Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/XZs_n9LlWeIjgJyjQL-txO1IyBc.roa
File: XZs_n9LlWeIjgJyjQL-txO1IyBc.roa (raw, json)
Hash identifier: vdWb+SO51i4rlc6cEHTBn341KBPqNXiZLaJnJWGUZiA=
Subject key identifier: 5D:9B:3F:9F:D2:E5:59:E2:23:80:9C:A3:40:BF:AD:C4:ED:48:C8:17
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 019423D774FA070C1D24C8F0FE5DCFE275AD
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/XZs_n9LlWeIjgJyjQL-txO1IyBc.roa
Signing time: Wed 01 Jan 2025 21:48:30 +0000
ROA not before: Wed 01 Jan 2025 21:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213392
IP address blocks: 45.86.126.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:74:fa:07:0c:1d:24:c8:f0:fe:5d:cf:e2:75:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 21:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d9b3f9fd2e559e223809ca340bfadc4ed48c817
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:f9:5f:b0:62:d9:ca:76:3d:c3:dc:57:ec:12:
04:64:ec:f0:2b:2b:40:ab:07:c8:b5:88:61:db:82:
2c:ce:e5:29:1f:a7:dc:87:3a:9e:3b:49:e3:1d:be:
9a:66:e2:41:d0:43:d4:3d:fa:8c:6f:ca:b5:0d:89:
5c:24:78:2b:05:92:84:38:7d:e7:a2:e7:0b:41:de:
39:a1:17:d6:11:de:52:49:12:62:02:48:e4:58:61:
ac:fe:ad:6f:1f:8b:24:e1:14:6e:b3:aa:4a:d0:d9:
f1:dd:ac:37:62:76:2b:3f:0c:da:da:f0:02:10:98:
35:fc:82:82:cc:59:a6:f3:43:04:8c:81:a8:99:4f:
21:3a:e2:5e:12:25:90:56:de:bd:e1:56:db:75:6d:
69:c8:2c:d2:ef:4b:80:5d:80:84:3a:b0:44:57:7f:
f4:cc:d9:c4:6a:d3:a3:6c:e5:f5:5f:15:f5:e7:6b:
6a:c7:b0:fb:39:38:1c:c3:c8:04:09:ca:39:dc:13:
4c:be:2b:75:21:d1:14:a3:b0:48:78:83:05:3d:24:
d4:f2:0c:f1:42:ce:5c:48:1d:f5:b4:ab:ce:fc:79:
6c:f6:b1:0a:2d:22:31:c5:02:7f:ba:d2:50:c4:f3:
67:a8:8a:c8:b9:ca:04:9d:04:f3:ee:29:e4:c5:e5:
86:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:9B:3F:9F:D2:E5:59:E2:23:80:9C:A3:40:BF:AD:C4:ED:48:C8:17
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/XZs_n9LlWeIjgJyjQL-txO1IyBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.126.0/24
Signature Algorithm: sha256WithRSAEncryption
45:ff:c9:af:20:af:44:d8:c5:3e:8d:34:38:e4:f4:3f:64:bf:
ca:9a:16:31:c5:dd:a1:42:c4:52:be:cf:4c:27:da:8b:d3:33:
53:93:b5:1a:03:9f:96:df:4e:c7:86:a4:79:56:b5:b2:25:e4:
50:cb:fe:e4:8b:84:b9:0f:a2:26:68:ae:e7:7a:b2:ce:32:61:
f6:84:59:dd:cd:c9:0b:a3:13:b6:96:43:1d:da:06:79:83:66:
d9:e2:69:0d:0b:50:3a:3a:67:3f:01:ec:43:8a:eb:7c:21:b7:
69:3c:b0:64:d5:0b:c1:7f:34:ae:ff:78:ca:f7:56:5a:e0:31:
dd:30:92:d7:f3:08:1d:c1:20:3d:a4:35:f3:a6:e0:a4:a4:9e:
61:1a:54:25:55:ef:56:74:4c:0a:87:58:b2:a2:64:19:b0:34:
9f:fd:c5:7f:6e:42:12:80:f8:07:71:30:f7:17:ce:98:18:e9:
33:39:0d:98:fc:0d:15:cb:61:18:79:75:53:92:2d:fd:be:57:
f0:b5:ee:7d:28:c6:07:7b:6f:bb:2b:4f:78:a2:96:1d:e0:b9:
e0:c2:65:d6:8e:f7:00:0f:4a:4f:4b:a7:6e:cc:2e:81:7c:68:
e4:97:09:50:09:be:c6:ba:d4:9b:50:46:5d:21:65:de:91:0b:
e1:b3:31:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj13T6BwwdJMjw/l3P4nWtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjUwMTAxMjE0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDliM2Y5ZmQyZTU1OWUyMjM4MDljYTM0MGJmYWRjNGVkNDhjODE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6PlfsGLZynY9w9xX7BIEZOzwKytA
qwfItYhh24IszuUpH6fchzqeO0njHb6aZuJB0EPUPfqMb8q1DYlcJHgrBZKEOH3n
oucLQd45oRfWEd5SSRJiAkjkWGGs/q1vH4sk4RRus6pK0Nnx3aw3YnYrPwza2vAC
EJg1/IKCzFmm80MEjIGomU8hOuJeEiWQVt694VbbdW1pyCzS70uAXYCEOrBEV3/0
zNnEatOjbOX1XxX152tqx7D7OTgcw8gECco53BNMvit1IdEUo7BIeIMFPSTU8gzx
Qs5cSB31tKvO/Hls9rEKLSIxxQJ/utJQxPNnqIrIucoEnQTz7inkxeWG0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF2bP5/S5VniI4Cco0C/rcTtSMgXMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvWFpzX245TGxXZUlqZ0p5alFMLXR4TzFJeUJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVZ+MA0G
CSqGSIb3DQEBCwUAA4IBAQBF/8mvIK9E2MU+jTQ45PQ/ZL/KmhYxxd2hQsRSvs9M
J9qL0zNTk7UaA5+W307HhqR5VrWyJeRQy/7ki4S5D6ImaK7nerLOMmH2hFndzckL
oxO2lkMd2gZ5g2bZ4mkNC1A6Omc/AexDiut8IbdpPLBk1QvBfzSu/3jK91Za4DHd
MJLX8wgdwSA9pDXzpuCkpJ5hGlQlVe9WdEwKh1iyomQZsDSf/cV/bkISgPgHcTD3
F86YGOkzOQ2Y/A0Vy2EYeXVTki39vlfwte59KMYHe2+7K094opYd4LngwmXWjvcA
D0pPS6duzC6BfGjklwlQCb7GutSbUEZdIWXekQvhszGG
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:06:56 2025 by rpki-client