Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/a8007b-08ce-4af4-a383-c4a52dcee23d/1/Xwst9NE_3divRmhP7hMoEPIJ7JI.roa
File: Xwst9NE_3divRmhP7hMoEPIJ7JI.roa (raw, json)
Hash identifier: mL30JNi0AE38khocNGadQDEvIJt5kPRBkClagiJzVtg=
Subject key identifier: 5F:0B:2D:F4:D1:3F:DD:D8:AF:46:68:4F:EE:13:28:10:F2:09:EC:92
Certificate issuer: /CN=df798581e73704ee38c9be15e72370f176c60311
Certificate serial: 019423690AD81FD45D343FD495A3099A0983
Authority key identifier: DF:79:85:81:E7:37:04:EE:38:C9:BE:15:E7:23:70:F1:76:C6:03:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33mFgec3BO44yb4V5yNw8XbGAxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/a8007b-08ce-4af4-a383-c4a52dcee23d/1/Xwst9NE_3divRmhP7hMoEPIJ7JI.roa
Signing time: Wed 01 Jan 2025 19:47:54 +0000
ROA not before: Wed 01 Jan 2025 19:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42337
IP address blocks: 185.128.80.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:0a:d8:1f:d4:5d:34:3f:d4:95:a3:09:9a:09:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df798581e73704ee38c9be15e72370f176c60311
Validity
Not Before: Jan 1 19:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f0b2df4d13fddd8af46684fee132810f209ec92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6a:43:12:d9:85:3f:ad:9a:0f:84:9b:e4:5c:
4b:77:20:d3:44:06:ec:ef:01:77:c1:c6:ae:68:94:
4b:97:73:b1:4b:bb:7d:0f:79:9a:c1:33:a0:4c:d3:
45:c1:fb:b5:f3:43:fd:14:12:be:d6:87:c8:d4:97:
83:e0:3f:7c:b5:7b:74:a4:a8:6c:29:81:23:4c:87:
04:57:97:e5:97:91:c4:fe:d8:ea:ca:ee:b4:a7:1f:
0a:2b:59:02:f0:43:21:e0:e2:dd:a6:08:13:ff:82:
6a:53:6e:45:3e:87:05:9c:e3:66:d7:64:4f:e1:35:
33:ab:3c:5d:2e:91:fc:a9:47:bb:00:f1:87:75:27:
40:af:dd:26:2e:df:24:9d:b5:71:ce:13:5e:bc:be:
81:db:71:10:d1:bb:a0:55:c1:e1:f3:4d:8a:e6:d5:
b6:b4:bb:65:86:f2:4b:a4:5b:f9:89:9c:0e:be:fd:
27:fe:bc:bb:d2:2e:66:41:76:a9:f6:5d:d8:a7:80:
f4:1f:a1:49:6c:93:16:c4:6c:14:a8:de:05:2d:9d:
02:2e:80:61:84:19:68:c9:f3:4a:1a:d9:1e:8f:96:
9b:7e:d3:1f:a0:07:8e:cc:41:b8:7d:85:67:9f:e3:
4f:71:f7:87:3d:01:dc:7e:22:ae:05:b4:9c:fa:a9:
8f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:0B:2D:F4:D1:3F:DD:D8:AF:46:68:4F:EE:13:28:10:F2:09:EC:92
X509v3 Authority Key Identifier:
keyid:DF:79:85:81:E7:37:04:EE:38:C9:BE:15:E7:23:70:F1:76:C6:03:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33mFgec3BO44yb4V5yNw8XbGAxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/a8007b-08ce-4af4-a383-c4a52dcee23d/1/Xwst9NE_3divRmhP7hMoEPIJ7JI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/a8007b-08ce-4af4-a383-c4a52dcee23d/1/33mFgec3BO44yb4V5yNw8XbGAxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.80.0/22
Signature Algorithm: sha256WithRSAEncryption
56:18:df:21:cf:11:89:22:9c:73:5c:69:39:f3:1a:3f:53:4b:
7a:63:c2:38:73:42:b4:25:48:4c:95:3e:03:a7:ad:6b:ff:63:
d9:21:21:52:cb:8d:2e:10:aa:b5:b2:ec:2f:ba:62:0a:0c:29:
2a:60:62:ad:df:32:5d:d1:82:23:9d:b0:95:3e:00:16:ea:af:
2e:c3:dc:5f:ef:8c:d8:d3:b0:5f:ad:5e:9a:40:c4:61:4d:dd:
5f:58:99:16:fb:52:00:a6:53:34:43:60:c2:b2:51:f2:0b:0e:
a9:50:66:22:d0:50:0f:f2:3f:53:1f:74:6c:f7:ea:18:24:d6:
38:8a:82:4f:3c:48:c6:63:9c:89:bc:73:5b:4b:88:fe:5b:62:
d5:8b:93:4b:f2:34:a2:68:c7:b3:23:d2:b0:5d:6a:8f:9c:0d:
6a:c2:19:90:88:c2:5d:95:d0:bf:81:e2:b4:b5:b1:14:b0:0e:
10:48:33:c9:71:07:8a:e3:98:a0:18:7b:6f:2b:a4:9d:29:2b:
56:ee:62:98:64:6e:b7:64:49:51:91:3e:a3:5e:4c:db:ae:c6:
e2:96:e9:03:52:72:81:34:6e:d0:4c:dd:aa:a6:bb:82:93:8b:
79:2b:39:7a:3b:80:9e:8e:ed:59:02:c5:88:43:42:72:2b:e3:
af:72:5b:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaQrYH9RdND/UlaMJmgmDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmNzk4NTgxZTczNzA0ZWUzOGM5YmUxNWU3MjM3MGYxNzZj
NjAzMTEwHhcNMjUwMTAxMTk0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjBiMmRmNGQxM2ZkZGQ4YWY0NjY4NGZlZTEzMjgxMGYyMDllYzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWpDEtmFP62aD4Sb5FxLdyDTRAbs
7wF3wcauaJRLl3OxS7t9D3mawTOgTNNFwfu180P9FBK+1ofI1JeD4D98tXt0pKhs
KYEjTIcEV5fll5HE/tjqyu60px8KK1kC8EMh4OLdpggT/4JqU25FPocFnONm12RP
4TUzqzxdLpH8qUe7APGHdSdAr90mLt8knbVxzhNevL6B23EQ0bugVcHh802K5tW2
tLtlhvJLpFv5iZwOvv0n/ry70i5mQXap9l3Yp4D0H6FJbJMWxGwUqN4FLZ0CLoBh
hBloyfNKGtkej5abftMfoAeOzEG4fYVnn+NPcfeHPQHcfiKuBbSc+qmPlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF8LLfTRP93Yr0ZoT+4TKBDyCeySMB8GA1UdIwQY
MBaAFN95hYHnNwTuOMm+FecjcPF2xgMRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzNtRmdlYzNCTzQ0eWI0VjV5Tnc4WGJHQXhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9hODAwN2ItMDhjZS00YWY0LWEzODMt
YzRhNTJkY2VlMjNkLzEvWHdzdDlORV8zZGl2Um1oUDdoTW9FUElKN0pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9hODAwN2ItMDhjZS00YWY0LWEzODMtYzRhNTJkY2VlMjNk
LzEvMzNtRmdlYzNCTzQ0eWI0VjV5Tnc4WGJHQXhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYBQMA0G
CSqGSIb3DQEBCwUAA4IBAQBWGN8hzxGJIpxzXGk58xo/U0t6Y8I4c0K0JUhMlT4D
p61r/2PZISFSy40uEKq1suwvumIKDCkqYGKt3zJd0YIjnbCVPgAW6q8uw9xf74zY
07BfrV6aQMRhTd1fWJkW+1IAplM0Q2DCslHyCw6pUGYi0FAP8j9TH3Rs9+oYJNY4
ioJPPEjGY5yJvHNbS4j+W2LVi5NL8jSiaMezI9KwXWqPnA1qwhmQiMJdldC/geK0
tbEUsA4QSDPJcQeK45igGHtvK6SdKStW7mKYZG63ZElRkT6jXkzbrsbilukDUnKB
NG7QTN2qpruCk4t5Kzl6O4Ceju1ZAsWIQ0JyK+OvcltT
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:18:51 2025 by rpki-client