Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/XR-_EEDwF8zWqFnUJesI7P4suXw.roa
File: XR-_EEDwF8zWqFnUJesI7P4suXw.roa (raw, json)
Hash identifier: 5Fp6z6r3AdWNjIT316J/wStOBp8ELRHvRNd1XNc9tso=
Subject key identifier: 5D:1F:BF:10:40:F0:17:CC:D6:A8:59:D4:25:EB:08:EC:FE:2C:B9:7C
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 01942220090541111BCF3B9DE3736C83CB87
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/XR-_EEDwF8zWqFnUJesI7P4suXw.roa
Signing time: Wed 01 Jan 2025 13:48:32 +0000
ROA not before: Wed 01 Jan 2025 13:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204157
IP address blocks: 45.139.71.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:09:05:41:11:1b:cf:3b:9d:e3:73:6c:83:cb:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Jan 1 13:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d1fbf1040f017ccd6a859d425eb08ecfe2cb97c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:eb:a0:ba:e6:5e:e5:53:65:de:30:49:18:25:
98:c3:29:88:a7:7a:06:95:fc:e3:91:16:9a:d5:3a:
15:a2:c5:3a:1d:bb:f9:57:00:30:25:d0:0a:eb:85:
9a:73:59:e3:cc:4f:5b:f6:fb:0b:26:df:15:28:f1:
3c:be:74:cc:61:b9:df:4f:20:80:74:f4:16:4b:d3:
5a:24:4c:a4:fd:7f:53:15:05:88:fa:e8:17:af:98:
ac:c0:34:f4:e4:ab:df:16:ad:5d:39:01:ac:9f:c8:
da:ed:b5:5e:53:2c:21:31:ba:05:3b:34:af:aa:4d:
c6:be:f8:b9:78:50:d7:36:72:3e:9b:df:7a:18:e6:
d3:c9:96:a7:1b:55:86:55:03:ba:22:10:6a:10:1d:
b8:7a:b7:af:8e:ca:18:ac:33:d4:dc:cd:5f:cb:af:
2d:23:c8:b5:97:d0:d0:e2:06:b3:77:cf:1f:dc:4d:
bd:32:d1:87:c6:df:6d:57:66:44:2d:06:c1:c7:c4:
7a:64:d0:40:ae:ff:e5:e3:da:b3:66:a8:c0:06:61:
0b:07:39:9d:69:51:ba:20:d6:0e:92:52:09:f6:46:
31:25:16:43:dc:d6:7d:b3:ea:b7:df:13:f3:d5:44:
c0:a2:5b:81:7f:df:f4:0a:ec:4a:82:be:90:fa:43:
50:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:1F:BF:10:40:F0:17:CC:D6:A8:59:D4:25:EB:08:EC:FE:2C:B9:7C
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/XR-_EEDwF8zWqFnUJesI7P4suXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.71.0/24
Signature Algorithm: sha256WithRSAEncryption
26:2c:32:14:e6:0b:79:0b:da:52:af:bf:a0:bd:fe:05:6e:14:
0d:71:fb:31:a1:27:fe:0d:c4:9b:05:1c:e1:11:2b:21:82:38:
40:83:b0:d6:48:5f:50:41:7b:57:88:e2:f6:20:19:0c:92:db:
5e:86:89:8a:93:17:ca:7c:2c:f3:ab:e6:63:96:d8:da:5a:16:
05:c4:ff:b5:56:70:1e:59:91:51:a3:99:78:9d:a6:16:1d:c1:
fb:dc:2b:55:f3:21:ec:ae:87:52:5c:41:37:58:27:a4:16:36:
d7:02:57:1b:bb:59:ba:0b:81:f1:e1:4a:4e:b7:42:58:66:69:
7d:e0:b9:4c:16:71:ab:d8:69:eb:62:8e:bf:ca:47:7c:36:72:
33:98:f9:a9:fe:15:78:c2:f7:75:76:76:51:e1:e1:b0:3d:91:
9d:5e:b4:22:e8:fb:62:b1:e6:7d:31:44:d8:6d:9e:bf:83:0d:
f1:77:3c:f2:06:3c:92:db:fd:69:18:51:b8:37:b2:0b:eb:4b:
ab:81:04:a3:2c:46:91:ff:be:99:44:ff:73:cb:33:ba:db:be:
e4:70:d0:7f:87:bb:fd:82:29:64:6a:b2:85:f1:9f:bf:bd:f6:
57:30:39:f8:19:d5:12:c9:00:02:b8:1b:3c:8f:a8:fd:a6:ae:
2e:db:8d:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIAkFQREbzzud43Nsg8uHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjUwMTAxMTM0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDFmYmYxMDQwZjAxN2NjZDZhODU5ZDQyNWViMDhlY2ZlMmNiOTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOuguuZe5VNl3jBJGCWYwymIp3oG
lfzjkRaa1ToVosU6Hbv5VwAwJdAK64Wac1njzE9b9vsLJt8VKPE8vnTMYbnfTyCA
dPQWS9NaJEyk/X9TFQWI+ugXr5iswDT05KvfFq1dOQGsn8ja7bVeUywhMboFOzSv
qk3Gvvi5eFDXNnI+m996GObTyZanG1WGVQO6IhBqEB24erevjsoYrDPU3M1fy68t
I8i1l9DQ4gazd88f3E29MtGHxt9tV2ZELQbBx8R6ZNBArv/l49qzZqjABmELBzmd
aVG6INYOklIJ9kYxJRZD3NZ9s+q33xPz1UTAoluBf9/0CuxKgr6Q+kNQ9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF0fvxBA8BfM1qhZ1CXrCOz+LLl8MB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvWFItX0VFRHdGOHpXcUZuVUplc0k3UDRzdVh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYtHMA0G
CSqGSIb3DQEBCwUAA4IBAQAmLDIU5gt5C9pSr7+gvf4FbhQNcfsxoSf+DcSbBRzh
ESshgjhAg7DWSF9QQXtXiOL2IBkMkttehomKkxfKfCzzq+ZjltjaWhYFxP+1VnAe
WZFRo5l4naYWHcH73CtV8yHsrodSXEE3WCekFjbXAlcbu1m6C4Hx4UpOt0JYZml9
4LlMFnGr2GnrYo6/ykd8NnIzmPmp/hV4wvd1dnZR4eGwPZGdXrQi6PtiseZ9MUTY
bZ6/gw3xdzzyBjyS2/1pGFG4N7IL60urgQSjLEaR/76ZRP9zyzO6277kcNB/h7v9
gilkarKF8Z+/vfZXMDn4GdUSyQACuBs8j6j9pq4u242G
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:58 2025 by rpki-client