Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/c6b906-9150-443d-ba30-739c198c513f/1/XUhnIv1VyzEH-O2IlJPEOJmVv7s.roa
File: XUhnIv1VyzEH-O2IlJPEOJmVv7s.roa (raw, json)
Hash identifier: ia3ApPA9xBWk3etwJmYP71gyRoYwwrPnhqVB0ZSnJZA=
Subject key identifier: 5D:48:67:22:FD:55:CB:31:07:F8:ED:88:94:93:C4:38:99:95:BF:BB
Certificate issuer: /CN=1ad5d174cbb46aaf86555b80e1773331b870b568
Certificate serial: 01942444C9A167234DB29004579EB31A5613
Authority key identifier: 1A:D5:D1:74:CB:B4:6A:AF:86:55:5B:80:E1:77:33:31:B8:70:B5:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GtXRdMu0aq-GVVuA4XczMbhwtWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/c6b906-9150-443d-ba30-739c198c513f/1/XUhnIv1VyzEH-O2IlJPEOJmVv7s.roa
Signing time: Wed 01 Jan 2025 23:47:55 +0000
ROA not before: Wed 01 Jan 2025 23:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41476
IP address blocks: 79.171.4.0/24 maxlen: 24
79.171.5.0/24 maxlen: 24
193.164.142.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:c9:a1:67:23:4d:b2:90:04:57:9e:b3:1a:56:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ad5d174cbb46aaf86555b80e1773331b870b568
Validity
Not Before: Jan 1 23:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d486722fd55cb3107f8ed889493c4389995bfbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:09:62:d9:24:79:ed:f9:a3:f4:fd:e6:21:ba:
1e:98:b7:57:bb:85:f4:28:87:45:7e:09:c5:44:ad:
95:a7:e8:59:34:f6:41:c3:97:ad:42:23:3e:3a:1c:
8b:11:29:38:83:16:3b:49:af:b6:a4:e1:09:5e:61:
61:40:9b:ca:57:e8:87:d2:08:65:ba:8a:d6:8d:81:
d3:68:1b:7b:28:0c:bb:b1:a1:92:3f:0a:d4:a0:94:
88:04:5a:38:58:a1:a4:29:02:f1:d8:e4:8d:96:8a:
b0:55:50:0d:3d:3a:c8:da:59:71:72:03:bc:c0:9c:
e6:1f:ea:f5:e2:d2:0c:2b:49:09:e8:86:a7:3c:cb:
18:6c:d3:8e:b7:69:39:49:e0:e6:82:02:16:38:30:
02:74:b4:a4:b2:27:21:dc:03:20:12:bb:73:42:ad:
5b:09:39:f3:34:1f:bc:07:da:45:af:61:33:0c:0a:
af:ff:d8:03:ca:07:5a:d8:8c:de:01:bd:11:2b:8c:
a0:95:74:90:c0:3d:fc:8a:8e:22:8c:49:9b:a2:4c:
38:4c:a4:2c:ba:b0:ff:cf:6b:9f:aa:2e:80:bd:05:
92:6d:e7:82:ab:ee:0c:f2:92:f7:c9:aa:ff:4b:36:
90:8b:fd:bc:c0:7f:13:8b:b4:d0:03:b1:ff:5b:a4:
87:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:48:67:22:FD:55:CB:31:07:F8:ED:88:94:93:C4:38:99:95:BF:BB
X509v3 Authority Key Identifier:
keyid:1A:D5:D1:74:CB:B4:6A:AF:86:55:5B:80:E1:77:33:31:B8:70:B5:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GtXRdMu0aq-GVVuA4XczMbhwtWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c6b906-9150-443d-ba30-739c198c513f/1/XUhnIv1VyzEH-O2IlJPEOJmVv7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c6b906-9150-443d-ba30-739c198c513f/1/GtXRdMu0aq-GVVuA4XczMbhwtWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.171.4.0/23
193.164.142.0/24
Signature Algorithm: sha256WithRSAEncryption
92:d1:77:5e:d2:dc:5f:51:f8:24:72:09:52:63:07:b2:67:b6:
d2:31:93:bf:8e:1b:bb:3c:6c:5e:78:51:b4:86:fd:b8:5d:f5:
f3:6d:e9:0e:65:fc:b3:7e:4b:80:03:cb:eb:d8:07:98:dd:4c:
0a:6b:46:21:4d:57:97:bb:1d:4c:fd:c0:22:eb:e8:ae:35:c1:
f6:b9:87:87:55:c1:2e:fb:2d:15:3f:bb:d2:d0:4b:fb:44:9e:
ce:07:57:4c:ef:87:20:a9:94:0b:08:6b:3e:1c:47:39:fb:33:
45:91:a1:04:e0:d2:3e:31:33:cf:d8:83:f2:71:99:c2:ff:6f:
3d:af:86:d6:24:8b:51:1a:89:5e:60:10:17:1e:69:de:6b:92:
65:7c:00:da:14:65:fa:54:5e:88:9d:08:ad:b0:66:e9:41:66:
38:ec:d5:cc:34:c4:26:e3:d6:0d:f3:f5:fa:ec:fc:e2:66:01:
b6:98:c8:46:cc:50:e8:ab:78:5e:f2:c8:be:2a:43:20:6a:b3:
66:bf:40:c1:4f:8a:eb:17:b5:d6:ca:f3:01:bd:49:0f:c0:30:
6c:57:8c:52:0d:ab:0d:50:be:3e:a5:d7:59:e5:2e:44:77:88:
cc:8a:64:9e:1c:07:7a:01:3e:85:0c:92:80:23:a9:28:bb:fd:
8f:4c:9d:a9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQkRMmhZyNNspAEV56zGlYTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZDVkMTc0Y2JiNDZhYWY4NjU1NWI4MGUxNzczMzMxYjg3
MGI1NjgwHhcNMjUwMTAxMjM0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDQ4NjcyMmZkNTVjYjMxMDdmOGVkODg5NDkzYzQzODk5OTViZmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwli2SR57fmj9P3mIboemLdXu4X0
KIdFfgnFRK2Vp+hZNPZBw5etQiM+OhyLESk4gxY7Sa+2pOEJXmFhQJvKV+iH0ghl
uorWjYHTaBt7KAy7saGSPwrUoJSIBFo4WKGkKQLx2OSNloqwVVANPTrI2llxcgO8
wJzmH+r14tIMK0kJ6IanPMsYbNOOt2k5SeDmggIWODACdLSksich3AMgErtzQq1b
CTnzNB+8B9pFr2EzDAqv/9gDygda2IzeAb0RK4yglXSQwD38io4ijEmbokw4TKQs
urD/z2ufqi6AvQWSbeeCq+4M8pL3yar/SzaQi/28wH8Ti7TQA7H/W6SHMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF1IZyL9VcsxB/jtiJSTxDiZlb+7MB8GA1UdIwQY
MBaAFBrV0XTLtGqvhlVbgOF3MzG4cLVoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3RYUmRNdTBhcS1HVlZ1QTRYY3pNYmh3dFdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9jNmI5MDYtOTE1MC00NDNkLWJhMzAt
NzM5YzE5OGM1MTNmLzEvWFVobkl2MVZ5ekVILU8ySWxKUEVPSm1WdjdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9jNmI5MDYtOTE1MC00NDNkLWJhMzAtNzM5YzE5OGM1MTNm
LzEvR3RYUmRNdTBhcS1HVlZ1QTRYY3pNYmh3dFdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBT6sEAwQA
waSOMA0GCSqGSIb3DQEBCwUAA4IBAQCS0Xde0txfUfgkcglSYweyZ7bSMZO/jhu7
PGxeeFG0hv24XfXzbekOZfyzfkuAA8vr2AeY3UwKa0YhTVeXux1M/cAi6+iuNcH2
uYeHVcEu+y0VP7vS0Ev7RJ7OB1dM74cgqZQLCGs+HEc5+zNFkaEE4NI+MTPP2IPy
cZnC/289r4bWJItRGoleYBAXHmnea5JlfADaFGX6VF6InQitsGbpQWY47NXMNMQm
49YN8/X67PziZgG2mMhGzFDoq3he8si+KkMgarNmv0DBT4rrF7XWyvMBvUkPwDBs
V4xSDasNUL4+pddZ5S5Ed4jMimSeHAd6AT6FDJKAI6kou/2PTJ2p
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:43:27 2025 by rpki-client