7bRh5p42VCdU6gxO8fMc
D2TCZv/ie+YHKiDqhZKmtPtTpvKr6kZ6R7po5MZ1CIQmnQMbo6SiLa6e+ZC36/83
eWtW12fFXDzgcSVZMvGw5yVZAWZDhKczNfEXLmVI6Gt/BqdnlX95BiHtMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFzVUxzxLRLyRELX6LErHgjgpV/RMB8GA1UdIwQY
MBaAFMJVmJ1XnEterehS+X9i6b8s+948MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2xXWW5WZWNTMTZ0NkZMNWYyTHB2eXo3M2p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS83MjAzOTQtY2Y3MS00MGEzLWE1Mzgt
ZWQwMWVkN2MxMjliLzEvWE5WVEhQRXRFdkpFUXRmb3NTc2VDT0NsWDlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS83MjAzOTQtY2Y3MS00MGEzLWE1MzgtZWQwMWVkN2MxMjli
LzEvd2xXWW5WZWNTMTZ0NkZMNWYyTHB2eXo3M2p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvF+PMA0G
CSqGSIb3DQEBCwUAA4IBAQBEIMV5hfLqo4GAEF7RLPCoHaJ45E6tkZdxrMMtw0V2
wh/nZchk3nODnHiujmL3a8gUq6xQ6YtUXCFIntKvIIq2iUpr87gmZzNzS1/NtXbS
MAmzn7PL5u6pWHma9G5C8OhAvr8ONwk3DdYzSpMr/8nEerXbJ8QSdyJ3LocIU31R
hJMOijHHMbrIQ6y3XQc3w6Arfwc7Ca0jINmntsj0UgYruNBUOXEY+X6DPKWQNg/8
cQbxKQqvtUNsKebGAEDlGb2Lsp7nFUgBrqsqtbJhrTsL4OhGsM4vCJ462mM2SFfU
BsiV2TBpjb8UXOMltj0rYr7VMdAcFo/oH73EKaJmcTVP
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:18:29 2025 by rpki-client