Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/8c1306-7805-417d-be63-9ea2a6fb6a81/1/XjL_VzQpHSFAWpxr8LGCRwpbqdA.roa
File: XjL_VzQpHSFAWpxr8LGCRwpbqdA.roa (raw, json)
Hash identifier: Brx7GKcJBpG7UwHG4ArWnTWvC9k75AexdudLOh9h/Pw=
Subject key identifier: 5E:32:FF:57:34:29:1D:21:40:5A:9C:6B:F0:B1:82:47:0A:5B:A9:D0
Certificate issuer: /CN=d5ee40f4589d6a11b24f7bbcc29ab9f9ae689719
Certificate serial: 0194228DF3C0A35513D27E810B584737099B
Authority key identifier: D5:EE:40:F4:58:9D:6A:11:B2:4F:7B:BC:C2:9A:B9:F9:AE:68:97:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1e5A9FidahGyT3u8wpq5-a5olxk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/8c1306-7805-417d-be63-9ea2a6fb6a81/1/XjL_VzQpHSFAWpxr8LGCRwpbqdA.roa
Signing time: Wed 01 Jan 2025 15:48:35 +0000
ROA not before: Wed 01 Jan 2025 15:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58323
IP address blocks: 91.196.155.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:f3:c0:a3:55:13:d2:7e:81:0b:58:47:37:09:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5ee40f4589d6a11b24f7bbcc29ab9f9ae689719
Validity
Not Before: Jan 1 15:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e32ff5734291d21405a9c6bf0b182470a5ba9d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e9:cb:cb:10:4e:1e:1f:f1:77:72:3d:24:25:
ba:d4:75:32:67:ec:c1:c2:13:19:b8:b7:be:e3:25:
ba:a6:fa:67:01:df:03:81:4b:05:47:c6:f6:74:67:
e8:bc:5c:b1:5c:33:52:be:07:8d:3f:f1:71:3e:24:
91:17:97:42:22:15:f7:28:10:bd:02:94:10:8b:a0:
36:69:98:d4:4f:98:7c:54:49:9f:c9:69:23:bd:5f:
1c:ee:f7:71:5e:51:fc:8a:bc:f6:92:64:5b:db:69:
72:54:c4:3a:97:9c:ce:0b:7c:49:fe:44:a9:10:bf:
26:69:31:36:ea:25:b4:a7:f8:1c:a3:b9:64:07:68:
9c:8b:bd:87:44:fb:8e:8e:52:c8:7e:87:b2:17:83:
44:e2:39:bc:13:9c:52:d6:da:0d:3a:94:06:88:f9:
00:75:21:0a:c4:f1:c4:d2:f2:b7:33:53:d4:44:c9:
1f:79:fb:73:ee:65:6e:72:40:22:0f:2f:92:ab:79:
24:28:51:2f:d8:31:68:ea:8f:ab:b6:4f:0b:c3:c7:
e6:69:c8:bf:3b:6c:1b:c4:62:49:df:a8:c8:87:a7:
fe:2a:5f:ea:29:a9:89:c5:86:2a:4d:05:39:1b:dc:
a0:0f:23:96:c6:6c:8c:13:c3:85:6f:96:04:a4:28:
7a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:32:FF:57:34:29:1D:21:40:5A:9C:6B:F0:B1:82:47:0A:5B:A9:D0
X509v3 Authority Key Identifier:
keyid:D5:EE:40:F4:58:9D:6A:11:B2:4F:7B:BC:C2:9A:B9:F9:AE:68:97:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e5A9FidahGyT3u8wpq5-a5olxk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/8c1306-7805-417d-be63-9ea2a6fb6a81/1/XjL_VzQpHSFAWpxr8LGCRwpbqdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/8c1306-7805-417d-be63-9ea2a6fb6a81/1/1e5A9FidahGyT3u8wpq5-a5olxk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.155.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:d1:ed:e7:55:c9:db:b9:d9:2f:c0:96:a9:c2:e3:8e:b2:3d:
7d:3e:75:62:8a:44:35:3b:2d:37:06:65:14:15:fd:20:61:51:
1f:32:84:fb:fd:70:44:26:4d:d6:3d:d9:48:21:64:c7:26:38:
2e:b9:67:18:47:90:e6:92:30:77:13:d8:e9:06:1e:6e:27:25:
44:56:e4:d8:8b:db:d0:59:87:40:60:59:c6:ed:80:7c:49:85:
7f:fc:2e:e2:ac:77:d2:a9:ab:8f:19:5f:49:c7:d7:e1:05:54:
ff:db:ef:7e:c0:96:a0:ba:6a:0f:70:fc:56:7a:25:ec:1e:75:
9b:6a:79:dd:4e:a4:8c:28:aa:07:c0:92:51:ec:ca:cf:4d:da:
b3:7a:ca:10:e9:9b:8e:5d:0f:9b:7c:10:5e:0e:2d:e6:d0:5d:
7e:15:52:6e:cc:6a:da:8c:64:1a:13:34:98:1d:26:cf:e3:0f:
c9:75:d4:1d:bd:1a:0d:00:27:85:42:c6:cc:68:4d:1f:f6:40:
90:34:09:ce:1c:d0:52:2e:82:2c:0f:b6:a6:ee:2f:27:ea:d3:
98:6c:75:63:3f:ed:17:74:f6:ff:b7:ca:e4:6e:81:9f:db:50:
e9:86:28:4f:6d:c8:fb:41:e9:68:74:9f:1a:4b:e3:bc:9b:6e:
5c:f8:f4:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijfPAo1UT0n6BC1hHNwmbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZWU0MGY0NTg5ZDZhMTFiMjRmN2JiY2MyOWFiOWY5YWU2
ODk3MTkwHhcNMjUwMTAxMTU0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTMyZmY1NzM0MjkxZDIxNDA1YTljNmJmMGIxODI0NzBhNWJhOWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+nLyxBOHh/xd3I9JCW61HUyZ+zB
whMZuLe+4yW6pvpnAd8DgUsFR8b2dGfovFyxXDNSvgeNP/FxPiSRF5dCIhX3KBC9
ApQQi6A2aZjUT5h8VEmfyWkjvV8c7vdxXlH8irz2kmRb22lyVMQ6l5zOC3xJ/kSp
EL8maTE26iW0p/gco7lkB2ici72HRPuOjlLIfoeyF4NE4jm8E5xS1toNOpQGiPkA
dSEKxPHE0vK3M1PURMkfeftz7mVuckAiDy+Sq3kkKFEv2DFo6o+rtk8Lw8fmaci/
O2wbxGJJ36jIh6f+Kl/qKamJxYYqTQU5G9ygDyOWxmyME8OFb5YEpCh6DwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF4y/1c0KR0hQFqca/CxgkcKW6nQMB8GA1UdIwQY
MBaAFNXuQPRYnWoRsk97vMKaufmuaJcZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWU1QTlGaWRhaEd5VDN1OHdwcTUtYTVvbHhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy84YzEzMDYtNzgwNS00MTdkLWJlNjMt
OWVhMmE2ZmI2YTgxLzEvWGpMX1Z6UXBIU0ZBV3B4cjhMR0NSd3BicWRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy84YzEzMDYtNzgwNS00MTdkLWJlNjMtOWVhMmE2ZmI2YTgx
LzEvMWU1QTlGaWRhaEd5VDN1OHdwcTUtYTVvbHhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8SbMA0G
CSqGSIb3DQEBCwUAA4IBAQDE0e3nVcnbudkvwJapwuOOsj19PnViikQ1Oy03BmUU
Ff0gYVEfMoT7/XBEJk3WPdlIIWTHJjguuWcYR5DmkjB3E9jpBh5uJyVEVuTYi9vQ
WYdAYFnG7YB8SYV//C7irHfSqauPGV9Jx9fhBVT/2+9+wJagumoPcPxWeiXsHnWb
anndTqSMKKoHwJJR7MrPTdqzesoQ6ZuOXQ+bfBBeDi3m0F1+FVJuzGrajGQaEzSY
HSbP4w/JddQdvRoNACeFQsbMaE0f9kCQNAnOHNBSLoIsD7am7i8n6tOYbHVjP+0X
dPb/t8rkboGf21DphihPbcj7QelodJ8aS+O8m25c+PRk
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:47:50 2025 by rpki-client