Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/cc1041-e57d-4703-974b-cd2d8865edc5/1/XhXSvw02a2gY5LFS-wnra3MCOsU.roa
File: XhXSvw02a2gY5LFS-wnra3MCOsU.roa (raw, json)
Hash identifier: 2Z91SsvEy/wiIEgVkpjyGt9NId+xYGifDDERlsV2nog=
Subject key identifier: 5E:15:D2:BF:0D:36:6B:68:18:E4:B1:52:FB:09:EB:6B:73:02:3A:C5
Certificate issuer: /CN=cdb4d7a7928d81f0e5f6c491ea5f2b7c587b9d9d
Certificate serial: 050959
Authority key identifier: CD:B4:D7:A7:92:8D:81:F0:E5:F6:C4:91:EA:5F:2B:7C:58:7B:9D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zbTXp5KNgfDl9sSR6l8rfFh7nZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/cc1041-e57d-4703-974b-cd2d8865edc5/1/XhXSvw02a2gY5LFS-wnra3MCOsU.roa
Signing time: Thu 27 Jan 2022 09:26:27 +0000
ROA not before: Thu 27 Jan 2022 09:26:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15626
IP address blocks: 195.64.109.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 330073 (0x50959)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdb4d7a7928d81f0e5f6c491ea5f2b7c587b9d9d
Validity
Not Before: Jan 27 09:26:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e15d2bf0d366b6818e4b152fb09eb6b73023ac5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:82:2e:05:8b:61:76:41:c8:c8:2c:59:61:71:
de:4c:a3:32:e9:d5:5d:24:a6:bc:f6:0f:37:5c:bd:
7b:df:92:05:f8:d8:6e:67:0c:5a:02:c5:a4:d8:95:
6d:e6:25:58:bb:49:78:4a:29:8f:9b:86:d8:44:f2:
85:ef:82:31:bf:92:08:c4:5b:b5:5b:5d:36:a5:ee:
eb:56:f1:36:95:5b:ef:c8:ca:74:4e:32:3a:cb:ee:
97:e9:e2:71:84:30:22:17:2c:c3:cf:c3:22:3c:fb:
ba:3b:3d:36:23:43:e7:20:4b:1e:db:3f:f4:24:39:
99:81:92:2e:c5:2d:a3:e4:0f:91:18:de:9e:c4:10:
a8:b6:2a:d3:7d:f3:11:59:3b:ca:8d:95:75:89:c7:
28:2a:dd:d8:2f:50:15:07:7e:20:be:30:a4:1c:26:
a1:51:80:0e:9d:2f:b0:1c:9f:65:5b:65:3f:34:6d:
32:79:a5:8e:98:4e:64:1a:28:2c:60:ef:92:c6:c1:
75:65:10:95:af:ff:16:72:ee:f7:b6:e7:8e:7a:28:
62:84:47:a2:25:ea:5a:1d:5c:0b:73:fc:f2:00:62:
a1:46:b4:64:18:93:fe:a6:81:4d:89:1f:6e:15:48:
bb:86:6a:ed:74:34:94:79:d6:05:ac:90:b4:4e:d5:
f1:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:15:D2:BF:0D:36:6B:68:18:E4:B1:52:FB:09:EB:6B:73:02:3A:C5
X509v3 Authority Key Identifier:
keyid:CD:B4:D7:A7:92:8D:81:F0:E5:F6:C4:91:EA:5F:2B:7C:58:7B:9D:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbTXp5KNgfDl9sSR6l8rfFh7nZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/cc1041-e57d-4703-974b-cd2d8865edc5/1/XhXSvw02a2gY5LFS-wnra3MCOsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/cc1041-e57d-4703-974b-cd2d8865edc5/1/zbTXp5KNgfDl9sSR6l8rfFh7nZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.109.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:7b:4d:0d:de:fd:9d:7d:4a:d2:7f:be:41:09:f2:10:bb:7d:
2b:f7:07:a9:2c:e3:1c:3f:16:ba:e1:48:a2:1a:1c:49:53:36:
9b:b7:89:e1:19:7a:54:e9:9e:ef:b4:5d:da:79:b3:d3:43:2f:
2c:f6:c6:cc:0a:6e:28:77:bd:e0:b2:fa:53:74:c6:d1:42:48:
4c:c5:0d:43:cb:d4:34:38:6f:3b:39:20:91:f6:3d:9e:b6:64:
73:f5:dd:95:34:9d:f0:63:50:5f:a9:87:82:a8:b4:c7:06:b3:
44:c0:bd:31:ec:e9:66:cc:72:38:5e:e2:2b:ac:87:ce:82:4b:
7f:35:7c:b7:47:7e:4a:60:80:4a:a7:95:63:2c:1b:5b:11:1a:
b4:2e:1c:ae:bb:6b:4d:63:0e:e4:5e:cf:70:0e:3c:b1:69:51:
ca:1c:15:8b:eb:57:15:d9:cb:82:c0:66:53:b3:35:5b:a6:29:
c7:48:70:04:6b:83:03:59:5f:a3:16:0e:13:89:7e:c2:aa:1a:
77:b2:bf:a3:9d:4b:eb:a8:b8:43:5c:49:0a:4f:0d:cc:35:9d:
3b:06:53:f3:b1:2f:c7:5b:c2:01:b5:cd:ff:96:a0:09:fc:b0:
38:bb:c8:e3:a7:f0:e1:f8:62:23:d4:22:a3:5a:c4:02:7e:d2:
d3:27:d8:a6
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDBQlZMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNk
YjRkN2E3OTI4ZDgxZjBlNWY2YzQ5MWVhNWYyYjdjNTg3YjlkOWQwHhcNMjIwMTI3
MDkyNjI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1ZTE1ZDJiZjBkMzY2
YjY4MThlNGIxNTJmYjA5ZWI2YjczMDIzYWM1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApIIuBYthdkHIyCxZYXHeTKMy6dVdJKa89g83XL1735IF+Nhu
ZwxaAsWk2JVt5iVYu0l4SimPm4bYRPKF74Ixv5IIxFu1W102pe7rVvE2lVvvyMp0
TjI6y+6X6eJxhDAiFyzDz8MiPPu6Oz02I0PnIEse2z/0JDmZgZIuxS2j5A+RGN6e
xBCotirTffMRWTvKjZV1iccoKt3YL1AVB34gvjCkHCahUYAOnS+wHJ9lW2U/NG0y
eaWOmE5kGigsYO+SxsF1ZRCVr/8Wcu73tueOeihihEeiJepaHVwLc/zyAGKhRrRk
GJP+poFNiR9uFUi7hmrtdDSUedYFrJC0TtXxbQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFF4V0r8NNmtoGOSxUvsJ62tzAjrFMB8GA1UdIwQYMBaAFM2016eSjYHw5fbE
kepfK3xYe52dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
emJUWHA1S05nZkRsOXNTUjZsOHJmRmg3blowLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kOC9jYzEwNDEtZTU3ZC00NzAzLTk3NGItY2QyZDg4NjVlZGM1LzEv
WGhYU3Z3MDJhMmdZNUxGUy13bnJhM01DT3NVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9j
YzEwNDEtZTU3ZC00NzAzLTk3NGItY2QyZDg4NjVlZGM1LzEvemJUWHA1S05nZkRs
OXNTUjZsOHJmRmg3blowLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0BtMA0GCSqGSIb3DQEBCwUAA4IB
AQCfe00N3v2dfUrSf75BCfIQu30r9wepLOMcPxa64UiiGhxJUzabt4nhGXpU6Z7v
tF3aebPTQy8s9sbMCm4od73gsvpTdMbRQkhMxQ1Dy9Q0OG87OSCR9j2etmRz9d2V
NJ3wY1BfqYeCqLTHBrNEwL0x7OlmzHI4XuIrrIfOgkt/NXy3R35KYIBKp5VjLBtb
ERq0Lhyuu2tNYw7kXs9wDjyxaVHKHBWL61cV2cuCwGZTszVbpinHSHAEa4MDWV+j
Fg4TiX7Cqhp3sr+jnUvrqLhDXEkKTw3MNZ07BlPzsS/HW8IBtc3/lqAJ/LA4u8jj
p/Dh+GIj1CKjWsQCftLTJ9im
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:36:23 2025 by rpki-client