Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/Xa0B9m97ByYphB5XrMGxVdHZyes.roa
File: Xa0B9m97ByYphB5XrMGxVdHZyes.roa (raw, json)
Hash identifier: mXqV2/vQX57Ww79AIe2GrEvrqiY5gtML1rzRmVpsOdY=
Subject key identifier: 5D:AD:01:F6:6F:7B:07:26:29:84:1E:57:AC:C1:B1:55:D1:D9:C9:EB
Certificate issuer: /CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Certificate serial: 01942826CED3134D777CE39CA2B5FC4A1EAF
Authority key identifier: C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/Xa0B9m97ByYphB5XrMGxVdHZyes.roa
Signing time: Thu 02 Jan 2025 17:53:39 +0000
ROA not before: Thu 02 Jan 2025 17:53:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24935
IP address blocks: 37.235.92.0/24 maxlen: 24
37.235.93.0/24 maxlen: 24
46.29.122.0/24 maxlen: 24
46.29.123.0/24 maxlen: 24
94.158.182.0/24 maxlen: 24
185.161.45.0/24 maxlen: 24
185.161.47.0/24 maxlen: 24
185.252.156.0/24 maxlen: 24
185.252.158.0/24 maxlen: 24
185.252.159.0/24 maxlen: 24
194.213.30.0/24 maxlen: 24
195.74.80.0/24 maxlen: 24
2a10:5140::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:ce:d3:13:4d:77:7c:e3:9c:a2:b5:fc:4a:1e:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Validity
Not Before: Jan 2 17:53:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5dad01f66f7b072629841e57acc1b155d1d9c9eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:2f:6b:ce:a0:c6:45:6b:72:ef:6e:7e:a7:3f:
cc:87:0e:f2:5c:66:7a:de:9e:04:8a:e7:dc:8e:56:
e4:e1:e2:c9:70:58:6a:b4:70:ec:3e:4d:fd:81:e8:
58:67:ee:64:c0:9d:d6:24:bd:bf:d1:39:de:02:50:
95:5b:98:ed:4f:46:f2:3f:93:cc:31:d7:3f:69:a2:
9c:7a:20:95:5a:41:65:bd:4a:b9:1e:cb:ba:cf:89:
ed:be:f4:9b:ba:b2:1d:bc:e5:12:6d:eb:a4:cb:64:
1f:53:0e:43:26:7d:8d:a9:1f:a3:a0:be:57:c9:e5:
7b:22:23:d0:47:49:ef:36:c4:de:c1:e0:cb:8e:2f:
98:f2:62:39:c9:6a:fe:1f:b8:4b:ad:4f:98:5d:e1:
28:40:44:7c:66:ef:93:56:99:3a:82:5f:77:f2:0d:
39:60:8e:6f:d0:dc:86:bf:48:3e:46:d5:af:29:52:
38:ad:72:fc:49:a7:7a:6c:e4:ab:0e:38:6d:eb:9d:
02:c7:75:a5:8e:88:25:57:79:9d:3f:e2:a5:23:24:
36:4a:75:ea:22:a1:96:7e:af:a7:e4:29:71:66:52:
19:de:cc:f7:9d:18:48:02:94:54:6a:21:e7:4b:8e:
aa:2a:63:57:1e:18:e7:eb:67:a6:8d:32:44:1d:58:
73:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:AD:01:F6:6F:7B:07:26:29:84:1E:57:AC:C1:B1:55:D1:D9:C9:EB
X509v3 Authority Key Identifier:
keyid:C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/Xa0B9m97ByYphB5XrMGxVdHZyes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.92.0/23
46.29.122.0/23
94.158.182.0/24
185.161.45.0/24
185.161.47.0/24
185.252.156.0/24
185.252.158.0/23
194.213.30.0/24
195.74.80.0/24
IPv6:
2a10:5140::/29
Signature Algorithm: sha256WithRSAEncryption
73:85:3b:db:16:d8:07:d3:6f:aa:93:d3:5a:07:29:6c:60:e2:
b2:5f:27:ff:26:f4:6c:71:1b:2a:33:cc:16:e1:fe:6b:b2:3d:
ac:20:34:f5:fa:fa:9f:b0:8c:e1:53:28:e5:bf:b2:7f:a1:f3:
1e:11:c2:c7:40:6f:4b:b1:16:3f:72:33:73:0f:94:8d:14:04:
c6:33:bc:b9:07:bb:69:1d:93:46:bc:dc:f6:d2:99:3b:47:42:
98:59:35:ff:4b:0b:dc:b4:ad:3d:72:c3:2d:3e:60:76:37:c8:
f5:9c:21:1b:1b:71:9c:3a:dd:89:db:9c:e5:c1:81:ea:8b:c2:
fd:68:21:f6:7e:57:f5:c7:2f:43:05:01:9d:1e:e8:2b:ee:42:
04:ba:98:bd:98:b4:d9:cf:d8:07:82:91:c8:eb:c8:ff:e6:fa:
69:31:b6:a2:0f:55:b0:ea:9d:89:5a:71:cf:d0:12:72:87:70:
c9:17:29:6c:97:b3:1e:a3:a7:6b:21:df:5d:04:ab:61:50:6f:
45:9e:e5:0f:42:87:f1:87:8e:d1:85:9a:61:34:82:ef:b0:00:
32:fc:91:1f:91:15:79:c2:dd:83:96:d0:f6:ff:6e:93:68:f5:
5f:9b:0c:ff:51:29:3d:c5:9d:67:28:e3:da:fb:ae:ec:2e:6a:
4f:17:6a:2d
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZQoJs7TE013fOOcorX8Sh6vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YWNmNTlhYmQ0YWJiZmJmODMwYTA2MDIyNWE5NmEyMTc5
YTI2OTQwHhcNMjUwMTAyMTc1MzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGFkMDFmNjZmN2IwNzI2Mjk4NDFlNTdhY2MxYjE1NWQxZDljOWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArS9rzqDGRWty725+pz/Mhw7yXGZ6
3p4Eiufcjlbk4eLJcFhqtHDsPk39gehYZ+5kwJ3WJL2/0TneAlCVW5jtT0byP5PM
Mdc/aaKceiCVWkFlvUq5Hsu6z4ntvvSburIdvOUSbeuky2QfUw5DJn2NqR+joL5X
yeV7IiPQR0nvNsTeweDLji+Y8mI5yWr+H7hLrU+YXeEoQER8Zu+TVpk6gl938g05
YI5v0NyGv0g+RtWvKVI4rXL8Sad6bOSrDjht650Cx3WljoglV3mdP+KlIyQ2SnXq
IqGWfq+n5ClxZlIZ3sz3nRhIApRUaiHnS46qKmNXHhjn62emjTJEHVhziQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFF2tAfZvewcmKYQeV6zBsVXR2cnrMB8GA1UdIwQY
MBaAFMis9Zq9Srv7+DCgYCJalqIXmiaUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt
ODM4ZWJmNDEyYTYxLzEvWGEwQjltOTdCeVlwaEI1WHJNR3hWZEhaeWVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx
LzEveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQBJetcAwQB
Lh16AwQAXp62AwQAuaEtAwQAuaEvAwQAufycAwQBufyeAwQAwtUeAwQAw0pQMA0E
AgACMAcDBQMqEFFAMA0GCSqGSIb3DQEBCwUAA4IBAQBzhTvbFtgH02+qk9NaByls
YOKyXyf/JvRscRsqM8wW4f5rsj2sIDT1+vqfsIzhUyjlv7J/ofMeEcLHQG9LsRY/
cjNzD5SNFATGM7y5B7tpHZNGvNz20pk7R0KYWTX/SwvctK09csMtPmB2N8j1nCEb
G3GcOt2J25zlwYHqi8L9aCH2flf1xy9DBQGdHugr7kIEupi9mLTZz9gHgpHI68j/
5vppMbaiD1Ww6p2JWnHP0BJyh3DJFylsl7Meo6drId9dBKthUG9FnuUPQofxh47R
hZphNILvsAAy/JEfkRV5wt2DltD2/26TaPVfmwz/USk9xZ1nKOPa+67sLmpPF2ot
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:38:10 2025 by rpki-client