Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/6d7ecf-4b62-4367-9b50-064d7adf4be3/1/XGvXolDseg1YugpBqFmsVC5vpbQ.roa
File: XGvXolDseg1YugpBqFmsVC5vpbQ.roa (raw, json)
Hash identifier: 8a1LI50NpHMYU4J+v/T9i7ox43+U6tlzxIDHs0QOPT4=
Subject key identifier: 5C:6B:D7:A2:50:EC:7A:0D:58:BA:0A:41:A8:59:AC:54:2E:6F:A5:B4
Certificate issuer: /CN=71d83fd8dabfe14b174cccd35b35b80713334ba5
Certificate serial: 0194A782105B2F78FAE38D13F83DA92F7B6E
Authority key identifier: 71:D8:3F:D8:DA:BF:E1:4B:17:4C:CC:D3:5B:35:B8:07:13:33:4B:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdg_2Nq_4UsXTMzTWzW4BxMzS6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/6d7ecf-4b62-4367-9b50-064d7adf4be3/1/XGvXolDseg1YugpBqFmsVC5vpbQ.roa
Signing time: Mon 27 Jan 2025 11:25:06 +0000
ROA not before: Mon 27 Jan 2025 11:25:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47164
IP address blocks: 78.41.59.0/24 maxlen: 24
2a14:4580::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a7:82:10:5b:2f:78:fa:e3:8d:13:f8:3d:a9:2f:7b:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d83fd8dabfe14b174cccd35b35b80713334ba5
Validity
Not Before: Jan 27 11:25:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c6bd7a250ec7a0d58ba0a41a859ac542e6fa5b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:2e:96:19:61:01:60:95:5a:6a:42:57:7e:60:
24:6a:ac:d2:54:7b:4d:fe:ef:d6:42:a8:2d:c0:7e:
54:b0:67:e9:97:de:1c:70:b3:28:e8:a5:90:ad:96:
66:8f:82:2e:f8:aa:41:5a:df:38:e8:e1:d6:a7:fb:
95:d0:f9:ca:3c:35:44:64:87:28:77:d0:25:b0:db:
71:8e:d0:96:a3:7c:e3:21:32:24:f0:fc:47:34:29:
96:10:94:d4:1f:b8:0c:a5:91:e9:a5:88:63:be:35:
26:ae:38:72:30:a3:0b:16:39:83:2e:17:2b:c4:5a:
e3:24:76:dd:ab:14:80:22:4a:38:12:5a:cc:0a:7a:
41:2b:97:26:af:77:4e:36:68:2f:1c:28:1e:f3:cb:
eb:b4:00:f8:2d:6d:52:77:a1:f6:57:5d:dd:8b:33:
3f:8f:95:e8:a9:78:34:bb:23:7a:77:6d:c6:b8:e1:
df:6c:be:17:91:d4:e9:3f:8f:47:23:96:2b:c4:ec:
63:0a:7a:06:42:12:80:95:05:87:d5:b2:78:20:25:
95:9f:c6:2e:b8:2f:b6:b1:11:e2:fe:57:6f:8a:a0:
f4:c1:7a:70:ec:1b:cc:d2:74:cd:c5:9a:b0:9b:32:
7a:7c:91:c8:80:4c:e9:da:49:6a:27:6f:65:d5:cb:
3a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:6B:D7:A2:50:EC:7A:0D:58:BA:0A:41:A8:59:AC:54:2E:6F:A5:B4
X509v3 Authority Key Identifier:
keyid:71:D8:3F:D8:DA:BF:E1:4B:17:4C:CC:D3:5B:35:B8:07:13:33:4B:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdg_2Nq_4UsXTMzTWzW4BxMzS6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6d7ecf-4b62-4367-9b50-064d7adf4be3/1/XGvXolDseg1YugpBqFmsVC5vpbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6d7ecf-4b62-4367-9b50-064d7adf4be3/1/cdg_2Nq_4UsXTMzTWzW4BxMzS6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.59.0/24
IPv6:
2a14:4580::/29
Signature Algorithm: sha256WithRSAEncryption
00:01:c5:37:ce:27:42:48:d0:b4:22:36:f5:a3:22:b3:4a:0a:
05:a8:2e:29:b4:76:f9:11:97:d4:96:98:4a:7f:11:e3:14:6e:
b6:99:4c:1d:23:fc:5e:c8:54:d9:47:33:47:69:c7:0f:e2:76:
7d:62:24:d0:d0:e1:1a:b6:af:09:99:7d:b3:a4:78:d5:70:21:
88:96:b9:68:c2:5b:0a:a2:f2:92:f4:dc:c7:bb:11:e1:6e:c1:
aa:3b:cf:bb:82:dc:37:b7:72:30:8e:04:47:1b:e5:7c:b7:28:
84:72:28:5b:7e:8f:bf:58:ea:fe:91:a8:11:99:16:cc:0f:2d:
a5:ad:2b:93:c6:94:f6:d5:5d:22:87:f5:33:b6:10:5f:9b:62:
0a:6f:c6:b2:b4:d6:53:35:c4:1f:50:91:74:cf:10:48:f7:ba:
ac:67:ad:a9:5d:d2:26:84:d0:75:bb:75:60:12:9c:63:9d:32:
14:ab:eb:15:84:86:2f:66:6f:28:f1:cc:2f:0f:56:a4:61:b0:
88:e9:21:c6:9f:b5:e1:75:05:93:9e:d4:33:b4:c9:a0:6e:4b:
55:71:40:31:81:88:11:cc:de:a6:36:00:bd:5b:d5:15:e2:5c:
c2:6c:bc:16:bc:a9:bd:8f:bd:5f:2e:48:f8:2a:d5:d8:be:7a:
0d:5e:3d:57
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZSnghBbL3j6440T+D2pL3tuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxZDgzZmQ4ZGFiZmUxNGIxNzRjY2NkMzViMzViODA3MTMz
MzRiYTUwHhcNMjUwMTI3MTEyNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzZiZDdhMjUwZWM3YTBkNThiYTBhNDFhODU5YWM1NDJlNmZhNWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1i6WGWEBYJVaakJXfmAkaqzSVHtN
/u/WQqgtwH5UsGfpl94ccLMo6KWQrZZmj4Iu+KpBWt846OHWp/uV0PnKPDVEZIco
d9AlsNtxjtCWo3zjITIk8PxHNCmWEJTUH7gMpZHppYhjvjUmrjhyMKMLFjmDLhcr
xFrjJHbdqxSAIko4ElrMCnpBK5cmr3dONmgvHCge88vrtAD4LW1Sd6H2V13dizM/
j5XoqXg0uyN6d23GuOHfbL4XkdTpP49HI5YrxOxjCnoGQhKAlQWH1bJ4ICWVn8Yu
uC+2sRHi/ldviqD0wXpw7BvM0nTNxZqwmzJ6fJHIgEzp2klqJ29l1cs6zwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFxr16JQ7HoNWLoKQahZrFQub6W0MB8GA1UdIwQY
MBaAFHHYP9jav+FLF0zM01s1uAcTM0ulMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2RnXzJOcV80VXNYVE16VFd6VzRCeE16UzZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny82ZDdlY2YtNGI2Mi00MzY3LTliNTAt
MDY0ZDdhZGY0YmUzLzEvWEd2WG9sRHNlZzFZdWdwQnFGbXNWQzV2cGJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny82ZDdlY2YtNGI2Mi00MzY3LTliNTAtMDY0ZDdhZGY0YmUz
LzEvY2RnXzJOcV80VXNYVE16VFd6VzRCeE16UzZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQATik7MA0E
AgACMAcDBQMqFEWAMA0GCSqGSIb3DQEBCwUAA4IBAQAAAcU3zidCSNC0Ijb1oyKz
SgoFqC4ptHb5EZfUlphKfxHjFG62mUwdI/xeyFTZRzNHaccP4nZ9YiTQ0OEatq8J
mX2zpHjVcCGIlrlowlsKovKS9NzHuxHhbsGqO8+7gtw3t3IwjgRHG+V8tyiEcihb
fo+/WOr+kagRmRbMDy2lrSuTxpT21V0ih/UzthBfm2IKb8aytNZTNcQfUJF0zxBI
97qsZ62pXdImhNB1u3VgEpxjnTIUq+sVhIYvZm8o8cwvD1akYbCI6SHGn7XhdQWT
ntQztMmgbktVcUAxgYgRzN6mNgC9W9UV4lzCbLwWvKm9j71fLkj4KtXYvnoNXj1X
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:10:41 2025 by rpki-client