Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/xyu2speP0Gx_tr8jb59GNmHY2iE.roa
File: xyu2speP0Gx_tr8jb59GNmHY2iE.roa (raw, json)
Hash identifier: A51evRUNp2S4JdFFUHskbaQS5LfY07zu8M0bP4WbgSU=
Subject key identifier: C7:2B:B6:B2:97:8F:D0:6C:7F:B6:BF:23:6F:9F:46:36:61:D8:DA:21
Certificate issuer: /CN=31eb9b2db4a3bddf8c92fc50b9713043dd56dc38
Certificate serial: 019422FC4CB6EA13AE67A3B871EEC5CCB3CB
Authority key identifier: 31:EB:9B:2D:B4:A3:BD:DF:8C:92:FC:50:B9:71:30:43:DD:56:DC:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MeubLbSjvd-MkvxQuXEwQ91W3Dg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/xyu2speP0Gx_tr8jb59GNmHY2iE.roa
Signing time: Wed 01 Jan 2025 17:49:07 +0000
ROA not before: Wed 01 Jan 2025 17:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43009
IP address blocks: 81.23.248.0/24 maxlen: 24
81.23.249.0/24 maxlen: 24
81.23.250.0/24 maxlen: 24
81.23.251.0/24 maxlen: 24
81.23.252.0/24 maxlen: 24
81.23.253.0/24 maxlen: 24
81.23.254.0/24 maxlen: 24
81.23.255.0/24 maxlen: 24
185.255.8.0/24 maxlen: 24
185.255.9.0/24 maxlen: 24
185.255.10.0/24 maxlen: 24
185.255.11.0/24 maxlen: 24
193.105.74.0/24 maxlen: 24
202.22.160.0/24 maxlen: 24
202.22.161.0/24 maxlen: 24
202.22.162.0/24 maxlen: 24
202.22.163.0/24 maxlen: 24
202.22.164.0/24 maxlen: 24
202.22.165.0/24 maxlen: 24
202.22.166.0/24 maxlen: 24
202.22.168.0/24 maxlen: 24
202.22.169.0/24 maxlen: 24
202.22.170.0/24 maxlen: 24
202.22.171.0/24 maxlen: 24
202.22.172.0/24 maxlen: 24
202.22.173.0/24 maxlen: 24
202.22.174.0/24 maxlen: 24
202.22.175.0/24 maxlen: 24
2a0c:55c0:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:4c:b6:ea:13:ae:67:a3:b8:71:ee:c5:cc:b3:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31eb9b2db4a3bddf8c92fc50b9713043dd56dc38
Validity
Not Before: Jan 1 17:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c72bb6b2978fd06c7fb6bf236f9f463661d8da21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f2:37:f6:92:08:0d:e4:fb:aa:b1:64:fb:61:
4b:5c:05:34:01:8b:c2:07:35:39:65:64:6d:45:d6:
59:35:f4:51:bc:5c:8d:87:b9:eb:77:03:8f:f6:3a:
a5:3d:51:20:de:7a:52:e8:a6:e6:1e:fb:e4:bd:1f:
3e:74:45:00:4a:9d:bf:2c:76:4c:4e:5e:50:b6:ca:
92:fe:df:d6:0f:11:5d:58:00:d4:90:76:c5:96:9b:
34:f9:8f:4d:53:93:28:05:33:43:6f:32:d4:ba:d0:
cc:ed:32:10:cf:1e:7b:55:1b:92:31:f3:1c:07:13:
60:b4:56:d6:44:b2:fa:8b:de:dd:83:58:72:9b:f5:
3e:01:ff:c7:df:26:70:bc:88:b0:58:98:6e:6a:fd:
9e:be:04:98:32:cb:80:db:d9:de:a3:3f:f7:23:a4:
8c:77:3b:45:ff:d6:79:2f:85:5a:52:20:ea:e8:17:
6b:7b:bd:98:99:6c:52:c1:b1:0e:67:41:51:37:14:
08:09:9f:fb:24:8f:43:5b:36:9d:bc:8b:d9:2b:fd:
c2:0f:1b:38:2f:2f:d2:25:84:54:29:c7:89:b2:9d:
cf:1f:01:43:c5:c3:b3:82:c4:5d:1d:40:10:2d:60:
36:5e:34:69:8a:fa:ce:83:5e:e0:30:8b:8c:7c:ec:
69:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:2B:B6:B2:97:8F:D0:6C:7F:B6:BF:23:6F:9F:46:36:61:D8:DA:21
X509v3 Authority Key Identifier:
keyid:31:EB:9B:2D:B4:A3:BD:DF:8C:92:FC:50:B9:71:30:43:DD:56:DC:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MeubLbSjvd-MkvxQuXEwQ91W3Dg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/xyu2speP0Gx_tr8jb59GNmHY2iE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/MeubLbSjvd-MkvxQuXEwQ91W3Dg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.23.248.0/21
185.255.8.0/22
193.105.74.0/24
202.22.160.0-202.22.166.255
202.22.168.0/21
IPv6:
2a0c:55c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
4e:84:a4:11:6d:1a:6a:0a:4c:2a:76:21:55:a4:c6:15:be:8a:
83:c1:b5:f5:9f:a1:4f:70:ad:5f:6e:cf:75:fd:78:3d:a0:68:
3f:e7:44:f1:5b:9d:df:18:13:07:47:00:9d:ca:ff:d2:f9:1b:
04:5d:8b:94:07:d3:4e:c7:06:81:89:60:49:aa:3c:ad:2a:da:
74:d0:22:90:10:18:f6:65:d3:69:de:38:41:02:fc:bc:70:f4:
ed:ca:d8:6d:05:a5:61:e9:3c:55:af:98:e5:40:f0:c7:43:f9:
3e:1a:98:d7:c9:05:dc:10:73:00:7a:ff:cf:e9:e2:3c:4f:89:
d4:27:13:5f:7e:4b:cb:8a:36:c2:25:8c:73:3c:2a:e8:15:86:
7f:d8:f5:58:8f:09:9a:7e:47:72:f9:60:17:c3:a2:5e:59:e5:
53:c7:c3:c9:e4:33:4a:d6:4c:72:fb:bb:76:6a:66:b4:dd:97:
3f:dc:50:8d:19:85:53:88:1d:49:e6:3e:f7:fe:65:09:25:aa:
52:2a:55:be:37:0e:78:b1:60:af:6c:67:4d:3d:04:f8:13:07:
83:66:f5:ff:31:8e:0a:27:77:b1:8f:42:fc:34:2c:8e:a4:ca:
68:d1:3d:75:5b:e4:94:17:31:3f:c5:ff:a6:d2:17:89:9e:f4:
d6:e8:fc:75
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZQi/Ey26hOuZ6O4ce7FzLPLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZWI5YjJkYjRhM2JkZGY4YzkyZmM1MGI5NzEzMDQzZGQ1
NmRjMzgwHhcNMjUwMTAxMTc0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzJiYjZiMjk3OGZkMDZjN2ZiNmJmMjM2ZjlmNDYzNjYxZDhkYTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PI39pIIDeT7qrFk+2FLXAU0AYvC
BzU5ZWRtRdZZNfRRvFyNh7nrdwOP9jqlPVEg3npS6KbmHvvkvR8+dEUASp2/LHZM
Tl5QtsqS/t/WDxFdWADUkHbFlps0+Y9NU5MoBTNDbzLUutDM7TIQzx57VRuSMfMc
BxNgtFbWRLL6i97dg1hym/U+Af/H3yZwvIiwWJhuav2evgSYMsuA29neoz/3I6SM
dztF/9Z5L4VaUiDq6Bdre72YmWxSwbEOZ0FRNxQICZ/7JI9DWzadvIvZK/3CDxs4
Ly/SJYRUKceJsp3PHwFDxcOzgsRdHUAQLWA2XjRpivrOg17gMIuMfOxpKwIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFMcrtrKXj9Bsf7a/I2+fRjZh2NohMB8GA1UdIwQY
MBaAFDHrmy20o73fjJL8ULlxMEPdVtw4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWV1YkxiU2p2ZC1Na3Z4UXVYRXdROTFXM0RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yNDcwMDUtNTU5ZC00ZWI0LWIzZTgt
YmQyNGYwMDM1NzhmLzEveHl1MnNwZVAwR3hfdHI4amI1OUdObUhZMmlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yNDcwMDUtNTU5ZC00ZWI0LWIzZTgtYmQyNGYwMDM1Nzhm
LzEvTWV1YkxiU2p2ZC1Na3Z4UXVYRXdROTFXM0RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAsBAIAATAmAwQDURf4AwQC
uf8IAwQAwWlKMAwDBAXKFqADBADKFqYDBAPKFqgwDwQCAAIwCQMHACoMVcAAATAN
BgkqhkiG9w0BAQsFAAOCAQEAToSkEW0aagpMKnYhVaTGFb6Kg8G19Z+hT3CtX27P
df14PaBoP+dE8Vud3xgTB0cAncr/0vkbBF2LlAfTTscGgYlgSao8rSradNAikBAY
9mXTad44QQL8vHD07crYbQWlYek8Va+Y5UDwx0P5PhqY18kF3BBzAHr/z+niPE+J
1CcTX35Ly4o2wiWMczwq6BWGf9j1WI8Jmn5HcvlgF8OiXlnlU8fDyeQzStZMcvu7
dmpmtN2XP9xQjRmFU4gdSeY+9/5lCSWqUipVvjcOeLFgr2xnTT0E+BMHg2b1/zGO
Cid3sY9C/DQsjqTKaNE9dVvklBcxP8X/ptIXiZ701uj8dQ==
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:36:15 2025 by rpki-client