Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/Xd2QaW60upMnqwQIBHXXIoPXPzs.roa
File: Xd2QaW60upMnqwQIBHXXIoPXPzs.roa (raw, json)
Hash identifier: +i6BQOs/QyU2pk+3pSoh+wtk4Cf+VFJXifr7WtqVoY4=
Subject key identifier: 5D:DD:90:69:6E:B4:BA:93:27:AB:04:08:04:75:D7:22:83:D7:3F:3B
Certificate issuer: /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial: 01941F8C5D272147A8FE5EF2D059C2772731
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/Xd2QaW60upMnqwQIBHXXIoPXPzs.roa
Signing time: Wed 01 Jan 2025 01:48:00 +0000
ROA not before: Wed 01 Jan 2025 01:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1239
IP address blocks: 92.51.32.0/23 maxlen: 24
92.51.34.0/23 maxlen: 24
92.51.40.0/23 maxlen: 24
92.51.42.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:5d:27:21:47:a8:fe:5e:f2:d0:59:c2:77:27:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Validity
Not Before: Jan 1 01:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ddd90696eb4ba9327ab04080475d72283d73f3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c5:a4:ec:46:a2:15:14:96:9e:36:14:b2:cd:
69:50:a4:0f:b0:5c:dd:4e:b9:bd:10:d4:d7:92:f4:
16:89:b3:99:1d:88:bb:d8:b4:00:d6:c6:6d:f1:29:
ad:ab:96:4d:f7:a9:93:82:fd:f5:6c:2d:26:27:75:
f1:88:9a:b0:43:11:6f:4b:03:65:64:5e:c5:58:3f:
02:fb:7e:da:17:44:94:03:37:61:10:bb:4e:6a:42:
58:c1:c8:70:62:4c:1a:ef:d7:60:be:75:1c:66:08:
8d:29:76:0e:bf:9a:17:56:a7:78:5d:0d:ec:db:01:
b2:39:46:15:b2:6f:87:51:9c:f6:51:aa:97:8b:09:
3a:e4:35:9e:3d:c1:32:71:f1:50:e5:26:bd:26:2a:
9e:64:ae:6b:3b:76:c0:5d:66:21:87:85:c7:aa:b4:
18:7f:64:5a:c5:5e:6b:b4:f8:68:75:dc:6d:ac:17:
c5:e1:b5:d6:64:b6:7d:9c:2e:6c:02:1e:0e:c5:fa:
1e:aa:ea:10:c6:94:0d:02:69:89:f1:b8:38:dd:21:
4a:64:0c:b7:2f:22:0e:8a:e7:58:85:5c:7a:38:1c:
4f:3c:d2:d1:1b:c1:11:49:8a:79:a8:04:17:a9:f8:
ab:65:60:02:19:96:80:7a:b8:04:ff:6a:29:ec:11:
29:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:DD:90:69:6E:B4:BA:93:27:AB:04:08:04:75:D7:22:83:D7:3F:3B
X509v3 Authority Key Identifier:
keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/Xd2QaW60upMnqwQIBHXXIoPXPzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.51.32.0/22
92.51.40.0/22
Signature Algorithm: sha256WithRSAEncryption
28:59:46:0d:67:dd:90:f2:7a:f1:b8:1f:d3:08:1b:48:60:11:
d6:91:17:cc:8f:80:62:69:04:f7:9e:d9:29:72:cb:4c:f0:c5:
8f:7b:12:a8:23:f1:44:8d:76:8d:0c:cc:91:db:9f:97:3b:d9:
bc:be:cd:22:38:55:ae:aa:0e:ee:02:cf:34:8b:fd:1d:56:35:
6e:a2:b4:d1:83:07:7e:85:e4:a0:43:d6:ed:43:4f:6f:82:12:
57:b3:ce:ad:7e:a8:cb:97:28:f0:35:30:1e:c3:9c:b5:7f:65:
3a:df:b3:75:50:b3:53:2c:83:23:7b:ad:ab:c5:5d:23:78:1a:
47:18:ed:8c:5b:b9:d8:9f:c8:93:c3:e5:81:2f:be:0c:08:77:
c9:bb:cf:02:af:b2:06:75:3c:79:b0:4c:a2:f1:8e:51:ff:86:
e9:1b:c3:1e:d2:72:cb:59:6e:5d:6e:79:dd:3d:49:c6:60:02:
b2:75:cb:63:a2:0e:79:92:3c:97:3a:2c:f2:1c:07:f4:2c:4c:
2e:6a:50:9b:64:14:55:cc:b4:fe:9a:07:0c:77:79:17:d2:4d:
24:26:01:13:e7:a2:c6:0c:d6:a1:9e:86:e7:94:d1:86:75:17:
d4:0a:98:af:05:e3:c8:7e:44:6a:5f:ae:09:35:35:1e:d6:6f:
50:d9:9b:62
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQfjF0nIUeo/l7y0FnCdycxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTdjMmQ5ZDkzYWM3Y2Y5YjJmMTdjYWE3ODU5YjY5ODVi
MzliOWQwHhcNMjUwMTAxMDE0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGRkOTA2OTZlYjRiYTkzMjdhYjA0MDgwNDc1ZDcyMjgzZDczZjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8Wk7EaiFRSWnjYUss1pUKQPsFzd
Trm9ENTXkvQWibOZHYi72LQA1sZt8Smtq5ZN96mTgv31bC0mJ3XxiJqwQxFvSwNl
ZF7FWD8C+37aF0SUAzdhELtOakJYwchwYkwa79dgvnUcZgiNKXYOv5oXVqd4XQ3s
2wGyOUYVsm+HUZz2UaqXiwk65DWePcEycfFQ5Sa9JiqeZK5rO3bAXWYhh4XHqrQY
f2RaxV5rtPhoddxtrBfF4bXWZLZ9nC5sAh4OxfoequoQxpQNAmmJ8bg43SFKZAy3
LyIOiudYhVx6OBxPPNLRG8ERSYp5qAQXqfirZWACGZaAergE/2op7BEpTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF3dkGlutLqTJ6sECAR11yKD1z87MB8GA1UdIwQY
MBaAFO9XwtnZOsfPmy8XyqeFm2mFs5udMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2Njct
OGU2Zjg3OGRiNWY0LzEvWGQyUWFXNjB1cE1ucXdRSUJIWFhJb1BYUHpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2NjctOGU2Zjg3OGRiNWY0
LzEvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXDMgAwQC
XDMoMA0GCSqGSIb3DQEBCwUAA4IBAQAoWUYNZ92Q8nrxuB/TCBtIYBHWkRfMj4Bi
aQT3ntkpcstM8MWPexKoI/FEjXaNDMyR25+XO9m8vs0iOFWuqg7uAs80i/0dVjVu
orTRgwd+heSgQ9btQ09vghJXs86tfqjLlyjwNTAew5y1f2U637N1ULNTLIMje62r
xV0jeBpHGO2MW7nYn8iTw+WBL74MCHfJu88Cr7IGdTx5sEyi8Y5R/4bpG8Me0nLL
WW5dbnndPUnGYAKydctjog55kjyXOizyHAf0LEwualCbZBRVzLT+mgcMd3kX0k0k
JgET56LGDNahnobnlNGGdRfUCpivBePIfkRqX64JNTUe1m9Q2Zti
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:20:07 2025 by rpki-client