Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Xcn5qCL18GOyV_mZ6LXt-utATOQ.roa
File: Xcn5qCL18GOyV_mZ6LXt-utATOQ.roa (raw, json)
Hash identifier: kJvMbb0SSAT0fMdsbJY7xxB5on9Q2jSKC3UGTJpMv1A=
Subject key identifier: 5D:C9:F9:A8:22:F5:F0:63:B2:57:F9:99:E8:B5:ED:FA:EB:40:4C:E4
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 01950A453657433644D4F7A475649A107E37
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Xcn5qCL18GOyV_mZ6LXt-utATOQ.roa
Signing time: Sat 15 Feb 2025 15:41:02 +0000
ROA not before: Sat 15 Feb 2025 15:41:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 5.180.234.0/24 maxlen: 24
2a06:e5c0::/29 maxlen: 48
2a09:96c0::/29 maxlen: 48
2a09:ae80::/29 maxlen: 48
2a09:b440::/48 maxlen: 48
2a13:4bc0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:0a:45:36:57:43:36:44:d4:f7:a4:75:64:9a:10:7e:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Feb 15 15:41:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5dc9f9a822f5f063b257f999e8b5edfaeb404ce4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3b:97:c0:6b:3a:b4:62:97:e1:3d:8f:6c:65:
d7:ec:8b:ec:f5:f2:5b:94:eb:fa:bc:0f:9e:d0:11:
eb:eb:c3:4f:69:08:60:af:94:53:3f:57:6f:c5:84:
ca:a6:d0:76:89:dc:64:62:a7:0a:eb:7d:c5:86:6f:
4e:d0:4d:76:f3:c6:27:de:02:de:a1:b8:66:ae:ae:
a5:d6:d3:b0:b2:79:71:44:14:be:00:b8:6a:d3:33:
e3:1d:be:99:e8:22:4a:70:ea:99:c5:ea:e2:3d:e5:
8a:f6:31:95:89:91:38:09:99:32:d8:91:89:b1:11:
bc:7b:f7:30:86:04:26:97:a8:62:a1:01:ea:92:ce:
ea:00:30:01:19:8c:90:c8:c1:96:df:ee:d1:7d:31:
1b:c6:b8:ac:af:75:b4:28:67:98:6b:da:11:53:eb:
5f:86:7e:8b:9e:20:e0:45:7d:b7:f8:31:4a:e7:10:
14:9c:3c:2f:87:f7:cf:e3:12:95:d5:9f:35:f8:4f:
70:d0:ed:7d:6a:42:bc:e2:8e:07:3c:cf:52:d6:e7:
4b:7a:85:0e:f3:c5:d9:a3:65:a6:1b:15:22:1f:8e:
a8:23:31:79:01:4a:9e:9c:5f:7e:28:fc:46:a2:e2:
53:fe:bf:8b:45:ca:0b:d1:b0:cf:72:e1:3e:d9:5e:
27:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:C9:F9:A8:22:F5:F0:63:B2:57:F9:99:E8:B5:ED:FA:EB:40:4C:E4
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Xcn5qCL18GOyV_mZ6LXt-utATOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.234.0/24
IPv6:
2a06:e5c0::/29
2a09:96c0::/29
2a09:ae80::/29
2a09:b440::/48
2a13:4bc0::/29
Signature Algorithm: sha256WithRSAEncryption
70:95:34:00:8a:2e:dc:f5:ba:1b:5c:f9:88:a0:9f:e6:f3:bd:
d3:ef:a8:e1:04:ed:45:c5:8b:3a:4d:a3:7a:16:6c:9e:01:bc:
eb:19:c5:04:0b:30:19:d7:7a:1a:cb:1e:bf:28:21:e2:27:f6:
e6:28:c9:c9:f9:a5:67:e1:93:91:30:29:37:d1:a3:b5:96:85:
0f:85:11:b1:5b:6b:ba:aa:b1:64:19:be:62:46:33:58:1a:23:
50:fb:97:a6:f1:40:4d:ab:69:7d:71:8c:84:38:8a:d5:80:41:
b7:03:31:4e:d9:ee:a7:27:6d:00:a5:82:78:1d:78:2d:63:e1:
1d:d8:33:23:a9:00:28:be:ef:19:d8:e3:fb:a3:36:8f:4a:0a:
fa:c3:21:5a:00:3a:82:b6:26:86:4f:e4:62:19:aa:66:14:39:
fb:9f:66:0c:45:50:21:3f:06:32:d4:a7:d9:d3:f3:44:a7:00:
ee:4f:5b:9b:8a:23:24:31:e5:58:f0:7e:63:9d:84:bb:c0:20:
ee:b6:aa:a8:78:1f:f1:1e:09:8c:0a:45:9e:aa:bd:11:06:65:
2f:30:6d:7f:89:61:88:55:ea:dc:93:b0:91:c3:e8:31:53:ad:
21:f0:84:55:b4:1f:bb:fe:a3:80:e7:f6:dd:b7:6a:da:34:58:
a0:19:c9:1c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZUKRTZXQzZE1PekdWSaEH43MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwMjE1MTU0MTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGM5ZjlhODIyZjVmMDYzYjI1N2Y5OTllOGI1ZWRmYWViNDA0Y2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDuXwGs6tGKX4T2PbGXX7Ivs9fJb
lOv6vA+e0BHr68NPaQhgr5RTP1dvxYTKptB2idxkYqcK633Fhm9O0E1288Yn3gLe
obhmrq6l1tOwsnlxRBS+ALhq0zPjHb6Z6CJKcOqZxeriPeWK9jGViZE4CZky2JGJ
sRG8e/cwhgQml6hioQHqks7qADABGYyQyMGW3+7RfTEbxrisr3W0KGeYa9oRU+tf
hn6LniDgRX23+DFK5xAUnDwvh/fP4xKV1Z81+E9w0O19akK84o4HPM9S1udLeoUO
88XZo2WmGxUiH46oIzF5AUqenF9+KPxGouJT/r+LRcoL0bDPcuE+2V4nlwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFF3J+agi9fBjslf5mei17frrQEzkMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvWGNuNXFDTDE4R095Vl9tWjZMWHQtdXRBVE9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAMBAIAATAGAwQABbTqMCsE
AgACMCUDBQMqBuXAAwUDKgmWwAMFAyoJroADBwAqCbRAAAADBQMqE0vAMA0GCSqG
SIb3DQEBCwUAA4IBAQBwlTQAii7c9bobXPmIoJ/m873T76jhBO1FxYs6TaN6Fmye
AbzrGcUECzAZ13oayx6/KCHiJ/bmKMnJ+aVn4ZORMCk30aO1loUPhRGxW2u6qrFk
Gb5iRjNYGiNQ+5em8UBNq2l9cYyEOIrVgEG3AzFO2e6nJ20ApYJ4HXgtY+Ed2DMj
qQAovu8Z2OP7ozaPSgr6wyFaADqCtiaGT+RiGapmFDn7n2YMRVAhPwYy1KfZ0/NE
pwDuT1ubiiMkMeVY8H5jnYS7wCDutqqoeB/xHgmMCkWeqr0RBmUvMG1/iWGIVerc
k7CRw+gxU60h8IRVtB+7/qOA5/bdt2raNFigGckc
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:41:17 2025 by rpki-client