Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/XuWyQ_h13oHMYelX1eEehMBE4QM.roa
File: XuWyQ_h13oHMYelX1eEehMBE4QM.roa (raw, json)
Hash identifier: 55GFOmkogCsmTmcypUyvrH3xFalGu40zdpw3o3u8qPY=
Subject key identifier: 5E:E5:B2:43:F8:75:DE:81:CC:61:E9:57:D5:E1:1E:84:C0:44:E1:03
Certificate issuer: /CN=bc9f0b9ac1d5652f3dca1ef1623bf99ab29647df
Certificate serial: 019424B2C40BCE326FE06084DEA4E1CA8415
Authority key identifier: BC:9F:0B:9A:C1:D5:65:2F:3D:CA:1E:F1:62:3B:F9:9A:B2:96:47:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vJ8LmsHVZS89yh7xYjv5mrKWR98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/XuWyQ_h13oHMYelX1eEehMBE4QM.roa
Signing time: Thu 02 Jan 2025 01:48:02 +0000
ROA not before: Thu 02 Jan 2025 01:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49349
IP address blocks: 5.206.224.0/21 maxlen: 24
185.38.140.0/22 maxlen: 24
185.236.229.0/24 maxlen: 24
185.236.230.0/24 maxlen: 24
185.236.231.0/24 maxlen: 24
188.93.232.0/21 maxlen: 24
2a00:1c60::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:c4:0b:ce:32:6f:e0:60:84:de:a4:e1:ca:84:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc9f0b9ac1d5652f3dca1ef1623bf99ab29647df
Validity
Not Before: Jan 2 01:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ee5b243f875de81cc61e957d5e11e84c044e103
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:1d:d5:9c:7a:ff:94:44:f1:16:7e:7c:85:2c:
e4:e4:a5:9f:7a:e6:74:f0:73:2a:f4:9d:ab:6c:e8:
06:32:0a:09:0d:ee:eb:3d:32:a6:fb:fe:d2:b4:3d:
c2:a6:cd:c2:cd:b3:70:9a:b1:e4:10:62:1f:9f:8c:
2c:3e:bf:5e:a1:98:fa:03:08:ab:2c:7b:94:8a:14:
b5:19:cc:5a:f6:86:29:a9:ee:dc:42:47:d2:f8:19:
cb:77:37:dc:e3:8d:14:2f:66:20:c8:81:ae:8a:73:
ea:28:95:c9:52:65:9b:3f:3f:56:2e:df:a8:de:c6:
4d:66:a0:75:1b:0d:cb:7c:2d:b0:ad:91:95:f0:b0:
9b:ca:67:fc:88:7e:94:5f:84:19:1e:ec:3a:ae:4c:
96:e2:f7:a5:6f:0d:6e:67:02:d3:6f:8c:de:db:20:
0d:61:a9:b0:1a:39:e5:3e:c5:b7:cc:9e:23:2f:37:
c9:f2:73:d6:71:b3:ee:c3:2a:43:a9:8f:2a:18:7f:
64:11:39:ab:71:07:75:88:26:b4:8a:2a:49:b6:14:
aa:9b:f7:50:68:66:ca:ca:9f:90:fe:57:f6:08:86:
a9:d5:ed:ab:9f:40:55:8c:08:27:75:c4:16:cb:9d:
16:76:3b:1d:cb:ff:86:80:6e:55:ef:39:cb:19:70:
40:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:E5:B2:43:F8:75:DE:81:CC:61:E9:57:D5:E1:1E:84:C0:44:E1:03
X509v3 Authority Key Identifier:
keyid:BC:9F:0B:9A:C1:D5:65:2F:3D:CA:1E:F1:62:3B:F9:9A:B2:96:47:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vJ8LmsHVZS89yh7xYjv5mrKWR98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/XuWyQ_h13oHMYelX1eEehMBE4QM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/vJ8LmsHVZS89yh7xYjv5mrKWR98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.206.224.0/21
185.38.140.0/22
185.236.229.0-185.236.231.255
188.93.232.0/21
IPv6:
2a00:1c60::/32
Signature Algorithm: sha256WithRSAEncryption
00:6f:e4:53:c7:4e:67:5c:22:eb:02:98:5f:f8:eb:87:18:c4:
33:51:b0:9c:d0:ee:63:83:b7:b2:32:c4:66:fc:ac:0b:7b:aa:
2f:bc:27:01:69:73:0f:e4:c4:88:79:d6:4c:b0:6e:4d:c9:dc:
df:fe:02:2d:2d:a8:d0:fe:38:6c:96:99:20:16:f7:55:32:7d:
6e:51:6a:e5:9e:1c:76:63:03:59:74:5a:d7:8a:fd:f8:a9:80:
6b:da:04:58:28:14:2c:b4:3e:7f:69:5b:59:ee:87:54:72:e7:
a6:f8:32:fa:09:70:5f:64:3e:ae:aa:8f:41:d7:d3:28:68:30:
35:81:ef:68:d0:91:8b:11:b0:cc:89:d6:88:2a:9f:fb:88:52:
79:05:29:e9:4e:46:8e:2b:66:ff:6e:b1:35:62:e8:8d:0f:8f:
a4:67:aa:b6:28:23:39:a0:75:a7:ca:ce:50:f8:5c:12:1a:00:
85:28:89:f0:06:72:b5:8a:86:eb:47:92:d6:a0:c2:60:e2:9b:
e2:d8:14:d8:10:08:e6:a4:40:a9:17:52:c4:9d:02:ab:39:ef:
2e:78:e5:27:f6:8c:43:4d:d3:48:d3:a1:ae:f4:9b:1f:38:ea:
85:3a:7e:64:ef:a7:f2:fc:7a:84:ec:b6:c3:7a:87:89:68:22:
92:9f:03:3d
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQkssQLzjJv4GCE3qThyoQVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOWYwYjlhYzFkNTY1MmYzZGNhMWVmMTYyM2JmOTlhYjI5
NjQ3ZGYwHhcNMjUwMTAyMDE0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWU1YjI0M2Y4NzVkZTgxY2M2MWU5NTdkNWUxMWU4NGMwNDRlMTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkB3VnHr/lETxFn58hSzk5KWfeuZ0
8HMq9J2rbOgGMgoJDe7rPTKm+/7StD3Cps3CzbNwmrHkEGIfn4wsPr9eoZj6Awir
LHuUihS1Gcxa9oYpqe7cQkfS+BnLdzfc440UL2YgyIGuinPqKJXJUmWbPz9WLt+o
3sZNZqB1Gw3LfC2wrZGV8LCbymf8iH6UX4QZHuw6rkyW4velbw1uZwLTb4ze2yAN
YamwGjnlPsW3zJ4jLzfJ8nPWcbPuwypDqY8qGH9kETmrcQd1iCa0iipJthSqm/dQ
aGbKyp+Q/lf2CIap1e2rn0BVjAgndcQWy50Wdjsdy/+GgG5V7znLGXBA0QIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFF7lskP4dd6BzGHpV9XhHoTAROEDMB8GA1UdIwQY
MBaAFLyfC5rB1WUvPcoe8WI7+ZqylkffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdko4TG1zSFZaUzg5eWg3eFlqdjVtcktXUjk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS80OTkyYjYtZmRhZS00YzlmLWJmM2Ut
OTVjODk0MmRmNzI0LzEvWHVXeVFfaDEzb0hNWWVsWDFlRWVoTUJFNFFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS80OTkyYjYtZmRhZS00YzlmLWJmM2UtOTVjODk0MmRmNzI0
LzEvdko4TG1zSFZaUzg5eWg3eFlqdjVtcktXUjk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQDBc7gAwQC
uSaMMAwDBAC57OUDBAO57OADBAO8XegwDQQCAAIwBwMFACoAHGAwDQYJKoZIhvcN
AQELBQADggEBAABv5FPHTmdcIusCmF/464cYxDNRsJzQ7mODt7IyxGb8rAt7qi+8
JwFpcw/kxIh51kywbk3J3N/+Ai0tqND+OGyWmSAW91UyfW5RauWeHHZjA1l0WteK
/fipgGvaBFgoFCy0Pn9pW1nuh1Ry56b4MvoJcF9kPq6qj0HX0yhoMDWB72jQkYsR
sMyJ1ogqn/uIUnkFKelORo4rZv9usTVi6I0Pj6RnqrYoIzmgdafKzlD4XBIaAIUo
ifAGcrWKhutHktagwmDim+LYFNgQCOakQKkXUsSdAqs57y545Sf2jENN00jToa70
mx846oU6fmTvp/L8eoTstsN6h4loIpKfAz0=
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:41:34 2025 by rpki-client