Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/b1bf57-679f-4564-b701-cb296708dec8/1/xwhdiFLdj-4M8l9XUnyeFRJXGwQ.roa
File: xwhdiFLdj-4M8l9XUnyeFRJXGwQ.roa (raw, json)
Hash identifier: VoSzy1kKxVH6beyOekb646N9QsT3/EG5ENUuXQtb21o=
Subject key identifier: C7:08:5D:88:52:DD:8F:EE:0C:F2:5F:57:52:7C:9E:15:12:57:1B:04
Certificate issuer: /CN=a69749fa2337db33a76474eb812c034e30509d2a
Certificate serial: 019424B3B66E13D6B75E6833BB03DD7F5B6D
Authority key identifier: A6:97:49:FA:23:37:DB:33:A7:64:74:EB:81:2C:03:4E:30:50:9D:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ppdJ-iM32zOnZHTrgSwDTjBQnSo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/b1bf57-679f-4564-b701-cb296708dec8/1/xwhdiFLdj-4M8l9XUnyeFRJXGwQ.roa
Signing time: Thu 02 Jan 2025 01:49:04 +0000
ROA not before: Thu 02 Jan 2025 01:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15404
IP address blocks: 156.118.0.0/24 maxlen: 24
156.118.6.0/24 maxlen: 24
156.118.8.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:b6:6e:13:d6:b7:5e:68:33:bb:03:dd:7f:5b:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a69749fa2337db33a76474eb812c034e30509d2a
Validity
Not Before: Jan 2 01:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c7085d8852dd8fee0cf25f57527c9e1512571b04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f1:5f:ff:84:b7:02:2f:5e:02:60:44:79:28:
c4:ff:c4:12:a1:4b:f9:9a:f2:68:64:95:a9:ac:c0:
eb:b9:c3:45:46:2a:6d:2c:e9:03:4d:9a:7c:94:5d:
3e:52:82:5d:01:a4:ea:8f:c5:b6:f7:1c:2b:8b:2c:
32:7f:77:bc:56:01:89:4b:5b:33:56:5f:62:60:1a:
a9:e0:4b:26:a8:6e:5e:92:70:f3:5e:da:e4:a9:4b:
a4:90:38:17:90:12:a9:54:d1:78:98:a8:4e:a2:5a:
ec:b5:ef:af:2c:3c:56:91:91:cf:d2:9f:ed:3d:7b:
69:61:ac:91:91:ee:43:23:17:d1:bc:a4:df:5a:8c:
a4:88:6d:b4:64:a3:83:21:0f:64:db:2d:a3:5d:7b:
f6:91:03:6b:d3:15:4e:e8:bb:64:c7:05:f9:a8:ea:
28:32:50:eb:ac:f3:dd:84:c7:7a:1b:4a:cc:4d:c4:
db:8b:aa:f7:28:3e:47:b0:96:5e:3a:bc:ee:21:54:
51:f8:f2:8c:8f:31:4f:bf:37:da:f9:a4:12:d3:c1:
3b:7e:7e:40:90:e8:92:41:4d:b7:80:96:55:e7:0d:
17:13:7a:cb:d0:9d:b1:80:fd:fd:37:dc:77:ef:76:
20:40:bc:9f:0d:35:1d:41:a6:67:2a:8b:80:8d:6d:
a1:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:08:5D:88:52:DD:8F:EE:0C:F2:5F:57:52:7C:9E:15:12:57:1B:04
X509v3 Authority Key Identifier:
keyid:A6:97:49:FA:23:37:DB:33:A7:64:74:EB:81:2C:03:4E:30:50:9D:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ppdJ-iM32zOnZHTrgSwDTjBQnSo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b1bf57-679f-4564-b701-cb296708dec8/1/xwhdiFLdj-4M8l9XUnyeFRJXGwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b1bf57-679f-4564-b701-cb296708dec8/1/ppdJ-iM32zOnZHTrgSwDTjBQnSo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.118.0.0/24
156.118.6.0/24
156.118.8.0/24
Signature Algorithm: sha256WithRSAEncryption
42:02:be:ae:87:36:05:dc:e2:4d:ae:64:e3:22:67:38:2e:aa:
94:77:a9:3a:c5:06:a4:8e:44:0a:e9:25:32:c5:5f:a8:fa:d5:
f3:7b:8d:40:08:5c:33:2c:b7:bb:41:ad:4a:03:1b:15:a7:c9:
3f:d2:62:43:ba:df:cd:b6:b9:18:8a:e0:1c:7a:dd:e1:b5:20:
52:b3:c9:59:a4:10:78:62:a4:94:97:4b:1a:2c:f7:e7:27:c4:
ca:e5:a9:40:d4:71:ca:af:fb:fb:37:38:7d:ab:e5:83:1f:d7:
63:49:20:8e:6c:4c:0b:27:f9:b3:77:91:00:0a:97:bf:0f:c1:
cb:42:33:2b:27:5e:83:20:6e:8f:c1:01:09:d6:33:dd:7a:c9:
ee:6b:f1:4e:7c:09:b7:b4:df:85:d5:0c:fb:25:16:51:ea:f9:
8d:1c:2d:be:a5:77:d7:93:8f:3d:9e:f1:2c:3e:b3:2a:fd:06:
38:a4:72:4d:80:b1:99:27:c9:e5:5d:9b:d4:10:c0:a5:96:74:
7e:28:59:c5:ed:38:bc:21:c8:47:ee:f7:e0:f8:18:7c:80:17:
ec:a0:20:2d:3c:94:3d:6e:b5:66:c9:72:44:c2:d4:eb:e3:61:
4a:71:26:0f:96:1e:21:cc:bc:59:11:ef:ff:94:8c:61:07:93:
a7:1c:c7:1c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQks7ZuE9a3XmgzuwPdf1ttMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2OTc0OWZhMjMzN2RiMzNhNzY0NzRlYjgxMmMwMzRlMzA1
MDlkMmEwHhcNMjUwMTAyMDE0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzA4NWQ4ODUyZGQ4ZmVlMGNmMjVmNTc1MjdjOWUxNTEyNTcxYjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/Ff/4S3Ai9eAmBEeSjE/8QSoUv5
mvJoZJWprMDrucNFRiptLOkDTZp8lF0+UoJdAaTqj8W29xwriywyf3e8VgGJS1sz
Vl9iYBqp4EsmqG5eknDzXtrkqUukkDgXkBKpVNF4mKhOolrste+vLDxWkZHP0p/t
PXtpYayRke5DIxfRvKTfWoykiG20ZKODIQ9k2y2jXXv2kQNr0xVO6LtkxwX5qOoo
MlDrrPPdhMd6G0rMTcTbi6r3KD5HsJZeOrzuIVRR+PKMjzFPvzfa+aQS08E7fn5A
kOiSQU23gJZV5w0XE3rL0J2xgP39N9x373YgQLyfDTUdQaZnKouAjW2hRQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMcIXYhS3Y/uDPJfV1J8nhUSVxsEMB8GA1UdIwQY
MBaAFKaXSfojN9szp2R064EsA04wUJ0qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHBkSi1pTTMyek9uWkhUcmdTd0RUakJRblNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9iMWJmNTctNjc5Zi00NTY0LWI3MDEt
Y2IyOTY3MDhkZWM4LzEveHdoZGlGTGRqLTRNOGw5WFVueWVGUkpYR3dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9iMWJmNTctNjc5Zi00NTY0LWI3MDEtY2IyOTY3MDhkZWM4
LzEvcHBkSi1pTTMyek9uWkhUcmdTd0RUakJRblNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAnHYAAwQA
nHYGAwQAnHYIMA0GCSqGSIb3DQEBCwUAA4IBAQBCAr6uhzYF3OJNrmTjImc4LqqU
d6k6xQakjkQK6SUyxV+o+tXze41ACFwzLLe7Qa1KAxsVp8k/0mJDut/NtrkYiuAc
et3htSBSs8lZpBB4YqSUl0saLPfnJ8TK5alA1HHKr/v7Nzh9q+WDH9djSSCObEwL
J/mzd5EACpe/D8HLQjMrJ16DIG6PwQEJ1jPdesnua/FOfAm3tN+F1Qz7JRZR6vmN
HC2+pXfXk489nvEsPrMq/QY4pHJNgLGZJ8nlXZvUEMCllnR+KFnF7Ti8IchH7vfg
+Bh8gBfsoCAtPJQ9brVmyXJEwtTr42FKcSYPlh4hzLxZEe//lIxhB5OnHMcc
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:04:36 2025 by rpki-client