Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/9e615e-3610-4520-9484-7a8baeef5ee4/1/XG_GoCIjsfzx85ZAfU48cGk_g2A.roa
File: XG_GoCIjsfzx85ZAfU48cGk_g2A.roa (raw, json)
Hash identifier: O4zvtPOigYM3HdyO+PNnJwZMHPFxCAa0+qt7cBa9RoM=
Subject key identifier: 5C:6F:C6:A0:22:23:B1:FC:F1:F3:96:40:7D:4E:3C:70:69:3F:83:60
Certificate issuer: /CN=6b8408befc02dfd6e61908548785a008a4b74d67
Certificate serial: 019425FDB725A6ECEA5F94930A9A68EBE06D
Authority key identifier: 6B:84:08:BE:FC:02:DF:D6:E6:19:08:54:87:85:A0:08:A4:B7:4D:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a4QIvvwC39bmGQhUh4WgCKS3TWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/9e615e-3610-4520-9484-7a8baeef5ee4/1/XG_GoCIjsfzx85ZAfU48cGk_g2A.roa
Signing time: Thu 02 Jan 2025 07:49:32 +0000
ROA not before: Thu 02 Jan 2025 07:49:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44622
IP address blocks: 85.202.224.0/20 maxlen: 20
85.202.224.0/21 maxlen: 21
85.202.232.0/21 maxlen: 21
91.209.218.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:b7:25:a6:ec:ea:5f:94:93:0a:9a:68:eb:e0:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b8408befc02dfd6e61908548785a008a4b74d67
Validity
Not Before: Jan 2 07:49:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c6fc6a02223b1fcf1f396407d4e3c70693f8360
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:14:02:79:b3:5a:f8:f3:79:a5:74:ab:d9:39:
b6:9d:50:71:d2:39:94:b5:51:d2:d7:30:c4:99:1e:
b2:44:ca:9e:44:35:53:fc:a8:fc:81:96:0c:31:b5:
26:46:88:4d:55:5d:a6:ed:82:36:00:23:fc:86:1f:
a8:bd:af:6e:34:db:dc:04:8c:5b:06:a1:46:75:04:
ec:a4:33:6f:f6:88:a4:b3:6b:54:e0:df:50:0b:96:
83:c8:1b:6b:d3:7d:d6:e0:9d:e9:4a:aa:bd:65:13:
79:fe:76:51:d4:cf:d1:35:dd:53:d2:7e:79:ff:9f:
07:75:be:d2:03:8a:00:f8:15:6d:13:bf:ca:65:ea:
13:96:80:66:cd:d9:52:9b:2f:97:65:03:90:7f:e1:
88:d1:81:ec:42:60:de:9e:17:fa:18:ec:f8:90:1c:
90:76:d8:57:51:c2:0b:32:cc:47:d6:1b:35:2c:ba:
e6:9b:28:1e:f5:e8:c2:18:df:f4:47:4f:5c:11:aa:
e9:42:44:47:86:18:93:f1:81:d3:12:63:19:50:67:
b1:4b:e7:24:19:8e:32:a7:67:4e:86:84:2c:bd:b2:
64:1f:d5:46:82:08:34:dc:d1:ff:bd:6d:ac:38:a3:
c3:d8:88:3d:5d:41:94:a0:83:b3:cc:5f:d3:85:e7:
6f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:6F:C6:A0:22:23:B1:FC:F1:F3:96:40:7D:4E:3C:70:69:3F:83:60
X509v3 Authority Key Identifier:
keyid:6B:84:08:BE:FC:02:DF:D6:E6:19:08:54:87:85:A0:08:A4:B7:4D:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4QIvvwC39bmGQhUh4WgCKS3TWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9e615e-3610-4520-9484-7a8baeef5ee4/1/XG_GoCIjsfzx85ZAfU48cGk_g2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9e615e-3610-4520-9484-7a8baeef5ee4/1/a4QIvvwC39bmGQhUh4WgCKS3TWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.224.0/20
91.209.218.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:94:93:f8:3b:12:c4:b2:4b:21:09:73:b0:7e:6b:58:5f:ca:
e9:ab:fc:4b:a5:f0:4a:27:29:1d:03:a6:7e:1b:da:65:a0:53:
6d:ef:89:1b:3a:08:7b:8e:09:8e:48:de:fb:ed:75:9b:61:e6:
28:06:88:11:51:77:ba:ee:7b:ca:f2:58:23:67:4b:ad:df:40:
e4:85:f4:8a:72:02:4e:c8:f6:a0:f3:41:c2:98:a9:67:54:1a:
ee:ce:fd:9a:86:11:d4:67:28:86:04:94:92:a8:11:89:77:68:
7e:46:a7:a1:c3:d6:90:89:7b:cb:66:d3:d3:60:6b:39:29:05:
8a:7b:19:5f:98:d9:8d:1e:a6:d4:0f:bb:48:89:cf:8e:9a:e8:
c6:9a:a9:e4:79:24:a8:5b:61:fb:a4:61:6d:41:ed:22:97:91:
24:3c:d9:f4:92:f1:15:05:45:25:6b:a5:04:36:62:da:8c:8b:
79:bd:87:0f:e9:e7:7a:45:fc:30:01:9d:c6:f8:88:ec:cf:0f:
05:6c:11:66:5e:39:64:cf:7b:56:8c:ab:01:04:eb:c5:c7:28:
9e:67:10:29:80:e3:98:d5:7d:5d:a2:c1:8a:97:92:6b:a8:f5:
5b:60:86:e8:e9:8a:f5:a2:ff:1f:e4:aa:34:32:11:5b:c7:6f:
2c:dc:bc:e2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQl/bclpuzqX5STCppo6+BtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiODQwOGJlZmMwMmRmZDZlNjE5MDg1NDg3ODVhMDA4YTRi
NzRkNjcwHhcNMjUwMTAyMDc0OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzZmYzZhMDIyMjNiMWZjZjFmMzk2NDA3ZDRlM2M3MDY5M2Y4MzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhQCebNa+PN5pXSr2Tm2nVBx0jmU
tVHS1zDEmR6yRMqeRDVT/Kj8gZYMMbUmRohNVV2m7YI2ACP8hh+ova9uNNvcBIxb
BqFGdQTspDNv9oiks2tU4N9QC5aDyBtr033W4J3pSqq9ZRN5/nZR1M/RNd1T0n55
/58Hdb7SA4oA+BVtE7/KZeoTloBmzdlSmy+XZQOQf+GI0YHsQmDenhf6GOz4kByQ
dthXUcILMsxH1hs1LLrmmyge9ejCGN/0R09cEarpQkRHhhiT8YHTEmMZUGexS+ck
GY4yp2dOhoQsvbJkH9VGggg03NH/vW2sOKPD2Ig9XUGUoIOzzF/ThedvLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFxvxqAiI7H88fOWQH1OPHBpP4NgMB8GA1UdIwQY
MBaAFGuECL78At/W5hkIVIeFoAikt01nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTRRSXZ2d0MzOWJtR1FoVWg0V2dDS1MzVFdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS85ZTYxNWUtMzYxMC00NTIwLTk0ODQt
N2E4YmFlZWY1ZWU0LzEvWEdfR29DSWpzZnp4ODVaQWZVNDhjR2tfZzJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS85ZTYxNWUtMzYxMC00NTIwLTk0ODQtN2E4YmFlZWY1ZWU0
LzEvYTRRSXZ2d0MzOWJtR1FoVWg0V2dDS1MzVFdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEVcrgAwQA
W9HaMA0GCSqGSIb3DQEBCwUAA4IBAQDClJP4OxLEskshCXOwfmtYX8rpq/xLpfBK
JykdA6Z+G9ploFNt74kbOgh7jgmOSN777XWbYeYoBogRUXe67nvK8lgjZ0ut30Dk
hfSKcgJOyPag80HCmKlnVBruzv2ahhHUZyiGBJSSqBGJd2h+Rqehw9aQiXvLZtPT
YGs5KQWKexlfmNmNHqbUD7tIic+OmujGmqnkeSSoW2H7pGFtQe0il5EkPNn0kvEV
BUUla6UENmLajIt5vYcP6ed6RfwwAZ3G+Ijszw8FbBFmXjlkz3tWjKsBBOvFxyie
ZxApgOOY1X1dosGKl5JrqPVbYIbo6Yr1ov8f5Ko0MhFbx28s3Lzi
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:36 2025 by rpki-client