Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/XJGEpCzB4loh5ef0k98ZvXtkA5A.roa
File: XJGEpCzB4loh5ef0k98ZvXtkA5A.roa (raw, json)
Hash identifier: ln2eCgW4Lb0/Z2WnRMYRLGIC+qtaz3YxPhhlJZ12csI=
Subject key identifier: 5C:91:84:A4:2C:C1:E2:5A:21:E5:E7:F4:93:DF:19:BD:7B:64:03:90
Certificate issuer: /CN=a056b42383ad862ce6a374ad2ca6d36c254dc7b1
Certificate serial: 0194266BB9E5D87E6589172CFA19F2CBE1C9
Authority key identifier: A0:56:B4:23:83:AD:86:2C:E6:A3:74:AD:2C:A6:D3:6C:25:4D:C7:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oFa0I4Othizmo3StLKbTbCVNx7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/XJGEpCzB4loh5ef0k98ZvXtkA5A.roa
Signing time: Thu 02 Jan 2025 09:49:41 +0000
ROA not before: Thu 02 Jan 2025 09:49:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 176.119.222.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:b9:e5:d8:7e:65:89:17:2c:fa:19:f2:cb:e1:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a056b42383ad862ce6a374ad2ca6d36c254dc7b1
Validity
Not Before: Jan 2 09:49:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c9184a42cc1e25a21e5e7f493df19bd7b640390
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:46:58:b9:76:2e:12:59:8f:5f:7c:6b:7f:1b:
9e:47:56:2a:f0:90:1a:9c:56:0d:6f:9d:66:77:22:
27:d8:fe:19:9e:5d:d4:2c:6a:3f:0e:1f:85:73:c4:
79:bd:90:be:6d:b8:ad:75:f4:8c:df:aa:0d:49:ee:
29:16:c3:41:26:5f:90:63:7f:fb:af:bd:3a:97:f4:
c9:24:17:3e:c4:e1:56:12:65:c9:b0:89:e7:7e:68:
b7:ff:0b:a1:80:50:ea:35:ca:b2:14:44:d2:62:a6:
d6:cf:24:63:cc:8a:d6:27:1b:82:64:fc:d4:a9:42:
06:52:87:9f:1c:9a:ad:d1:eb:f3:84:8c:71:be:1c:
61:b6:57:3c:e4:8e:2b:1f:79:f8:04:c0:2b:9b:07:
b3:77:bf:32:6e:9d:75:27:4e:4d:2e:cc:f6:32:a0:
2b:a8:94:a2:95:9f:31:d8:f6:af:22:15:bc:91:64:
93:69:dd:7d:1b:45:e1:f0:03:d9:80:27:e4:d1:2a:
88:be:06:3d:2b:26:be:33:de:2b:ff:fb:40:7a:57:
39:08:6c:67:50:ae:83:0c:ab:fb:53:a3:90:ec:b3:
dd:f8:dc:22:16:f9:60:8f:52:da:da:d3:32:59:f1:
00:fc:c9:4a:bc:39:7d:c8:86:9f:69:14:b3:6b:53:
ef:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:91:84:A4:2C:C1:E2:5A:21:E5:E7:F4:93:DF:19:BD:7B:64:03:90
X509v3 Authority Key Identifier:
keyid:A0:56:B4:23:83:AD:86:2C:E6:A3:74:AD:2C:A6:D3:6C:25:4D:C7:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oFa0I4Othizmo3StLKbTbCVNx7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/XJGEpCzB4loh5ef0k98ZvXtkA5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/oFa0I4Othizmo3StLKbTbCVNx7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.222.0/24
Signature Algorithm: sha256WithRSAEncryption
97:c2:9e:c9:9a:73:d0:26:e5:22:26:5d:e6:a4:74:48:78:a2:
0c:9b:70:bf:12:33:08:cb:97:32:b6:bc:11:d8:1a:f0:2e:10:
18:39:5a:47:be:3c:a5:e9:75:fc:c9:98:b7:86:d8:0a:ae:a6:
42:c9:1e:73:d3:56:9b:97:d3:7d:1f:5b:ae:25:5f:ab:32:ef:
49:64:26:a5:04:a5:ec:72:e3:ca:b2:80:a2:e3:8b:e8:2f:50:
4f:01:17:f0:97:be:b1:70:a7:34:df:cb:e0:5d:a2:2f:c6:d1:
b8:be:b8:5e:05:b7:e1:95:30:ac:5e:ca:26:39:ec:22:ae:7c:
38:19:90:92:68:ff:eb:d1:28:85:c8:40:ad:ff:0c:37:88:79:
4b:39:e7:a8:f4:94:c6:ad:59:9c:7d:85:ef:dc:8d:cc:15:16:
00:1d:df:ca:9f:55:81:4a:b6:2f:38:9c:3f:a8:c3:12:1a:41:
e6:3e:b9:c3:a7:3d:b2:f8:bb:8b:25:9d:85:7d:f1:17:89:4e:
1f:e5:6c:0c:84:13:09:c8:d4:32:e4:85:72:09:46:c1:63:40:
41:9e:30:24:66:72:50:b6:7d:ef:3e:2b:b7:8b:c9:02:37:1d:
42:8e:34:74:91:3e:c7:66:d4:47:7f:dd:45:fb:95:48:c4:be:
a9:f3:f6:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma7nl2H5liRcs+hnyy+HJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNTZiNDIzODNhZDg2MmNlNmEzNzRhZDJjYTZkMzZjMjU0
ZGM3YjEwHhcNMjUwMTAyMDk0OTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzkxODRhNDJjYzFlMjVhMjFlNWU3ZjQ5M2RmMTliZDdiNjQwMzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUZYuXYuElmPX3xrfxueR1Yq8JAa
nFYNb51mdyIn2P4Znl3ULGo/Dh+Fc8R5vZC+bbitdfSM36oNSe4pFsNBJl+QY3/7
r706l/TJJBc+xOFWEmXJsInnfmi3/wuhgFDqNcqyFETSYqbWzyRjzIrWJxuCZPzU
qUIGUoefHJqt0evzhIxxvhxhtlc85I4rH3n4BMArmwezd78ybp11J05NLsz2MqAr
qJSilZ8x2PavIhW8kWSTad19G0Xh8APZgCfk0SqIvgY9Kya+M94r//tAelc5CGxn
UK6DDKv7U6OQ7LPd+NwiFvlgj1La2tMyWfEA/MlKvDl9yIafaRSza1PviQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFyRhKQsweJaIeXn9JPfGb17ZAOQMB8GA1UdIwQY
MBaAFKBWtCODrYYs5qN0rSym02wlTcexMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0ZhMEk0T3RoaXptbzNTdExLYlRiQ1ZOeDdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8zZThkY2MtYTc2NC00NGJlLWI1MDct
OWIzZGQ0MTdjMzA4LzEvWEpHRXBDekI0bG9oNWVmMGs5OFp2WHRrQTVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8zZThkY2MtYTc2NC00NGJlLWI1MDctOWIzZGQ0MTdjMzA4
LzEvb0ZhMEk0T3RoaXptbzNTdExLYlRiQ1ZOeDdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHfeMA0G
CSqGSIb3DQEBCwUAA4IBAQCXwp7JmnPQJuUiJl3mpHRIeKIMm3C/EjMIy5cytrwR
2BrwLhAYOVpHvjyl6XX8yZi3htgKrqZCyR5z01abl9N9H1uuJV+rMu9JZCalBKXs
cuPKsoCi44voL1BPARfwl76xcKc038vgXaIvxtG4vrheBbfhlTCsXsomOewirnw4
GZCSaP/r0SiFyECt/ww3iHlLOeeo9JTGrVmcfYXv3I3MFRYAHd/Kn1WBSrYvOJw/
qMMSGkHmPrnDpz2y+LuLJZ2FffEXiU4f5WwMhBMJyNQy5IVyCUbBY0BBnjAkZnJQ
tn3vPiu3i8kCNx1CjjR0kT7HZtRHf91F+5VIxL6p8/ZU
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:53:39 2025 by rpki-client