Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/xWIelx-SwzWyPOA9UgcjTq4-oMA.roa
File: xWIelx-SwzWyPOA9UgcjTq4-oMA.roa (raw, json)
Hash identifier: 4zmRKb/SA1qkKaEtZcEuNiWxTFobVF0fgVtOJzdItq0=
Subject key identifier: C5:62:1E:97:1F:92:C3:35:B2:3C:E0:3D:52:07:23:4E:AE:3E:A0:C0
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01942369B58888FFC4FB213E90F1725ACC55
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/xWIelx-SwzWyPOA9UgcjTq4-oMA.roa
Signing time: Wed 01 Jan 2025 19:48:37 +0000
ROA not before: Wed 01 Jan 2025 19:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62114
IP address blocks: 176.223.64.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:b5:88:88:ff:c4:fb:21:3e:90:f1:72:5a:cc:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 1 19:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5621e971f92c335b23ce03d5207234eae3ea0c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:72:43:c0:50:1b:dd:42:8d:09:6d:27:76:92:
05:ec:a7:0e:df:f1:7d:84:17:40:2a:f1:ed:21:1a:
e8:4f:98:c9:6a:a6:f1:83:ae:85:b7:0f:e0:01:3d:
2a:71:c9:1a:b8:c8:aa:a6:2e:fc:a5:a0:3f:d7:da:
49:a5:b8:09:ea:9d:72:0d:35:e3:e5:4a:69:d7:ee:
8e:23:48:d2:76:7c:74:08:8c:55:a7:12:ab:c2:ec:
20:69:f2:3e:bf:ee:4f:29:9e:82:2e:b0:cc:f7:04:
2c:c8:c5:aa:34:a6:ee:58:05:79:8a:5d:c0:17:d5:
b6:7f:ca:ad:f3:77:27:6b:ed:74:8c:f1:fa:53:0f:
80:0d:a1:fd:d9:b8:3c:5e:10:bb:98:8b:e8:1e:b6:
b3:c1:57:e2:87:17:bd:22:82:9b:31:0f:34:ce:a9:
8a:87:d3:9a:63:f9:04:3f:2f:ed:d2:bd:19:e0:da:
28:90:9d:df:c1:f6:e4:dc:c7:5d:3e:83:3c:c2:21:
2c:7b:ba:9b:3d:e3:1e:14:f8:70:bd:fe:fc:11:3d:
db:9c:01:2f:d9:0a:ec:7d:fc:4e:44:2e:f5:62:ce:
4d:35:4b:4f:c3:b4:d2:95:d4:d0:cd:4c:6f:c2:77:
e2:83:de:65:40:a3:4c:f5:aa:ec:0a:99:48:77:37:
ce:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:62:1E:97:1F:92:C3:35:B2:3C:E0:3D:52:07:23:4E:AE:3E:A0:C0
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/xWIelx-SwzWyPOA9UgcjTq4-oMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.223.64.0/24
Signature Algorithm: sha256WithRSAEncryption
67:50:8e:9a:3e:8e:3c:1b:f1:3c:3a:c6:0a:72:96:15:dc:d4:
8e:47:ec:ef:8b:30:bf:18:4e:7d:40:2e:8d:4e:bb:d6:06:7b:
44:7c:09:3f:86:a7:de:55:3d:45:4d:f1:d7:8d:72:0a:00:fa:
42:64:d8:1a:25:5a:fb:68:f8:6c:18:15:99:01:df:aa:8c:15:
e5:d7:11:36:34:7f:21:29:e8:8f:a1:22:ee:65:5a:40:a6:1d:
85:b0:5b:8c:64:85:a9:d9:1d:92:42:59:8a:c7:5b:18:e7:7b:
f4:6f:e5:27:2c:71:ec:60:ee:7c:10:94:7b:71:17:f3:b7:dd:
3b:98:06:1e:f0:fb:2c:a4:35:1e:32:54:df:d0:01:d6:be:dc:
8c:b0:e9:cb:6c:a6:86:7b:81:96:69:9d:1d:fc:fb:1a:5a:90:
72:0d:cb:23:5d:37:11:73:24:6f:6c:a3:de:37:fe:3c:ea:fe:
43:ac:a2:37:68:b1:a1:63:b7:2e:68:c1:e0:05:be:47:0c:1e:
f8:65:40:11:13:ee:41:09:23:ec:ba:71:0f:86:0b:64:49:d6:
11:9e:fa:a2:5d:88:07:17:e3:9f:b1:89:c8:b5:27:72:d4:d4:
08:43:45:c7:fc:9e:8e:f7:69:24:f2:3d:26:cc:e0:3b:fd:b5:
21:f0:f3:7b
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQjabWIiP/E+yE+kPFyWsxVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjUwMTAxMTk0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTYyMWU5NzFmOTJjMzM1YjIzY2UwM2Q1MjA3MjM0ZWFlM2VhMGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHJDwFAb3UKNCW0ndpIF7KcO3/F9
hBdAKvHtIRroT5jJaqbxg66Ftw/gAT0qcckauMiqpi78paA/19pJpbgJ6p1yDTXj
5Upp1+6OI0jSdnx0CIxVpxKrwuwgafI+v+5PKZ6CLrDM9wQsyMWqNKbuWAV5il3A
F9W2f8qt83cna+10jPH6Uw+ADaH92bg8XhC7mIvoHrazwVfihxe9IoKbMQ80zqmK
h9OaY/kEPy/t0r0Z4NookJ3fwfbk3MddPoM8wiEse7qbPeMeFPhwvf78ET3bnAEv
2QrsffxORC71Ys5NNUtPw7TSldTQzUxvwnfig95lQKNM9arsCplIdzfOMwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFMViHpcfksM1sjzgPVIHI06uPqDAMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL3hXSWVseC1Td3pXeVBPQTlVZ2NqVHE0LW9NQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACw30Aw
DQYJKoZIhvcNAQELBQADggEBAGdQjpo+jjwb8Tw6xgpylhXc1I5H7O+LML8YTn1A
Lo1Ou9YGe0R8CT+Gp95VPUVN8deNcgoA+kJk2BolWvto+GwYFZkB36qMFeXXETY0
fyEp6I+hIu5lWkCmHYWwW4xkhanZHZJCWYrHWxjne/Rv5Scscexg7nwQlHtxF/O3
3TuYBh7w+yykNR4yVN/QAda+3Iyw6ctspoZ7gZZpnR38+xpakHINyyNdNxFzJG9s
o943/jzq/kOsojdosaFjty5oweAFvkcMHvhlQBET7kEJI+y6cQ+GC2RJ1hGe+qJd
iAcX45+xici1J3LU1AhDRcf8no73aSTyPSbM4Dv9tSHw83s=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:29:14 2025 by rpki-client