Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/f41e52-0f25-4cc0-ac87-352cd296ebb8/1/XHu_MLGiiIwtync8aurFr7T_kLw.roa
File: XHu_MLGiiIwtync8aurFr7T_kLw.roa (raw, json)
Hash identifier: GNnYK051qhc0CaVwirSGryQmdmLkk49r5lW5NyG95ao=
Subject key identifier: 5C:7B:BF:30:B1:A2:88:8C:2D:CA:77:3C:6A:EA:C5:AF:B4:FF:90:BC
Certificate issuer: /CN=3831e5d98ceee34d783a51cccb6ee4dc4ee43793
Certificate serial: 019420D60573577A833E10EB68D4CBF24EC0
Authority key identifier: 38:31:E5:D9:8C:EE:E3:4D:78:3A:51:CC:CB:6E:E4:DC:4E:E4:37:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ODHl2Yzu4014OlHMy27k3E7kN5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/f41e52-0f25-4cc0-ac87-352cd296ebb8/1/XHu_MLGiiIwtync8aurFr7T_kLw.roa
Signing time: Wed 01 Jan 2025 07:48:04 +0000
ROA not before: Wed 01 Jan 2025 07:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 134743
IP address blocks: 192.145.72.0/22 maxlen: 24
192.145.74.0/23 maxlen: 23
2a09:7080::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:05:73:57:7a:83:3e:10:eb:68:d4:cb:f2:4e:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3831e5d98ceee34d783a51cccb6ee4dc4ee43793
Validity
Not Before: Jan 1 07:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c7bbf30b1a2888c2dca773c6aeac5afb4ff90bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1e:26:94:a0:78:ed:ce:8f:19:4c:97:dd:be:
6b:8f:24:42:87:30:58:79:20:96:fe:d7:9a:cf:87:
7c:dc:26:24:36:04:75:b3:24:3c:4e:40:14:42:ad:
e9:88:76:77:a8:e7:cf:77:7a:dc:7a:91:9d:10:bb:
b1:57:dd:5e:34:dc:c0:fd:20:54:ad:f4:59:59:f6:
ec:cb:09:6e:3e:8f:d1:81:8d:fe:dc:ac:ab:74:c4:
90:ed:98:88:31:2d:0f:8b:bf:d1:93:db:32:51:0d:
98:d4:8a:09:51:68:ac:f7:5d:a1:c3:6c:9a:36:6a:
b7:50:d4:b2:b0:57:52:f9:c6:98:fd:55:6d:d0:01:
f4:34:2b:86:90:5a:0b:ff:f7:53:31:29:11:31:9b:
56:54:86:dc:5b:46:d6:a0:44:e8:07:bd:a5:78:1c:
93:6a:8d:ae:c3:61:5c:1e:07:35:11:e5:ca:05:ce:
22:5c:f8:02:02:fc:ed:da:79:a6:c5:0c:f2:f1:3c:
e4:d6:65:0a:a8:75:0d:63:18:4e:85:6a:f1:1c:c6:
49:5a:5f:00:f1:a7:d8:b9:a0:65:60:44:2c:90:8e:
2b:4f:36:5a:36:ae:69:3e:a2:00:9a:c3:72:c9:03:
a5:d8:ea:de:a7:f7:e0:8c:60:e6:a5:e0:7d:b0:7a:
02:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:7B:BF:30:B1:A2:88:8C:2D:CA:77:3C:6A:EA:C5:AF:B4:FF:90:BC
X509v3 Authority Key Identifier:
keyid:38:31:E5:D9:8C:EE:E3:4D:78:3A:51:CC:CB:6E:E4:DC:4E:E4:37:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ODHl2Yzu4014OlHMy27k3E7kN5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/f41e52-0f25-4cc0-ac87-352cd296ebb8/1/XHu_MLGiiIwtync8aurFr7T_kLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/f41e52-0f25-4cc0-ac87-352cd296ebb8/1/ODHl2Yzu4014OlHMy27k3E7kN5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.72.0/22
IPv6:
2a09:7080::/29
Signature Algorithm: sha256WithRSAEncryption
a1:45:c7:01:d9:b4:b8:b9:ad:0e:ec:01:b1:77:10:07:27:75:
9c:a8:ec:99:82:dd:ce:4e:3d:a4:5d:81:b2:69:50:e1:89:ba:
43:bb:7c:60:55:28:33:ec:db:58:16:ab:c4:e2:53:64:a1:d5:
9d:18:b5:a4:3e:ac:b7:45:1e:b7:13:48:6e:62:0f:ce:e8:fb:
07:06:00:04:9b:a0:9a:58:1d:28:47:ae:90:43:23:3b:9b:41:
53:2e:55:95:55:eb:96:be:4d:5b:c7:b7:3e:be:05:50:b6:42:
a3:01:d0:04:97:f1:7f:21:9e:32:0a:fd:53:06:3b:1a:3d:fe:
67:6c:52:df:1f:83:17:d2:9f:eb:a2:11:38:77:40:7f:02:9e:
3d:a2:e3:ca:87:b6:ed:7b:7d:d4:e2:9f:75:6b:db:81:a3:f6:
7f:e3:09:99:8f:ea:a8:52:1d:4d:c4:f7:fd:d5:25:08:23:e1:
84:5e:43:05:f0:86:43:c2:e5:f7:8b:31:3e:df:07:0a:48:e0:
cd:37:12:69:ae:98:bc:fd:75:6b:98:62:d0:d3:3e:2d:f5:6d:
ee:17:a5:75:64:55:c8:85:fb:af:f4:6a:ff:82:81:e7:1a:60:
db:13:5d:69:80:61:a7:fc:1b:b0:7d:ef:cd:91:e0:50:25:4e:
f2:b4:2e:8e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQg1gVzV3qDPhDraNTL8k7AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MzFlNWQ5OGNlZWUzNGQ3ODNhNTFjY2NiNmVlNGRjNGVl
NDM3OTMwHhcNMjUwMTAxMDc0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzdiYmYzMGIxYTI4ODhjMmRjYTc3M2M2YWVhYzVhZmI0ZmY5MGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqx4mlKB47c6PGUyX3b5rjyRChzBY
eSCW/teaz4d83CYkNgR1syQ8TkAUQq3piHZ3qOfPd3rcepGdELuxV91eNNzA/SBU
rfRZWfbsywluPo/RgY3+3KyrdMSQ7ZiIMS0Pi7/Rk9syUQ2Y1IoJUWis912hw2ya
Nmq3UNSysFdS+caY/VVt0AH0NCuGkFoL//dTMSkRMZtWVIbcW0bWoEToB72leByT
ao2uw2FcHgc1EeXKBc4iXPgCAvzt2nmmxQzy8Tzk1mUKqHUNYxhOhWrxHMZJWl8A
8afYuaBlYEQskI4rTzZaNq5pPqIAmsNyyQOl2Orep/fgjGDmpeB9sHoCGQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFx7vzCxooiMLcp3PGrqxa+0/5C8MB8GA1UdIwQY
MBaAFDgx5dmM7uNNeDpRzMtu5NxO5DeTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0RIbDJZenU0MDE0T2xITXkyN2szRTdrTjVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9mNDFlNTItMGYyNS00Y2MwLWFjODct
MzUyY2QyOTZlYmI4LzEvWEh1X01MR2lpSXd0eW5jOGF1ckZyN1Rfa0x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9mNDFlNTItMGYyNS00Y2MwLWFjODctMzUyY2QyOTZlYmI4
LzEvT0RIbDJZenU0MDE0T2xITXkyN2szRTdrTjVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwJFIMA0E
AgACMAcDBQMqCXCAMA0GCSqGSIb3DQEBCwUAA4IBAQChRccB2bS4ua0O7AGxdxAH
J3WcqOyZgt3OTj2kXYGyaVDhibpDu3xgVSgz7NtYFqvE4lNkodWdGLWkPqy3RR63
E0huYg/O6PsHBgAEm6CaWB0oR66QQyM7m0FTLlWVVeuWvk1bx7c+vgVQtkKjAdAE
l/F/IZ4yCv1TBjsaPf5nbFLfH4MX0p/rohE4d0B/Ap49ouPKh7bte33U4p91a9uB
o/Z/4wmZj+qoUh1NxPf91SUII+GEXkMF8IZDwuX3izE+3wcKSODNNxJprpi8/XVr
mGLQ0z4t9W3uF6V1ZFXIhfuv9Gr/goHnGmDbE11pgGGn/Buwfe/NkeBQJU7ytC6O
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:51:59 2025 by rpki-client