Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/801f55-ec8a-4a83-a21e-96a42efce978/1/XPlGPIjWONlSG9AokjtgwWJLHZc.roa
File: XPlGPIjWONlSG9AokjtgwWJLHZc.roa (raw, json)
Hash identifier: +oYgyvIWwRcDft9FmrDmBJDsJlGga81AE5w1IS0DksE=
Subject key identifier: 5C:F9:46:3C:88:D6:38:D9:52:1B:D0:28:92:3B:60:C1:62:4B:1D:97
Certificate issuer: /CN=9d21834344a76816682d211a3144040e5f8534d0
Certificate serial: 01856B0A1F6958741AE2281FE938B3E84C2A
Authority key identifier: 9D:21:83:43:44:A7:68:16:68:2D:21:1A:31:44:04:0E:5F:85:34:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSGDQ0SnaBZoLSEaMUQEDl-FNNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/801f55-ec8a-4a83-a21e-96a42efce978/1/XPlGPIjWONlSG9AokjtgwWJLHZc.roa
Signing time: Sun 01 Jan 2023 01:55:03 +0000
ROA not before: Sun 01 Jan 2023 01:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204151
IP address blocks: 212.237.176.0/21 maxlen: 21
185.107.15.0/24 maxlen: 24
185.107.13.0/24 maxlen: 24
185.107.12.0/22 maxlen: 22
185.107.14.0/24 maxlen: 24
194.45.76.0/22 maxlen: 22
185.233.252.0/24 maxlen: 24
185.233.252.0/22 maxlen: 22
185.233.253.0/24 maxlen: 24
185.233.254.0/24 maxlen: 24
185.233.255.0/24 maxlen: 24
78.31.252.0/22 maxlen: 22
46.32.144.0/21 maxlen: 24
2a06:4000::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:0a:1f:69:58:74:1a:e2:28:1f:e9:38:b3:e8:4c:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d21834344a76816682d211a3144040e5f8534d0
Validity
Not Before: Jan 1 01:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cf9463c88d638d9521bd028923b60c1624b1d97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f6:c9:3d:ca:26:e6:76:4b:7b:ee:fb:b8:82:
0d:fe:01:8a:18:a9:c1:ef:e6:d8:b0:c1:46:fd:4f:
db:2d:89:cc:bf:1b:e9:e7:2a:b2:30:8e:de:75:7c:
80:24:24:c7:c6:2d:60:e6:74:76:81:c8:37:1e:73:
8b:11:71:e6:61:0d:57:69:cf:ea:06:a3:ff:31:f8:
5c:ad:ef:89:3d:de:e9:99:c4:4e:26:37:82:2a:90:
2f:82:43:d2:cd:53:15:c4:b2:79:44:e2:54:b4:3a:
2e:61:e2:2b:8d:7d:68:62:44:86:d2:5d:83:d0:13:
14:29:ba:74:9f:9c:ee:2f:49:43:7c:b1:e8:ee:ec:
4f:94:52:e8:a8:a3:b7:3e:d6:22:62:28:84:b2:f7:
1d:1f:74:6c:1b:20:ca:d0:a4:a9:81:9d:bf:9c:9d:
e1:d3:d4:a5:cb:a0:d0:05:9b:f8:83:39:6e:47:e9:
74:5e:cc:ca:3a:f9:0d:83:70:3d:5d:ad:60:44:05:
cd:6f:30:be:cd:c7:27:85:ee:93:23:e6:94:77:10:
23:70:f5:82:87:27:9d:7e:5f:41:e2:a5:ba:28:cc:
28:ab:38:2f:4b:81:35:f0:0f:41:30:5b:45:a9:49:
26:7e:27:6b:7f:2f:58:91:05:40:2a:be:94:50:f5:
e7:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:F9:46:3C:88:D6:38:D9:52:1B:D0:28:92:3B:60:C1:62:4B:1D:97
X509v3 Authority Key Identifier:
keyid:9D:21:83:43:44:A7:68:16:68:2D:21:1A:31:44:04:0E:5F:85:34:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSGDQ0SnaBZoLSEaMUQEDl-FNNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/801f55-ec8a-4a83-a21e-96a42efce978/1/XPlGPIjWONlSG9AokjtgwWJLHZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/801f55-ec8a-4a83-a21e-96a42efce978/1/nSGDQ0SnaBZoLSEaMUQEDl-FNNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.32.144.0/21
78.31.252.0/22
185.107.12.0/22
185.233.252.0/22
194.45.76.0/22
212.237.176.0/21
IPv6:
2a06:4000::/29
Signature Algorithm: sha256WithRSAEncryption
2a:72:ac:36:bb:6f:5a:2a:60:5b:b8:eb:2a:d1:ac:03:0c:da:
76:f1:89:54:61:5a:cd:ef:a4:16:14:64:9f:65:4a:b8:86:ea:
74:b0:92:54:a0:70:06:fc:ff:51:e9:ff:97:58:6b:83:d2:16:
f3:0c:02:35:fa:e9:57:8e:c6:cc:6a:8d:63:df:1d:f1:de:a7:
75:89:f9:e1:75:58:81:82:db:d3:0a:0d:79:51:f1:6d:29:25:
c5:5f:4c:87:0c:89:dc:72:92:20:b1:19:c4:ad:6a:5c:52:11:
89:e2:dd:3e:8c:b6:24:82:a6:04:65:33:cb:ac:09:05:c6:93:
db:ea:42:89:b9:83:99:d8:f9:f8:30:df:ff:be:36:5c:53:70:
ae:0e:07:50:86:69:2a:e2:28:a2:0f:ca:63:d8:58:d8:56:5a:
7b:34:de:93:ab:ff:1d:68:ee:5b:62:37:fa:0c:a9:a2:b3:94:
21:29:a2:1d:00:1a:78:ba:94:4f:29:38:77:67:ff:18:ba:68:
87:f2:76:af:c2:8d:39:b2:b5:8a:4d:07:74:78:b5:68:13:96:
50:ba:00:6d:9e:c2:4a:6c:f0:bf:63:1c:66:b7:82:64:be:3b:
13:db:50:36:0d:87:50:97:e2:0c:a8:e0:2d:1a:38:28:50:92:
c0:3b:56:84
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVrCh9pWHQa4igf6Tiz6EwqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjE4MzQzNDRhNzY4MTY2ODJkMjExYTMxNDQwNDBlNWY4
NTM0ZDAwHhcNMjMwMTAxMDE1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2Y5NDYzYzg4ZDYzOGQ5NTIxYmQwMjg5MjNiNjBjMTYyNGIxZDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufbJPcom5nZLe+77uIIN/gGKGKnB
7+bYsMFG/U/bLYnMvxvp5yqyMI7edXyAJCTHxi1g5nR2gcg3HnOLEXHmYQ1Xac/q
BqP/Mfhcre+JPd7pmcROJjeCKpAvgkPSzVMVxLJ5ROJUtDouYeIrjX1oYkSG0l2D
0BMUKbp0n5zuL0lDfLHo7uxPlFLoqKO3PtYiYiiEsvcdH3RsGyDK0KSpgZ2/nJ3h
09Sly6DQBZv4gzluR+l0XszKOvkNg3A9Xa1gRAXNbzC+zccnhe6TI+aUdxAjcPWC
hyedfl9B4qW6KMwoqzgvS4E18A9BMFtFqUkmfidrfy9YkQVAKr6UUPXn9wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFFz5RjyI1jjZUhvQKJI7YMFiSx2XMB8GA1UdIwQY
MBaAFJ0hg0NEp2gWaC0hGjFEBA5fhTTQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNHRFEwU25hQlpvTFNFYU1VUUVEbC1GTk5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84MDFmNTUtZWM4YS00YTgzLWEyMWUt
OTZhNDJlZmNlOTc4LzEvWFBsR1BJaldPTmxTRzlBb2tqdGd3V0pMSFpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84MDFmNTUtZWM4YS00YTgzLWEyMWUtOTZhNDJlZmNlOTc4
LzEvblNHRFEwU25hQlpvTFNFYU1VUUVEbC1GTk5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDLiCQAwQC
Th/8AwQCuWsMAwQCuen8AwQCwi1MAwQD1O2wMA0EAgACMAcDBQMqBkAAMA0GCSqG
SIb3DQEBCwUAA4IBAQAqcqw2u29aKmBbuOsq0awDDNp28YlUYVrN76QWFGSfZUq4
hup0sJJUoHAG/P9R6f+XWGuD0hbzDAI1+ulXjsbMao1j3x3x3qd1ifnhdViBgtvT
Cg15UfFtKSXFX0yHDInccpIgsRnErWpcUhGJ4t0+jLYkgqYEZTPLrAkFxpPb6kKJ
uYOZ2Pn4MN//vjZcU3CuDgdQhmkq4iiiD8pj2FjYVlp7NN6Tq/8daO5bYjf6DKmi
s5QhKaIdABp4upRPKTh3Z/8YumiH8navwo05srWKTQd0eLVoE5ZQugBtnsJKbPC/
Yxxmt4JkvjsT21A2DYdQl+IMqOAtGjgoUJLAO1aE
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:12 2025 by rpki-client