Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/XJVrd_EbYn7cNM6LKMUioyoWKEI.roa
File: XJVrd_EbYn7cNM6LKMUioyoWKEI.roa (raw, json)
Hash identifier: JmmFSiRwUI8yInYXuFjKi+LpAYUlpormqIc6T3vm0ls=
Subject key identifier: 5C:95:6B:77:F1:1B:62:7E:DC:34:CE:8B:28:C5:22:A3:2A:16:28:42
Certificate issuer: /CN=869569a2526687da91a7ecd4f567f5409cdffe79
Certificate serial: 01913B30442B0A559C479CB7719E31C7ABEA
Authority key identifier: 86:95:69:A2:52:66:87:DA:91:A7:EC:D4:F5:67:F5:40:9C:DF:FE:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpVpolJmh9qRp-zU9Wf1QJzf_nk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/XJVrd_EbYn7cNM6LKMUioyoWKEI.roa
Signing time: Sat 10 Aug 2024 07:28:24 +0000
ROA not before: Sat 10 Aug 2024 07:28:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39120
IP address blocks: 5.56.8.0/22 maxlen: 22
5.56.12.0/22 maxlen: 22
5.83.120.0/22 maxlen: 22
5.83.124.0/22 maxlen: 22
45.90.232.0/22 maxlen: 22
185.29.248.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:3b:30:44:2b:0a:55:9c:47:9c:b7:71:9e:31:c7:ab:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=869569a2526687da91a7ecd4f567f5409cdffe79
Validity
Not Before: Aug 10 07:28:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c956b77f11b627edc34ce8b28c522a32a162842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:29:54:a3:a1:02:3f:b2:c1:ae:9e:a2:fb:7d:
fc:10:59:95:5d:98:b4:80:5d:66:d1:fd:0f:33:97:
02:d6:b6:3b:b3:02:8c:41:ce:75:0e:54:27:c0:e5:
82:cd:5f:0e:00:27:e9:df:47:4c:4e:89:eb:92:5d:
70:e1:fb:19:85:ca:47:68:46:10:21:0b:b8:fb:25:
8a:33:6a:92:62:63:7b:f5:22:c2:dc:6a:4e:33:ed:
02:f2:27:c0:eb:f3:93:80:c3:a3:6a:e8:bb:21:a6:
f2:0c:01:6f:77:fb:7f:f4:c9:80:cc:5a:27:e3:f0:
92:80:de:43:14:f5:9b:94:30:1e:6b:63:d5:60:c0:
38:7a:73:c2:45:a1:aa:8b:b0:eb:a4:26:f0:4d:51:
be:05:11:7c:69:f8:d6:2a:f8:ab:86:9a:38:18:c0:
f2:c3:2a:f1:da:ae:40:c1:18:6f:5c:e4:7b:60:42:
50:0c:90:56:b8:ef:19:d2:3e:c0:50:62:37:ba:a9:
81:3a:2e:df:b9:ca:ad:fc:71:b8:4c:08:9b:27:9d:
4d:af:0c:ec:06:3e:2e:cc:b8:d8:c4:88:c2:d0:e2:
78:c5:b2:f2:ba:38:9c:67:69:68:3e:d1:73:53:e0:
a4:68:b8:ba:07:ec:a7:b5:8b:88:ec:54:a8:b8:01:
08:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:95:6B:77:F1:1B:62:7E:DC:34:CE:8B:28:C5:22:A3:2A:16:28:42
X509v3 Authority Key Identifier:
keyid:86:95:69:A2:52:66:87:DA:91:A7:EC:D4:F5:67:F5:40:9C:DF:FE:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpVpolJmh9qRp-zU9Wf1QJzf_nk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/XJVrd_EbYn7cNM6LKMUioyoWKEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/hpVpolJmh9qRp-zU9Wf1QJzf_nk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.8.0/21
5.83.120.0/21
45.90.232.0/22
185.29.248.0/22
Signature Algorithm: sha256WithRSAEncryption
45:52:e4:a4:7c:aa:f6:b6:09:0d:57:dd:f9:64:2c:e9:11:6f:
81:c4:3f:77:d4:0e:c2:af:11:d5:03:59:56:b7:07:7a:b9:8f:
f8:5b:5d:5e:27:4f:4a:e4:a0:60:21:d6:86:68:61:a7:68:84:
cd:c3:73:ea:bc:dc:6a:29:72:59:ef:f1:a7:62:c8:db:ef:2b:
ea:c5:d8:a0:9c:97:a8:f7:c3:aa:eb:3d:78:af:3d:f6:f5:22:
22:08:fd:34:5c:ce:53:77:80:f2:16:2b:a1:f3:4a:9c:65:5d:
d0:50:d7:56:c5:4f:64:6a:00:c5:25:1c:6d:78:ad:02:a4:e1:
74:e0:2b:28:fa:24:c6:a5:5f:7c:55:2b:f1:75:33:b2:75:41:
58:04:14:1a:5a:a9:4d:5e:d2:45:07:b8:10:8a:83:7d:a5:b0:
bf:b5:a5:d2:b9:69:1e:10:b1:db:f9:c2:c0:b2:88:c1:2f:a3:
ca:55:13:1e:c5:41:80:c5:b8:aa:84:e7:07:20:07:2d:de:93:
40:de:ea:d6:75:30:43:ea:fc:c5:e3:9c:04:27:56:3f:0b:e7:
e4:80:16:26:a1:39:a8:63:9c:d7:c1:56:37:ee:70:c1:ed:9c:
41:52:56:f8:6c:63:78:5f:77:a8:a4:dd:51:82:e5:5a:fe:f6:
80:cb:07:c5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZE7MEQrClWcR5y3cZ4xx6vqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTU2OWEyNTI2Njg3ZGE5MWE3ZWNkNGY1NjdmNTQwOWNk
ZmZlNzkwHhcNMjQwODEwMDcyODI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzk1NmI3N2YxMWI2MjdlZGMzNGNlOGIyOGM1MjJhMzJhMTYyODQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkClUo6ECP7LBrp6i+338EFmVXZi0
gF1m0f0PM5cC1rY7swKMQc51DlQnwOWCzV8OACfp30dMTonrkl1w4fsZhcpHaEYQ
IQu4+yWKM2qSYmN79SLC3GpOM+0C8ifA6/OTgMOjaui7IabyDAFvd/t/9MmAzFon
4/CSgN5DFPWblDAea2PVYMA4enPCRaGqi7DrpCbwTVG+BRF8afjWKvirhpo4GMDy
wyrx2q5AwRhvXOR7YEJQDJBWuO8Z0j7AUGI3uqmBOi7fucqt/HG4TAibJ51Nrwzs
Bj4uzLjYxIjC0OJ4xbLyujicZ2loPtFzU+CkaLi6B+yntYuI7FSouAEIRQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFyVa3fxG2J+3DTOiyjFIqMqFihCMB8GA1UdIwQY
MBaAFIaVaaJSZofakafs1PVn9UCc3/55MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBWcG9sSm1oOXFScC16VTlXZjFRSnpmX25rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS83NDBkZWMtMDU5Zi00NWMwLTk5OWEt
MWVhYTU5MWI2NzcxLzEvWEpWcmRfRWJZbjdjTk02TEtNVWlveW9XS0VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS83NDBkZWMtMDU5Zi00NWMwLTk5OWEtMWVhYTU5MWI2Nzcx
LzEvaHBWcG9sSm1oOXFScC16VTlXZjFRSnpmX25rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDBTgIAwQD
BVN4AwQCLVroAwQCuR34MA0GCSqGSIb3DQEBCwUAA4IBAQBFUuSkfKr2tgkNV935
ZCzpEW+BxD931A7CrxHVA1lWtwd6uY/4W11eJ09K5KBgIdaGaGGnaITNw3PqvNxq
KXJZ7/GnYsjb7yvqxdignJeo98Oq6z14rz329SIiCP00XM5Td4DyFiuh80qcZV3Q
UNdWxU9kagDFJRxteK0CpOF04Cso+iTGpV98VSvxdTOydUFYBBQaWqlNXtJFB7gQ
ioN9pbC/taXSuWkeELHb+cLAsojBL6PKVRMexUGAxbiqhOcHIAct3pNA3urWdTBD
6vzF45wEJ1Y/C+fkgBYmoTmoY5zXwVY37nDB7ZxBUlb4bGN4X3eopN1RguVa/vaA
ywfF
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:33:25 2025 by rpki-client