Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/41f4c7-9668-4cf4-9e9d-e0e0468e69d7/1/XIxdT9dCyVMaPTycJFOsfZwntL0.roa
File: XIxdT9dCyVMaPTycJFOsfZwntL0.roa (raw, json)
Hash identifier: zn5Vm3V5cmVpGzX1uEc4695BeoAuh4qIzD1lg9n+H10=
Subject key identifier: 5C:8C:5D:4F:D7:42:C9:53:1A:3D:3C:9C:24:53:AC:7D:9C:27:B4:BD
Certificate issuer: /CN=82b3dcdf31af6ef0c934eaf24884ad99516edd76
Certificate serial: 01856CE61231DC528C9013F26369A9EEF0BB
Authority key identifier: 82:B3:DC:DF:31:AF:6E:F0:C9:34:EA:F2:48:84:AD:99:51:6E:DD:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/grPc3zGvbvDJNOrySIStmVFu3XY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/41f4c7-9668-4cf4-9e9d-e0e0468e69d7/1/XIxdT9dCyVMaPTycJFOsfZwntL0.roa
Signing time: Sun 01 Jan 2023 10:34:55 +0000
ROA not before: Sun 01 Jan 2023 10:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398642
IP address blocks: 144.57.48.0/21 maxlen: 21
144.57.48.0/24 maxlen: 24
144.57.49.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:12:31:dc:52:8c:90:13:f2:63:69:a9:ee:f0:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82b3dcdf31af6ef0c934eaf24884ad99516edd76
Validity
Not Before: Jan 1 10:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c8c5d4fd742c9531a3d3c9c2453ac7d9c27b4bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:97:14:f3:88:d3:fd:51:15:03:78:ee:c4:5a:
c9:71:55:20:a2:00:f7:a5:0c:f9:ec:cb:bf:76:f9:
87:4e:f6:56:ab:d4:89:60:93:cb:e3:72:c9:f8:5d:
d3:36:1b:a5:32:b9:e5:f2:a0:04:1f:d5:d4:6a:f0:
7d:41:08:39:3d:06:41:c4:7f:66:9f:05:1f:48:fb:
b6:38:82:aa:63:00:cb:e9:ef:e6:df:c8:39:d5:2b:
ea:85:b0:92:02:56:43:da:84:7f:ee:81:de:46:7f:
77:63:cb:55:37:d1:85:ff:76:65:49:96:9d:c7:16:
ac:0a:e1:5c:d7:cf:6d:b2:fe:cb:3a:71:56:63:95:
b3:6d:b1:ba:1c:35:ea:b8:96:59:31:1d:68:13:42:
38:4d:8a:52:6d:26:8d:d0:2a:a2:ac:56:b8:43:f2:
61:c5:7c:a2:70:de:89:a8:0a:6a:88:6f:cb:60:a1:
e9:63:98:6b:8e:5c:38:90:5b:8b:3a:0d:39:0f:71:
e4:b0:b4:79:41:1a:00:7d:e1:34:76:fc:a3:91:74:
62:c6:0a:2e:8d:82:f4:88:b9:7f:6e:9a:98:98:ae:
87:9e:12:c4:46:18:9f:05:44:f9:9c:49:54:05:6e:
21:b9:fc:3c:a8:13:eb:c4:14:cf:77:a3:ab:7c:e0:
f7:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:8C:5D:4F:D7:42:C9:53:1A:3D:3C:9C:24:53:AC:7D:9C:27:B4:BD
X509v3 Authority Key Identifier:
keyid:82:B3:DC:DF:31:AF:6E:F0:C9:34:EA:F2:48:84:AD:99:51:6E:DD:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/grPc3zGvbvDJNOrySIStmVFu3XY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/41f4c7-9668-4cf4-9e9d-e0e0468e69d7/1/XIxdT9dCyVMaPTycJFOsfZwntL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/41f4c7-9668-4cf4-9e9d-e0e0468e69d7/1/grPc3zGvbvDJNOrySIStmVFu3XY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.57.48.0/21
Signature Algorithm: sha256WithRSAEncryption
1d:4c:d0:ff:c8:d2:07:53:60:b7:d9:40:1d:4a:9e:f3:a4:a7:
d2:1e:83:15:ce:bb:c3:89:50:0a:26:c5:33:69:a2:70:2c:a7:
04:71:16:31:c8:bb:dc:f2:1f:f7:69:c4:cc:9c:79:2f:bf:65:
5e:f5:51:d8:0a:f7:2e:c1:9f:e8:cc:20:8c:ff:14:47:71:99:
ad:ae:ac:a6:51:d5:56:3e:c7:f7:e3:53:1c:b8:d3:46:84:09:
55:f6:3a:59:50:18:8d:65:fa:67:93:cc:c6:f5:96:a5:8a:c5:
a6:84:e4:d9:e2:1c:ec:de:9e:bc:bf:d0:dc:5a:c5:84:05:41:
11:1d:43:33:04:f4:53:50:60:7f:bd:d9:57:ad:68:66:d2:4b:
3f:99:7d:86:00:70:f4:87:58:26:b3:ce:c4:2a:5c:d3:00:06:
a9:5b:28:d5:86:30:83:c0:fd:92:33:c7:22:f6:56:64:f6:a1:
a2:ba:c0:3d:1d:ca:fc:07:b8:1c:25:e0:c9:e3:9d:fe:60:2b:
25:16:4d:8f:46:3b:29:7b:37:29:ab:83:17:61:7e:ad:47:9d:
b7:8a:b5:6e:54:98:3c:c2:d6:a7:37:e1:18:c5:86:ff:9e:aa:
b3:d6:44:a6:87:47:57:99:21:15:22:62:ae:05:4f:49:4d:12:
a2:74:f6:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5hIx3FKMkBPyY2mp7vC7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyYjNkY2RmMzFhZjZlZjBjOTM0ZWFmMjQ4ODRhZDk5NTE2
ZWRkNzYwHhcNMjMwMTAxMTAzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzhjNWQ0ZmQ3NDJjOTUzMWEzZDNjOWMyNDUzYWM3ZDljMjdiNGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpcU84jT/VEVA3juxFrJcVUgogD3
pQz57Mu/dvmHTvZWq9SJYJPL43LJ+F3TNhulMrnl8qAEH9XUavB9QQg5PQZBxH9m
nwUfSPu2OIKqYwDL6e/m38g51SvqhbCSAlZD2oR/7oHeRn93Y8tVN9GF/3ZlSZad
xxasCuFc189tsv7LOnFWY5WzbbG6HDXquJZZMR1oE0I4TYpSbSaN0CqirFa4Q/Jh
xXyicN6JqApqiG/LYKHpY5hrjlw4kFuLOg05D3HksLR5QRoAfeE0dvyjkXRixgou
jYL0iLl/bpqYmK6HnhLERhifBUT5nElUBW4hufw8qBPrxBTPd6OrfOD31wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFyMXU/XQslTGj08nCRTrH2cJ7S9MB8GA1UdIwQY
MBaAFIKz3N8xr27wyTTq8kiErZlRbt12MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3JQYzN6R3ZidkRKTk9yeVNJU3RtVkZ1M1hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC80MWY0YzctOTY2OC00Y2Y0LTllOWQt
ZTBlMDQ2OGU2OWQ3LzEvWEl4ZFQ5ZEN5Vk1hUFR5Y0pGT3NmWndudEwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC80MWY0YzctOTY2OC00Y2Y0LTllOWQtZTBlMDQ2OGU2OWQ3
LzEvZ3JQYzN6R3ZidkRKTk9yeVNJU3RtVkZ1M1hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDkDkwMA0G
CSqGSIb3DQEBCwUAA4IBAQAdTND/yNIHU2C32UAdSp7zpKfSHoMVzrvDiVAKJsUz
aaJwLKcEcRYxyLvc8h/3acTMnHkvv2Ve9VHYCvcuwZ/ozCCM/xRHcZmtrqymUdVW
Psf341McuNNGhAlV9jpZUBiNZfpnk8zG9ZalisWmhOTZ4hzs3p68v9DcWsWEBUER
HUMzBPRTUGB/vdlXrWhm0ks/mX2GAHD0h1gms87EKlzTAAapWyjVhjCDwP2SM8ci
9lZk9qGiusA9Hcr8B7gcJeDJ453+YCslFk2PRjspezcpq4MXYX6tR523irVuVJg8
wtanN+EYxYb/nqqz1kSmh0dXmSEVImKuBU9JTRKidPZy
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:28:42 2025 by rpki-client