Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/9e2f8a-960d-4479-a058-4e3ce3301979/1/XysHQU0TQpQ18huR7cIIDrfZWfY.roa
File: XysHQU0TQpQ18huR7cIIDrfZWfY.roa (raw, json)
Hash identifier: NtroWgAMFvSSwwYDxpo3NQGtG+bQQozP9je3mTfJHRc=
Subject key identifier: 5F:2B:07:41:4D:13:42:94:35:F2:1B:91:ED:C2:08:0E:B7:D9:59:F6
Certificate issuer: /CN=53937087814b435825470069db9e723dbe728f3b
Certificate serial: 019425FD3C77F1331B80994A6F1EA6A995C8
Authority key identifier: 53:93:70:87:81:4B:43:58:25:47:00:69:DB:9E:72:3D:BE:72:8F:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U5Nwh4FLQ1glRwBp255yPb5yjzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/9e2f8a-960d-4479-a058-4e3ce3301979/1/XysHQU0TQpQ18huR7cIIDrfZWfY.roa
Signing time: Thu 02 Jan 2025 07:49:00 +0000
ROA not before: Thu 02 Jan 2025 07:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25579
IP address blocks: 185.124.120.0/22 maxlen: 22
213.146.224.0/24 maxlen: 24
213.146.225.0/24 maxlen: 24
213.146.226.0/24 maxlen: 24
213.146.227.0/24 maxlen: 24
213.146.228.0/24 maxlen: 24
213.146.229.0/24 maxlen: 24
213.146.230.0/24 maxlen: 24
213.146.231.0/24 maxlen: 24
213.146.232.0/24 maxlen: 24
213.146.233.0/24 maxlen: 24
213.146.234.0/24 maxlen: 24
213.146.235.0/24 maxlen: 24
213.146.236.0/24 maxlen: 24
213.146.237.0/24 maxlen: 24
213.146.238.0/24 maxlen: 24
213.146.239.0/24 maxlen: 24
213.146.240.0/24 maxlen: 24
213.146.241.0/24 maxlen: 24
213.146.242.0/24 maxlen: 24
213.146.243.0/24 maxlen: 24
213.146.244.0/24 maxlen: 24
213.146.245.0/24 maxlen: 24
213.146.246.0/24 maxlen: 24
213.146.247.0/24 maxlen: 24
213.146.248.0/24 maxlen: 24
213.146.249.0/24 maxlen: 24
213.146.250.0/24 maxlen: 24
213.146.251.0/24 maxlen: 24
213.146.252.0/24 maxlen: 24
213.146.253.0/24 maxlen: 24
213.146.254.0/24 maxlen: 24
213.146.255.0/24 maxlen: 24
2a06:2800::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:3c:77:f1:33:1b:80:99:4a:6f:1e:a6:a9:95:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53937087814b435825470069db9e723dbe728f3b
Validity
Not Before: Jan 2 07:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f2b07414d13429435f21b91edc2080eb7d959f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f9:53:7f:5c:58:2e:81:e1:f8:6d:ce:ed:fc:
f0:fe:fd:c0:59:a1:2e:5b:ec:54:97:b7:c4:f0:f6:
f7:ac:1f:3e:4a:56:66:ac:df:ff:c5:73:cc:39:83:
a0:f9:6b:ad:90:2a:3b:fe:53:14:af:22:4a:be:09:
51:a9:44:2f:eb:0f:69:c5:78:27:b5:e2:8c:ba:9c:
03:37:01:8a:a4:a5:fd:a2:94:51:27:2b:af:0c:96:
e7:1a:30:8b:45:5d:bc:e8:60:94:07:42:36:d9:01:
61:d3:92:ae:79:4f:e0:67:37:c1:11:29:4b:f7:b9:
55:8f:72:ce:9f:59:52:5e:30:7d:4f:5d:56:de:46:
87:a6:26:90:e7:11:f5:bc:0b:fd:45:44:11:22:ae:
83:d0:77:f3:a8:c4:42:ed:97:da:fe:bc:f9:57:92:
6a:8b:7e:c0:f8:a5:1c:b7:ef:f2:21:df:86:b7:d6:
3e:60:9a:69:76:23:f8:0d:66:36:af:89:01:16:64:
46:8f:12:9a:f7:08:12:4f:33:25:4e:2f:4a:bf:db:
b7:d5:a8:e1:bf:4e:fe:d8:43:fb:8b:cf:2d:f5:9d:
c1:28:41:99:4b:1c:23:0a:29:24:48:13:e3:69:ef:
43:0b:62:7a:12:69:02:ef:f2:f7:57:30:26:64:06:
62:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:2B:07:41:4D:13:42:94:35:F2:1B:91:ED:C2:08:0E:B7:D9:59:F6
X509v3 Authority Key Identifier:
keyid:53:93:70:87:81:4B:43:58:25:47:00:69:DB:9E:72:3D:BE:72:8F:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U5Nwh4FLQ1glRwBp255yPb5yjzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/9e2f8a-960d-4479-a058-4e3ce3301979/1/XysHQU0TQpQ18huR7cIIDrfZWfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/9e2f8a-960d-4479-a058-4e3ce3301979/1/U5Nwh4FLQ1glRwBp255yPb5yjzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.120.0/22
213.146.224.0/19
IPv6:
2a06:2800::/29
Signature Algorithm: sha256WithRSAEncryption
c5:40:c6:bd:2c:b6:e3:09:86:ff:5a:c4:62:9c:c7:d0:61:37:
2f:67:db:8c:d5:c6:d8:b8:3a:f3:4c:68:9e:94:85:11:c3:11:
c4:db:95:99:fb:c3:1d:f8:09:6f:02:6f:22:24:b2:73:dd:94:
c8:ae:5a:b3:46:e2:65:89:4e:29:a7:e8:39:6b:38:d5:fc:ac:
7f:df:f1:08:b1:6c:ec:5a:d2:90:3d:c2:ea:4d:17:5c:3f:94:
ed:c3:44:6e:a1:35:ba:b3:ee:08:fc:e1:51:99:a3:e0:28:89:
40:cc:7f:c4:5f:20:24:e9:76:f5:e9:03:79:30:31:be:ea:68:
5c:d2:93:a5:33:ce:39:49:c3:f5:58:b2:82:73:4a:ff:90:31:
ee:d9:7f:ca:e9:5b:21:b7:6c:cd:bd:5e:94:79:55:5d:f9:7e:
94:94:4d:a9:fe:7c:67:b2:c6:ac:d6:9c:c8:a4:be:6e:f0:bb:
09:23:bf:3e:3b:11:ff:bd:e5:a6:00:0b:dd:51:d4:61:5f:06:
a4:69:f5:4c:49:5b:89:db:1a:8c:d0:81:55:e7:83:1b:eb:d0:
85:a6:64:ff:a0:45:aa:37:82:74:06:23:76:f9:2f:84:a4:eb:
eb:1a:c1:67:96:db:5d:45:f1:cf:51:fb:f5:9d:3d:45:90:1c:
c0:df:a2:f3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQl/Tx38TMbgJlKbx6mqZXIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOTM3MDg3ODE0YjQzNTgyNTQ3MDA2OWRiOWU3MjNkYmU3
MjhmM2IwHhcNMjUwMTAyMDc0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjJiMDc0MTRkMTM0Mjk0MzVmMjFiOTFlZGMyMDgwZWI3ZDk1OWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvflTf1xYLoHh+G3O7fzw/v3AWaEu
W+xUl7fE8Pb3rB8+SlZmrN//xXPMOYOg+WutkCo7/lMUryJKvglRqUQv6w9pxXgn
teKMupwDNwGKpKX9opRRJyuvDJbnGjCLRV286GCUB0I22QFh05KueU/gZzfBESlL
97lVj3LOn1lSXjB9T11W3kaHpiaQ5xH1vAv9RUQRIq6D0HfzqMRC7Zfa/rz5V5Jq
i37A+KUct+/yId+Gt9Y+YJppdiP4DWY2r4kBFmRGjxKa9wgSTzMlTi9Kv9u31ajh
v07+2EP7i88t9Z3BKEGZSxwjCikkSBPjae9DC2J6EmkC7/L3VzAmZAZiiQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFF8rB0FNE0KUNfIbke3CCA632Vn2MB8GA1UdIwQY
MBaAFFOTcIeBS0NYJUcAaduecj2+co87MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTVOd2g0RkxRMWdsUndCcDI1NXlQYjV5anpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS85ZTJmOGEtOTYwZC00NDc5LWEwNTgt
NGUzY2UzMzAxOTc5LzEvWHlzSFFVMFRRcFExOGh1UjdjSUlEcmZaV2ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS85ZTJmOGEtOTYwZC00NDc5LWEwNTgtNGUzY2UzMzAxOTc5
LzEvVTVOd2g0RkxRMWdsUndCcDI1NXlQYjV5anpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuXx4AwQF
1ZLgMA0EAgACMAcDBQMqBigAMA0GCSqGSIb3DQEBCwUAA4IBAQDFQMa9LLbjCYb/
WsRinMfQYTcvZ9uM1cbYuDrzTGielIURwxHE25WZ+8Md+AlvAm8iJLJz3ZTIrlqz
RuJliU4pp+g5azjV/Kx/3/EIsWzsWtKQPcLqTRdcP5Ttw0RuoTW6s+4I/OFRmaPg
KIlAzH/EXyAk6Xb16QN5MDG+6mhc0pOlM845ScP1WLKCc0r/kDHu2X/K6Vsht2zN
vV6UeVVd+X6UlE2p/nxnssas1pzIpL5u8LsJI78+OxH/veWmAAvdUdRhXwakafVM
SVuJ2xqM0IFV54Mb69CFpmT/oEWqN4J0BiN2+S+EpOvrGsFnlttdRfHPUfv1nT1F
kBzA36Lz
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:10:42 2025 by rpki-client