Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/XFa9l_0cz21XUFqVHAhuFVoXl64.roa
File: XFa9l_0cz21XUFqVHAhuFVoXl64.roa (raw, json)
Hash identifier: O42Bcxzs4yOQXX2kULBWDWVCdsdJQDwpjOWp8Rqh6bk=
Subject key identifier: 5C:56:BD:97:FD:1C:CF:6D:57:50:5A:95:1C:08:6E:15:5A:17:97:AE
Certificate issuer: /CN=0246e8a76d30c7c0495bc5ce8ee5110feab286e6
Certificate serial: 0194228DCDF2F1D1DB92EF933139A5060814
Authority key identifier: 02:46:E8:A7:6D:30:C7:C0:49:5B:C5:CE:8E:E5:11:0F:EA:B2:86:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Akbop20wx8BJW8XOjuURD-qyhuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/XFa9l_0cz21XUFqVHAhuFVoXl64.roa
Signing time: Wed 01 Jan 2025 15:48:26 +0000
ROA not before: Wed 01 Jan 2025 15:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49937
IP address blocks: 185.28.72.0/24 maxlen: 24
193.31.214.0/24 maxlen: 24
193.31.215.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:cd:f2:f1:d1:db:92:ef:93:31:39:a5:06:08:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0246e8a76d30c7c0495bc5ce8ee5110feab286e6
Validity
Not Before: Jan 1 15:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c56bd97fd1ccf6d57505a951c086e155a1797ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:74:20:8e:7d:44:45:20:32:0d:1d:2c:44:8f:
2b:d5:6a:e6:4d:4b:25:dd:33:1f:9d:6c:a4:ee:2b:
29:43:1c:de:40:c5:58:70:ac:4e:82:b9:d0:1a:7c:
db:2e:ef:f3:c6:c8:26:46:1f:d8:67:e3:36:a3:61:
b7:d7:04:ba:17:c7:1e:67:80:08:30:51:de:d4:df:
5a:ff:a6:a5:84:d1:5a:de:bd:e9:18:b2:96:29:46:
67:cf:e1:86:ad:03:36:21:d8:96:2a:8e:64:40:53:
9e:a8:b9:55:bb:8a:5e:04:36:d0:0a:48:a8:fc:4b:
ee:b9:66:70:0c:68:60:88:6e:64:fa:57:bb:a5:81:
39:e6:97:7d:9b:cd:9a:a9:df:07:36:29:40:29:3f:
93:d4:d7:5a:6f:82:64:f0:ca:2c:f6:bb:1f:62:12:
36:d8:36:2d:2d:87:a5:87:39:ea:9e:70:29:12:7d:
71:93:e3:9a:e5:c1:2a:c2:ac:bd:f5:ef:33:2c:4b:
d0:c8:b8:c0:fa:0c:1d:26:f9:67:18:29:f4:e9:57:
a2:f4:dc:d6:b8:c8:f7:96:2d:10:f4:4b:1a:6b:21:
a7:2b:57:71:e1:34:d4:d1:4a:28:8b:21:ee:e6:6c:
35:54:7b:df:e8:2b:b3:2f:22:06:4c:47:b2:d6:de:
80:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:56:BD:97:FD:1C:CF:6D:57:50:5A:95:1C:08:6E:15:5A:17:97:AE
X509v3 Authority Key Identifier:
keyid:02:46:E8:A7:6D:30:C7:C0:49:5B:C5:CE:8E:E5:11:0F:EA:B2:86:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Akbop20wx8BJW8XOjuURD-qyhuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/XFa9l_0cz21XUFqVHAhuFVoXl64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/Akbop20wx8BJW8XOjuURD-qyhuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.72.0/24
193.31.214.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:6a:1d:5b:b4:c1:52:94:8b:16:ec:8d:2f:64:5f:4c:1a:16:
d3:55:f8:d1:62:bb:74:2c:37:90:b5:7d:13:51:57:ff:11:21:
09:03:da:8c:98:b5:74:c8:e5:a0:95:13:7f:c2:f0:22:d5:f8:
55:49:b9:71:40:f5:f3:32:fa:a4:37:f8:5d:65:39:fc:05:81:
7e:02:b1:21:81:84:60:f5:43:88:3a:14:5e:a9:ad:59:3b:8b:
55:6e:73:46:cf:c8:df:44:e1:23:bb:8a:5f:86:1e:3d:36:56:
cc:4e:c0:cb:0a:bc:45:44:f1:1c:a8:01:34:f6:ea:0d:1a:82:
c0:a5:94:c7:17:60:c1:c7:a8:3e:5b:05:67:63:d9:83:2e:a0:
6b:54:26:84:f8:bf:67:9d:9d:e7:82:19:50:e0:fa:84:51:8f:
0f:f9:dd:22:14:b6:63:85:3b:20:11:ea:01:9b:dc:02:52:8b:
8d:e6:7f:48:01:47:75:73:ed:80:00:95:9a:bc:4e:e8:53:9e:
0e:e7:f2:2c:30:11:6c:24:66:1e:06:8e:05:32:dc:f0:52:36:
d1:bf:a1:04:e4:22:a1:92:c6:16:00:13:ba:a8:3e:91:d6:2d:
d0:12:ab:e0:e3:43:26:4f:5c:33:fb:54:bb:a8:ad:0e:a6:c8:
fd:1e:17:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQijc3y8dHbku+TMTmlBggUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNDZlOGE3NmQzMGM3YzA0OTViYzVjZThlZTUxMTBmZWFi
Mjg2ZTYwHhcNMjUwMTAxMTU0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzU2YmQ5N2ZkMWNjZjZkNTc1MDVhOTUxYzA4NmUxNTVhMTc5N2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnQgjn1ERSAyDR0sRI8r1WrmTUsl
3TMfnWyk7ispQxzeQMVYcKxOgrnQGnzbLu/zxsgmRh/YZ+M2o2G31wS6F8ceZ4AI
MFHe1N9a/6alhNFa3r3pGLKWKUZnz+GGrQM2IdiWKo5kQFOeqLlVu4peBDbQCkio
/EvuuWZwDGhgiG5k+le7pYE55pd9m82aqd8HNilAKT+T1Ndab4Jk8Mos9rsfYhI2
2DYtLYelhznqnnApEn1xk+Oa5cEqwqy99e8zLEvQyLjA+gwdJvlnGCn06Vei9NzW
uMj3li0Q9EsaayGnK1dx4TTU0UooiyHu5mw1VHvf6CuzLyIGTEey1t6AJQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFxWvZf9HM9tV1BalRwIbhVaF5euMB8GA1UdIwQY
MBaAFAJG6KdtMMfASVvFzo7lEQ/qsobmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWtib3AyMHd4OEJKVzhYT2p1VVJELXF5aHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9jMGE1NzYtYTIyMC00ZGUwLWFhYzEt
N2I5NmE5OTk3NzE4LzEvWEZhOWxfMGN6MjFYVUZxVkhBaHVGVm9YbDY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9jMGE1NzYtYTIyMC00ZGUwLWFhYzEtN2I5NmE5OTk3NzE4
LzEvQWtib3AyMHd4OEJKVzhYT2p1VVJELXF5aHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuRxIAwQB
wR/WMA0GCSqGSIb3DQEBCwUAA4IBAQBKah1btMFSlIsW7I0vZF9MGhbTVfjRYrt0
LDeQtX0TUVf/ESEJA9qMmLV0yOWglRN/wvAi1fhVSblxQPXzMvqkN/hdZTn8BYF+
ArEhgYRg9UOIOhReqa1ZO4tVbnNGz8jfROEju4pfhh49NlbMTsDLCrxFRPEcqAE0
9uoNGoLApZTHF2DBx6g+WwVnY9mDLqBrVCaE+L9nnZ3nghlQ4PqEUY8P+d0iFLZj
hTsgEeoBm9wCUouN5n9IAUd1c+2AAJWavE7oU54O5/IsMBFsJGYeBo4FMtzwUjbR
v6EE5CKhksYWABO6qD6R1i3QEqvg40MmT1wz+1S7qK0Opsj9HhdA
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:21:33 2025 by rpki-client