Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/c90469-e638-4a57-92ce-534e73cc3b7c/1/XPyKoQuqwc9s7SNSlz-5yXjog94.roa
File: XPyKoQuqwc9s7SNSlz-5yXjog94.roa (raw, json)
Hash identifier: n5OoQDYPwcvRIBVK3puVA8GfztyyUnstomqi1MJzcS0=
Subject key identifier: 5C:FC:8A:A1:0B:AA:C1:CF:6C:ED:23:52:97:3F:B9:C9:78:E8:83:DE
Certificate issuer: /CN=7f203c1419ec6a21e66127203f51c1fa74dc044f
Certificate serial: 0A786EE9
Authority key identifier: 7F:20:3C:14:19:EC:6A:21:E6:61:27:20:3F:51:C1:FA:74:DC:04:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fyA8FBnsaiHmYScgP1HB-nTcBE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/c90469-e638-4a57-92ce-534e73cc3b7c/1/XPyKoQuqwc9s7SNSlz-5yXjog94.roa
Signing time: Wed 09 Feb 2022 19:52:22 +0000
ROA not before: Wed 09 Feb 2022 19:52:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 185.126.156.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 175664873 (0xa786ee9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f203c1419ec6a21e66127203f51c1fa74dc044f
Validity
Not Before: Feb 9 19:52:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5cfc8aa10baac1cf6ced2352973fb9c978e883de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f8:16:fd:9f:ea:d5:88:62:9e:61:34:77:0c:
6c:62:ab:25:ae:02:69:c8:8f:31:b3:f7:81:a3:e4:
f4:2c:ae:6f:c2:eb:15:40:62:d8:04:a3:5d:28:de:
8c:46:db:d4:e5:71:65:e9:38:20:4d:33:4c:6f:cd:
2e:f0:a5:6b:06:e7:b1:18:8a:c0:eb:e1:6e:f9:4e:
b4:74:d9:1a:fa:3f:38:cf:1b:e2:1f:1b:3a:8c:ac:
d0:a2:2e:68:cb:23:e1:fb:27:04:88:44:ec:22:31:
25:c0:0b:69:c5:ef:eb:a1:00:f7:60:69:ae:f0:d3:
26:df:20:02:1e:fa:32:32:60:5b:fe:47:8b:af:9e:
00:8c:8c:2d:9a:fb:83:fc:c8:90:93:92:0e:10:5e:
64:3a:60:d8:4e:43:3a:85:43:b3:f9:2e:80:b2:9d:
39:79:ec:59:65:58:05:a2:4d:56:13:1f:b8:a9:b1:
b0:a5:55:94:7d:c0:b3:0f:19:59:d4:d8:a5:e1:5e:
04:97:80:0e:37:74:fe:47:4f:b5:31:76:2b:91:74:
bc:52:32:d6:14:58:b5:d2:b2:2b:78:fd:43:fe:dc:
2c:a5:9b:41:cb:14:c9:55:2f:7e:14:53:e7:4b:06:
c5:e2:f9:d2:5b:d1:0e:8f:c5:5b:24:35:d0:4c:2e:
b1:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:FC:8A:A1:0B:AA:C1:CF:6C:ED:23:52:97:3F:B9:C9:78:E8:83:DE
X509v3 Authority Key Identifier:
keyid:7F:20:3C:14:19:EC:6A:21:E6:61:27:20:3F:51:C1:FA:74:DC:04:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fyA8FBnsaiHmYScgP1HB-nTcBE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/c90469-e638-4a57-92ce-534e73cc3b7c/1/XPyKoQuqwc9s7SNSlz-5yXjog94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/c90469-e638-4a57-92ce-534e73cc3b7c/1/fyA8FBnsaiHmYScgP1HB-nTcBE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.156.0/22
Signature Algorithm: sha256WithRSAEncryption
29:49:01:57:fc:bc:1a:59:f8:c7:7b:eb:b1:42:e0:0a:76:e3:
11:f3:d0:49:dc:e5:13:9c:11:07:05:55:f2:a6:9b:5c:2d:7d:
23:ec:46:ae:96:91:7b:e7:a1:af:60:d0:38:d2:1c:58:7e:26:
b4:94:23:69:b7:34:93:9c:9c:a3:ce:c0:b2:1f:bd:7a:42:f7:
18:29:a1:c2:f9:55:a2:e9:ed:6b:23:9e:88:d7:f1:75:6a:58:
f6:f2:4b:47:4d:ae:d6:b2:62:47:32:4b:cd:4b:e5:80:bc:50:
ab:95:68:1b:87:78:73:26:ee:16:0b:29:d3:8b:65:f9:b8:87:
25:cb:fc:e9:15:a3:dd:6f:2f:9f:f0:d5:a8:82:fb:34:11:3e:
b5:2e:a3:d0:a6:f5:50:ff:41:02:8c:77:98:69:73:02:e3:f5:
0a:6e:7c:dc:1a:51:4d:ca:40:f6:e2:5c:17:b0:16:10:d3:40:
22:9f:7a:40:ad:11:cc:98:1c:86:33:50:b8:3c:67:67:fd:62:
d2:45:0c:c0:4c:ee:9a:35:68:74:12:54:52:59:1c:22:2d:a8:
a6:c8:48:d0:c5:cd:4e:e3:62:2b:ab:90:a0:6e:d5:84:44:10:
f3:60:9e:f6:c4:44:a7:cf:74:b8:3e:5d:c4:38:4a:51:60:fb:
8a:71:5d:85
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECnhu6TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZjIwM2MxNDE5ZWM2YTIxZTY2MTI3MjAzZjUxYzFmYTc0ZGMwNDRmMB4XDTIyMDIw
OTE5NTIyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWNmYzhhYTEwYmFh
YzFjZjZjZWQyMzUyOTczZmI5Yzk3OGU4ODNkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMb4Fv2f6tWIYp5hNHcMbGKrJa4CaciPMbP3gaPk9Cyub8Lr
FUBi2ASjXSjejEbb1OVxZek4IE0zTG/NLvClawbnsRiKwOvhbvlOtHTZGvo/OM8b
4h8bOoys0KIuaMsj4fsnBIhE7CIxJcALacXv66EA92BprvDTJt8gAh76MjJgW/5H
i6+eAIyMLZr7g/zIkJOSDhBeZDpg2E5DOoVDs/kugLKdOXnsWWVYBaJNVhMfuKmx
sKVVlH3Asw8ZWdTYpeFeBJeADjd0/kdPtTF2K5F0vFIy1hRYtdKyK3j9Q/7cLKWb
QcsUyVUvfhRT50sGxeL50lvRDo/FWyQ10EwusVUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRc/IqhC6rBz2ztI1KXP7nJeOiD3jAfBgNVHSMEGDAWgBR/IDwUGexqIeZh
JyA/UcH6dNwETzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Z5QThGQm5zYWlIbVlTY2dQMUhCLW5UY0JFOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmYvYzkwNDY5LWU2MzgtNGE1Ny05MmNlLTUzNGU3M2NjM2I3Yy8x
L1hQeUtvUXVxd2M5czdTTlNsei01eVhqb2c5NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmYv
YzkwNDY5LWU2MzgtNGE1Ny05MmNlLTUzNGU3M2NjM2I3Yy8xL2Z5QThGQm5zYWlI
bVlTY2dQMUhCLW5UY0JFOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArl+nDANBgkqhkiG9w0BAQsFAAOC
AQEAKUkBV/y8Gln4x3vrsULgCnbjEfPQSdzlE5wRBwVV8qabXC19I+xGrpaRe+eh
r2DQONIcWH4mtJQjabc0k5yco87Ash+9ekL3GCmhwvlVountayOeiNfxdWpY9vJL
R02u1rJiRzJLzUvlgLxQq5VoG4d4cybuFgsp04tl+biHJcv86RWj3W8vn/DVqIL7
NBE+tS6j0Kb1UP9BAox3mGlzAuP1Cm583BpRTcpA9uJcF7AWENNAIp96QK0RzJgc
hjNQuDxnZ/1i0kUMwEzumjVodBJUUlkcIi2opshI0MXNTuNiK6uQoG7VhEQQ82Ce
9sREp890uD5dxDhKUWD7inFdhQ==
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:58:21 2025 by rpki-client