Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/b15a7d-5aee-4d40-be5a-792a91c5ca2b/1/XpFiQcvi0lUXtHdr3YXgFKPt_NU.roa
File: XpFiQcvi0lUXtHdr3YXgFKPt_NU.roa (raw, json)
Hash identifier: ldRmdFojijra/tU0xPIMWohqr4dulMYcXIxe/Juw9jg=
Subject key identifier: 5E:91:62:41:CB:E2:D2:55:17:B4:77:6B:DD:85:E0:14:A3:ED:FC:D5
Certificate issuer: /CN=02fc5c064f5159c8a1fa4066c8cb8ff701671dd2
Certificate serial: 0194BCE4000ABADA0EE968E7589DA3C37F52
Authority key identifier: 02:FC:5C:06:4F:51:59:C8:A1:FA:40:66:C8:CB:8F:F7:01:67:1D:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AvxcBk9RWcih-kBmyMuP9wFnHdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/b15a7d-5aee-4d40-be5a-792a91c5ca2b/1/XpFiQcvi0lUXtHdr3YXgFKPt_NU.roa
Signing time: Fri 31 Jan 2025 15:04:06 +0000
ROA not before: Fri 31 Jan 2025 15:04:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208731
IP address blocks: 147.78.192.0/23 maxlen: 24
147.78.193.0/24 maxlen: 24
185.42.161.0/24 maxlen: 24
185.203.112.0/24 maxlen: 24
2a0f:98c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bc:e4:00:0a:ba:da:0e:e9:68:e7:58:9d:a3:c3:7f:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02fc5c064f5159c8a1fa4066c8cb8ff701671dd2
Validity
Not Before: Jan 31 15:04:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e916241cbe2d25517b4776bdd85e014a3edfcd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1a:f2:5a:e0:0c:05:fa:05:3b:99:b2:46:2d:
aa:77:3a:d0:ce:c6:7c:49:f3:92:cb:71:5f:b3:8b:
f3:4a:8e:d0:69:1b:c8:a1:79:20:c3:3f:f1:92:82:
98:2b:6a:49:1b:0a:ef:81:52:f1:2d:09:39:bc:31:
d7:05:9a:3d:90:56:54:3c:40:55:65:78:f0:8e:0b:
a7:a9:7a:95:a8:5e:08:e4:39:00:7c:03:a4:0f:d6:
0d:ef:3d:6c:63:92:57:e3:b8:e9:84:15:81:b7:0c:
f5:9c:4c:98:99:a5:07:99:49:4f:9a:ea:be:bf:be:
01:fc:cf:35:bd:ae:02:eb:38:4f:b8:f7:a1:3a:8b:
98:f7:b4:68:b1:6f:46:fb:76:44:d1:9b:79:40:c7:
bd:08:c3:8d:c8:a7:e8:70:2c:dd:41:ba:82:bc:ce:
3b:f0:f0:ce:61:23:3e:50:ae:b5:52:68:65:a4:3f:
4a:f0:0e:4f:78:83:d2:bd:8c:3d:ef:0c:68:2b:f7:
4d:ee:b2:c8:d3:3e:d4:61:60:68:b1:76:c7:ae:ec:
ef:76:ff:c0:74:20:8c:a5:65:a9:48:1b:63:fc:17:
8b:33:08:e9:67:7b:e5:92:80:d1:64:53:33:c7:d5:
a4:78:21:6b:d3:c0:c1:05:b6:ef:ce:18:96:c2:e4:
30:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:91:62:41:CB:E2:D2:55:17:B4:77:6B:DD:85:E0:14:A3:ED:FC:D5
X509v3 Authority Key Identifier:
keyid:02:FC:5C:06:4F:51:59:C8:A1:FA:40:66:C8:CB:8F:F7:01:67:1D:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AvxcBk9RWcih-kBmyMuP9wFnHdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/b15a7d-5aee-4d40-be5a-792a91c5ca2b/1/XpFiQcvi0lUXtHdr3YXgFKPt_NU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/b15a7d-5aee-4d40-be5a-792a91c5ca2b/1/AvxcBk9RWcih-kBmyMuP9wFnHdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.192.0/23
185.42.161.0/24
185.203.112.0/24
IPv6:
2a0f:98c0::/29
Signature Algorithm: sha256WithRSAEncryption
79:00:dc:a3:4e:fc:1b:58:26:9a:be:26:71:6b:56:8f:07:07:
00:c1:74:bc:27:09:53:0a:bc:39:38:a0:bd:65:88:be:42:bc:
98:af:ef:cf:44:3a:cd:17:c6:cd:9f:ef:fb:98:53:9d:2e:75:
45:7f:90:ab:20:72:1c:bb:b0:a6:df:3e:41:75:a1:3d:a3:1c:
ad:60:6f:39:a3:ea:6f:c3:ff:b8:a2:ab:d9:3c:7b:db:2f:e0:
cf:48:5c:ef:fb:bd:d0:39:5d:5d:ea:a0:3d:73:26:3c:e2:d0:
98:51:8d:61:b5:46:df:e6:97:d5:a5:c0:47:5c:40:27:f3:cb:
ef:e2:cf:a6:89:26:2f:22:6e:ca:f9:9b:a6:ad:d6:99:96:b2:
1f:f3:b8:4f:7e:02:4a:ee:bc:65:4e:7d:f4:d8:f1:fa:30:79:
d8:b6:60:d1:53:4c:8d:89:05:46:ff:b1:9e:25:26:d4:b0:79:
4f:70:8b:cb:42:8d:cb:74:1e:fb:a7:35:9e:9b:73:ee:70:04:
33:8f:fe:88:a8:ed:8a:0a:65:8b:26:74:ca:a8:a2:6a:d6:48:
75:8e:3e:d0:c5:9d:37:44:9e:f6:fd:d8:11:26:18:f7:a6:5a:
fc:6f:f4:2c:66:f0:20:25:32:9e:7b:d6:30:79:db:8f:59:4a:
a2:78:dc:db
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZS85AAKutoO6WjnWJ2jw39SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyZmM1YzA2NGY1MTU5YzhhMWZhNDA2NmM4Y2I4ZmY3MDE2
NzFkZDIwHhcNMjUwMTMxMTUwNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTkxNjI0MWNiZTJkMjU1MTdiNDc3NmJkZDg1ZTAxNGEzZWRmY2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBryWuAMBfoFO5myRi2qdzrQzsZ8
SfOSy3Ffs4vzSo7QaRvIoXkgwz/xkoKYK2pJGwrvgVLxLQk5vDHXBZo9kFZUPEBV
ZXjwjgunqXqVqF4I5DkAfAOkD9YN7z1sY5JX47jphBWBtwz1nEyYmaUHmUlPmuq+
v74B/M81va4C6zhPuPehOouY97RosW9G+3ZE0Zt5QMe9CMONyKfocCzdQbqCvM47
8PDOYSM+UK61UmhlpD9K8A5PeIPSvYw97wxoK/dN7rLI0z7UYWBosXbHruzvdv/A
dCCMpWWpSBtj/BeLMwjpZ3vlkoDRZFMzx9WkeCFr08DBBbbvzhiWwuQwEQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFF6RYkHL4tJVF7R3a92F4BSj7fzVMB8GA1UdIwQY
MBaAFAL8XAZPUVnIofpAZsjLj/cBZx3SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXZ4Y0JrOVJXY2loLWtCbXlNdVA5d0ZuSGRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9iMTVhN2QtNWFlZS00ZDQwLWJlNWEt
NzkyYTkxYzVjYTJiLzEvWHBGaVFjdmkwbFVYdEhkcjNZWGdGS1B0X05VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9iMTVhN2QtNWFlZS00ZDQwLWJlNWEtNzkyYTkxYzVjYTJi
LzEvQXZ4Y0JrOVJXY2loLWtCbXlNdVA5d0ZuSGRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBk07AAwQA
uSqhAwQAuctwMA0EAgACMAcDBQMqD5jAMA0GCSqGSIb3DQEBCwUAA4IBAQB5ANyj
TvwbWCaaviZxa1aPBwcAwXS8JwlTCrw5OKC9ZYi+QryYr+/PRDrNF8bNn+/7mFOd
LnVFf5CrIHIcu7Cm3z5BdaE9oxytYG85o+pvw/+4oqvZPHvbL+DPSFzv+73QOV1d
6qA9cyY84tCYUY1htUbf5pfVpcBHXEAn88vv4s+miSYvIm7K+ZumrdaZlrIf87hP
fgJK7rxlTn302PH6MHnYtmDRU0yNiQVG/7GeJSbUsHlPcIvLQo3LdB77pzWem3Pu
cAQzj/6IqO2KCmWLJnTKqKJq1kh1jj7QxZ03RJ72/dgRJhj3plr8b/QsZvAgJTKe
e9YweduPWUqieNzb
-----END CERTIFICATE-----
Generated at Wed Apr 30 12:36:05 2025 by rpki-client