Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/XUWpDv68LuG6FrHR4r3W9N24DFQ.roa
File: XUWpDv68LuG6FrHR4r3W9N24DFQ.roa (raw, json)
Hash identifier: GYnU31+ijx0uWuL0CeQXtnAo7cnna44eQimObn8OcHg=
Subject key identifier: 5D:45:A9:0E:FE:BC:2E:E1:BA:16:B1:D1:E2:BD:D6:F4:DD:B8:0C:54
Certificate issuer: /CN=70f9b16adf2fd31988859922b4457481dd7eef40
Certificate serial: 018AF6404DA87588DDF2393C7951C5A242F0
Authority key identifier: 70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/XUWpDv68LuG6FrHR4r3W9N24DFQ.roa
Signing time: Tue 03 Oct 2023 15:55:23 +0000
ROA not before: Tue 03 Oct 2023 15:55:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42055
IP address blocks: 141.226.240.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f6:40:4d:a8:75:88:dd:f2:39:3c:79:51:c5:a2:42:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70f9b16adf2fd31988859922b4457481dd7eef40
Validity
Not Before: Oct 3 15:55:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d45a90efebc2ee1ba16b1d1e2bdd6f4ddb80c54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:75:59:7e:24:c8:fb:6a:09:b3:21:14:77:6c:
c5:b1:c4:53:a0:34:ef:05:43:19:31:4a:ca:e9:ac:
b8:1c:e6:25:ff:24:9e:10:4d:0f:ce:7c:1e:14:f2:
5b:4d:08:9a:2a:1d:15:14:b3:7d:2a:f9:7a:07:9a:
6e:58:f5:55:8f:3b:d1:ac:6f:4e:2e:d6:e5:14:a6:
88:64:19:41:f8:a4:cd:2f:f3:e0:c8:39:3b:95:fb:
83:d4:ce:4d:09:25:a1:b0:f2:13:c1:5d:a5:1c:57:
c8:f4:d3:a6:5d:b0:2f:69:4f:fa:be:76:34:85:22:
e2:b5:b6:a2:72:36:b3:45:a4:eb:97:89:ce:c3:6f:
80:f7:37:96:fa:10:b3:76:06:7b:2b:af:5a:ee:f1:
03:66:81:dc:38:cd:42:38:f9:4b:92:22:5f:80:87:
69:b2:07:74:91:b9:e8:f7:11:70:7c:7d:af:77:e7:
43:52:9e:85:03:a5:89:8c:eb:56:31:91:96:7f:59:
82:3e:c9:c5:5c:97:98:2c:a9:ef:5c:08:3c:be:4d:
ce:1a:6b:cd:28:a2:a1:2f:df:4b:60:92:af:64:65:
90:b7:15:dc:75:4b:b3:ce:7c:83:5b:22:3c:fb:99:
7d:9f:ef:5f:da:fc:f8:31:a0:02:5f:1a:48:70:95:
19:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:45:A9:0E:FE:BC:2E:E1:BA:16:B1:D1:E2:BD:D6:F4:DD:B8:0C:54
X509v3 Authority Key Identifier:
keyid:70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/XUWpDv68LuG6FrHR4r3W9N24DFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.240.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:bd:b1:fc:4c:2f:e6:f8:01:48:a3:fc:58:0e:50:92:66:88:
3b:21:3e:24:d9:09:8f:73:f3:63:8d:e4:3a:84:e0:a8:e8:59:
79:82:21:d1:33:e2:18:0f:72:d9:ed:35:e8:6e:9d:6f:d5:44:
26:35:b8:59:25:c8:65:5c:c5:8a:d8:16:8d:3f:be:8a:d4:db:
89:b9:01:a7:a2:61:27:3f:16:03:7a:8c:b0:39:d3:98:17:ae:
3b:c5:c3:63:d7:96:c4:cb:bb:ba:4c:e6:df:a4:9c:ee:05:19:
ba:f4:1d:f1:01:62:66:93:30:7a:51:e4:0a:a0:d2:17:ec:2a:
af:25:8d:64:48:ed:f5:18:7c:a9:0c:ad:e7:67:47:d4:8a:6c:
48:85:99:ef:cd:ce:c2:94:46:a8:ac:68:cc:85:f7:55:0d:64:
62:2c:27:c4:7f:91:b7:8f:cb:7b:8e:2c:21:6e:b4:03:b4:90:
5b:8f:ff:3b:41:24:2b:79:9f:f5:7a:4d:18:0b:9b:14:13:91:
af:54:59:30:55:6c:78:eb:b1:d8:32:54:fe:c8:93:0e:cc:07:
51:d8:55:47:f8:ef:5c:26:2d:9f:38:d9:31:64:3e:c0:36:b3:
87:13:10:b1:b7:5f:c6:52:5d:4a:4f:03:08:0a:3c:b4:25:71:
05:2e:dd:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr2QE2odYjd8jk8eVHFokLwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZjliMTZhZGYyZmQzMTk4ODg1OTkyMmI0NDU3NDgxZGQ3
ZWVmNDAwHhcNMjMxMDAzMTU1NTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDQ1YTkwZWZlYmMyZWUxYmExNmIxZDFlMmJkZDZmNGRkYjgwYzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHVZfiTI+2oJsyEUd2zFscRToDTv
BUMZMUrK6ay4HOYl/ySeEE0PznweFPJbTQiaKh0VFLN9Kvl6B5puWPVVjzvRrG9O
LtblFKaIZBlB+KTNL/PgyDk7lfuD1M5NCSWhsPITwV2lHFfI9NOmXbAvaU/6vnY0
hSLitbaicjazRaTrl4nOw2+A9zeW+hCzdgZ7K69a7vEDZoHcOM1COPlLkiJfgIdp
sgd0kbno9xFwfH2vd+dDUp6FA6WJjOtWMZGWf1mCPsnFXJeYLKnvXAg8vk3OGmvN
KKKhL99LYJKvZGWQtxXcdUuzznyDWyI8+5l9n+9f2vz4MaACXxpIcJUZdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF1FqQ7+vC7huhax0eK91vTduAxUMB8GA1UdIwQY
MBaAFHD5sWrfL9MZiIWZIrRFdIHdfu9AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUt
YmM2ZGI3MjQ4YWRkLzEvWFVXcER2NjhMdUc2RnJIUjRyM1c5TjI0REZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUtYmM2ZGI3MjQ4YWRk
LzEvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjeLwMA0G
CSqGSIb3DQEBCwUAA4IBAQCovbH8TC/m+AFIo/xYDlCSZog7IT4k2QmPc/NjjeQ6
hOCo6Fl5giHRM+IYD3LZ7TXobp1v1UQmNbhZJchlXMWK2BaNP76K1NuJuQGnomEn
PxYDeoywOdOYF647xcNj15bEy7u6TObfpJzuBRm69B3xAWJmkzB6UeQKoNIX7Cqv
JY1kSO31GHypDK3nZ0fUimxIhZnvzc7ClEaorGjMhfdVDWRiLCfEf5G3j8t7jiwh
brQDtJBbj/87QSQreZ/1ek0YC5sUE5GvVFkwVWx467HYMlT+yJMOzAdR2FVH+O9c
Ji2fONkxZD7ANrOHExCxt1/GUl1KTwMICjy0JXEFLt0P
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:50 2025 by rpki-client