Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/Xc8Qyh1LirsUEn7RQ8UyXB3RH0o.roa
File: Xc8Qyh1LirsUEn7RQ8UyXB3RH0o.roa (raw, json)
Hash identifier: J+DRmxT7YhmhWsrfnEFIQoC5CTBLXKphVIrLyARlJ+w=
Subject key identifier: 5D:CF:10:CA:1D:4B:8A:BB:14:12:7E:D1:43:C5:32:5C:1D:D1:1F:4A
Certificate issuer: /CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315
Certificate serial: 0194228E2FCECAE3CDB4D27A5C92E950595F
Authority key identifier: AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/Xc8Qyh1LirsUEn7RQ8UyXB3RH0o.roa
Signing time: Wed 01 Jan 2025 15:48:51 +0000
ROA not before: Wed 01 Jan 2025 15:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203833
IP address blocks: 79.133.32.0/23 maxlen: 23
79.133.43.0/24 maxlen: 24
159.100.24.0/22 maxlen: 24
2a01:7e1::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:2f:ce:ca:e3:cd:b4:d2:7a:5c:92:e9:50:59:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315
Validity
Not Before: Jan 1 15:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5dcf10ca1d4b8abb14127ed143c5325c1dd11f4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:59:d3:69:93:14:8b:55:27:7b:54:70:92:35:
bc:92:f8:2a:b1:57:3f:65:8b:f8:b7:ec:94:0c:50:
27:cc:ff:7d:31:6c:f5:18:ce:3b:bd:e5:45:f3:90:
96:f2:5b:ad:d6:85:09:80:96:68:5a:72:28:9c:cf:
be:6c:68:82:b9:81:6f:1b:77:64:8e:7d:5d:f2:f0:
2e:8c:f9:30:70:4b:f5:a5:c2:da:97:60:69:ac:c5:
97:ab:ca:45:e1:21:d0:ac:30:0f:d8:8e:4c:23:94:
3a:c4:a7:b5:7b:c5:cf:b2:ad:3f:0a:82:30:79:70:
c6:75:fa:f0:a2:6a:8b:6a:e2:40:7c:dd:27:9d:f7:
0c:ac:71:d5:47:62:43:c6:95:be:30:3f:3e:31:f7:
52:11:bb:ea:da:21:24:a3:7e:90:3b:64:85:d5:17:
8b:ec:eb:0b:84:8d:80:03:47:b5:78:52:aa:5a:a1:
a6:05:2d:d7:82:d8:f2:28:c0:1f:87:e9:01:5b:d4:
56:c3:43:b6:0a:61:b2:a1:05:ac:8b:47:d6:e7:fc:
c8:8d:6d:42:ca:18:f9:1b:1a:a4:61:e8:20:e3:30:
54:d4:be:8b:8b:8f:37:df:fd:97:e5:54:f1:60:b8:
fb:1c:a9:ff:08:1b:3f:46:00:ea:d5:5c:47:15:5b:
16:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:CF:10:CA:1D:4B:8A:BB:14:12:7E:D1:43:C5:32:5C:1D:D1:1F:4A
X509v3 Authority Key Identifier:
keyid:AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/Xc8Qyh1LirsUEn7RQ8UyXB3RH0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/qh3FCktSbfGOiwplZde51Yp10xU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.133.32.0/23
79.133.43.0/24
159.100.24.0/22
IPv6:
2a01:7e1::/32
Signature Algorithm: sha256WithRSAEncryption
31:3e:70:0e:66:11:4f:3a:f3:d9:ea:9a:b8:c5:07:07:6c:3d:
34:9c:fc:9a:35:7e:78:00:46:cb:e6:ac:6f:10:6e:5e:af:2a:
c8:00:9c:e2:14:22:76:d4:64:2e:85:cd:cb:d9:d2:74:ab:8b:
4b:78:43:b7:c7:3c:16:34:19:c9:5e:d8:20:9d:cc:f7:21:74:
c7:b7:1f:cb:e9:72:64:dc:80:75:ad:39:95:f4:d8:f3:88:1d:
23:8f:7f:d2:3f:ad:b3:47:6f:f4:da:58:9e:02:6e:2e:c8:c2:
03:36:ee:1e:34:8d:7b:88:0b:d4:6b:f3:9b:14:dd:9a:43:5a:
89:eb:aa:b8:c2:aa:47:a7:0f:e1:ab:6a:1a:ea:ce:cc:a3:41:
92:3a:57:67:00:a4:9a:b3:24:53:c9:55:a0:a7:1f:a0:fc:1f:
97:92:f8:a9:a8:f7:70:33:68:1f:aa:4d:b2:b6:9c:01:93:b8:
51:2e:c6:da:51:d5:b0:e8:f3:ee:bf:bc:5b:f0:88:f8:b1:02:
db:4e:fa:6f:19:14:54:f4:b9:07:6b:ec:d6:f7:c0:14:19:ac:
ca:17:e0:43:ea:21:7b:b8:39:0a:66:57:dc:df:75:97:b7:67:
ba:0f:1e:7a:bb:d4:85:55:fa:fc:f5:28:9b:16:7e:2a:61:7b:
ca:ef:25:0c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQiji/OyuPNtNJ6XJLpUFlfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWRjNTBhNGI1MjZkZjE4ZThiMGE2NTY1ZDdiOWQ1OGE3
NWQzMTUwHhcNMjUwMTAxMTU0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGNmMTBjYTFkNGI4YWJiMTQxMjdlZDE0M2M1MzI1YzFkZDExZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFnTaZMUi1Une1RwkjW8kvgqsVc/
ZYv4t+yUDFAnzP99MWz1GM47veVF85CW8lut1oUJgJZoWnIonM++bGiCuYFvG3dk
jn1d8vAujPkwcEv1pcLal2BprMWXq8pF4SHQrDAP2I5MI5Q6xKe1e8XPsq0/CoIw
eXDGdfrwomqLauJAfN0nnfcMrHHVR2JDxpW+MD8+MfdSEbvq2iEko36QO2SF1ReL
7OsLhI2AA0e1eFKqWqGmBS3XgtjyKMAfh+kBW9RWw0O2CmGyoQWsi0fW5/zIjW1C
yhj5GxqkYegg4zBU1L6Li4833/2X5VTxYLj7HKn/CBs/RgDq1VxHFVsWywIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFF3PEModS4q7FBJ+0UPFMlwd0R9KMB8GA1UdIwQY
MBaAFKodxQpLUm3xjosKZWXXudWKddMVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMt
MzNkNzI4NDMzYzExLzEvWGM4UXloMUxpcnNVRW43UlE4VXlYQjNSSDBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMtMzNkNzI4NDMzYzEx
LzEvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBT4UgAwQA
T4UrAwQCn2QYMA0EAgACMAcDBQAqAQfhMA0GCSqGSIb3DQEBCwUAA4IBAQAxPnAO
ZhFPOvPZ6pq4xQcHbD00nPyaNX54AEbL5qxvEG5eryrIAJziFCJ21GQuhc3L2dJ0
q4tLeEO3xzwWNBnJXtggncz3IXTHtx/L6XJk3IB1rTmV9NjziB0jj3/SP62zR2/0
2lieAm4uyMIDNu4eNI17iAvUa/ObFN2aQ1qJ66q4wqpHpw/hq2oa6s7Mo0GSOldn
AKSasyRTyVWgpx+g/B+XkvipqPdwM2gfqk2ytpwBk7hRLsbaUdWw6PPuv7xb8Ij4
sQLbTvpvGRRU9LkHa+zW98AUGazKF+BD6iF7uDkKZlfc33WXt2e6Dx56u9SFVfr8
9SibFn4qYXvK7yUM
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:09 2025 by rpki-client