Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/31dca4-1ce8-4318-956c-d4f08be050d5/1/XuSi8kXeBm_B8q7AzG1ldyxBl-U.roa
File: XuSi8kXeBm_B8q7AzG1ldyxBl-U.roa (raw, json)
Hash identifier: VfVAqS9+xLim6Zr3WY+RPdJPag+yTxoDEH7wLbaR7Ko=
Subject key identifier: 5E:E4:A2:F2:45:DE:06:6F:C1:F2:AE:C0:CC:6D:65:77:2C:41:97:E5
Certificate issuer: /CN=f1f42360a3970a808016fdf8d8dba396c5a1d034
Certificate serial: 01942143C114CBB48D6FE486E03D218FE910
Authority key identifier: F1:F4:23:60:A3:97:0A:80:80:16:FD:F8:D8:DB:A3:96:C5:A1:D0:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8fQjYKOXCoCAFv342NujlsWh0DQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/31dca4-1ce8-4318-956c-d4f08be050d5/1/XuSi8kXeBm_B8q7AzG1ldyxBl-U.roa
Signing time: Wed 01 Jan 2025 09:47:55 +0000
ROA not before: Wed 01 Jan 2025 09:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61149
IP address blocks: 45.82.106.0/24 maxlen: 24
45.82.107.0/24 maxlen: 24
86.104.226.0/24 maxlen: 24
91.235.107.0/24 maxlen: 24
185.16.88.0/22 maxlen: 22
185.16.88.0/23 maxlen: 23
185.16.88.0/24 maxlen: 24
185.16.89.0/24 maxlen: 24
185.16.90.0/23 maxlen: 23
185.16.90.0/24 maxlen: 24
185.16.91.0/24 maxlen: 24
2a03:cac0:2::/48 maxlen: 48
2a03:cac0:a::/48 maxlen: 48
2a03:cac0:b::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:c1:14:cb:b4:8d:6f:e4:86:e0:3d:21:8f:e9:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1f42360a3970a808016fdf8d8dba396c5a1d034
Validity
Not Before: Jan 1 09:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ee4a2f245de066fc1f2aec0cc6d65772c4197e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:3d:d8:8d:10:e9:ce:01:0c:f8:25:bb:90:e8:
61:55:84:4f:0e:05:b7:ca:f1:00:0c:62:84:d9:59:
8c:53:db:45:3f:3a:a2:ae:df:43:82:6f:f1:a7:66:
71:57:84:84:a6:a1:c9:b6:27:d6:4a:75:0e:45:1f:
41:3f:5c:69:1a:ab:5d:2a:70:d5:c9:30:b4:28:62:
2b:8c:f1:b0:78:f9:7f:f0:89:a5:62:5d:f5:8c:5a:
c6:30:d4:43:33:b2:5d:3d:4b:88:60:bc:cd:33:6e:
1e:b2:8c:71:4e:48:0b:7b:ce:bc:97:ee:f5:b7:7c:
8d:0c:63:f5:24:1c:35:4e:fd:b5:57:95:8d:a3:9a:
c4:1e:41:52:1e:4a:17:aa:00:23:fd:b6:d8:a3:13:
ed:61:18:67:38:17:3b:8b:e0:02:2e:35:9e:99:39:
9e:55:09:7e:a2:ef:91:92:d8:5d:0e:2a:2c:34:0d:
bc:4d:2d:24:28:0c:2e:e3:90:ff:b3:65:33:e9:2d:
3d:59:ac:71:5e:c8:6b:56:55:9f:93:cc:0a:28:76:
86:a1:7a:1a:c4:c3:c1:58:08:aa:02:87:81:d9:b2:
2e:35:28:11:34:b6:70:32:90:f7:9d:26:33:bc:c4:
fc:3a:92:ba:0d:3b:44:04:52:1b:7f:95:87:a0:9f:
db:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:E4:A2:F2:45:DE:06:6F:C1:F2:AE:C0:CC:6D:65:77:2C:41:97:E5
X509v3 Authority Key Identifier:
keyid:F1:F4:23:60:A3:97:0A:80:80:16:FD:F8:D8:DB:A3:96:C5:A1:D0:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8fQjYKOXCoCAFv342NujlsWh0DQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/31dca4-1ce8-4318-956c-d4f08be050d5/1/XuSi8kXeBm_B8q7AzG1ldyxBl-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/31dca4-1ce8-4318-956c-d4f08be050d5/1/8fQjYKOXCoCAFv342NujlsWh0DQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.106.0/23
86.104.226.0/24
91.235.107.0/24
185.16.88.0/22
IPv6:
2a03:cac0:2::/48
2a03:cac0:a::/47
Signature Algorithm: sha256WithRSAEncryption
93:a4:8b:7e:67:5a:e9:f5:7e:a5:35:87:2d:a8:ec:12:bd:84:
9e:a7:03:a8:ea:af:b7:a8:a4:b5:0a:5c:3d:14:55:ad:b1:9a:
be:76:5d:76:f1:36:a5:2c:a4:88:d0:74:6c:a8:c0:95:54:26:
16:56:d8:de:0e:e3:19:73:f9:99:5a:01:1a:45:27:b9:16:75:
84:59:b6:5c:0f:90:ed:4e:09:13:a8:08:98:b7:85:5b:bc:4e:
0d:25:25:77:56:60:93:8e:20:b3:79:26:eb:25:2f:4b:ba:93:
ef:0b:94:07:be:11:b7:50:d8:d9:42:14:29:05:8f:d0:2b:79:
73:91:ce:d8:24:5b:1f:0b:1c:16:5a:79:b8:8e:f8:08:d8:3e:
73:a5:e0:c7:1c:bd:4f:6e:b1:ad:af:7e:d2:aa:d7:49:fd:0e:
c1:ff:12:be:13:1c:f5:03:a8:5f:8f:f0:b4:14:98:45:a8:2d:
3f:37:16:29:d2:69:9e:d5:0c:4b:88:17:8c:49:70:42:05:f6:
70:74:dc:46:26:a7:7f:91:56:6f:db:eb:ad:50:fa:cf:d5:99:
62:b6:64:1a:88:16:7f:b7:21:91:d0:03:ac:b2:54:92:52:b1:
06:27:24:c0:51:cd:3e:58:81:24:d0:89:99:39:56:e8:84:f0:
a0:96:35:de
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQhQ8EUy7SNb+SG4D0hj+kQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZjQyMzYwYTM5NzBhODA4MDE2ZmRmOGQ4ZGJhMzk2YzVh
MWQwMzQwHhcNMjUwMTAxMDk0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWU0YTJmMjQ1ZGUwNjZmYzFmMmFlYzBjYzZkNjU3NzJjNDE5N2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4T3YjRDpzgEM+CW7kOhhVYRPDgW3
yvEADGKE2VmMU9tFPzqirt9Dgm/xp2ZxV4SEpqHJtifWSnUORR9BP1xpGqtdKnDV
yTC0KGIrjPGwePl/8ImlYl31jFrGMNRDM7JdPUuIYLzNM24esoxxTkgLe868l+71
t3yNDGP1JBw1Tv21V5WNo5rEHkFSHkoXqgAj/bbYoxPtYRhnOBc7i+ACLjWemTme
VQl+ou+RkthdDiosNA28TS0kKAwu45D/s2Uz6S09WaxxXshrVlWfk8wKKHaGoXoa
xMPBWAiqAoeB2bIuNSgRNLZwMpD3nSYzvMT8OpK6DTtEBFIbf5WHoJ/bFQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFF7kovJF3gZvwfKuwMxtZXcsQZflMB8GA1UdIwQY
MBaAFPH0I2CjlwqAgBb9+Njbo5bFodA0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGZRallLT1hDb0NBRnYzNDJOdWpsc1doMERRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8zMWRjYTQtMWNlOC00MzE4LTk1NmMt
ZDRmMDhiZTA1MGQ1LzEvWHVTaThrWGVCbV9COHE3QXpHMWxkeXhCbC1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8zMWRjYTQtMWNlOC00MzE4LTk1NmMtZDRmMDhiZTA1MGQ1
LzEvOGZRallLT1hDb0NBRnYzNDJOdWpsc1doMERRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAeBAIAATAYAwQBLVJqAwQA
VmjiAwQAW+trAwQCuRBYMBgEAgACMBIDBwAqA8rAAAIDBwEqA8rAAAowDQYJKoZI
hvcNAQELBQADggEBAJOki35nWun1fqU1hy2o7BK9hJ6nA6jqr7eopLUKXD0UVa2x
mr52XXbxNqUspIjQdGyowJVUJhZW2N4O4xlz+ZlaARpFJ7kWdYRZtlwPkO1OCROo
CJi3hVu8Tg0lJXdWYJOOILN5JuslL0u6k+8LlAe+EbdQ2NlCFCkFj9AreXORztgk
Wx8LHBZaebiO+AjYPnOl4MccvU9usa2vftKq10n9DsH/Er4THPUDqF+P8LQUmEWo
LT83FinSaZ7VDEuIF4xJcEIF9nB03EYmp3+RVm/b661Q+s/VmWK2ZBqIFn+3IZHQ
A6yyVJJSsQYnJMBRzT5YgSTQiZk5VuiE8KCWNd4=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:19:14 2025 by rpki-client