Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/XSjZ6P2-J8Hkfl3O5rZuaXFNxu4.roa
File: XSjZ6P2-J8Hkfl3O5rZuaXFNxu4.roa (raw, json)
Hash identifier: mDVKUCcUGNt3ihgIQHKFLdzsYM8bgFSt2hrni9Xfg/0=
Subject key identifier: 5D:28:D9:E8:FD:BE:27:C1:E4:7E:5D:CE:E6:B6:6E:69:71:4D:C6:EE
Certificate issuer: /CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Certificate serial: 019424B4079A727C04E6AD78846C134F2290
Authority key identifier: F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/XSjZ6P2-J8Hkfl3O5rZuaXFNxu4.roa
Signing time: Thu 02 Jan 2025 01:49:25 +0000
ROA not before: Thu 02 Jan 2025 01:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36352
IP address blocks: 45.95.186.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b4:07:9a:72:7c:04:e6:ad:78:84:6c:13:4f:22:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Validity
Not Before: Jan 2 01:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d28d9e8fdbe27c1e47e5dcee6b66e69714dc6ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:28:07:25:d0:84:eb:1a:41:51:fe:99:59:33:
22:05:ae:c5:d6:0f:de:46:23:4e:30:62:f4:48:b2:
69:53:6c:42:54:b8:05:04:24:cd:3b:b8:6d:b3:17:
bf:f7:88:82:d5:23:33:c5:65:d7:05:16:78:dd:92:
93:89:29:13:d1:6a:52:99:a0:e5:55:fc:ff:e8:f6:
2d:ce:51:b7:1d:4e:a2:f3:cf:18:1a:6d:b7:2b:96:
c7:58:1c:c6:b6:b9:fe:51:9f:7f:b8:49:5a:47:fb:
10:45:74:a5:ca:5b:3a:d1:c9:df:07:10:ed:3b:d1:
1e:18:c7:ea:d6:a7:87:a3:3e:8a:18:f0:88:cc:ca:
df:03:5b:a5:80:06:f4:ff:63:ea:c8:fc:7b:68:af:
79:6c:62:4a:c8:2e:85:b9:f9:b7:59:cb:d6:61:7f:
f0:ce:39:be:84:9f:42:f8:c2:ab:03:c5:59:72:97:
33:11:cb:7c:fc:fb:9a:f8:b1:b1:56:44:b1:9f:6d:
6a:2b:32:c5:d1:b7:9a:49:c9:ba:ca:ea:c8:cd:8c:
8d:e6:51:94:dd:8e:0b:e1:bf:bd:dd:d1:e0:2c:f0:
98:90:e9:18:f2:05:33:57:2c:38:c9:73:f0:18:21:
74:29:b4:e1:06:81:9e:86:fc:18:b5:b4:c8:a9:86:
31:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:28:D9:E8:FD:BE:27:C1:E4:7E:5D:CE:E6:B6:6E:69:71:4D:C6:EE
X509v3 Authority Key Identifier:
keyid:F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/XSjZ6P2-J8Hkfl3O5rZuaXFNxu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.186.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:12:41:07:85:b0:bc:40:e3:69:ef:26:5e:5d:de:38:f3:e9:
4c:30:fd:3c:72:33:9f:66:5a:51:58:f4:5c:68:94:6a:c2:f9:
eb:27:0f:91:cb:c1:db:23:c6:35:38:9c:df:81:e0:b2:0a:40:
4c:e8:e2:01:8e:92:c5:88:c6:f4:76:9d:82:63:72:67:4c:f1:
70:53:5d:74:b5:22:5d:92:78:66:d0:21:c7:30:ad:e6:e2:4a:
b1:fd:ff:da:31:e2:17:b8:07:6d:64:c1:a6:43:ca:30:61:09:
c6:f7:97:4e:a6:3b:ae:42:c1:d4:10:9b:d4:99:bb:98:ab:11:
e6:95:38:28:f7:f8:fb:17:55:18:b4:f7:0b:b2:18:04:23:ca:
d7:e5:69:32:c2:5a:46:c5:8d:2d:f0:1d:8d:20:f8:dc:bc:64:
1c:08:11:06:71:0c:8b:93:58:60:e3:f5:8a:41:ba:54:83:e3:
40:0b:64:d7:6d:40:c3:dc:0b:d7:51:2a:d1:4f:7c:bb:76:81:
1f:1e:bb:6b:b5:f4:6a:95:d9:fc:97:49:51:84:0d:cb:14:7d:
3e:95:57:8f:8e:5d:30:fa:d8:52:c7:84:6c:06:31:a3:d5:63:
23:5e:bd:e2:02:50:af:7e:2e:01:62:a9:30:78:ba:a8:27:a9:
57:57:14:b4
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQktAeacnwE5q14hGwTTyKQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5M2FjNmNkMjI0MDI0OWJiYTYwMTcxZjA4NmU5MTAxY2M4
N2NhMjQwHhcNMjUwMTAyMDE0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDI4ZDllOGZkYmUyN2MxZTQ3ZTVkY2VlNmI2NmU2OTcxNGRjNmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSgHJdCE6xpBUf6ZWTMiBa7F1g/e
RiNOMGL0SLJpU2xCVLgFBCTNO7htsxe/94iC1SMzxWXXBRZ43ZKTiSkT0WpSmaDl
Vfz/6PYtzlG3HU6i888YGm23K5bHWBzGtrn+UZ9/uElaR/sQRXSlyls60cnfBxDt
O9EeGMfq1qeHoz6KGPCIzMrfA1ulgAb0/2PqyPx7aK95bGJKyC6Fufm3WcvWYX/w
zjm+hJ9C+MKrA8VZcpczEct8/Pua+LGxVkSxn21qKzLF0beaScm6yurIzYyN5lGU
3Y4L4b+93dHgLPCYkOkY8gUzVyw4yXPwGCF0KbThBoGehvwYtbTIqYYxIwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFF0o2ej9vifB5H5dzua2bmlxTcbuMB8GA1UdIwQY
MBaAFPk6xs0iQCSbumAXHwhukQHMh8okMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Uckd6U0pBSkp1NllCY2ZDRzZSQWN5SHlpUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNl
LWY3NTJkODE2MDVmYi8xL1hTalo2UDItSjhIa2ZsM081clp1YVhGTnh1NC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNlLWY3NTJkODE2MDVm
Yi8xLzEtVHJHelNKQUpKdTZZQmNmQ0c2UkFjeUh5aVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtX7ow
DQYJKoZIhvcNAQELBQADggEBABwSQQeFsLxA42nvJl5d3jjz6Uww/TxyM59mWlFY
9FxolGrC+esnD5HLwdsjxjU4nN+B4LIKQEzo4gGOksWIxvR2nYJjcmdM8XBTXXS1
Il2SeGbQIccwrebiSrH9/9ox4he4B21kwaZDyjBhCcb3l06mO65CwdQQm9SZu5ir
EeaVOCj3+PsXVRi09wuyGAQjytflaTLCWkbFjS3wHY0g+Ny8ZBwIEQZxDIuTWGDj
9YpBulSD40ALZNdtQMPcC9dRKtFPfLt2gR8eu2u19GqV2fyXSVGEDcsUfT6VV4+O
XTD62FLHhGwGMaPVYyNeveICUK9+LgFiqTB4uqgnqVdXFLQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:39:17 2025 by rpki-client