Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/91fa29-7103-4230-b2dc-36638b61c033/1/xQrZSZoAOWXDhB95cyAYXiTdkIE.roa
File: xQrZSZoAOWXDhB95cyAYXiTdkIE.roa (raw, json)
Hash identifier: veMcQNQC+5XGJj85LAQ3BOLK9rdx3xsgKFSEaqXOk6s=
Subject key identifier: C5:0A:D9:49:9A:00:39:65:C3:84:1F:79:73:20:18:5E:24:DD:90:81
Certificate issuer: /CN=21ae63c7fa8753f01470b35e294a0fb586dbf553
Certificate serial: 4CEF60
Authority key identifier: 21:AE:63:C7:FA:87:53:F0:14:70:B3:5E:29:4A:0F:B5:86:DB:F5:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ia5jx_qHU_AUcLNeKUoPtYbb9VM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/91fa29-7103-4230-b2dc-36638b61c033/1/xQrZSZoAOWXDhB95cyAYXiTdkIE.roa
Signing time: Sat 01 Jan 2022 02:57:52 +0000
ROA not before: Sat 01 Jan 2022 02:57:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199496
IP address blocks: 185.165.252.0/22 maxlen: 32
2a0a:5600::/29 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5042016 (0x4cef60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21ae63c7fa8753f01470b35e294a0fb586dbf553
Validity
Not Before: Jan 1 02:57:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c50ad9499a003965c3841f797320185e24dd9081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:21:f3:6b:a7:7e:d8:09:f9:8a:9e:e5:6d:94:
c0:7e:a2:79:cf:18:51:0f:de:8e:5f:c8:ec:a8:e8:
8c:86:b1:a7:fa:b5:a7:ea:18:bc:43:3c:fb:a7:8f:
2a:35:37:92:df:3b:52:27:f1:a3:5b:2d:d6:5b:27:
89:90:c6:02:65:cf:d1:dc:f2:0b:ca:fb:7c:b3:1e:
5e:e1:e0:39:7d:c0:d7:ab:ed:56:62:7e:88:50:ce:
22:b1:9f:a8:d2:fc:a6:0d:02:f0:58:16:df:cf:93:
ea:8c:23:36:b3:37:67:c0:2f:06:13:b1:9d:fa:a9:
c5:69:e6:f0:69:fc:4f:8a:17:d4:b5:04:f2:dc:ae:
10:d4:0c:6e:8b:4a:63:c5:23:a8:a7:b5:60:43:55:
3d:ce:ed:4d:cb:14:a0:a8:93:1c:9e:58:41:0e:f8:
ae:02:24:3a:97:c8:be:82:f9:3d:14:f8:d0:e8:3c:
44:02:e9:a1:37:30:38:00:f8:6b:b7:09:e7:6e:d4:
4f:b7:eb:a1:35:e6:a8:c2:10:1a:4a:0f:1a:54:3c:
8b:77:22:e2:99:ca:18:a4:eb:ea:db:90:a8:02:06:
87:8a:ae:72:77:55:0c:e6:83:2c:07:29:ee:95:5d:
ad:15:a7:68:6e:6c:cf:9a:5e:51:f7:63:cb:10:df:
96:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:0A:D9:49:9A:00:39:65:C3:84:1F:79:73:20:18:5E:24:DD:90:81
X509v3 Authority Key Identifier:
keyid:21:AE:63:C7:FA:87:53:F0:14:70:B3:5E:29:4A:0F:B5:86:DB:F5:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ia5jx_qHU_AUcLNeKUoPtYbb9VM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/91fa29-7103-4230-b2dc-36638b61c033/1/xQrZSZoAOWXDhB95cyAYXiTdkIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/91fa29-7103-4230-b2dc-36638b61c033/1/Ia5jx_qHU_AUcLNeKUoPtYbb9VM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.252.0/22
IPv6:
2a0a:5600::/29
Signature Algorithm: sha256WithRSAEncryption
1d:e6:90:fa:8e:ba:e6:15:11:0d:78:3c:c5:51:a7:3e:2f:17:
83:47:7c:b7:df:d7:50:ff:1e:09:ff:e0:2a:08:91:81:6e:64:
e3:40:9c:c3:98:9c:f6:93:a7:2b:1e:89:93:a5:d5:2b:a5:20:
79:1b:2c:67:aa:8b:0c:fd:e0:0e:48:74:87:88:1e:55:27:b5:
8b:6b:ac:d6:e4:40:3c:80:63:fc:b4:7e:62:ce:09:1b:c5:ef:
a3:5e:92:b6:eb:36:d8:05:b0:3a:53:dc:e3:b5:ab:f9:58:5a:
16:e0:a6:55:20:d1:53:79:75:53:6b:5d:ee:64:18:af:91:6e:
07:ad:9f:b5:52:af:72:26:23:42:a8:7d:4f:71:46:eb:19:95:
d1:79:eb:87:ec:3f:44:96:94:37:8a:28:c4:3b:5b:58:fa:7d:
e5:eb:37:9d:88:8c:6e:95:bf:90:46:3b:dc:6e:25:4a:89:9d:
e0:33:8d:e6:23:a4:cb:76:f3:bc:2b:e2:7d:ea:09:86:42:db:
f4:34:d7:ba:4b:72:ef:b8:18:19:d0:5b:58:6f:60:8b:c0:b8:
bc:b3:78:8e:90:05:1c:a8:65:8f:5d:f8:a8:d9:71:5a:9b:d5:
cc:15:ab:7c:fa:84:e9:0e:66:9a:c5:59:f0:bf:80:dc:2d:25:
49:00:d8:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDTO9gMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDIx
YWU2M2M3ZmE4NzUzZjAxNDcwYjM1ZTI5NGEwZmI1ODZkYmY1NTMwHhcNMjIwMTAx
MDI1NzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjNTBhZDk0OTlhMDAz
OTY1YzM4NDFmNzk3MzIwMTg1ZTI0ZGQ5MDgxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAyiHza6d+2An5ip7lbZTAfqJ5zxhRD96OX8jsqOiMhrGn+rWn
6hi8Qzz7p48qNTeS3ztSJ/GjWy3WWyeJkMYCZc/R3PILyvt8sx5e4eA5fcDXq+1W
Yn6IUM4isZ+o0vymDQLwWBbfz5PqjCM2szdnwC8GE7Gd+qnFaebwafxPihfUtQTy
3K4Q1Axui0pjxSOop7VgQ1U9zu1NyxSgqJMcnlhBDviuAiQ6l8i+gvk9FPjQ6DxE
AumhNzA4APhrtwnnbtRPt+uhNeaowhAaSg8aVDyLdyLimcoYpOvq25CoAgaHiq5y
d1UM5oMsBynulV2tFadobmzPml5R92PLEN+WUwIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFMUK2UmaADllw4QfeXMgGF4k3ZCBMB8GA1UdIwQYMBaAFCGuY8f6h1PwFHCz
XilKD7WG2/VTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
SWE1anhfcUhVX0FVY0xOZUtVb1B0WWJiOVZNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hYi85MWZhMjktNzEwMy00MjMwLWIyZGMtMzY2MzhiNjFjMDMzLzEv
eFFyWlNab0FPV1hEaEI5NWN5QVlYaVRka0lFLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85
MWZhMjktNzEwMy00MjMwLWIyZGMtMzY2MzhiNjFjMDMzLzEvSWE1anhfcUhVX0FV
Y0xOZUtVb1B0WWJiOVZNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaX8MA0EAgACMAcDBQMqClYAMA0G
CSqGSIb3DQEBCwUAA4IBAQAd5pD6jrrmFRENeDzFUac+LxeDR3y339dQ/x4J/+Aq
CJGBbmTjQJzDmJz2k6crHomTpdUrpSB5GyxnqosM/eAOSHSHiB5VJ7WLa6zW5EA8
gGP8tH5izgkbxe+jXpK26zbYBbA6U9zjtav5WFoW4KZVINFTeXVTa13uZBivkW4H
rZ+1Uq9yJiNCqH1PcUbrGZXReeuH7D9ElpQ3iijEO1tY+n3l6zediIxulb+QRjvc
biVKiZ3gM43mI6TLdvO8K+J96gmGQtv0NNe6S3LvuBgZ0FtYb2CLwLi8s3iOkAUc
qGWPXfio2XFam9XMFat8+oTpDmaaxVnwv4DcLSVJANiX
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:00 2025 by rpki-client