Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/XIJUooGzzFBzLgFVyUb-bnI6Oy8.roa
File: XIJUooGzzFBzLgFVyUb-bnI6Oy8.roa (raw, json)
Hash identifier: TCYLQRnuzWsgOnaV3SPssBWZuYXYMvyZ2XlBCOrqK8s=
Subject key identifier: 5C:82:54:A2:81:B3:CC:50:73:2E:01:55:C9:46:FE:6E:72:3A:3B:2F
Certificate issuer: /CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Certificate serial: 019424B406FC2BDA93967EE9D9598497C8B2
Authority key identifier: F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/XIJUooGzzFBzLgFVyUb-bnI6Oy8.roa
Signing time: Thu 02 Jan 2025 01:49:25 +0000
ROA not before: Thu 02 Jan 2025 01:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33185
IP address blocks: 147.189.136.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b4:06:fc:2b:da:93:96:7e:e9:d9:59:84:97:c8:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Validity
Not Before: Jan 2 01:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c8254a281b3cc50732e0155c946fe6e723a3b2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:38:1e:7e:57:f6:82:3f:94:2b:e5:ab:0c:47:
00:3b:b8:a7:6b:65:5a:80:1c:ee:d8:21:13:89:cf:
d0:7f:22:7c:21:2d:cd:e6:76:d6:7d:aa:12:2f:95:
af:bc:4c:12:c8:bd:51:10:ec:67:6d:b0:fc:a5:42:
4d:90:46:01:b2:06:d9:8a:e3:da:13:a9:d1:d2:6e:
da:10:38:81:20:c9:c3:43:6e:56:91:26:d7:6b:86:
e5:62:59:e9:fd:59:e9:db:f0:e2:97:53:42:5a:0f:
3b:83:e4:6d:a1:67:06:17:ff:2c:dd:19:2d:5f:b7:
fd:db:46:65:4c:5e:1f:f7:7d:4b:aa:8a:ba:b3:e1:
f1:ec:06:17:ec:33:39:49:b3:f5:1f:d7:25:1c:d2:
40:47:62:4c:7a:2e:38:83:5d:58:2c:09:ea:92:a8:
3f:c3:df:32:e6:4c:e6:e2:32:e7:ff:b4:c4:3a:0d:
df:c1:6d:73:a1:ed:07:9d:f4:f8:5d:ac:47:30:2b:
2c:83:e4:f0:1f:14:c3:7e:0e:d2:0c:d3:b6:d9:a8:
33:6c:fc:01:f1:0f:1e:64:79:16:dc:0b:ee:d7:67:
d0:1c:c5:fa:64:3e:ed:93:f3:50:63:f1:fb:10:81:
81:18:6b:0c:09:45:2f:3e:9e:78:78:33:a8:33:d6:
54:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:82:54:A2:81:B3:CC:50:73:2E:01:55:C9:46:FE:6E:72:3A:3B:2F
X509v3 Authority Key Identifier:
keyid:F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/XIJUooGzzFBzLgFVyUb-bnI6Oy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.136.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:ff:4b:bd:a1:6f:e3:4c:5f:e1:64:9d:eb:ef:5c:55:f7:d4:
87:31:a9:06:71:ac:d3:89:83:f3:7e:01:7e:68:3e:3f:23:b0:
6b:ef:90:39:d6:e0:88:96:b5:00:71:c2:d4:ca:6c:41:7e:20:
5e:1a:73:47:cd:70:de:1f:41:1b:8a:21:af:1e:76:81:c3:87:
92:2f:02:6c:0b:69:d3:85:82:d5:7c:b9:5b:b3:a4:59:44:a2:
08:14:73:95:46:b2:88:9f:25:57:b8:14:10:26:8f:a4:8b:56:
35:3b:22:d7:54:b9:ea:65:eb:2e:ae:94:6e:79:85:6b:39:19:
bb:47:aa:97:53:85:3a:af:5a:9e:39:b8:21:55:8e:49:20:28:
da:b2:aa:0d:7f:50:0f:ec:1a:4f:f6:57:c8:58:63:65:6b:26:
80:3f:0b:b9:4b:a9:e4:fa:93:c9:37:30:af:c0:9a:3c:3f:91:
c6:d6:37:1e:45:a4:3d:ab:59:5c:6c:66:08:f1:8f:04:58:dc:
65:d7:0c:11:87:39:8f:7a:53:8d:76:e1:36:a9:dc:1b:b2:f0:
e3:bf:12:ac:fc:33:76:62:aa:bb:2a:ae:7c:e1:78:3f:1d:76:
bb:16:32:16:fd:a4:22:84:11:10:4e:28:c2:f2:1e:82:fb:64:
bc:4e:2f:f9
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQktAb8K9qTln7p2VmEl8iyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5M2FjNmNkMjI0MDI0OWJiYTYwMTcxZjA4NmU5MTAxY2M4
N2NhMjQwHhcNMjUwMTAyMDE0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzgyNTRhMjgxYjNjYzUwNzMyZTAxNTVjOTQ2ZmU2ZTcyM2EzYjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujgeflf2gj+UK+WrDEcAO7ina2Va
gBzu2CETic/QfyJ8IS3N5nbWfaoSL5WvvEwSyL1REOxnbbD8pUJNkEYBsgbZiuPa
E6nR0m7aEDiBIMnDQ25WkSbXa4blYlnp/Vnp2/Dil1NCWg87g+RtoWcGF/8s3Rkt
X7f920ZlTF4f931Lqoq6s+Hx7AYX7DM5SbP1H9clHNJAR2JMei44g11YLAnqkqg/
w98y5kzm4jLn/7TEOg3fwW1zoe0HnfT4XaxHMCssg+TwHxTDfg7SDNO22agzbPwB
8Q8eZHkW3Avu12fQHMX6ZD7tk/NQY/H7EIGBGGsMCUUvPp54eDOoM9ZUMQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFyCVKKBs8xQcy4BVclG/m5yOjsvMB8GA1UdIwQY
MBaAFPk6xs0iQCSbumAXHwhukQHMh8okMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Uckd6U0pBSkp1NllCY2ZDRzZSQWN5SHlpUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNl
LWY3NTJkODE2MDVmYi8xL1hJSlVvb0d6ekZCekxnRlZ5VWItYm5JNk95OC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNlLWY3NTJkODE2MDVm
Yi8xLzEtVHJHelNKQUpKdTZZQmNmQ0c2UkFjeUh5aVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTvYgw
DQYJKoZIhvcNAQELBQADggEBAIv/S72hb+NMX+FknevvXFX31IcxqQZxrNOJg/N+
AX5oPj8jsGvvkDnW4IiWtQBxwtTKbEF+IF4ac0fNcN4fQRuKIa8edoHDh5IvAmwL
adOFgtV8uVuzpFlEoggUc5VGsoifJVe4FBAmj6SLVjU7ItdUuepl6y6ulG55hWs5
GbtHqpdThTqvWp45uCFVjkkgKNqyqg1/UA/sGk/2V8hYY2VrJoA/C7lLqeT6k8k3
MK/Amjw/kcbWNx5FpD2rWVxsZgjxjwRY3GXXDBGHOY96U4124Tap3Buy8OO/Eqz8
M3ZiqrsqrnzheD8ddrsWMhb9pCKEERBOKMLyHoL7ZLxOL/k=
-----END CERTIFICATE-----
Generated at Wed Apr 9 02:20:51 2025 by rpki-client