Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/XJn6uz5-oygXgu4ZAc2om2Be0WQ.roa
File: XJn6uz5-oygXgu4ZAc2om2Be0WQ.roa (raw, json)
Hash identifier: Y9gNxCERt7wH5/baWKBp/m59FpcWgCGrLReBBXmd6l8=
Subject key identifier: 5C:99:FA:BB:3E:7E:A3:28:17:82:EE:19:01:CD:A8:9B:60:5E:D1:64
Certificate issuer: /CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Certificate serial: 01942143C3744E288FFB9A44285563379927
Authority key identifier: 30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/XJn6uz5-oygXgu4ZAc2om2Be0WQ.roa
Signing time: Wed 01 Jan 2025 09:47:56 +0000
ROA not before: Wed 01 Jan 2025 09:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211655
IP address blocks: 192.102.225.0/24 maxlen: 24
2001:7f9::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:c3:74:4e:28:8f:fb:9a:44:28:55:63:37:99:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Validity
Not Before: Jan 1 09:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c99fabb3e7ea3281782ee1901cda89b605ed164
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:37:28:1b:2f:9f:84:41:bd:01:2d:24:0d:ec:
0c:99:c1:3c:c7:cb:3e:22:39:fe:36:f5:f7:99:e6:
0b:d7:e3:d6:17:95:c4:c3:d6:19:ff:4e:12:22:ef:
38:a0:da:fd:76:a0:69:f4:79:6d:b2:6f:c9:18:74:
6b:e0:da:ab:f8:4f:1c:16:2c:e8:94:f2:45:87:48:
e4:d4:67:d0:ec:b8:42:34:8c:92:d7:4d:a0:db:1f:
9b:61:de:0f:8f:30:6b:4c:da:d5:3d:fb:6b:60:b7:
95:79:b7:c5:7a:2b:c1:9c:3a:14:40:22:2d:57:b6:
6a:2d:df:38:f4:04:e6:7d:dc:cb:8a:70:e5:00:11:
ad:af:10:25:2d:50:14:a0:b2:f0:4e:80:0c:6a:2a:
90:44:92:21:2b:25:74:60:00:6c:3a:ba:fc:59:3e:
8b:5b:3e:bf:9d:4f:98:4b:de:f5:c7:64:fa:b8:f3:
7c:66:b0:3e:9c:a4:b2:1a:cf:c9:f1:7f:02:ce:5f:
b5:47:1c:cc:03:3b:0a:7b:77:ee:f5:3a:01:cb:1d:
15:38:bd:e6:d5:f7:dd:48:e0:6f:45:21:8f:27:82:
a2:31:28:9b:85:55:98:97:c6:95:54:9f:7d:e0:49:
36:ba:5f:7d:5b:52:05:53:e3:f2:fb:bd:37:48:f1:
d3:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:99:FA:BB:3E:7E:A3:28:17:82:EE:19:01:CD:A8:9B:60:5E:D1:64
X509v3 Authority Key Identifier:
keyid:30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/XJn6uz5-oygXgu4ZAc2om2Be0WQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.102.225.0/24
IPv6:
2001:7f9::/48
Signature Algorithm: sha256WithRSAEncryption
70:2f:21:cc:64:ee:8c:27:51:24:27:92:27:d0:9c:47:35:ac:
b5:bc:25:c8:4c:4d:e8:6b:ea:1e:c5:89:e3:ae:18:c3:63:8d:
8d:57:95:00:a0:43:c5:e9:74:8c:75:4a:54:e3:32:71:af:ef:
d5:da:b3:95:9c:6b:5e:fb:50:5c:7a:f1:50:e5:90:a5:80:ac:
2c:f3:08:0d:46:f4:6f:97:64:5b:fc:d1:6f:99:ab:05:05:bb:
fa:a3:a8:8a:37:ef:ab:ab:6e:cb:bc:f7:91:f2:96:05:56:54:
c7:a1:9d:aa:8e:a6:44:25:cc:d3:a9:2b:92:b4:d2:d7:76:c7:
d3:73:9c:0f:50:f5:47:8f:ae:18:e4:35:a3:a6:05:78:e3:6b:
00:51:02:8a:0c:13:56:be:fe:1a:b6:6d:91:f5:e1:45:03:1e:
21:99:73:c9:80:4f:b6:dc:f9:bc:6b:db:57:31:53:c7:62:09:
90:2b:59:e2:fc:ec:10:7d:9b:c8:a7:ac:28:72:93:fa:55:0c:
33:7a:0a:25:a4:cb:34:e3:65:e6:6a:bb:c4:5a:85:43:92:da:
ac:5a:33:e4:b9:33:11:f8:fc:a7:d7:7e:f4:a8:5a:6e:53:c0:
9d:1e:9c:51:3c:20:ff:8b:32:8b:e9:16:54:80:dd:ce:53:1b:
2e:d5:d4:7f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQhQ8N0TiiP+5pEKFVjN5knMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYzQwOTYxM2ZlYTBhMmI0NDJjZTExMmU5Y2JkYjQ4NWUw
MTE4OGYwHhcNMjUwMTAxMDk0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzk5ZmFiYjNlN2VhMzI4MTc4MmVlMTkwMWNkYTg5YjYwNWVkMTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9zcoGy+fhEG9AS0kDewMmcE8x8s+
Ijn+NvX3meYL1+PWF5XEw9YZ/04SIu84oNr9dqBp9Hltsm/JGHRr4Nqr+E8cFizo
lPJFh0jk1GfQ7LhCNIyS102g2x+bYd4PjzBrTNrVPftrYLeVebfFeivBnDoUQCIt
V7ZqLd849ATmfdzLinDlABGtrxAlLVAUoLLwToAMaiqQRJIhKyV0YABsOrr8WT6L
Wz6/nU+YS971x2T6uPN8ZrA+nKSyGs/J8X8Czl+1RxzMAzsKe3fu9ToByx0VOL3m
1ffdSOBvRSGPJ4KiMSibhVWYl8aVVJ994Ek2ul99W1IFU+Py+703SPHTZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFyZ+rs+fqMoF4LuGQHNqJtgXtFkMB8GA1UdIwQY
MBaAFDDECWE/6gorRCzhEunL20heARiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYt
YzA2NzFiZjRjZjNlLzEvWEpuNnV6NS1veWdYZ3U0WkFjMm9tMkJlMFdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYtYzA2NzFiZjRjZjNl
LzEvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwGbhMA8E
AgACMAkDBwAgAQf5AAAwDQYJKoZIhvcNAQELBQADggEBAHAvIcxk7ownUSQnkifQ
nEc1rLW8JchMTehr6h7FieOuGMNjjY1XlQCgQ8XpdIx1SlTjMnGv79Xas5Wca177
UFx68VDlkKWArCzzCA1G9G+XZFv80W+ZqwUFu/qjqIo376urbsu895HylgVWVMeh
naqOpkQlzNOpK5K00td2x9NznA9Q9UePrhjkNaOmBXjjawBRAooME1a+/hq2bZH1
4UUDHiGZc8mAT7bc+bxr21cxU8diCZArWeL87BB9m8inrChyk/pVDDN6CiWkyzTj
ZeZqu8RahUOS2qxaM+S5MxH4/KfXfvSoWm5TwJ0enFE8IP+LMovpFlSA3c5TGy7V
1H8=
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:44:45 2025 by rpki-client