Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/XuDenjm8kUtBAuV4QGpzOH7mGc4.roa
File: XuDenjm8kUtBAuV4QGpzOH7mGc4.roa (raw, json)
Hash identifier: JNV/wOADSaN3R96qV0GAYEvW10iJH7xuBlcwSDA4/FE=
Subject key identifier: 5E:E0:DE:9E:39:BC:91:4B:41:02:E5:78:40:6A:73:38:7E:E6:19:CE
Certificate issuer: /CN=408025c7de0400e0f3c88d4a122a317e32c5e21c
Certificate serial: 019428271F8BB85DDE0CF01FF6F736E7EE6D
Authority key identifier: 40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/XuDenjm8kUtBAuV4QGpzOH7mGc4.roa
Signing time: Thu 02 Jan 2025 17:54:00 +0000
ROA not before: Thu 02 Jan 2025 17:54:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50613
IP address blocks: 82.221.96.0/19 maxlen: 19
82.221.100.0/23 maxlen: 23
82.221.104.0/24 maxlen: 24
82.221.105.0/24 maxlen: 24
82.221.111.0/24 maxlen: 24
82.221.113.0/24 maxlen: 24
82.221.128.0/19 maxlen: 19
82.221.128.0/24 maxlen: 24
82.221.129.0/24 maxlen: 24
82.221.130.0/24 maxlen: 24
82.221.131.0/24 maxlen: 24
82.221.136.0/24 maxlen: 24
82.221.139.0/24 maxlen: 24
82.221.141.0/24 maxlen: 24
82.221.143.0/24 maxlen: 24
82.221.146.0/24 maxlen: 24
193.107.84.0/22 maxlen: 22
2a02:f48:2000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:1f:8b:b8:5d:de:0c:f0:1f:f6:f7:36:e7:ee:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408025c7de0400e0f3c88d4a122a317e32c5e21c
Validity
Not Before: Jan 2 17:54:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ee0de9e39bc914b4102e578406a73387ee619ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:43:ce:c6:76:e8:3d:29:ab:c9:26:1b:ff:9c:
3a:41:43:40:4c:f3:7e:57:12:e3:49:cb:34:60:d8:
a0:d0:00:21:f0:0d:1f:fa:24:13:3b:b7:f8:1b:b3:
ce:75:35:0b:c1:ea:bd:17:bc:1c:da:e7:97:2b:9c:
cc:4e:b5:3e:52:89:28:60:4a:b4:1a:a6:19:6c:fb:
b9:d9:a8:3d:26:4b:30:54:b4:08:45:af:d0:23:7b:
db:43:b3:3f:6e:f1:36:22:28:ff:ca:a9:2b:3a:ca:
a3:b2:0d:6e:0e:41:a9:d2:63:61:e5:fb:69:e4:e1:
80:bc:a1:75:8a:b7:8d:69:74:66:2d:b2:b2:ad:d1:
8c:2b:b0:a4:f9:1b:68:02:d5:a5:17:9f:03:7a:0c:
18:d1:ed:73:9e:84:7c:78:d7:7a:85:58:90:ef:27:
3c:fc:02:ab:66:73:f2:70:bf:84:6c:8b:34:bb:2e:
82:ca:ba:e0:f3:40:bd:6e:3f:be:df:0c:62:e8:54:
d1:a8:e0:49:89:59:8f:17:de:c7:eb:fc:b6:af:24:
64:d2:40:d8:4c:be:70:98:4b:2a:4a:0a:9a:3e:a1:
ea:06:83:2c:5c:3e:07:f8:af:e7:86:36:54:da:ad:
4b:97:23:a4:47:84:4b:25:01:f3:46:3b:94:0e:63:
4b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:E0:DE:9E:39:BC:91:4B:41:02:E5:78:40:6A:73:38:7E:E6:19:CE
X509v3 Authority Key Identifier:
keyid:40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/XuDenjm8kUtBAuV4QGpzOH7mGc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/QIAlx94EAODzyI1KEioxfjLF4hw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.221.96.0-82.221.159.255
193.107.84.0/22
IPv6:
2a02:f48:2000::/40
Signature Algorithm: sha256WithRSAEncryption
1d:e1:fa:15:c0:30:10:9d:00:3e:8f:39:b1:5d:61:84:9b:43:
20:7f:2d:46:d0:58:74:a7:f4:15:e9:8b:72:87:5a:cd:b7:8a:
87:7a:df:33:52:89:e8:f2:49:f8:7f:f6:d4:47:c6:dd:c2:72:
b1:01:1b:6f:af:8b:61:5a:e7:c5:6a:07:75:1a:e1:22:3a:9b:
01:a8:d5:96:ae:9f:d8:c8:1e:e0:88:92:ba:92:e3:3a:c8:59:
e0:7a:69:64:22:88:4d:2f:b8:46:66:54:12:77:12:71:db:8b:
cb:52:89:f9:27:43:98:89:86:f4:a6:e1:3c:d1:e8:35:ae:00:
47:31:71:67:8f:a7:66:df:ce:3d:25:e0:cc:b6:6d:5a:1d:e1:
ae:1b:a8:b0:2d:44:00:23:99:17:9a:c5:c5:31:1f:65:22:b9:
91:c3:ee:48:80:18:28:37:70:1b:79:1d:c1:f5:3c:79:97:c6:
51:8a:57:f8:45:70:45:b0:4f:e2:91:30:92:03:f6:2d:af:65:
fa:ec:2c:4c:ba:bb:47:51:c9:e3:e9:10:27:31:b6:12:63:3b:
c4:ed:42:95:2d:e7:c4:dc:60:03:e4:49:97:9d:76:63:22:67:
66:cc:dc:7f:b4:84:af:da:f0:e9:5f:e9:32:19:56:8c:58:7d:
b6:e0:6f:ba
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQoJx+LuF3eDPAf9vc25+5tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwODAyNWM3ZGUwNDAwZTBmM2M4OGQ0YTEyMmEzMTdlMzJj
NWUyMWMwHhcNMjUwMTAyMTc1NDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWUwZGU5ZTM5YmM5MTRiNDEwMmU1Nzg0MDZhNzMzODdlZTYxOWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0POxnboPSmrySYb/5w6QUNATPN+
VxLjScs0YNig0AAh8A0f+iQTO7f4G7POdTULweq9F7wc2ueXK5zMTrU+UokoYEq0
GqYZbPu52ag9JkswVLQIRa/QI3vbQ7M/bvE2Iij/yqkrOsqjsg1uDkGp0mNh5ftp
5OGAvKF1ireNaXRmLbKyrdGMK7Ck+RtoAtWlF58DegwY0e1znoR8eNd6hViQ7yc8
/AKrZnPycL+EbIs0uy6Cyrrg80C9bj++3wxi6FTRqOBJiVmPF97H6/y2ryRk0kDY
TL5wmEsqSgqaPqHqBoMsXD4H+K/nhjZU2q1LlyOkR4RLJQHzRjuUDmNLewIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFF7g3p45vJFLQQLleEBqczh+5hnOMB8GA1UdIwQY
MBaAFECAJcfeBADg88iNShIqMX4yxeIcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlBbHg5NEVBT0R6eUkxS0Vpb3hmakxGNGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy81OTMwM2QtNzQ4YS00Nzk3LTgxMWUt
ZmVlMmU4ZDQwODRmLzEvWHVEZW5qbThrVXRCQXVWNFFHcHpPSDdtR2M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy81OTMwM2QtNzQ4YS00Nzk3LTgxMWUtZmVlMmU4ZDQwODRm
LzEvUUlBbHg5NEVBT0R6eUkxS0Vpb3hmakxGNGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAaBAIAATAUMAwDBAVS3WAD
BAVS3YADBALBa1QwDgQCAAIwCAMGACoCD0ggMA0GCSqGSIb3DQEBCwUAA4IBAQAd
4foVwDAQnQA+jzmxXWGEm0Mgfy1G0Fh0p/QV6Ytyh1rNt4qHet8zUono8kn4f/bU
R8bdwnKxARtvr4thWufFagd1GuEiOpsBqNWWrp/YyB7giJK6kuM6yFngemlkIohN
L7hGZlQSdxJx24vLUon5J0OYiYb0puE80eg1rgBHMXFnj6dm3849JeDMtm1aHeGu
G6iwLUQAI5kXmsXFMR9lIrmRw+5IgBgoN3AbeR3B9Tx5l8ZRilf4RXBFsE/ikTCS
A/Ytr2X67CxMurtHUcnj6RAnMbYSYzvE7UKVLefE3GAD5EmXnXZjImdmzNx/tISv
2vDpX+kyGVaMWH224G+6
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:39:09 2025 by rpki-client