Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/f75d16-4039-46ca-8b1e-adb300f7225a/1/XEsqeKOf3nUKp6N27Tk-w17zShA.roa
File: XEsqeKOf3nUKp6N27Tk-w17zShA.roa (raw, json)
Hash identifier: k+ZjcSbWsbCQX+BZ6yWaMdK9CN57/SVKpUlCaIxWc4g=
Subject key identifier: 5C:4B:2A:78:A3:9F:DE:75:0A:A7:A3:76:ED:39:3E:C3:5E:F3:4A:10
Certificate issuer: /CN=c10a2123f549264e7cbb9fa21d2c5137721486e4
Certificate serial: 019420D5B6835CC1CE73035CFD3053D512E9
Authority key identifier: C1:0A:21:23:F5:49:26:4E:7C:BB:9F:A2:1D:2C:51:37:72:14:86:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQohI_VJJk58u5-iHSxRN3IUhuQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/f75d16-4039-46ca-8b1e-adb300f7225a/1/XEsqeKOf3nUKp6N27Tk-w17zShA.roa
Signing time: Wed 01 Jan 2025 07:47:44 +0000
ROA not before: Wed 01 Jan 2025 07:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51918
IP address blocks: 46.37.32.0/19 maxlen: 19
46.37.32.0/22 maxlen: 22
46.37.36.0/22 maxlen: 22
46.37.40.0/22 maxlen: 22
46.37.44.0/22 maxlen: 22
46.37.48.0/22 maxlen: 22
46.37.52.0/22 maxlen: 22
46.37.56.0/22 maxlen: 22
46.37.60.0/22 maxlen: 22
83.151.224.0/19 maxlen: 19
83.151.224.0/22 maxlen: 22
83.151.228.0/22 maxlen: 22
83.151.232.0/22 maxlen: 22
83.151.236.0/22 maxlen: 22
83.151.240.0/22 maxlen: 22
83.151.244.0/22 maxlen: 22
83.151.248.0/22 maxlen: 22
83.151.252.0/22 maxlen: 22
185.14.208.0/22 maxlen: 22
2a01:5d00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:b6:83:5c:c1:ce:73:03:5c:fd:30:53:d5:12:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c10a2123f549264e7cbb9fa21d2c5137721486e4
Validity
Not Before: Jan 1 07:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c4b2a78a39fde750aa7a376ed393ec35ef34a10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:b5:5f:a5:cc:32:fa:0e:46:27:a5:a2:8c:55:
14:a5:2f:66:4f:cf:15:1a:a6:20:0d:3d:43:e6:13:
e5:2c:69:28:f7:91:5f:96:14:0a:61:3a:3c:ed:5d:
9b:d8:0b:8b:ee:35:ea:4d:48:33:bf:b2:a3:83:dd:
a8:00:a0:fd:f5:ad:45:34:bb:63:b8:5f:38:f9:2e:
2f:f7:bb:ae:79:a9:19:5f:10:76:7d:a6:84:08:d5:
ac:cb:e7:79:bc:a0:c5:19:d5:5c:8c:b5:9b:b2:a3:
d7:19:9d:2a:61:ea:74:65:9d:8c:ac:f0:17:26:72:
8a:65:cf:e6:25:09:67:6e:86:85:f2:f3:e6:22:d4:
61:14:a6:76:af:a6:0d:d7:37:7a:de:e2:9b:f2:bb:
7f:62:66:8c:52:36:71:02:44:5f:d7:7c:a9:de:17:
c8:f1:f3:91:49:a5:c3:c1:08:e2:83:43:3f:11:fb:
2f:d5:1e:f1:67:34:43:ee:48:59:c0:39:a1:d7:e7:
03:f0:2f:8e:76:df:f1:aa:4b:e0:ac:aa:d4:de:e7:
b7:c8:c3:f6:a4:b8:a1:7c:35:e2:54:89:0c:6c:a4:
6b:15:9f:e5:d8:84:0e:50:1a:88:b3:cf:82:d7:5d:
bd:59:6e:1a:77:02:b4:d4:7d:87:78:96:0e:ef:27:
38:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:4B:2A:78:A3:9F:DE:75:0A:A7:A3:76:ED:39:3E:C3:5E:F3:4A:10
X509v3 Authority Key Identifier:
keyid:C1:0A:21:23:F5:49:26:4E:7C:BB:9F:A2:1D:2C:51:37:72:14:86:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQohI_VJJk58u5-iHSxRN3IUhuQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/f75d16-4039-46ca-8b1e-adb300f7225a/1/XEsqeKOf3nUKp6N27Tk-w17zShA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/f75d16-4039-46ca-8b1e-adb300f7225a/1/wQohI_VJJk58u5-iHSxRN3IUhuQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.32.0/19
83.151.224.0/19
185.14.208.0/22
IPv6:
2a01:5d00::/32
Signature Algorithm: sha256WithRSAEncryption
2f:35:51:fe:8b:bf:6c:6d:24:2d:38:2c:b4:21:dc:ba:9e:6e:
27:31:97:ef:96:b8:84:31:5b:b0:4d:7c:eb:d1:72:e5:2f:bd:
96:a5:b7:e8:4e:05:26:5d:53:ec:ef:83:6f:93:a8:49:c5:80:
ed:4d:4d:f8:fd:5d:ab:88:3d:66:48:80:5d:ca:ba:1c:ec:24:
ce:09:83:c3:a6:3f:4b:3b:42:9a:2b:51:01:4f:fd:b9:f0:9f:
fe:52:6f:96:de:e4:52:01:9b:02:06:82:53:be:e3:d8:d2:cd:
68:d2:ba:f2:8b:ac:e2:c7:83:8a:c4:02:d0:cf:25:7f:7d:97:
8e:be:55:c6:38:8d:25:44:91:de:8c:5a:e4:af:f0:bf:6b:ac:
e9:bf:bd:83:7c:7f:1b:5f:e2:73:1a:d0:42:f5:08:b3:ef:d2:
96:7b:14:4e:09:ff:7a:21:aa:c8:1b:45:75:77:62:cc:75:e7:
ec:c7:02:58:85:bd:07:02:7a:21:6e:d4:c7:40:5e:24:25:da:
b6:96:ba:48:41:33:7c:d8:98:11:13:f8:2a:9a:5a:6c:54:25:
d8:54:de:aa:06:62:ee:90:67:81:b9:96:42:ff:dd:b3:16:be:
d3:d1:ee:db:9a:e1:47:c1:26:82:a0:9c:21:f8:ce:42:71:3b:
16:f6:17:cc
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQg1baDXMHOcwNc/TBT1RLpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMGEyMTIzZjU0OTI2NGU3Y2JiOWZhMjFkMmM1MTM3NzIx
NDg2ZTQwHhcNMjUwMTAxMDc0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzRiMmE3OGEzOWZkZTc1MGFhN2EzNzZlZDM5M2VjMzVlZjM0YTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17Vfpcwy+g5GJ6WijFUUpS9mT88V
GqYgDT1D5hPlLGko95FflhQKYTo87V2b2AuL7jXqTUgzv7Kjg92oAKD99a1FNLtj
uF84+S4v97uueakZXxB2faaECNWsy+d5vKDFGdVcjLWbsqPXGZ0qYep0ZZ2MrPAX
JnKKZc/mJQlnboaF8vPmItRhFKZ2r6YN1zd63uKb8rt/YmaMUjZxAkRf13yp3hfI
8fORSaXDwQjig0M/Efsv1R7xZzRD7khZwDmh1+cD8C+Odt/xqkvgrKrU3ue3yMP2
pLihfDXiVIkMbKRrFZ/l2IQOUBqIs8+C1129WW4adwK01H2HeJYO7yc4zwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFxLKnijn951Cqejdu05PsNe80oQMB8GA1UdIwQY
MBaAFMEKISP1SSZOfLufoh0sUTdyFIbkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FvaElfVkpKazU4dTUtaUhTeFJOM0lVaHVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9mNzVkMTYtNDAzOS00NmNhLThiMWUt
YWRiMzAwZjcyMjVhLzEvWEVzcWVLT2YzblVLcDZOMjdUay13MTd6U2hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9mNzVkMTYtNDAzOS00NmNhLThiMWUtYWRiMzAwZjcyMjVh
LzEvd1FvaElfVkpKazU4dTUtaUhTeFJOM0lVaHVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFLiUgAwQF
U5fgAwQCuQ7QMA0EAgACMAcDBQAqAV0AMA0GCSqGSIb3DQEBCwUAA4IBAQAvNVH+
i79sbSQtOCy0Idy6nm4nMZfvlriEMVuwTXzr0XLlL72WpbfoTgUmXVPs74Nvk6hJ
xYDtTU34/V2riD1mSIBdyroc7CTOCYPDpj9LO0KaK1EBT/258J/+Um+W3uRSAZsC
BoJTvuPY0s1o0rryi6zix4OKxALQzyV/fZeOvlXGOI0lRJHejFrkr/C/a6zpv72D
fH8bX+JzGtBC9Qiz79KWexROCf96IarIG0V1d2LMdefsxwJYhb0HAnohbtTHQF4k
Jdq2lrpIQTN82JgRE/gqmlpsVCXYVN6qBmLukGeBuZZC/92zFr7T0e7bmuFHwSaC
oJwh+M5CcTsW9hfM
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:31:53 2025 by rpki-client