Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/XUIGCJfhGsoP5FdVAQmT9lUNYuc.roa
File: XUIGCJfhGsoP5FdVAQmT9lUNYuc.roa (raw, json)
Hash identifier: hjmwDLHRKf4c787nov0R6bRVLxtqmM1uwueYf+NK6fU=
Subject key identifier: 5D:42:06:08:97:E1:1A:CA:0F:E4:57:55:01:09:93:F6:55:0D:62:E7
Certificate issuer: /CN=8520b77d035b912ffa406dfddf29e3a2963e6904
Certificate serial: 019422FB11DA74EC40B7A8B5A4B0DD9895E7
Authority key identifier: 85:20:B7:7D:03:5B:91:2F:FA:40:6D:FD:DF:29:E3:A2:96:3E:69:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hSC3fQNbkS_6QG393ynjopY-aQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/XUIGCJfhGsoP5FdVAQmT9lUNYuc.roa
Signing time: Wed 01 Jan 2025 17:47:46 +0000
ROA not before: Wed 01 Jan 2025 17:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215275
IP address blocks: 185.111.68.0/22 maxlen: 24
2a07:6c44:4020::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:11:da:74:ec:40:b7:a8:b5:a4:b0:dd:98:95:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8520b77d035b912ffa406dfddf29e3a2963e6904
Validity
Not Before: Jan 1 17:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d42060897e11aca0fe45755010993f6550d62e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:14:0d:16:18:31:e9:92:a1:b1:12:8d:8c:6b:
a8:04:e1:c9:fe:9d:49:71:ca:84:31:7d:da:3b:d6:
e2:74:dd:ff:b3:7c:36:fa:38:fc:78:5d:6c:47:16:
31:74:9d:a0:3e:6b:52:09:cf:39:be:3f:5a:7f:dd:
76:10:3f:5d:72:5b:08:9b:4c:26:64:90:09:68:d2:
c3:17:ff:c2:25:c4:8f:db:29:97:e7:a7:56:92:2e:
e9:83:64:50:85:95:67:d1:31:0b:5e:38:d9:0c:bb:
61:2b:65:1e:fb:70:6d:b9:33:5d:c3:c5:d8:2c:60:
19:50:10:4e:ab:7f:ef:b6:f0:13:16:d5:1d:58:b8:
f6:9a:7c:b2:93:fe:d1:7b:20:3d:e6:b2:6c:10:a8:
b1:09:d2:a3:df:e3:0f:29:77:c3:e6:bb:9e:6c:10:
81:4f:23:24:5f:0e:8f:77:51:e4:05:26:dd:ec:0d:
57:7c:38:c4:86:a7:0d:40:01:e4:b6:49:79:83:fd:
3d:5b:06:ce:41:4a:0c:77:35:a6:62:2e:18:a8:f5:
f4:f7:a9:17:bd:0b:a9:e8:14:0e:54:56:2e:9f:3f:
90:e8:39:50:5d:6b:ce:e1:74:33:38:96:2e:6c:cf:
af:22:d8:88:a8:c7:30:8b:a6:3e:73:01:b3:45:0c:
71:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:42:06:08:97:E1:1A:CA:0F:E4:57:55:01:09:93:F6:55:0D:62:E7
X509v3 Authority Key Identifier:
keyid:85:20:B7:7D:03:5B:91:2F:FA:40:6D:FD:DF:29:E3:A2:96:3E:69:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hSC3fQNbkS_6QG393ynjopY-aQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/XUIGCJfhGsoP5FdVAQmT9lUNYuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/hSC3fQNbkS_6QG393ynjopY-aQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.68.0/22
IPv6:
2a07:6c44:4020::/44
Signature Algorithm: sha256WithRSAEncryption
5d:da:d6:39:b3:51:f2:3c:69:af:d5:b8:7e:a7:f7:44:90:88:
8b:7d:cf:ef:43:e6:d1:86:04:9c:c9:0d:d6:b6:08:3a:3a:69:
d5:76:97:a4:38:3a:3c:3e:76:45:b2:8c:ed:6b:9d:19:4d:46:
c2:ef:e7:c7:05:be:54:b4:ef:b5:8c:8b:ee:9f:4a:86:4e:09:
84:b9:df:ac:15:43:fc:4c:19:07:c3:f1:52:23:2a:ba:4a:e0:
eb:79:c2:a6:f1:b6:13:fb:41:db:ed:5d:66:00:a8:22:ea:6f:
2e:94:19:28:d5:f6:8c:fe:6f:ca:1f:93:95:f4:c0:c4:8f:a8:
3c:f5:60:7e:ba:d5:26:c3:d4:00:60:ec:98:75:44:65:c0:c4:
93:2c:8d:9b:fc:4e:5b:5b:34:18:40:8e:4e:bb:25:1e:6c:d8:
43:3e:a8:db:1b:f5:d2:25:93:ae:9b:eb:22:17:c1:a1:77:5d:
29:43:38:6a:54:74:b3:49:f7:90:0a:30:cc:e9:08:2c:78:19:
f5:e3:ec:7a:0e:d2:04:2b:a9:e5:c3:f7:fe:b6:72:05:50:28:
d8:be:53:7d:2d:11:76:19:4a:11:1a:b0:60:46:d6:1d:e8:1b:
f1:ed:19:12:1c:3d:9c:0b:51:23:2a:97:8e:13:47:e5:4d:f5:
4b:08:e1:6b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQi+xHadOxAt6i1pLDdmJXnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MjBiNzdkMDM1YjkxMmZmYTQwNmRmZGRmMjllM2EyOTYz
ZTY5MDQwHhcNMjUwMTAxMTc0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDQyMDYwODk3ZTExYWNhMGZlNDU3NTUwMTA5OTNmNjU1MGQ2MmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxQNFhgx6ZKhsRKNjGuoBOHJ/p1J
ccqEMX3aO9bidN3/s3w2+jj8eF1sRxYxdJ2gPmtSCc85vj9af912ED9dclsIm0wm
ZJAJaNLDF//CJcSP2ymX56dWki7pg2RQhZVn0TELXjjZDLthK2Ue+3BtuTNdw8XY
LGAZUBBOq3/vtvATFtUdWLj2mnyyk/7ReyA95rJsEKixCdKj3+MPKXfD5ruebBCB
TyMkXw6Pd1HkBSbd7A1XfDjEhqcNQAHktkl5g/09WwbOQUoMdzWmYi4YqPX096kX
vQup6BQOVFYunz+Q6DlQXWvO4XQzOJYubM+vItiIqMcwi6Y+cwGzRQxxyQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF1CBgiX4RrKD+RXVQEJk/ZVDWLnMB8GA1UdIwQY
MBaAFIUgt30DW5Ev+kBt/d8p46KWPmkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFNDM2ZRTmJrU182UUczOTN5bmpvcFktYVFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9mMDQ2ODYtMzU5Yi00NzQ0LWI5MzAt
MWFmMjc5NjI1ZmQwLzEvWFVJR0NKZmhHc29QNUZkVkFRbVQ5bFVOWXVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9mMDQ2ODYtMzU5Yi00NzQ0LWI5MzAtMWFmMjc5NjI1ZmQw
LzEvaFNDM2ZRTmJrU182UUczOTN5bmpvcFktYVFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuW9EMA8E
AgACMAkDBwQqB2xEQCAwDQYJKoZIhvcNAQELBQADggEBAF3a1jmzUfI8aa/VuH6n
90SQiIt9z+9D5tGGBJzJDda2CDo6adV2l6Q4Ojw+dkWyjO1rnRlNRsLv58cFvlS0
77WMi+6fSoZOCYS536wVQ/xMGQfD8VIjKrpK4Ot5wqbxthP7QdvtXWYAqCLqby6U
GSjV9oz+b8ofk5X0wMSPqDz1YH661SbD1ABg7Jh1RGXAxJMsjZv8TltbNBhAjk67
JR5s2EM+qNsb9dIlk66b6yIXwaF3XSlDOGpUdLNJ95AKMMzpCCx4GfXj7HoO0gQr
qeXD9/62cgVQKNi+U30tEXYZShEasGBG1h3oG/HtGRIcPZwLUSMql44TR+VN9UsI
4Ws=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:56:05 2025 by rpki-client