Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/CXRX8_7UGyxFxp8yBp_VjRBHDEg.roa
File: CXRX8_7UGyxFxp8yBp_VjRBHDEg.roa (raw, json)
Hash identifier: U72/qYXXflSfRJu6uAVgk6JPVQUcmBosovxtorGRFgw=
Subject key identifier: 09:74:57:F3:FE:D4:1B:2C:45:C6:9F:32:06:9F:D5:8D:10:47:0C:48
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 019420D5A60264F899C5DDB7FB9C5ED4F9B1
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/CXRX8_7UGyxFxp8yBp_VjRBHDEg.roa
Signing time: Wed 01 Jan 2025 07:47:40 +0000
ROA not before: Wed 01 Jan 2025 07:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16236
IP address blocks: 81.255.178.0/24 maxlen: 24
90.115.208.0/24 maxlen: 24
90.115.209.0/24 maxlen: 24
194.2.56.0/24 maxlen: 24
194.2.57.0/24 maxlen: 24
194.2.86.0/24 maxlen: 24
194.2.132.0/24 maxlen: 24
194.2.133.0/24 maxlen: 24
194.3.4.0/24 maxlen: 24
194.250.98.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:a6:02:64:f8:99:c5:dd:b7:fb:9c:5e:d4:f9:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 07:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=097457f3fed41b2c45c69f32069fd58d10470c48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:91:b2:b2:dc:09:20:15:5e:92:58:9a:68:4a:
f7:bb:64:57:3f:3b:25:0c:bc:5c:a0:47:f3:34:68:
41:ef:2c:90:f5:0a:5e:0e:33:59:aa:58:49:52:0e:
30:ed:16:80:d7:45:00:21:1d:47:39:a4:21:83:bd:
32:3a:4c:e2:04:c6:1f:19:bc:f7:4a:ac:ee:22:b2:
75:3a:7d:f5:70:05:e9:90:d0:e4:02:b2:8e:08:ba:
65:1d:68:d6:35:3c:f2:b5:e6:6c:ea:79:3c:6b:c3:
19:5b:bd:73:a1:66:24:d1:0f:48:cc:46:7c:e4:cc:
5e:50:7b:34:70:b8:71:31:df:db:00:fa:e4:4b:cc:
84:cb:d6:9d:af:35:f6:7f:ea:35:7a:e4:ed:1c:75:
4a:1e:8c:1f:73:e0:4a:33:8b:67:35:ac:47:5f:03:
3a:e6:73:43:3f:12:58:46:c9:59:2b:10:89:b8:ec:
6b:92:82:7c:53:c3:51:28:40:08:8a:d4:bc:71:86:
3a:9d:54:cd:e4:2d:58:00:b0:9e:e6:0d:db:30:7e:
e6:02:02:90:95:97:35:cb:23:8a:e8:b2:c4:d6:79:
ad:b6:53:e1:6e:b7:b4:e7:e8:25:26:a1:17:76:69:
f5:0c:73:6e:2d:ed:2a:1a:e8:0a:0a:f6:4f:da:44:
84:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:74:57:F3:FE:D4:1B:2C:45:C6:9F:32:06:9F:D5:8D:10:47:0C:48
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/CXRX8_7UGyxFxp8yBp_VjRBHDEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.255.178.0/24
90.115.208.0/23
194.2.56.0/23
194.2.86.0/24
194.2.132.0/23
194.3.4.0/24
194.250.98.0/24
Signature Algorithm: sha256WithRSAEncryption
73:74:3c:c9:d7:77:cc:84:3c:54:c5:13:4e:74:8f:56:b3:6f:
cf:71:14:50:b3:eb:e5:8e:df:a5:4d:0c:f8:1d:d7:35:ab:8a:
3e:70:87:40:52:30:26:16:4c:7b:0a:76:01:75:6a:1d:9a:97:
27:23:01:7c:2d:0c:18:4c:c3:9f:be:c6:18:be:27:5b:67:2f:
54:a6:9f:8e:c5:6b:77:dc:65:bd:56:74:88:c7:94:03:c8:4e:
15:3d:a5:e9:e6:35:76:af:87:09:28:14:f4:d6:7a:56:d5:95:
46:01:3d:cf:c6:8b:32:36:99:02:6c:3d:ec:7e:af:9c:51:c9:
b0:56:01:43:09:83:61:ab:a6:8d:36:a6:ac:cd:b1:3a:14:28:
12:01:de:5b:d8:34:80:f3:95:1f:25:cd:b7:2b:90:dd:31:20:
ba:d8:89:71:f7:b4:b2:63:ec:e1:2a:15:50:86:e4:86:93:2a:
7f:25:8b:63:27:98:e1:c2:42:c4:41:ac:3b:c1:ac:e0:e4:34:
7b:4b:8c:4f:ca:51:71:b1:a4:98:81:2c:b9:63:b9:35:95:77:
f0:35:50:b5:ca:65:aa:1b:d2:01:d7:10:c5:1c:42:46:38:33:
49:64:44:26:57:08:0b:83:e4:3a:c4:03:ee:18:fe:9e:78:05:
20:ef:fb:d9
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQg1aYCZPiZxd23+5xe1PmxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjUwMTAxMDc0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTc0NTdmM2ZlZDQxYjJjNDVjNjlmMzIwNjlmZDU4ZDEwNDcwYzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5GystwJIBVekliaaEr3u2RXPzsl
DLxcoEfzNGhB7yyQ9QpeDjNZqlhJUg4w7RaA10UAIR1HOaQhg70yOkziBMYfGbz3
SqzuIrJ1On31cAXpkNDkArKOCLplHWjWNTzyteZs6nk8a8MZW71zoWYk0Q9IzEZ8
5MxeUHs0cLhxMd/bAPrkS8yEy9adrzX2f+o1euTtHHVKHowfc+BKM4tnNaxHXwM6
5nNDPxJYRslZKxCJuOxrkoJ8U8NRKEAIitS8cYY6nVTN5C1YALCe5g3bMH7mAgKQ
lZc1yyOK6LLE1nmttlPhbre05+glJqEXdmn1DHNuLe0qGugKCvZP2kSEVwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAl0V/P+1BssRcafMgaf1Y0QRwxIMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvQ1hSWDhfN1VHeXhGeHA4eUJwX1ZqUkJIREVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUf+yAwQB
WnPQAwQBwgI4AwQAwgJWAwQBwgKEAwQAwgMEAwQAwvpiMA0GCSqGSIb3DQEBCwUA
A4IBAQBzdDzJ13fMhDxUxRNOdI9Ws2/PcRRQs+vljt+lTQz4Hdc1q4o+cIdAUjAm
Fkx7CnYBdWodmpcnIwF8LQwYTMOfvsYYvidbZy9Upp+OxWt33GW9VnSIx5QDyE4V
PaXp5jV2r4cJKBT01npW1ZVGAT3PxosyNpkCbD3sfq+cUcmwVgFDCYNhq6aNNqas
zbE6FCgSAd5b2DSA85UfJc23K5DdMSC62Ilx97SyY+zhKhVQhuSGkyp/JYtjJ5jh
wkLEQaw7wazg5DR7S4xPylFxsaSYgSy5Y7k1lXfwNVC1ymWqG9IB1xDFHEJGODNJ
ZEQmVwgLg+Q6xAPuGP6eeAUg7/vZ
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:01:49 2025 by rpki-client