Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/xndVd648qzfIYbz_k35XBtaCuJg.roa
File: xndVd648qzfIYbz_k35XBtaCuJg.roa (raw, json)
Hash identifier: kAIAMsaAdB7OIPOvEUyRHPVmc80C0lGdhyT4DcQrSFU=
Subject key identifier: C6:77:55:77:AE:3C:AB:37:C8:61:BC:FF:93:7E:57:06:D6:82:B8:98
Certificate issuer: /CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Certificate serial: 01941F8C996E5A70C2C0340F1E78BF0EFDD6
Authority key identifier: B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/xndVd648qzfIYbz_k35XBtaCuJg.roa
Signing time: Wed 01 Jan 2025 01:48:15 +0000
ROA not before: Wed 01 Jan 2025 01:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209046
IP address blocks: 5.59.56.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:99:6e:5a:70:c2:c0:34:0f:1e:78:bf:0e:fd:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Validity
Not Before: Jan 1 01:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6775577ae3cab37c861bcff937e5706d682b898
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b7:90:b1:65:a6:15:9a:40:51:36:0a:73:b2:
52:87:83:1c:6b:a0:c7:45:c5:5e:39:de:80:f0:5b:
48:a9:24:9a:29:8e:cb:8a:ce:21:03:17:68:57:3f:
87:c5:f9:13:71:4b:00:fd:0f:62:27:bb:fd:c8:de:
e8:64:d1:ca:8b:cf:fa:c2:2c:0c:7f:16:54:f2:14:
87:a6:a7:90:62:b9:d9:c6:a0:4b:e3:d2:b5:af:5e:
ba:34:90:19:9c:f4:16:f8:d7:d7:d3:77:fe:f8:15:
6a:a8:79:09:3e:ed:fb:18:cb:fa:86:cd:d9:9a:0a:
d1:30:3a:29:78:f6:f7:a8:77:1b:d0:8e:6e:f5:41:
f0:57:12:fd:c4:c9:c9:ad:17:03:c2:74:0f:bb:6f:
9e:86:c1:e3:d5:8c:87:4a:d9:1d:35:52:c3:ec:86:
dd:91:f1:d3:ee:f0:67:28:3c:7b:03:25:1a:41:25:
9a:df:b6:c2:42:ef:a5:c8:27:c0:9f:b8:2a:f6:2f:
22:a0:b5:c1:e1:58:59:9c:98:ac:42:dc:fe:e5:91:
e4:70:39:97:88:27:95:a8:49:f3:d8:d6:23:69:0c:
31:63:97:d6:e6:e1:50:78:11:b7:c8:5e:1b:a9:8a:
69:b6:b7:f2:41:75:da:a8:2d:a7:fc:1c:3b:08:eb:
83:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:77:55:77:AE:3C:AB:37:C8:61:BC:FF:93:7E:57:06:D6:82:B8:98
X509v3 Authority Key Identifier:
keyid:B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/xndVd648qzfIYbz_k35XBtaCuJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.59.56.0/24
Signature Algorithm: sha256WithRSAEncryption
77:5a:08:e7:a4:77:c0:2b:7d:24:7d:19:39:fe:f9:f9:ef:37:
79:23:d7:b9:ba:9c:58:31:e3:65:f5:65:4b:ba:db:54:74:53:
3c:17:62:33:ea:2c:59:6d:2d:13:cf:f8:34:f4:fb:0e:71:c6:
ad:05:77:f1:40:91:1a:ca:38:21:fa:c7:d1:bb:27:ae:24:5f:
61:89:8f:e7:14:68:69:ff:1d:86:36:c0:8e:02:95:5b:b2:4b:
04:11:28:19:b4:c8:c5:81:5a:e7:2b:47:eb:da:a0:c8:c2:e8:
85:94:39:f4:a3:17:f4:86:c7:b6:6d:26:46:7b:61:8a:6e:03:
7e:40:61:dc:0f:e5:f3:95:81:65:ba:08:54:b4:87:42:75:fb:
22:a7:f0:9f:d9:74:bb:3b:97:54:be:a9:64:a6:97:17:03:ff:
06:df:c6:05:c7:02:7b:76:3b:49:73:78:82:84:bf:12:a3:36:
d5:60:17:16:26:5a:53:2b:61:de:b8:e8:ee:8b:d5:22:9f:8b:
63:5a:73:c7:6f:27:ee:90:43:d9:a9:c8:71:2f:a2:2d:f2:5b:
81:92:d5:e3:d9:21:88:f1:ae:e4:24:18:41:00:aa:40:0d:d9:
71:37:47:be:2f:f9:03:45:e3:ea:37:92:2a:0e:c1:dc:35:12:
b0:20:b2:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjJluWnDCwDQPHni/Dv3WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NDgxMTE5YWZlMWJmZjIyOWZhY2Q0ZWY5YzhjNjFiMGZh
YmVhZjIwHhcNMjUwMTAxMDE0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjc3NTU3N2FlM2NhYjM3Yzg2MWJjZmY5MzdlNTcwNmQ2ODJiODk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmreQsWWmFZpAUTYKc7JSh4Mca6DH
RcVeOd6A8FtIqSSaKY7Lis4hAxdoVz+HxfkTcUsA/Q9iJ7v9yN7oZNHKi8/6wiwM
fxZU8hSHpqeQYrnZxqBL49K1r166NJAZnPQW+NfX03f++BVqqHkJPu37GMv6hs3Z
mgrRMDopePb3qHcb0I5u9UHwVxL9xMnJrRcDwnQPu2+ehsHj1YyHStkdNVLD7Ibd
kfHT7vBnKDx7AyUaQSWa37bCQu+lyCfAn7gq9i8ioLXB4VhZnJisQtz+5ZHkcDmX
iCeVqEnz2NYjaQwxY5fW5uFQeBG3yF4bqYpptrfyQXXaqC2n/Bw7COuDSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMZ3VXeuPKs3yGG8/5N+VwbWgriYMB8GA1UdIwQY
MBaAFLlIERmv4b/yKfrNTvnIxhsPq+ryMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAt
OWI5YmNlMTVlMGM2LzEveG5kVmQ2NDhxemZJWWJ6X2szNVhCdGFDdUpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAtOWI5YmNlMTVlMGM2
LzEvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABTs4MA0G
CSqGSIb3DQEBCwUAA4IBAQB3WgjnpHfAK30kfRk5/vn57zd5I9e5upxYMeNl9WVL
uttUdFM8F2Iz6ixZbS0Tz/g09PsOccatBXfxQJEayjgh+sfRuyeuJF9hiY/nFGhp
/x2GNsCOApVbsksEESgZtMjFgVrnK0fr2qDIwuiFlDn0oxf0hse2bSZGe2GKbgN+
QGHcD+XzlYFlughUtIdCdfsip/Cf2XS7O5dUvqlkppcXA/8G38YFxwJ7djtJc3iC
hL8SozbVYBcWJlpTK2HeuOjui9Uin4tjWnPHbyfukEPZqchxL6It8luBktXj2SGI
8a7kJBhBAKpADdlxN0e+L/kDRePqN5IqDsHcNRKwILI+
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:35:51 2025 by rpki-client