Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/xv_S9Q_lixnhLdeB2FeY6-83q40.roa
File: xv_S9Q_lixnhLdeB2FeY6-83q40.roa (raw, json)
Hash identifier: fpHqpuP8WhUb/qgqx71BT4D9l/LEKw+tKbvv5QvJ1WU=
Subject key identifier: C6:FF:D2:F5:0F:E5:8B:19:E1:2D:D7:81:D8:57:98:EB:EF:37:AB:8D
Certificate issuer: /CN=5dde4b3b82f209b701ae340cf53b974078f16a9f
Certificate serial: 019427B3F77C529CA16D433E5135A175EACE
Authority key identifier: 5D:DE:4B:3B:82:F2:09:B7:01:AE:34:0C:F5:3B:97:40:78:F1:6A:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xd5LO4LyCbcBrjQM9TuXQHjxap8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/xv_S9Q_lixnhLdeB2FeY6-83q40.roa
Signing time: Thu 02 Jan 2025 15:48:13 +0000
ROA not before: Thu 02 Jan 2025 15:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40676
IP address blocks: 185.143.243.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:f7:7c:52:9c:a1:6d:43:3e:51:35:a1:75:ea:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dde4b3b82f209b701ae340cf53b974078f16a9f
Validity
Not Before: Jan 2 15:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6ffd2f50fe58b19e12dd781d85798ebef37ab8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:21:fd:12:91:95:6a:51:5f:1f:64:17:b7:8b:
73:2a:f5:74:ae:f9:7c:73:a4:b2:c7:c4:29:16:9b:
52:1f:8a:66:da:36:a0:d4:80:86:6f:13:1b:92:c4:
72:57:d3:d8:62:a3:f0:f1:31:cd:4f:8d:67:f6:43:
d2:5e:60:2d:68:21:85:c1:81:0f:86:6a:aa:a2:79:
a5:fb:a8:f0:62:4f:72:89:7a:cd:0e:22:b7:bf:78:
f7:2a:ac:73:87:06:ef:7e:41:d7:d9:70:6d:90:cc:
cc:61:42:5c:5f:1b:71:c3:55:4d:9e:04:61:72:e9:
02:6d:e0:c3:14:00:86:c6:40:cc:36:fa:dd:97:36:
ae:3d:b3:0a:51:49:49:5d:9e:46:f8:f3:ec:c1:b8:
d2:61:94:ab:7a:e6:ba:ed:7f:c1:95:50:17:4e:b3:
cf:be:e1:a1:dc:3a:05:8f:e2:6a:15:ed:b3:71:a5:
e4:c5:a6:19:9c:d3:52:a2:c6:fd:bc:6f:ae:2f:df:
f6:a6:6a:ce:23:32:5d:10:c5:e4:af:1a:90:67:61:
78:a3:28:c5:ee:f3:7f:22:31:2c:af:7b:23:17:80:
aa:78:5f:07:de:61:4c:c9:cc:3d:c7:a5:4f:67:37:
71:59:bf:51:f2:30:b8:72:ff:6a:1c:67:da:ae:21:
d1:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:FF:D2:F5:0F:E5:8B:19:E1:2D:D7:81:D8:57:98:EB:EF:37:AB:8D
X509v3 Authority Key Identifier:
keyid:5D:DE:4B:3B:82:F2:09:B7:01:AE:34:0C:F5:3B:97:40:78:F1:6A:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xd5LO4LyCbcBrjQM9TuXQHjxap8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/xv_S9Q_lixnhLdeB2FeY6-83q40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/Xd5LO4LyCbcBrjQM9TuXQHjxap8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.243.0/24
Signature Algorithm: sha256WithRSAEncryption
48:87:59:e1:7e:44:b0:2c:72:eb:43:cb:9e:25:1b:f4:a7:7e:
fc:78:b8:9f:81:98:a1:5e:a2:3b:46:d4:c3:46:06:22:c2:67:
14:8b:10:ad:c1:9c:cc:73:c8:4e:ab:5b:52:56:d0:4c:6b:f9:
03:ab:fd:d5:79:a3:76:2a:67:a8:33:8b:55:a6:f6:53:19:cf:
54:b7:01:c2:2f:5a:8b:3c:9d:d8:96:b7:8a:cb:ce:38:47:bd:
a7:08:94:fd:9d:9f:b8:fb:50:35:c5:f2:4e:6a:de:15:04:75:
ff:64:ad:28:c5:87:c6:5a:ed:9c:ee:49:06:a5:fe:d7:9c:f2:
89:56:a1:68:99:6b:73:0c:ea:6c:1a:d2:a1:8f:ca:d1:38:ec:
e8:58:2e:2f:21:01:80:0b:3f:e5:65:02:4f:10:e9:e4:4d:75:
a5:20:40:e1:cf:cf:43:b7:c8:e2:0f:e5:bc:f3:fa:87:2f:c7:
53:80:8f:fc:bc:ab:a9:42:28:2b:25:56:f7:27:e7:8d:c5:22:
df:58:0e:e0:d8:51:5c:70:32:20:5e:10:f8:2d:f7:fc:a9:17:
1c:45:a7:e8:6e:97:93:a8:5c:73:84:50:bd:64:ac:0e:ea:9f:
1d:b8:fd:1f:ae:78:2c:91:50:25:43:22:15:31:26:3e:d1:21:
59:e0:39:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQns/d8UpyhbUM+UTWhderOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZGU0YjNiODJmMjA5YjcwMWFlMzQwY2Y1M2I5NzQwNzhm
MTZhOWYwHhcNMjUwMTAyMTU0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmZmZDJmNTBmZTU4YjE5ZTEyZGQ3ODFkODU3OThlYmVmMzdhYjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSH9EpGValFfH2QXt4tzKvV0rvl8
c6Syx8QpFptSH4pm2jag1ICGbxMbksRyV9PYYqPw8THNT41n9kPSXmAtaCGFwYEP
hmqqonml+6jwYk9yiXrNDiK3v3j3KqxzhwbvfkHX2XBtkMzMYUJcXxtxw1VNngRh
cukCbeDDFACGxkDMNvrdlzauPbMKUUlJXZ5G+PPswbjSYZSreua67X/BlVAXTrPP
vuGh3DoFj+JqFe2zcaXkxaYZnNNSosb9vG+uL9/2pmrOIzJdEMXkrxqQZ2F4oyjF
7vN/IjEsr3sjF4CqeF8H3mFMycw9x6VPZzdxWb9R8jC4cv9qHGfariHRGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMb/0vUP5YsZ4S3XgdhXmOvvN6uNMB8GA1UdIwQY
MBaAFF3eSzuC8gm3Aa40DPU7l0B48WqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGQ1TE80THlDYmNCcmpRTTlUdVhRSGp4YXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8wMmJkZjAtYmYyOS00ZGFlLWIxOWIt
ODZhNTUxOGUyZDUyLzEveHZfUzlRX2xpeG5oTGRlQjJGZVk2LTgzcTQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8wMmJkZjAtYmYyOS00ZGFlLWIxOWItODZhNTUxOGUyZDUy
LzEvWGQ1TE80THlDYmNCcmpRTTlUdVhRSGp4YXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuY/zMA0G
CSqGSIb3DQEBCwUAA4IBAQBIh1nhfkSwLHLrQ8ueJRv0p378eLifgZihXqI7RtTD
RgYiwmcUixCtwZzMc8hOq1tSVtBMa/kDq/3VeaN2KmeoM4tVpvZTGc9UtwHCL1qL
PJ3YlreKy844R72nCJT9nZ+4+1A1xfJOat4VBHX/ZK0oxYfGWu2c7kkGpf7XnPKJ
VqFomWtzDOpsGtKhj8rROOzoWC4vIQGACz/lZQJPEOnkTXWlIEDhz89Dt8jiD+W8
8/qHL8dTgI/8vKupQigrJVb3J+eNxSLfWA7g2FFccDIgXhD4Lff8qRccRafobpeT
qFxzhFC9ZKwO6p8duP0frngskVAlQyIVMSY+0SFZ4Dlb
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:16:36 2025 by rpki-client