Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/837042-572f-4884-86fc-d8603b4ee39b/1/XKhT87XGiigEcR97vKayEF04dsM.roa
File: XKhT87XGiigEcR97vKayEF04dsM.roa (raw, json)
Hash identifier: OKuk9V4Sz1WzijRfbl194k8/Caynu4Yyo5edTTWsYbw=
Subject key identifier: 5C:A8:53:F3:B5:C6:8A:28:04:71:1F:7B:BC:A6:B2:10:5D:38:76:C3
Certificate issuer: /CN=d8646e6ccb716e89501958fc86823a98368fb51a
Certificate serial: 018571555806A00A3E45E03C73E5728C8409
Authority key identifier: D8:64:6E:6C:CB:71:6E:89:50:19:58:FC:86:82:3A:98:36:8F:B5:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2GRubMtxbolQGVj8hoI6mDaPtRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/837042-572f-4884-86fc-d8603b4ee39b/1/XKhT87XGiigEcR97vKayEF04dsM.roa
Signing time: Mon 02 Jan 2023 07:14:56 +0000
ROA not before: Mon 02 Jan 2023 07:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210703
IP address blocks: 89.107.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:58:06:a0:0a:3e:45:e0:3c:73:e5:72:8c:84:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8646e6ccb716e89501958fc86823a98368fb51a
Validity
Not Before: Jan 2 07:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ca853f3b5c68a2804711f7bbca6b2105d3876c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d8:b0:ac:51:2b:2f:b0:e1:4c:23:04:73:53:
da:64:70:9e:d3:3d:d7:11:1d:bd:30:dd:29:18:2b:
44:6b:98:0e:05:fb:80:34:bb:9a:49:ce:e9:c1:62:
2d:57:e5:9b:c8:99:5d:9d:f9:3a:66:89:ee:22:91:
6b:e6:0e:7b:3a:73:f3:a8:3a:51:83:5c:4e:ae:7a:
8e:69:fb:c2:c2:31:03:81:a7:4b:b6:eb:17:ac:f0:
08:33:9f:cc:a0:43:65:0f:af:51:c2:55:42:5f:02:
09:84:0e:e0:d5:e5:2d:ee:3d:5d:26:a5:af:90:22:
aa:0b:11:67:00:e0:b3:8f:13:ee:de:ea:52:39:52:
00:1f:7a:d8:90:2e:88:02:a1:95:93:02:37:6a:38:
2c:25:9d:e2:25:a2:1a:17:d5:2c:9c:5c:69:d3:39:
17:ba:d2:44:70:1d:31:2d:95:f0:d5:80:7f:b4:dd:
75:fa:44:be:24:98:73:4a:cd:ae:ed:a9:d1:b4:34:
96:ae:d2:c9:bb:9b:2a:4e:a2:39:36:a2:d9:4d:a4:
66:74:cc:e5:1a:51:f0:90:aa:55:bd:04:19:03:8c:
93:4e:78:cc:f3:9d:4d:ff:f5:53:f3:91:32:72:96:
40:e8:fa:44:31:4f:0f:2b:49:6c:bb:b7:0b:be:76:
7b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:A8:53:F3:B5:C6:8A:28:04:71:1F:7B:BC:A6:B2:10:5D:38:76:C3
X509v3 Authority Key Identifier:
keyid:D8:64:6E:6C:CB:71:6E:89:50:19:58:FC:86:82:3A:98:36:8F:B5:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GRubMtxbolQGVj8hoI6mDaPtRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/837042-572f-4884-86fc-d8603b4ee39b/1/XKhT87XGiigEcR97vKayEF04dsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/837042-572f-4884-86fc-d8603b4ee39b/1/2GRubMtxbolQGVj8hoI6mDaPtRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.9.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:3f:4e:d4:de:8f:2d:35:36:8b:d8:22:fa:13:2a:00:c9:a7:
84:52:c3:c3:06:2f:92:7d:95:fb:1a:e3:9e:55:00:bd:dd:0c:
18:35:62:85:4f:f8:b1:f7:be:95:4b:22:e3:f9:c8:3b:28:ba:
62:e9:54:72:d8:b8:c7:46:d1:7b:f5:02:01:0a:f0:b1:2e:7b:
dc:78:73:b3:33:b9:bc:48:0c:ae:96:ab:6a:20:dc:6a:20:45:
4b:63:c4:ee:b0:fa:6b:1f:7e:10:30:94:cc:f8:35:46:95:36:
36:de:e3:14:8c:6e:b2:7c:21:fa:e5:d5:2b:39:94:fe:16:22:
c3:63:c6:5f:d3:de:8a:47:e9:6a:b4:58:01:73:38:da:7e:84:
96:59:57:30:ee:a2:9a:d7:32:5a:54:89:ea:e6:18:fe:c6:79:
5e:15:8a:11:0d:ea:b5:50:8f:5f:75:f0:42:25:96:8d:86:61:
52:24:26:34:70:e6:cc:65:76:ad:72:3e:2f:6b:45:79:12:3c:
8c:b5:b0:ab:fe:43:10:9c:7e:38:bb:23:15:38:1e:28:a3:26:
9f:ab:49:c1:8a:9a:70:8a:ad:f5:53:25:43:93:e2:0b:46:c7:
6d:0d:b1:29:af:b4:12:89:9a:05:cc:27:d8:e3:08:d9:fe:d5:
17:b5:bc:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxVVgGoAo+ReA8c+VyjIQJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjQ2ZTZjY2I3MTZlODk1MDE5NThmYzg2ODIzYTk4MzY4
ZmI1MWEwHhcNMjMwMTAyMDcxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2E4NTNmM2I1YzY4YTI4MDQ3MTFmN2JiY2E2YjIxMDVkMzg3NmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9iwrFErL7DhTCMEc1PaZHCe0z3X
ER29MN0pGCtEa5gOBfuANLuaSc7pwWItV+WbyJldnfk6ZonuIpFr5g57OnPzqDpR
g1xOrnqOafvCwjEDgadLtusXrPAIM5/MoENlD69RwlVCXwIJhA7g1eUt7j1dJqWv
kCKqCxFnAOCzjxPu3upSOVIAH3rYkC6IAqGVkwI3ajgsJZ3iJaIaF9UsnFxp0zkX
utJEcB0xLZXw1YB/tN11+kS+JJhzSs2u7anRtDSWrtLJu5sqTqI5NqLZTaRmdMzl
GlHwkKpVvQQZA4yTTnjM851N//VT85EycpZA6PpEMU8PK0lsu7cLvnZ75wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFyoU/O1xoooBHEfe7ymshBdOHbDMB8GA1UdIwQY
MBaAFNhkbmzLcW6JUBlY/IaCOpg2j7UaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdSdWJNdHhib2xRR1ZqOGhvSTZtRGFQdFJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS84MzcwNDItNTcyZi00ODg0LTg2ZmMt
ZDg2MDNiNGVlMzliLzEvWEtoVDg3WEdpaWdFY1I5N3ZLYXlFRjA0ZHNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS84MzcwNDItNTcyZi00ODg0LTg2ZmMtZDg2MDNiNGVlMzli
LzEvMkdSdWJNdHhib2xRR1ZqOGhvSTZtRGFQdFJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWWsJMA0G
CSqGSIb3DQEBCwUAA4IBAQAfP07U3o8tNTaL2CL6EyoAyaeEUsPDBi+SfZX7GuOe
VQC93QwYNWKFT/ix976VSyLj+cg7KLpi6VRy2LjHRtF79QIBCvCxLnvceHOzM7m8
SAyulqtqINxqIEVLY8TusPprH34QMJTM+DVGlTY23uMUjG6yfCH65dUrOZT+FiLD
Y8Zf096KR+lqtFgBczjafoSWWVcw7qKa1zJaVInq5hj+xnleFYoRDeq1UI9fdfBC
JZaNhmFSJCY0cObMZXatcj4va0V5EjyMtbCr/kMQnH44uyMVOB4ooyafq0nBippw
iq31UyVDk+ILRsdtDbEpr7QSiZoFzCfY4wjZ/tUXtbxg
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:18 2025 by rpki-client