Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/851d45-1422-4b31-bd8f-7993b9e03b0f/1/XgZiHyWgL10sySKObf_Bjn8Hh_Q.roa
File: XgZiHyWgL10sySKObf_Bjn8Hh_Q.roa (raw, json)
Hash identifier: 2Dl4jp91F4zOnOBtmwjhJgpK+aRbbY/cT57xX5iOAng=
Subject key identifier: 5E:06:62:1F:25:A0:2F:5D:2C:C9:22:8E:6D:FF:C1:8E:7F:07:87:F4
Certificate issuer: /CN=0a279b4038e002e7bd64e5076d1a39ebe96f23c4
Certificate serial: 01942521696F53A2CAC9C2424E56D82B8708
Authority key identifier: 0A:27:9B:40:38:E0:02:E7:BD:64:E5:07:6D:1A:39:EB:E9:6F:23:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CiebQDjgAue9ZOUHbRo56-lvI8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/851d45-1422-4b31-bd8f-7993b9e03b0f/1/XgZiHyWgL10sySKObf_Bjn8Hh_Q.roa
Signing time: Thu 02 Jan 2025 03:48:54 +0000
ROA not before: Thu 02 Jan 2025 03:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57630
IP address blocks: 185.88.112.0/22 maxlen: 22
2a03:7f20::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:69:6f:53:a2:ca:c9:c2:42:4e:56:d8:2b:87:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a279b4038e002e7bd64e5076d1a39ebe96f23c4
Validity
Not Before: Jan 2 03:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e06621f25a02f5d2cc9228e6dffc18e7f0787f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3c:17:69:06:89:d4:1b:04:d6:52:3b:ed:7f:
ef:e8:78:84:42:ad:89:c1:0c:3d:78:d1:41:be:7f:
f6:e2:dc:07:fd:b4:23:85:33:41:b9:bc:f9:49:fe:
6b:6a:72:d8:9c:6d:53:89:fa:d2:8d:38:d9:90:04:
24:11:d9:ea:09:04:c9:34:02:79:38:c7:f8:61:b6:
8b:9e:b1:b7:df:3a:0d:10:9b:f1:7c:94:75:8b:2f:
b4:be:0a:41:3e:9e:5d:e3:c8:74:34:b6:75:09:b6:
bc:5d:75:0e:c9:a5:67:28:e1:7a:3a:ea:6c:7e:0c:
72:fb:28:e3:2a:ec:2f:71:2d:fa:1f:90:07:f1:f2:
b4:60:b4:a2:05:72:e0:0d:a2:37:d1:ec:b6:7c:5b:
ae:4f:a2:f8:f2:16:fb:dc:c3:4c:ee:f7:e1:e3:22:
07:e6:e2:0f:73:d7:f4:49:56:22:fa:83:bf:2c:5e:
00:1c:c5:35:2f:fb:c7:93:01:a5:99:a0:94:7d:eb:
1d:57:28:83:e7:81:55:ed:90:01:d8:2f:37:1b:91:
47:65:41:41:3e:48:70:8b:e1:1b:97:bb:56:75:1e:
70:c3:84:d1:7e:f8:a8:3e:db:d3:8a:28:f3:20:4b:
64:a5:34:e9:eb:b8:c8:d2:5c:ca:54:1f:d3:6f:bf:
5f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:06:62:1F:25:A0:2F:5D:2C:C9:22:8E:6D:FF:C1:8E:7F:07:87:F4
X509v3 Authority Key Identifier:
keyid:0A:27:9B:40:38:E0:02:E7:BD:64:E5:07:6D:1A:39:EB:E9:6F:23:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CiebQDjgAue9ZOUHbRo56-lvI8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/851d45-1422-4b31-bd8f-7993b9e03b0f/1/XgZiHyWgL10sySKObf_Bjn8Hh_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/851d45-1422-4b31-bd8f-7993b9e03b0f/1/CiebQDjgAue9ZOUHbRo56-lvI8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.112.0/22
IPv6:
2a03:7f20::/29
Signature Algorithm: sha256WithRSAEncryption
68:52:9f:d2:20:a1:95:97:c1:64:66:41:8b:34:ad:73:d6:5b:
5c:e4:b1:66:41:55:14:aa:c8:9b:6c:65:ac:27:9b:55:d4:0f:
95:5f:9a:d9:1e:89:0a:de:8f:ee:f2:61:1b:2a:58:af:ec:1b:
0e:55:b7:94:2c:c7:36:0c:3b:43:0c:24:7e:ee:a9:52:db:69:
06:ee:33:da:3a:0f:81:d2:a5:da:f7:96:e3:28:e5:b9:0d:5e:
f2:d9:d7:28:88:60:0b:04:04:05:6c:e7:7b:4d:5a:1a:14:53:
67:0a:44:00:93:2c:8f:71:73:5f:50:9f:e7:53:da:48:77:78:
f7:d6:d4:bf:36:fc:6c:64:6f:0f:59:92:f3:b5:8c:2f:3a:33:
39:50:87:07:0f:3f:bf:31:8c:61:9f:89:55:e4:6b:2d:f0:3f:
c6:b9:a4:43:50:19:c8:bf:38:58:5c:87:8f:37:fa:f6:99:fe:
fc:1e:77:cd:6c:f3:4a:3b:1c:b7:b6:4d:b9:82:bb:f9:63:88:
67:26:68:80:7e:b9:4f:d4:a9:52:46:60:02:51:98:93:c3:02:
28:32:9f:58:63:e2:dc:cb:b4:ee:c3:ac:ee:e6:32:49:04:84:
50:df:de:f2:92:21:59:59:4f:50:a3:84:12:6b:f2:bb:9a:4d:
52:e8:0c:d0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlIWlvU6LKycJCTlbYK4cIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMjc5YjQwMzhlMDAyZTdiZDY0ZTUwNzZkMWEzOWViZTk2
ZjIzYzQwHhcNMjUwMTAyMDM0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTA2NjIxZjI1YTAyZjVkMmNjOTIyOGU2ZGZmYzE4ZTdmMDc4N2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDwXaQaJ1BsE1lI77X/v6HiEQq2J
wQw9eNFBvn/24twH/bQjhTNBubz5Sf5ranLYnG1TifrSjTjZkAQkEdnqCQTJNAJ5
OMf4YbaLnrG33zoNEJvxfJR1iy+0vgpBPp5d48h0NLZ1Cba8XXUOyaVnKOF6Oups
fgxy+yjjKuwvcS36H5AH8fK0YLSiBXLgDaI30ey2fFuuT6L48hb73MNM7vfh4yIH
5uIPc9f0SVYi+oO/LF4AHMU1L/vHkwGlmaCUfesdVyiD54FV7ZAB2C83G5FHZUFB
Pkhwi+Ebl7tWdR5ww4TRfvioPtvTiijzIEtkpTTp67jI0lzKVB/Tb79f/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF4GYh8loC9dLMkijm3/wY5/B4f0MB8GA1UdIwQY
MBaAFAonm0A44ALnvWTlB20aOevpbyPEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2llYlFEamdBdWU5Wk9VSGJSbzU2LWx2SThRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC84NTFkNDUtMTQyMi00YjMxLWJkOGYt
Nzk5M2I5ZTAzYjBmLzEvWGdaaUh5V2dMMTBzeVNLT2JmX0JqbjhIaF9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC84NTFkNDUtMTQyMi00YjMxLWJkOGYtNzk5M2I5ZTAzYjBm
LzEvQ2llYlFEamdBdWU5Wk9VSGJSbzU2LWx2SThRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVhwMA0E
AgACMAcDBQMqA38gMA0GCSqGSIb3DQEBCwUAA4IBAQBoUp/SIKGVl8FkZkGLNK1z
1ltc5LFmQVUUqsibbGWsJ5tV1A+VX5rZHokK3o/u8mEbKliv7BsOVbeULMc2DDtD
DCR+7qlS22kG7jPaOg+B0qXa95bjKOW5DV7y2dcoiGALBAQFbOd7TVoaFFNnCkQA
kyyPcXNfUJ/nU9pId3j31tS/NvxsZG8PWZLztYwvOjM5UIcHDz+/MYxhn4lV5Gst
8D/GuaRDUBnIvzhYXIePN/r2mf78HnfNbPNKOxy3tk25grv5Y4hnJmiAfrlP1KlS
RmACUZiTwwIoMp9YY+Lcy7Tuw6zu5jJJBIRQ397ykiFZWU9Qo4QSa/K7mk1S6AzQ
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:50:46 2025 by rpki-client