Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/SHXTlexCU640W6zbYxhCmQn8Cw4.roa
File: SHXTlexCU640W6zbYxhCmQn8Cw4.roa (raw, json)
Hash identifier: k2ku6jDV9cI0tnwN43DyJg87QMwSJe7N2AG8yOiDsPE=
Subject key identifier: 48:75:D3:95:EC:42:53:AE:34:5B:AC:DB:63:18:42:99:09:FC:0B:0E
Certificate issuer: /CN=4ad17171aea8576c431c637418691c9c1f557516
Certificate serial: 019420D662D95DDA3F030E926193E1F42900
Authority key identifier: 4A:D1:71:71:AE:A8:57:6C:43:1C:63:74:18:69:1C:9C:1F:55:75:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/SHXTlexCU640W6zbYxhCmQn8Cw4.roa
Signing time: Wed 01 Jan 2025 07:48:28 +0000
ROA not before: Wed 01 Jan 2025 07:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212409
IP address blocks: 213.232.200.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:62:d9:5d:da:3f:03:0e:92:61:93:e1:f4:29:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ad17171aea8576c431c637418691c9c1f557516
Validity
Not Before: Jan 1 07:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4875d395ec4253ae345bacdb6318429909fc0b0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:42:56:bc:27:fa:55:a0:17:c0:8f:b7:97:15:
b0:dc:e0:84:a2:36:bb:c9:c9:c4:98:a0:44:dd:d7:
38:98:f9:57:d2:a7:cb:bc:c2:d7:98:a2:9c:12:20:
eb:45:dc:3d:2a:51:4e:e3:9e:50:fe:fe:1d:f5:e1:
75:86:ab:cb:25:42:9a:25:67:74:fd:57:77:e6:2d:
4e:0b:e9:2d:d0:6a:67:23:b3:8f:64:62:a2:b3:23:
df:5b:1f:b4:e8:1f:de:0c:8a:00:e1:32:50:e3:b0:
db:56:5b:ae:be:ed:05:72:0a:db:d2:63:ed:19:f9:
b9:a1:61:90:b2:d2:a9:a9:4d:6a:4a:e8:5e:29:1b:
79:eb:02:34:10:ec:0d:ea:ce:9e:e9:11:d3:b4:bc:
78:6c:d8:01:f5:0c:c4:da:50:94:3a:4c:81:04:af:
a0:51:f0:91:ad:c6:c0:d7:21:d6:0b:be:94:8f:02:
82:e9:1c:2d:28:8c:04:d1:e2:99:ed:ae:52:54:5d:
f0:43:e0:71:b6:12:65:38:a6:48:89:2b:bf:3a:64:
62:9f:0b:60:4e:73:4d:a0:0c:a7:f2:50:1a:78:75:
ec:38:43:bc:79:97:0d:f3:04:0a:46:c3:14:fd:97:
0c:90:19:11:69:7a:44:a0:f4:ca:d4:40:16:cf:0e:
3e:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:75:D3:95:EC:42:53:AE:34:5B:AC:DB:63:18:42:99:09:FC:0B:0E
X509v3 Authority Key Identifier:
keyid:4A:D1:71:71:AE:A8:57:6C:43:1C:63:74:18:69:1C:9C:1F:55:75:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/SHXTlexCU640W6zbYxhCmQn8Cw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.232.200.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:4b:d7:e0:df:51:12:f3:f6:1a:45:8b:fb:34:13:80:28:f9:
fa:83:fb:83:40:f1:c6:1c:b0:b7:4f:cd:b6:fa:f0:0f:93:26:
67:7e:3f:42:1e:9c:04:c2:86:cb:6d:47:ae:b8:43:67:4b:95:
e2:6e:83:7d:47:4f:d1:34:1f:8f:ac:80:15:a3:f1:91:16:01:
83:05:4a:63:e0:03:d6:1b:f2:90:86:94:ed:15:c9:d9:50:27:
96:37:10:fb:ed:91:6c:9d:01:24:d8:47:0e:25:17:60:af:a0:
37:f1:b0:93:77:9a:eb:bc:f4:e6:f7:35:68:ef:ea:81:b8:6f:
d7:51:d8:5d:8b:ab:95:4d:71:7d:22:1b:09:3b:63:73:ea:1e:
28:ac:5e:f2:c0:e9:d0:8e:a5:ac:77:b6:7c:73:c3:5c:89:4a:
c9:65:2a:c5:8f:12:d7:64:22:9a:7c:45:aa:e3:62:e3:d1:63:
dd:ea:f9:93:8f:14:24:7e:31:ba:86:d3:39:c9:84:55:44:20:
d0:c5:c2:57:09:2e:03:19:97:77:04:76:ae:40:8d:86:31:48:
63:20:ff:a5:30:e3:fe:18:90:60:80:17:9d:ef:5b:28:ad:8d:
3a:9e:72:ff:7a:f8:28:b9:fe:41:9c:f3:fd:8b:54:db:ce:26:
f9:75:c5:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1mLZXdo/Aw6SYZPh9CkAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZDE3MTcxYWVhODU3NmM0MzFjNjM3NDE4NjkxYzljMWY1
NTc1MTYwHhcNMjUwMTAxMDc0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODc1ZDM5NWVjNDI1M2FlMzQ1YmFjZGI2MzE4NDI5OTA5ZmMwYjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokJWvCf6VaAXwI+3lxWw3OCEoja7
ycnEmKBE3dc4mPlX0qfLvMLXmKKcEiDrRdw9KlFO455Q/v4d9eF1hqvLJUKaJWd0
/Vd35i1OC+kt0GpnI7OPZGKisyPfWx+06B/eDIoA4TJQ47DbVluuvu0Fcgrb0mPt
Gfm5oWGQstKpqU1qSuheKRt56wI0EOwN6s6e6RHTtLx4bNgB9QzE2lCUOkyBBK+g
UfCRrcbA1yHWC76UjwKC6RwtKIwE0eKZ7a5SVF3wQ+BxthJlOKZIiSu/OmRinwtg
TnNNoAyn8lAaeHXsOEO8eZcN8wQKRsMU/ZcMkBkRaXpEoPTK1EAWzw4+4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEh105XsQlOuNFus22MYQpkJ/AsOMB8GA1UdIwQY
MBaAFErRcXGuqFdsQxxjdBhpHJwfVXUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81YTNjZDEtODEwOS00YzY2LTgzMjQt
NDgyOGQ2NTEwNGUxLzEvU0hYVGxleENVNjQwVzZ6Yll4aENtUW44Q3c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81YTNjZDEtODEwOS00YzY2LTgzMjQtNDgyOGQ2NTEwNGUx
LzEvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1ejIMA0G
CSqGSIb3DQEBCwUAA4IBAQCaS9fg31ES8/YaRYv7NBOAKPn6g/uDQPHGHLC3T822
+vAPkyZnfj9CHpwEwobLbUeuuENnS5XiboN9R0/RNB+PrIAVo/GRFgGDBUpj4APW
G/KQhpTtFcnZUCeWNxD77ZFsnQEk2EcOJRdgr6A38bCTd5rrvPTm9zVo7+qBuG/X
Udhdi6uVTXF9IhsJO2Nz6h4orF7ywOnQjqWsd7Z8c8NciUrJZSrFjxLXZCKafEWq
42Lj0WPd6vmTjxQkfjG6htM5yYRVRCDQxcJXCS4DGZd3BHauQI2GMUhjIP+lMOP+
GJBggBed71sorY06nnL/evgouf5BnPP9i1Tbzib5dcUx
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:42:30 2025 by rpki-client