Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/3719f3-22e1-4344-9a39-458a2736157a/1/X5-jl_Od0mEO_dSg7rALYkevjoQ.roa
File: X5-jl_Od0mEO_dSg7rALYkevjoQ.roa (raw, json)
Hash identifier: xqc4fnPLjvYYKZxEv5pbNLPSZEhrMf7SnWN3fQ6sCO8=
Subject key identifier: 5F:9F:A3:97:F3:9D:D2:61:0E:FD:D4:A0:EE:B0:0B:62:47:AF:8E:84
Certificate issuer: /CN=258f5a8e295ad1d7b48a1e11958790052b57a253
Certificate serial: 019422FC14AC4869FA1ACC0CE2538BBCF1E0
Authority key identifier: 25:8F:5A:8E:29:5A:D1:D7:B4:8A:1E:11:95:87:90:05:2B:57:A2:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JY9ajila0de0ih4RlYeQBStXolM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/3719f3-22e1-4344-9a39-458a2736157a/1/X5-jl_Od0mEO_dSg7rALYkevjoQ.roa
Signing time: Wed 01 Jan 2025 17:48:53 +0000
ROA not before: Wed 01 Jan 2025 17:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8255
IP address blocks: 145.226.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:14:ac:48:69:fa:1a:cc:0c:e2:53:8b:bc:f1:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=258f5a8e295ad1d7b48a1e11958790052b57a253
Validity
Not Before: Jan 1 17:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f9fa397f39dd2610efdd4a0eeb00b6247af8e84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:45:3c:e4:8b:a9:bd:94:11:b2:bf:1e:c0:33:
54:78:9e:ca:60:9e:0c:d6:94:6d:8c:56:d0:21:7f:
34:38:38:65:c6:6a:37:91:fa:fc:60:ec:d7:e8:c0:
d4:dd:11:c5:13:c1:42:d4:d1:3e:b5:77:80:65:07:
d3:2c:b0:78:32:84:fd:70:d8:3c:dd:6e:f5:11:56:
72:c4:b1:fc:3d:9e:0a:16:e1:cc:50:7a:0a:78:bb:
17:6f:06:58:fd:f4:1c:1b:82:b3:63:b0:10:57:ee:
43:93:04:d3:1f:66:8d:cb:86:ff:7b:11:f3:d8:ff:
71:e1:ab:46:eb:c7:9b:96:02:43:97:38:e6:0a:55:
b8:8d:43:88:c9:48:ea:20:bc:85:f7:ba:84:ac:b7:
0b:34:98:8e:71:fc:d1:ce:9d:82:b9:2e:61:32:12:
d0:ce:f5:42:52:d7:77:94:d1:5d:c7:c2:6b:91:4b:
17:8a:2b:16:a5:31:42:b9:cf:87:2b:53:34:ad:be:
af:39:0a:e2:9b:63:a6:dc:15:23:28:7d:1e:2f:ce:
41:2a:99:23:f8:44:39:9f:c2:b5:5e:5b:b6:ff:04:
81:68:0c:56:c2:00:ac:0a:ae:1f:7a:4a:61:bb:e6:
7b:2b:49:f5:e7:fe:71:52:d5:af:d0:23:4c:83:f2:
af:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:9F:A3:97:F3:9D:D2:61:0E:FD:D4:A0:EE:B0:0B:62:47:AF:8E:84
X509v3 Authority Key Identifier:
keyid:25:8F:5A:8E:29:5A:D1:D7:B4:8A:1E:11:95:87:90:05:2B:57:A2:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JY9ajila0de0ih4RlYeQBStXolM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/3719f3-22e1-4344-9a39-458a2736157a/1/X5-jl_Od0mEO_dSg7rALYkevjoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/3719f3-22e1-4344-9a39-458a2736157a/1/JY9ajila0de0ih4RlYeQBStXolM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.226.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2e:d0:5f:bb:23:e0:10:6a:92:87:e5:b2:fa:82:01:ac:75:30:
0c:0d:33:29:f9:b2:3c:6b:27:e8:c5:37:fe:e9:65:5b:99:b1:
16:71:ba:1c:1e:e1:ff:b4:e8:1c:9f:b8:3b:d5:cc:ea:39:42:
4a:f9:16:e1:12:b6:5a:43:6c:8a:e6:8b:f6:63:43:bb:c4:33:
b2:9f:9a:9b:42:0b:99:96:59:90:80:e4:32:e2:0f:56:b8:8f:
53:f3:03:fa:62:19:5c:ca:6d:70:83:fa:47:c5:fa:2a:2c:00:
2c:05:b4:52:f2:96:73:52:4d:11:27:4e:29:5d:2d:b1:5e:89:
8d:b3:72:02:9d:ef:15:1d:ac:c9:80:0f:9f:73:8a:42:20:f1:
f0:82:d3:48:e9:c2:3e:15:e9:a0:c0:4f:de:fc:66:71:87:29:
57:25:8f:55:44:b7:10:08:93:4e:53:5c:01:a9:fe:37:dd:2c:
e5:14:2b:ea:2d:b0:8e:fd:01:0c:92:85:e7:91:b9:b3:9f:da:
64:b7:12:0a:16:41:47:69:9f:a8:2a:63:58:c1:35:90:07:70:
33:6e:26:66:50:72:ef:b4:23:6a:0c:17:19:63:83:5e:a1:26:
ba:43:65:51:8e:ce:3f:20:99:8b:7a:13:60:8f:dd:7c:20:79:
d2:f5:b7:b0
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZQi/BSsSGn6GswM4lOLvPHgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OGY1YThlMjk1YWQxZDdiNDhhMWUxMTk1ODc5MDA1MmI1
N2EyNTMwHhcNMjUwMTAxMTc0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjlmYTM5N2YzOWRkMjYxMGVmZGQ0YTBlZWIwMGI2MjQ3YWY4ZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUU85IupvZQRsr8ewDNUeJ7KYJ4M
1pRtjFbQIX80ODhlxmo3kfr8YOzX6MDU3RHFE8FC1NE+tXeAZQfTLLB4MoT9cNg8
3W71EVZyxLH8PZ4KFuHMUHoKeLsXbwZY/fQcG4KzY7AQV+5DkwTTH2aNy4b/exHz
2P9x4atG68eblgJDlzjmClW4jUOIyUjqILyF97qErLcLNJiOcfzRzp2CuS5hMhLQ
zvVCUtd3lNFdx8JrkUsXiisWpTFCuc+HK1M0rb6vOQrim2Om3BUjKH0eL85BKpkj
+EQ5n8K1Xlu2/wSBaAxWwgCsCq4fekphu+Z7K0n15/5xUtWv0CNMg/KvdQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFF+fo5fzndJhDv3UoO6wC2JHr46EMB8GA1UdIwQY
MBaAFCWPWo4pWtHXtIoeEZWHkAUrV6JTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlk5YWppbGEwZGUwaWg0UmxZZVFCU3RYb2xNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8zNzE5ZjMtMjJlMS00MzQ0LTlhMzkt
NDU4YTI3MzYxNTdhLzEvWDUtamxfT2QwbUVPX2RTZzdyQUxZa2V2am9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8zNzE5ZjMtMjJlMS00MzQ0LTlhMzktNDU4YTI3MzYxNTdh
LzEvSlk5YWppbGEwZGUwaWg0UmxZZVFCU3RYb2xNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAkeIwDQYJ
KoZIhvcNAQELBQADggEBAC7QX7sj4BBqkoflsvqCAax1MAwNMyn5sjxrJ+jFN/7p
ZVuZsRZxuhwe4f+06ByfuDvVzOo5Qkr5FuEStlpDbIrmi/ZjQ7vEM7KfmptCC5mW
WZCA5DLiD1a4j1PzA/piGVzKbXCD+kfF+iosACwFtFLylnNSTREnTildLbFeiY2z
cgKd7xUdrMmAD59zikIg8fCC00jpwj4V6aDAT978ZnGHKVclj1VEtxAIk05TXAGp
/jfdLOUUK+otsI79AQySheeRubOf2mS3EgoWQUdpn6gqY1jBNZAHcDNuJmZQcu+0
I2oMFxljg16hJrpDZVGOzj8gmYt6E2CP3XwgedL1t7A=
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:40:04 2025 by rpki-client