Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/XYvBe2DkMF52qzkhOJvtRBiIQio.roa
File: XYvBe2DkMF52qzkhOJvtRBiIQio.roa (raw, json)
Hash identifier: vc4GpSOFPSWnmLVNnXKMqCyW7C32uripWcLl8WvCvmE=
Subject key identifier: 5D:8B:C1:7B:60:E4:30:5E:76:AB:39:21:38:9B:ED:44:18:88:42:2A
Certificate issuer: /CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Certificate serial: 019425216B773C489F64678A2F43ED7DEBFE
Authority key identifier: AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/XYvBe2DkMF52qzkhOJvtRBiIQio.roa
Signing time: Thu 02 Jan 2025 03:48:54 +0000
ROA not before: Thu 02 Jan 2025 03:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60507
IP address blocks: 81.94.220.0/22 maxlen: 24
81.94.220.0/23 maxlen: 24
81.94.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:6b:77:3c:48:9f:64:67:8a:2f:43:ed:7d:eb:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Validity
Not Before: Jan 2 03:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d8bc17b60e4305e76ab3921389bed441888422a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:76:52:5a:cd:b8:ad:21:bc:88:e6:6e:cf:0f:
26:20:e1:d6:24:4d:c4:7c:39:09:10:7f:2d:6f:4c:
1d:b9:09:47:03:72:72:34:2b:dd:40:4e:7b:e1:79:
c4:49:fc:a2:41:9b:ea:d3:07:2b:c1:dc:ac:02:f4:
b4:a1:07:53:01:3b:d8:b9:fd:17:8d:fd:99:2c:92:
74:11:2a:4f:8f:30:84:4d:8b:d6:52:31:3f:61:2e:
a4:14:87:4d:16:8d:81:7d:34:4c:27:10:5f:5e:90:
82:db:1e:0f:58:6f:bf:39:1d:5a:63:b3:c0:2e:4e:
7a:56:29:df:fd:d0:d0:83:f0:92:5e:ef:a8:5f:ff:
ec:88:09:ff:9a:b3:ed:ff:d3:08:dd:63:d6:cb:c1:
4c:cb:60:3a:fe:55:d2:7d:b9:4f:03:83:54:d1:d1:
08:65:91:7d:6c:63:e5:6a:7d:12:df:04:ce:35:1f:
d6:10:8c:18:33:bd:9d:a1:43:90:7f:17:bd:d6:40:
32:60:a3:c3:6c:84:04:28:f2:1a:93:d8:aa:b3:9e:
71:81:45:a5:67:72:05:9e:02:ce:57:34:cd:1e:40:
28:d1:53:5a:03:9c:65:ff:46:6a:b5:58:43:f8:54:
dc:1c:ca:b5:5d:bc:44:96:b5:00:e2:71:52:27:ee:
46:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:8B:C1:7B:60:E4:30:5E:76:AB:39:21:38:9B:ED:44:18:88:42:2A
X509v3 Authority Key Identifier:
keyid:AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/XYvBe2DkMF52qzkhOJvtRBiIQio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.94.220.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:a1:f9:1a:20:cd:7a:29:38:f8:6a:84:f6:9b:57:65:a0:bd:
61:da:e4:15:00:88:e0:8f:55:d6:29:19:6b:64:e7:e1:95:5a:
b6:ac:23:9d:07:03:5d:ed:fc:ea:dc:c0:1d:cd:56:1f:dc:fd:
8a:b2:75:da:90:04:31:9a:17:57:26:b8:11:b3:87:bb:dd:c3:
0d:82:c7:c7:08:09:85:34:94:3d:cd:e3:c4:83:47:d1:d6:d9:
60:5b:09:79:1a:77:b2:95:5d:9e:94:f0:d3:a7:6a:60:c1:0b:
db:0e:11:3b:2c:ea:c9:ce:57:dc:dd:b3:f0:b6:de:1a:b1:33:
9b:9e:fe:17:b5:19:ce:4d:e5:49:e7:83:bc:4c:1c:60:78:4e:
d0:65:14:8f:58:19:b2:27:1c:51:eb:38:9c:17:f3:21:05:51:
a0:5b:20:42:f6:fa:90:37:44:52:f8:67:a3:48:52:a3:27:8b:
3e:4a:62:78:1d:95:6a:87:fc:7b:a9:5b:99:7a:c9:cb:8c:1c:
45:b3:69:bf:91:ff:a2:bb:48:0e:ca:91:9b:b5:a8:ce:ea:05:
51:e0:a9:7a:a0:df:e4:a6:c3:0b:f8:cb:e8:c8:fc:ea:a4:85:
39:ed:c9:cd:9f:26:6f:29:e1:b8:f4:13:85:d3:00:3a:23:3f:
14:1b:38:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIWt3PEifZGeKL0Ptfev+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYjY2ZWM1ZThmMjQwNWY2ZjhkNDg2ZTczZmI4MmI4ZGUw
ZGVlMGYwHhcNMjUwMTAyMDM0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDhiYzE3YjYwZTQzMDVlNzZhYjM5MjEzODliZWQ0NDE4ODg0MjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3ZSWs24rSG8iOZuzw8mIOHWJE3E
fDkJEH8tb0wduQlHA3JyNCvdQE574XnESfyiQZvq0wcrwdysAvS0oQdTATvYuf0X
jf2ZLJJ0ESpPjzCETYvWUjE/YS6kFIdNFo2BfTRMJxBfXpCC2x4PWG+/OR1aY7PA
Lk56Vinf/dDQg/CSXu+oX//siAn/mrPt/9MI3WPWy8FMy2A6/lXSfblPA4NU0dEI
ZZF9bGPlan0S3wTONR/WEIwYM72doUOQfxe91kAyYKPDbIQEKPIak9iqs55xgUWl
Z3IFngLOVzTNHkAo0VNaA5xl/0ZqtVhD+FTcHMq1XbxElrUA4nFSJ+5GWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF2LwXtg5DBedqs5ITib7UQYiEIqMB8GA1UdIwQY
MBaAFK62bsXo8kBfb41IbnP7grjeDe4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnJadXhlanlRRjl2alVodWNfdUN1TjRON2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xNTM3ODgtMTRiNy00NTUxLTlhZGUt
NmFlYTkwNTdjODAwLzEvWFl2QmUyRGtNRjUycXpraE9KdnRSQmlJUWlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xNTM3ODgtMTRiNy00NTUxLTlhZGUtNmFlYTkwNTdjODAw
LzEvcnJadXhlanlRRjl2alVodWNfdUN1TjRON2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUV7cMA0G
CSqGSIb3DQEBCwUAA4IBAQAeofkaIM16KTj4aoT2m1dloL1h2uQVAIjgj1XWKRlr
ZOfhlVq2rCOdBwNd7fzq3MAdzVYf3P2KsnXakAQxmhdXJrgRs4e73cMNgsfHCAmF
NJQ9zePEg0fR1tlgWwl5GneylV2elPDTp2pgwQvbDhE7LOrJzlfc3bPwtt4asTOb
nv4XtRnOTeVJ54O8TBxgeE7QZRSPWBmyJxxR6zicF/MhBVGgWyBC9vqQN0RS+Gej
SFKjJ4s+SmJ4HZVqh/x7qVuZesnLjBxFs2m/kf+iu0gOypGbtajO6gVR4Kl6oN/k
psML+MvoyPzqpIU57cnNnyZvKeG49BOF0wA6Iz8UGzhe
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:11:28 2025 by rpki-client