Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/d4f83d-fb53-424f-851d-c0d062a75354/1/xXGe4wyq05lrsF2tc38x8ySFe-g.roa
File: xXGe4wyq05lrsF2tc38x8ySFe-g.roa (raw, json)
Hash identifier: ILPVEPIY9D2xyNF63XsnQpEMnM3xKobt0LuSW1aSmX4=
Subject key identifier: C5:71:9E:E3:0C:AA:D3:99:6B:B0:5D:AD:73:7F:31:F3:24:85:7B:E8
Certificate issuer: /CN=e52d8b5cba7c2d2b8af046eb7f310105ac0c09ac
Certificate serial: 019426D986183924C843B411529534E54CCB
Authority key identifier: E5:2D:8B:5C:BA:7C:2D:2B:8A:F0:46:EB:7F:31:01:05:AC:0C:09:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5S2LXLp8LSuK8EbrfzEBBawMCaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/d4f83d-fb53-424f-851d-c0d062a75354/1/xXGe4wyq05lrsF2tc38x8ySFe-g.roa
Signing time: Thu 02 Jan 2025 11:49:37 +0000
ROA not before: Thu 02 Jan 2025 11:49:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42442
IP address blocks: 185.19.172.0/22 maxlen: 24
2a00:4720::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:86:18:39:24:c8:43:b4:11:52:95:34:e5:4c:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e52d8b5cba7c2d2b8af046eb7f310105ac0c09ac
Validity
Not Before: Jan 2 11:49:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5719ee30caad3996bb05dad737f31f324857be8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:6e:6e:f7:68:88:30:42:3d:53:58:ef:2e:68:
ec:bf:fb:88:52:d1:f8:ee:26:2e:c3:05:fc:f0:94:
36:f9:2f:d9:12:de:b9:8c:e4:13:94:6a:0b:08:86:
72:2e:ab:72:69:5d:66:b4:25:ae:68:15:16:0f:75:
7c:28:7d:ca:48:ed:87:9a:5f:06:81:3d:28:4c:34:
a2:83:94:38:00:75:21:5e:98:ba:e8:c3:5d:cf:c2:
ed:1c:37:0d:01:78:cb:bb:42:c6:f6:a9:f0:7a:10:
41:d1:39:e5:dc:10:ff:55:7a:a1:66:d5:8c:d7:1d:
20:86:df:c2:aa:4e:d0:59:84:64:28:a2:b9:12:46:
15:09:2d:39:e1:ac:55:5e:d5:6d:b4:7d:37:76:5c:
46:ca:e7:1f:c7:9c:e6:53:77:72:4c:35:88:e3:57:
19:6e:b0:cb:8d:f4:71:c1:08:97:18:87:0d:77:ab:
b0:4e:50:4e:31:72:54:4d:d2:45:f7:d9:71:d6:02:
41:bc:ff:06:de:ab:e5:f4:89:e3:b8:1b:5d:c7:d0:
65:03:be:f4:28:f0:ad:52:ae:40:64:d6:f8:36:88:
35:f3:2c:df:4f:1f:aa:24:05:54:5c:96:62:f8:b3:
6b:a1:74:32:1d:e6:f5:7e:8c:ad:f1:1c:7f:5b:64:
7e:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:71:9E:E3:0C:AA:D3:99:6B:B0:5D:AD:73:7F:31:F3:24:85:7B:E8
X509v3 Authority Key Identifier:
keyid:E5:2D:8B:5C:BA:7C:2D:2B:8A:F0:46:EB:7F:31:01:05:AC:0C:09:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5S2LXLp8LSuK8EbrfzEBBawMCaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/d4f83d-fb53-424f-851d-c0d062a75354/1/xXGe4wyq05lrsF2tc38x8ySFe-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/d4f83d-fb53-424f-851d-c0d062a75354/1/5S2LXLp8LSuK8EbrfzEBBawMCaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.19.172.0/22
IPv6:
2a00:4720::/32
Signature Algorithm: sha256WithRSAEncryption
09:57:51:36:b5:a4:c3:e2:fa:00:03:9a:98:0e:58:0b:c0:a7:
4f:21:28:b5:a6:29:ca:7c:ce:86:33:09:39:b7:0c:89:e6:9c:
ec:c6:95:36:a2:d7:9a:23:72:1d:87:33:5b:95:fe:32:ac:f6:
5c:51:f1:0c:12:38:5d:7f:59:df:11:26:b2:0b:aa:5d:23:5f:
b5:09:b4:c3:69:72:ea:96:e0:16:1e:6b:48:5e:54:9e:cf:90:
67:f9:6d:7d:c1:20:a5:2f:9e:32:0e:a3:a6:3e:24:16:ed:4c:
ff:8a:86:7c:bf:e2:0d:0c:ac:4a:09:fc:ca:4e:d0:49:c4:13:
cc:39:c7:fa:4f:b9:51:b9:a0:17:a3:81:a9:31:ab:48:d7:a6:
a5:69:f4:8f:fe:e9:e8:42:78:c0:04:17:40:e0:15:45:8e:13:
7b:c5:db:86:da:2c:d6:37:89:4f:ea:22:0d:29:8c:68:da:8c:
3a:75:b6:3d:ee:31:98:c1:a6:6a:c3:7b:35:de:41:22:ed:28:
af:5c:ac:36:40:70:fa:e7:1d:9e:9e:22:57:88:a5:81:ce:26:
74:e2:c9:04:e5:5d:3f:12:46:20:0d:70:bb:70:fc:3b:64:0f:
23:34:63:41:c1:1c:35:bd:48:ac:77:b0:d6:7a:35:99:04:f2:
7b:b2:6d:b0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQm2YYYOSTIQ7QRUpU05UzLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MmQ4YjVjYmE3YzJkMmI4YWYwNDZlYjdmMzEwMTA1YWMw
YzA5YWMwHhcNMjUwMTAyMTE0OTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTcxOWVlMzBjYWFkMzk5NmJiMDVkYWQ3MzdmMzFmMzI0ODU3YmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtW5u92iIMEI9U1jvLmjsv/uIUtH4
7iYuwwX88JQ2+S/ZEt65jOQTlGoLCIZyLqtyaV1mtCWuaBUWD3V8KH3KSO2Hml8G
gT0oTDSig5Q4AHUhXpi66MNdz8LtHDcNAXjLu0LG9qnwehBB0Tnl3BD/VXqhZtWM
1x0ght/Cqk7QWYRkKKK5EkYVCS054axVXtVttH03dlxGyucfx5zmU3dyTDWI41cZ
brDLjfRxwQiXGIcNd6uwTlBOMXJUTdJF99lx1gJBvP8G3qvl9InjuBtdx9BlA770
KPCtUq5AZNb4Nog18yzfTx+qJAVUXJZi+LNroXQyHeb1foyt8Rx/W2R+dQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMVxnuMMqtOZa7BdrXN/MfMkhXvoMB8GA1UdIwQY
MBaAFOUti1y6fC0rivBG638xAQWsDAmsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVMyTFhMcDhMU3VLOEVicmZ6RUJCYXdNQ2F3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9kNGY4M2QtZmI1My00MjRmLTg1MWQt
YzBkMDYyYTc1MzU0LzEveFhHZTR3eXEwNWxyc0YydGMzOHg4eVNGZS1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9kNGY4M2QtZmI1My00MjRmLTg1MWQtYzBkMDYyYTc1MzU0
LzEvNVMyTFhMcDhMU3VLOEVicmZ6RUJCYXdNQ2F3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuROsMA0E
AgACMAcDBQAqAEcgMA0GCSqGSIb3DQEBCwUAA4IBAQAJV1E2taTD4voAA5qYDlgL
wKdPISi1pinKfM6GMwk5twyJ5pzsxpU2oteaI3IdhzNblf4yrPZcUfEMEjhdf1nf
ESayC6pdI1+1CbTDaXLqluAWHmtIXlSez5Bn+W19wSClL54yDqOmPiQW7Uz/ioZ8
v+INDKxKCfzKTtBJxBPMOcf6T7lRuaAXo4GpMatI16alafSP/unoQnjABBdA4BVF
jhN7xduG2izWN4lP6iINKYxo2ow6dbY97jGYwaZqw3s13kEi7SivXKw2QHD65x2e
niJXiKWBziZ04skE5V0/EkYgDXC7cPw7ZA8jNGNBwRw1vUisd7DWejWZBPJ7sm2w
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:11:33 2025 by rpki-client