Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/XljC5T-tfn8kyp8IckkuxduArlE.roa
File: XljC5T-tfn8kyp8IckkuxduArlE.roa (raw, json)
Hash identifier: GpetnE8RGdPeAs90fgd9VHf6P54N2jU+6iw/T8HuxAQ=
Subject key identifier: 5E:58:C2:E5:3F:AD:7E:7F:24:CA:9F:08:72:49:2E:C5:DB:80:AE:51
Certificate issuer: /CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Certificate serial: 019427B661AE77CFA91BD17D292AA66533CF
Authority key identifier: F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/XljC5T-tfn8kyp8IckkuxduArlE.roa
Signing time: Thu 02 Jan 2025 15:50:51 +0000
ROA not before: Thu 02 Jan 2025 15:50:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20880
IP address blocks: 62.117.0.0/19 maxlen: 20
62.117.0.0/20 maxlen: 24
62.117.0.128/26 maxlen: 26
62.117.0.192/28 maxlen: 28
62.117.16.0/20 maxlen: 20
82.119.0.0/19 maxlen: 19
82.119.0.0/20 maxlen: 20
82.119.16.0/20 maxlen: 20
86.56.0.0/17 maxlen: 17
86.56.0.0/18 maxlen: 18
86.56.64.0/18 maxlen: 18
89.16.128.0/19 maxlen: 19
89.16.128.0/20 maxlen: 20
89.16.144.0/20 maxlen: 20
158.181.64.0/19 maxlen: 19
158.181.64.0/20 maxlen: 20
158.181.68.0/22 maxlen: 22
158.181.72.0/22 maxlen: 22
158.181.76.0/22 maxlen: 22
158.181.80.0/20 maxlen: 20
158.181.80.0/22 maxlen: 22
185.9.224.0/22 maxlen: 22
2a02:2450::/29 maxlen: 29
2a02:2450::/32 maxlen: 32
2a02:2454::/33 maxlen: 33
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:61:ae:77:cf:a9:1b:d1:7d:29:2a:a6:65:33:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Validity
Not Before: Jan 2 15:50:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e58c2e53fad7e7f24ca9f0872492ec5db80ae51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:06:eb:c2:62:96:91:74:b4:47:8d:89:2b:0f:
92:b9:be:3f:ca:59:c3:04:24:7c:ca:7f:00:9b:44:
96:78:f4:7a:dc:b1:77:c3:7d:3f:3e:29:91:cc:43:
b9:b0:70:64:fe:ef:b4:e6:40:92:61:16:21:42:d6:
43:66:0a:53:18:b7:d9:39:26:e3:4b:55:47:d0:00:
97:d6:2c:d9:93:a4:3c:57:9f:6a:32:3a:d6:c2:b6:
e0:ba:b7:07:a7:cb:7b:fb:88:ff:fb:d6:df:45:4b:
3f:26:e4:6e:eb:99:3e:d8:42:4c:d9:1f:89:d1:04:
76:20:7f:b4:80:7c:f9:83:6f:c9:a3:42:4e:90:81:
da:4f:78:85:4d:ae:9c:58:39:c8:ea:0b:50:fa:b3:
1e:14:7c:51:19:d5:7b:82:6d:7e:30:95:07:0e:0a:
92:69:99:52:70:3c:25:bc:5e:73:7c:bc:16:c5:49:
14:ed:48:34:f5:79:f5:1c:10:fb:ae:45:78:49:29:
11:c3:af:64:97:85:bc:ba:db:38:b2:0d:7c:aa:a4:
ca:20:2a:e0:d9:6f:d8:84:d0:9a:75:27:5f:ed:b7:
ac:4a:fa:80:1a:19:40:b6:20:30:1e:a8:74:4f:55:
91:65:ee:3d:80:35:e9:ec:ae:ce:a3:73:9b:fd:39:
cc:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:58:C2:E5:3F:AD:7E:7F:24:CA:9F:08:72:49:2E:C5:DB:80:AE:51
X509v3 Authority Key Identifier:
keyid:F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/XljC5T-tfn8kyp8IckkuxduArlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.117.0.0/19
82.119.0.0/19
86.56.0.0/17
89.16.128.0/19
158.181.64.0/19
185.9.224.0/22
IPv6:
2a02:2450::/29
Signature Algorithm: sha256WithRSAEncryption
9a:a2:5e:ad:e5:e4:c2:09:74:a9:ce:80:34:5b:f9:5c:cc:11:
ea:1b:f1:63:30:2e:bd:b9:6d:0a:c9:a5:ef:18:1b:69:3a:c0:
2c:33:ef:c0:c1:7f:cb:64:38:c0:fe:10:24:37:41:ba:f4:2a:
1d:b0:19:db:db:66:d2:06:63:56:cf:44:0a:ed:6b:a9:a9:66:
8f:89:ec:6f:6b:69:72:a7:bc:4e:e6:6f:b6:21:57:73:a8:be:
74:7f:e8:d6:dc:65:74:02:7a:5b:8a:62:c6:fa:51:35:e4:ff:
40:d7:77:ea:6d:97:06:26:c0:b9:46:83:ba:73:d2:84:c5:42:
10:46:06:7b:6c:8b:bc:ab:3f:fb:20:bf:55:3b:b2:6f:7a:1b:
e6:3b:f0:aa:8a:ca:54:bf:ed:f5:67:5d:71:67:3d:d1:cf:dd:
ed:c5:f7:91:14:32:80:12:50:a9:42:e5:55:b6:8f:b9:25:98:
ef:9d:93:0f:a0:fb:ba:e3:b1:32:26:ff:7e:a1:a3:6e:61:9d:
35:e7:ed:db:60:cb:1f:84:9a:02:15:ce:87:71:3a:c5:a7:38:
0b:a4:9f:06:67:b6:be:24:27:4f:71:a6:1b:32:47:02:cd:bc:
b7:23:b1:29:85:5f:5e:c2:f5:db:cc:d4:93:9c:61:84:31:3d:
8e:e4:23:85
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQntmGud8+pG9F9KSqmZTPPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2OWE1M2RkODYzNTJkMzQ0MGYyMjJiZGY5MDdjZjA5
YzJkYmEwHhcNMjUwMTAyMTU1MDUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTU4YzJlNTNmYWQ3ZTdmMjRjYTlmMDg3MjQ5MmVjNWRiODBhZTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQbrwmKWkXS0R42JKw+Sub4/ylnD
BCR8yn8Am0SWePR63LF3w30/PimRzEO5sHBk/u+05kCSYRYhQtZDZgpTGLfZOSbj
S1VH0ACX1izZk6Q8V59qMjrWwrbgurcHp8t7+4j/+9bfRUs/JuRu65k+2EJM2R+J
0QR2IH+0gHz5g2/Jo0JOkIHaT3iFTa6cWDnI6gtQ+rMeFHxRGdV7gm1+MJUHDgqS
aZlScDwlvF5zfLwWxUkU7Ug09Xn1HBD7rkV4SSkRw69kl4W8uts4sg18qqTKICrg
2W/YhNCadSdf7besSvqAGhlAtiAwHqh0T1WRZe49gDXp7K7Oo3Ob/TnMVQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFF5YwuU/rX5/JMqfCHJJLsXbgK5RMB8GA1UdIwQY
MBaAFPS3aaU92GNS00QPIivfkHzwnC26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMt
ZDdjMzZjMjdjMDg3LzEvWGxqQzVULXRmbjhreXA4SWNra3V4ZHVBcmxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMtZDdjMzZjMjdjMDg3
LzEvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFPnUAAwQF
UncAAwQHVjgAAwQFWRCAAwQFnrVAAwQCuQngMA0EAgACMAcDBQMqAiRQMA0GCSqG
SIb3DQEBCwUAA4IBAQCaol6t5eTCCXSpzoA0W/lczBHqG/FjMC69uW0KyaXvGBtp
OsAsM+/AwX/LZDjA/hAkN0G69CodsBnb22bSBmNWz0QK7WupqWaPiexva2lyp7xO
5m+2IVdzqL50f+jW3GV0AnpbimLG+lE15P9A13fqbZcGJsC5RoO6c9KExUIQRgZ7
bIu8qz/7IL9VO7JvehvmO/CqispUv+31Z11xZz3Rz93txfeRFDKAElCpQuVVto+5
JZjvnZMPoPu647EyJv9+oaNuYZ015+3bYMsfhJoCFc6HcTrFpzgLpJ8GZ7a+JCdP
caYbMkcCzby3I7EphV9ewvXbzNSTnGGEMT2O5COF
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:01:27 2025 by rpki-client