Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/8c5bc7-55fa-4044-88da-68185fdb9003/1/XVZjts2IAQT3D-3i0mJSagboiZ4.roa
File: XVZjts2IAQT3D-3i0mJSagboiZ4.roa (raw, json)
Hash identifier: P8G3dqnA4ISbflUuxnqvGaJIWR204WqE02ZEJaENHX0=
Subject key identifier: 5D:56:63:B6:CD:88:01:04:F7:0F:ED:E2:D2:62:52:6A:06:E8:89:9E
Certificate issuer: /CN=6fa48e96197426e4c5eeb423e0fd9c2e952c4177
Certificate serial: 01942368E4CF2419F50F5159CBDAE9CB0CD2
Authority key identifier: 6F:A4:8E:96:19:74:26:E4:C5:EE:B4:23:E0:FD:9C:2E:95:2C:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b6SOlhl0JuTF7rQj4P2cLpUsQXc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/8c5bc7-55fa-4044-88da-68185fdb9003/1/XVZjts2IAQT3D-3i0mJSagboiZ4.roa
Signing time: Wed 01 Jan 2025 19:47:44 +0000
ROA not before: Wed 01 Jan 2025 19:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39642
IP address blocks: 193.163.220.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:e4:cf:24:19:f5:0f:51:59:cb:da:e9:cb:0c:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fa48e96197426e4c5eeb423e0fd9c2e952c4177
Validity
Not Before: Jan 1 19:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d5663b6cd880104f70fede2d262526a06e8899e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:52:13:20:f9:c1:83:8f:78:b0:d4:8c:8d:e5:
30:6d:c7:b6:85:40:80:07:91:cf:64:b4:75:34:7e:
f0:54:79:39:0c:3a:37:1c:57:7f:9e:f4:f7:8e:ac:
6e:1e:38:4e:05:0b:4a:65:32:d5:f7:87:24:07:22:
42:00:9e:dc:40:9e:a2:c3:0d:fd:11:9d:a0:1f:bc:
00:15:ba:c3:84:76:2b:da:c6:c3:24:0b:96:9f:21:
1d:18:4f:b7:02:18:ba:23:e0:2d:c2:19:4c:fb:8b:
2e:84:6c:f7:58:bd:c0:3e:ab:70:fc:45:b1:c6:b9:
5e:61:0f:6d:f3:4d:d0:17:8c:3f:0d:e6:bd:c3:24:
c3:ee:2e:ed:6f:78:07:65:53:8d:e5:78:57:f8:6e:
c4:19:bd:ca:01:27:5a:97:6a:06:13:60:22:0f:49:
c9:1b:f1:48:22:59:d9:c8:70:3d:5c:27:5a:9e:d8:
d8:20:a4:a7:6e:1d:f6:d5:76:bf:80:ed:71:95:e1:
30:f1:b2:1e:9a:9b:5d:47:a4:12:93:69:e1:e2:e1:
8a:db:0d:17:4c:4f:cf:19:51:15:16:48:b3:91:66:
cd:2c:d4:ac:a6:90:ba:79:00:18:b8:e7:4d:ec:e2:
75:c4:eb:07:f1:97:59:38:e6:07:55:9e:fa:55:d5:
83:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:56:63:B6:CD:88:01:04:F7:0F:ED:E2:D2:62:52:6A:06:E8:89:9E
X509v3 Authority Key Identifier:
keyid:6F:A4:8E:96:19:74:26:E4:C5:EE:B4:23:E0:FD:9C:2E:95:2C:41:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6SOlhl0JuTF7rQj4P2cLpUsQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/8c5bc7-55fa-4044-88da-68185fdb9003/1/XVZjts2IAQT3D-3i0mJSagboiZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/8c5bc7-55fa-4044-88da-68185fdb9003/1/b6SOlhl0JuTF7rQj4P2cLpUsQXc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.220.0/24
Signature Algorithm: sha256WithRSAEncryption
40:2f:98:5a:80:30:fe:d2:d5:6a:87:6e:ff:cd:9b:9f:da:0f:
1b:83:2a:d5:9a:74:81:da:1d:78:bd:d6:db:9d:f3:70:c6:00:
e0:8b:39:3e:14:2f:02:4a:c4:51:bf:d6:b7:4e:0e:aa:d6:4c:
72:fe:0a:a1:d3:4b:af:44:25:fe:7b:8d:d0:b4:c1:ec:5c:10:
2a:a7:5e:29:d3:fd:56:01:c3:d1:ef:92:3d:f6:0f:02:5c:62:
14:94:2f:92:c9:0a:fa:43:7a:ca:e3:bd:05:18:06:e4:ef:65:
4a:d4:93:dc:af:a7:fe:ac:d8:33:a0:12:31:40:01:7d:cf:d4:
f2:e5:41:1d:39:2b:da:e1:a4:1d:05:d4:ef:20:9c:98:3f:31:
ca:ae:71:1a:36:b5:9e:19:5e:71:6f:b3:36:fa:02:c5:84:cc:
a1:15:28:df:2a:28:43:cb:0b:60:f6:33:ed:af:67:92:21:2b:
7a:7e:a4:2b:9e:ef:3c:4a:a7:2b:6b:50:5e:c4:14:c2:34:fc:
df:cc:ac:c3:cb:df:71:57:9c:85:1c:d9:6a:aa:9e:1c:7d:43:
16:51:7a:cb:d7:14:f9:8d:f8:8b:40:43:50:53:ca:a1:e3:16:
75:1a:8a:63:69:9c:bd:0f:6d:91:5a:4a:89:e6:c4:bc:e8:9e:
50:6f:c0:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaOTPJBn1D1FZy9rpywzSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYTQ4ZTk2MTk3NDI2ZTRjNWVlYjQyM2UwZmQ5YzJlOTUy
YzQxNzcwHhcNMjUwMTAxMTk0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDU2NjNiNmNkODgwMTA0ZjcwZmVkZTJkMjYyNTI2YTA2ZTg4OTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVITIPnBg494sNSMjeUwbce2hUCA
B5HPZLR1NH7wVHk5DDo3HFd/nvT3jqxuHjhOBQtKZTLV94ckByJCAJ7cQJ6iww39
EZ2gH7wAFbrDhHYr2sbDJAuWnyEdGE+3Ahi6I+AtwhlM+4suhGz3WL3APqtw/EWx
xrleYQ9t803QF4w/Dea9wyTD7i7tb3gHZVON5XhX+G7EGb3KASdal2oGE2AiD0nJ
G/FIIlnZyHA9XCdantjYIKSnbh321Xa/gO1xleEw8bIemptdR6QSk2nh4uGK2w0X
TE/PGVEVFkizkWbNLNSsppC6eQAYuOdN7OJ1xOsH8ZdZOOYHVZ76VdWDxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF1WY7bNiAEE9w/t4tJiUmoG6ImeMB8GA1UdIwQY
MBaAFG+kjpYZdCbkxe60I+D9nC6VLEF3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjZTT2xobDBKdVRGN3JRajRQMmNMcFVzUVhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC84YzViYzctNTVmYS00MDQ0LTg4ZGEt
NjgxODVmZGI5MDAzLzEvWFZaanRzMklBUVQzRC0zaTBtSlNhZ2JvaVo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC84YzViYzctNTVmYS00MDQ0LTg4ZGEtNjgxODVmZGI5MDAz
LzEvYjZTT2xobDBKdVRGN3JRajRQMmNMcFVzUVhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwaPcMA0G
CSqGSIb3DQEBCwUAA4IBAQBAL5hagDD+0tVqh27/zZuf2g8bgyrVmnSB2h14vdbb
nfNwxgDgizk+FC8CSsRRv9a3Tg6q1kxy/gqh00uvRCX+e43QtMHsXBAqp14p0/1W
AcPR75I99g8CXGIUlC+SyQr6Q3rK470FGAbk72VK1JPcr6f+rNgzoBIxQAF9z9Ty
5UEdOSva4aQdBdTvIJyYPzHKrnEaNrWeGV5xb7M2+gLFhMyhFSjfKihDywtg9jPt
r2eSISt6fqQrnu88Sqcra1BexBTCNPzfzKzDy99xV5yFHNlqqp4cfUMWUXrL1xT5
jfiLQENQU8qh4xZ1GopjaZy9D22RWkqJ5sS86J5Qb8BW
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:35:52 2025 by rpki-client