Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/Xx29scVdCmRD00pM8gqZEG2S1V4.roa
File: Xx29scVdCmRD00pM8gqZEG2S1V4.roa (raw, json)
Hash identifier: feKngEcDxdbtaZY/ULJeMiuTCLcr3i9MmDhJ5JXWDaA=
Subject key identifier: 5F:1D:BD:B1:C5:5D:0A:64:43:D3:4A:4C:F2:0A:99:10:6D:92:D5:5E
Certificate issuer: /CN=5bcd40d10b56f3b532fa0dfd01d817ef93da1a34
Certificate serial: 019420D661976AF7E66E40DD058F462EA845
Authority key identifier: 5B:CD:40:D1:0B:56:F3:B5:32:FA:0D:FD:01:D8:17:EF:93:DA:1A:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W81A0QtW87Uy-g39AdgX75PaGjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/Xx29scVdCmRD00pM8gqZEG2S1V4.roa
Signing time: Wed 01 Jan 2025 07:48:28 +0000
ROA not before: Wed 01 Jan 2025 07:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211449
IP address blocks: 193.57.224.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:61:97:6a:f7:e6:6e:40:dd:05:8f:46:2e:a8:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bcd40d10b56f3b532fa0dfd01d817ef93da1a34
Validity
Not Before: Jan 1 07:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f1dbdb1c55d0a6443d34a4cf20a99106d92d55e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:45:0b:27:92:1d:42:a7:76:4a:bd:2f:03:c9:
21:8f:68:58:e2:02:c2:1a:55:92:1e:c9:6a:4e:17:
76:9d:c5:48:25:69:2b:23:03:d4:97:64:c8:e5:21:
b5:da:0c:e8:64:ac:33:b6:08:d7:d4:8f:b0:0f:cb:
fe:c1:ba:93:25:07:f0:75:5c:6f:43:89:67:93:d8:
a1:76:68:3e:26:91:59:f9:c9:0f:d8:f2:c0:26:98:
78:1d:6c:4e:12:9f:69:fa:db:29:fc:3f:f0:67:84:
90:61:b2:1c:ad:a2:18:98:87:c6:9e:47:f1:b2:f4:
36:8b:fe:d3:06:80:19:c0:9a:88:67:73:4b:78:86:
d7:f6:e8:fe:5c:18:fd:e3:75:da:e6:ef:6e:5d:5f:
63:49:2a:83:82:2b:93:0f:14:fd:03:cf:f6:48:13:
ff:eb:80:75:6d:25:6a:d4:95:a5:7e:41:76:e0:29:
96:33:da:c8:46:f2:c7:29:2d:c6:54:90:21:c3:81:
37:ea:4d:2c:c0:a4:5c:3c:57:59:40:63:b0:a7:27:
9c:67:27:f2:7a:10:10:18:22:37:d4:b6:4c:15:e4:
14:01:19:18:fa:dd:c4:21:02:61:93:a4:26:6b:db:
97:13:f0:85:9e:b7:20:bd:57:e4:1a:07:64:8c:04:
fc:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:1D:BD:B1:C5:5D:0A:64:43:D3:4A:4C:F2:0A:99:10:6D:92:D5:5E
X509v3 Authority Key Identifier:
keyid:5B:CD:40:D1:0B:56:F3:B5:32:FA:0D:FD:01:D8:17:EF:93:DA:1A:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W81A0QtW87Uy-g39AdgX75PaGjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/Xx29scVdCmRD00pM8gqZEG2S1V4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/W81A0QtW87Uy-g39AdgX75PaGjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.224.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:c1:aa:15:19:22:0d:e5:e5:b3:f5:71:e9:0e:3b:68:de:ca:
ff:3b:46:ca:01:c9:24:d3:3c:20:3e:4d:a3:ed:e7:d9:7d:b8:
fc:45:df:be:b4:7c:97:4b:bd:7c:83:63:dc:8a:c4:ce:86:b9:
3c:54:2c:17:ee:dc:c0:92:d2:8c:08:ff:62:57:0f:7d:ad:a5:
2f:f0:4b:cb:f7:25:b8:3b:87:61:00:09:92:20:84:f1:a5:79:
37:16:ac:b5:60:33:23:10:c7:54:c3:4d:be:21:49:ee:ab:05:
07:9b:ae:0f:81:24:89:97:49:4b:1d:ea:63:fc:75:8f:45:9e:
c0:40:4c:b6:f1:b0:d4:b3:bb:b3:b2:c8:e3:5f:a6:f0:4b:3c:
c6:0c:33:87:19:e7:db:3e:c7:5a:03:aa:c9:ea:50:cc:bd:28:
38:cf:1e:41:46:e8:56:8a:35:50:04:27:2d:d7:c8:43:72:dd:
5b:27:05:34:83:e9:25:b6:0f:5d:47:48:6f:03:1c:06:26:a0:
68:dc:a8:3e:00:6d:84:cd:78:3b:7f:24:c1:d9:68:c4:ad:b0:
fe:d6:8d:aa:bc:9b:8d:36:c8:3d:55:30:1b:89:5c:f8:fe:35:
f7:12:11:ff:f6:d9:16:5e:8e:5e:7f:3a:b7:8c:e0:e4:76:f7:
d6:2a:e5:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1mGXavfmbkDdBY9GLqhFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViY2Q0MGQxMGI1NmYzYjUzMmZhMGRmZDAxZDgxN2VmOTNk
YTFhMzQwHhcNMjUwMTAxMDc0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjFkYmRiMWM1NWQwYTY0NDNkMzRhNGNmMjBhOTkxMDZkOTJkNTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEULJ5IdQqd2Sr0vA8khj2hY4gLC
GlWSHslqThd2ncVIJWkrIwPUl2TI5SG12gzoZKwztgjX1I+wD8v+wbqTJQfwdVxv
Q4lnk9ihdmg+JpFZ+ckP2PLAJph4HWxOEp9p+tsp/D/wZ4SQYbIcraIYmIfGnkfx
svQ2i/7TBoAZwJqIZ3NLeIbX9uj+XBj943Xa5u9uXV9jSSqDgiuTDxT9A8/2SBP/
64B1bSVq1JWlfkF24CmWM9rIRvLHKS3GVJAhw4E36k0swKRcPFdZQGOwpyecZyfy
ehAQGCI31LZMFeQUARkY+t3EIQJhk6Qma9uXE/CFnrcgvVfkGgdkjAT8LwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF8dvbHFXQpkQ9NKTPIKmRBtktVeMB8GA1UdIwQY
MBaAFFvNQNELVvO1MvoN/QHYF++T2ho0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzgxQTBRdFc4N1V5LWczOUFkZ1g3NVBhR2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iZmY3NTgtNGI4My00NzNkLWIwNzIt
YTJjZTFjYzhiODdmLzEvWHgyOXNjVmRDbVJEMDBwTThncVpFRzJTMVY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9iZmY3NTgtNGI4My00NzNkLWIwNzItYTJjZTFjYzhiODdm
LzEvVzgxQTBRdFc4N1V5LWczOUFkZ1g3NVBhR2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTngMA0G
CSqGSIb3DQEBCwUAA4IBAQC7waoVGSIN5eWz9XHpDjto3sr/O0bKAckk0zwgPk2j
7efZfbj8Rd++tHyXS718g2PcisTOhrk8VCwX7tzAktKMCP9iVw99raUv8EvL9yW4
O4dhAAmSIITxpXk3Fqy1YDMjEMdUw02+IUnuqwUHm64PgSSJl0lLHepj/HWPRZ7A
QEy28bDUs7uzssjjX6bwSzzGDDOHGefbPsdaA6rJ6lDMvSg4zx5BRuhWijVQBCct
18hDct1bJwU0g+kltg9dR0hvAxwGJqBo3Kg+AG2EzXg7fyTB2WjErbD+1o2qvJuN
Nsg9VTAbiVz4/jX3EhH/9tkWXo5efzq3jODkdvfWKuXa
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:33 2025 by rpki-client