Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/XyN4iMC-QeUDeVxX2Yc8L54EQTk.roa
File: XyN4iMC-QeUDeVxX2Yc8L54EQTk.roa (raw, json)
Hash identifier: 7CbPtnYACv3UoLBOw/vChU95YYclWi/Wqni8MfNNdIU=
Subject key identifier: 5F:23:78:88:C0:BE:41:E5:03:79:5C:57:D9:87:3C:2F:9E:04:41:39
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 0195C8F7AD6EA1D5F0C0E4C7446E6D288C3E
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/XyN4iMC-QeUDeVxX2Yc8L54EQTk.roa
Signing time: Mon 24 Mar 2025 16:23:49 +0000
ROA not before: Mon 24 Mar 2025 16:23:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 80.71.228.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c8:f7:ad:6e:a1:d5:f0:c0:e4:c7:44:6e:6d:28:8c:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Mar 24 16:23:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f237888c0be41e503795c57d9873c2f9e044139
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e0:2d:4a:59:7a:dd:99:4b:15:08:e3:a9:ec:
eb:3a:65:c1:4c:69:9b:2d:e9:12:cc:d3:af:7e:94:
77:57:da:a0:52:96:da:1e:bf:e0:6f:50:cb:90:07:
18:52:a8:80:5e:87:d3:ff:23:1e:60:c6:a0:f1:60:
ed:ef:93:9b:3c:65:3f:c8:eb:4c:7a:f6:72:62:cb:
c3:4c:00:7a:71:26:32:6b:8f:62:28:52:3d:3c:7d:
4e:b0:79:91:0d:52:11:97:8c:02:ab:ab:74:bc:a4:
5a:04:b0:5f:76:29:1f:a7:dc:39:ce:e0:da:5b:b0:
f8:38:33:19:42:e8:c5:47:16:83:af:6f:b3:15:0c:
1d:2e:93:a4:38:68:ee:f5:2f:d4:8f:56:e2:36:75:
06:44:2c:f9:13:9f:08:d1:9c:9e:94:1a:63:3c:ab:
2d:c6:12:76:f0:16:b3:07:db:eb:ce:50:bd:49:da:
c9:8d:76:aa:93:6f:3a:c3:f9:d6:0a:6d:36:97:21:
b3:d2:02:ee:cf:95:fc:47:a9:e7:c3:d2:d0:0a:39:
95:3a:b2:62:0d:1c:40:1c:68:10:12:b9:1a:07:12:
6e:9b:49:0c:bd:aa:23:10:3d:ff:a5:b9:16:66:6a:
b3:4e:0d:6a:89:5d:1f:ea:c0:0d:09:47:6c:6c:e3:
24:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:23:78:88:C0:BE:41:E5:03:79:5C:57:D9:87:3C:2F:9E:04:41:39
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/XyN4iMC-QeUDeVxX2Yc8L54EQTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.228.0/24
Signature Algorithm: sha256WithRSAEncryption
36:ce:73:66:74:04:be:56:bd:da:15:f4:75:6d:8d:65:30:5b:
24:f8:a0:64:7c:d8:f2:1e:35:94:ae:ce:ce:f4:7b:9f:dc:d5:
af:45:48:4d:4a:85:43:fe:e3:a9:da:06:54:2c:0a:75:70:1a:
ec:8a:f9:40:55:e0:24:e5:41:37:79:d9:0d:57:90:55:7c:fc:
42:a3:e9:b6:3c:43:95:df:43:e9:79:26:e6:4a:7d:e7:10:20:
e4:d7:52:0d:56:1c:16:63:6e:f6:1b:a2:cc:e7:23:c4:68:04:
2f:16:0c:ca:02:1c:83:59:11:f0:44:13:97:4c:db:26:1f:c8:
ac:24:4d:0e:96:9f:4c:19:7d:cb:8d:c6:10:c5:bc:f9:f8:14:
68:2a:98:c7:c7:5c:35:db:d3:b6:14:86:eb:c6:a4:15:4c:9c:
8e:1f:db:7c:43:d7:c2:bf:82:ae:2e:af:d4:f8:db:28:dc:9e:
67:35:18:9a:45:2d:38:fe:c2:fd:52:5a:0c:5e:2c:da:59:0b:
d7:14:1e:dc:d8:e1:ab:b0:03:d4:3e:bc:2d:df:9c:ce:cb:32:
34:57:96:10:76:4a:ba:16:88:16:55:95:e7:6d:88:90:0f:53:
84:23:a4:9a:0f:f4:7e:d3:c1:51:7c:27:5c:e6:81:6d:3a:58:
8f:c6:c8:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXI961uodXwwOTHRG5tKIw+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjUwMzI0MTYyMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjIzNzg4OGMwYmU0MWU1MDM3OTVjNTdkOTg3M2MyZjllMDQ0MTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxeAtSll63ZlLFQjjqezrOmXBTGmb
LekSzNOvfpR3V9qgUpbaHr/gb1DLkAcYUqiAXofT/yMeYMag8WDt75ObPGU/yOtM
evZyYsvDTAB6cSYya49iKFI9PH1OsHmRDVIRl4wCq6t0vKRaBLBfdikfp9w5zuDa
W7D4ODMZQujFRxaDr2+zFQwdLpOkOGju9S/Uj1biNnUGRCz5E58I0ZyelBpjPKst
xhJ28BazB9vrzlC9SdrJjXaqk286w/nWCm02lyGz0gLuz5X8R6nnw9LQCjmVOrJi
DRxAHGgQErkaBxJum0kMvaojED3/pbkWZmqzTg1qiV0f6sANCUdsbOMkUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF8jeIjAvkHlA3lcV9mHPC+eBEE5MB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvWHlONGlNQy1RZVVEZVZ4WDJZYzhMNTRFUVRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUEfkMA0G
CSqGSIb3DQEBCwUAA4IBAQA2znNmdAS+Vr3aFfR1bY1lMFsk+KBkfNjyHjWUrs7O
9Huf3NWvRUhNSoVD/uOp2gZULAp1cBrsivlAVeAk5UE3edkNV5BVfPxCo+m2PEOV
30PpeSbmSn3nECDk11INVhwWY272G6LM5yPEaAQvFgzKAhyDWRHwRBOXTNsmH8is
JE0Olp9MGX3LjcYQxbz5+BRoKpjHx1w129O2FIbrxqQVTJyOH9t8Q9fCv4KuLq/U
+Nso3J5nNRiaRS04/sL9UloMXizaWQvXFB7c2OGrsAPUPrwt35zOyzI0V5YQdkq6
FogWVZXnbYiQD1OEI6SaD/R+08FRfCdc5oFtOliPxsio
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:15:37 2025 by rpki-client