Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/1a0c6a-1a5e-424b-9a69-995531862419/1/Xhs8fAc0SGAyN4KDD0cOKWAqtow.roa
File: Xhs8fAc0SGAyN4KDD0cOKWAqtow.roa (raw, json)
Hash identifier: 0rR/+YP0FGlnVR+donPj6Q3O2XueDV+VyXKsGyjN1KU=
Subject key identifier: 5E:1B:3C:7C:07:34:48:60:32:37:82:83:0F:47:0E:29:60:2A:B6:8C
Certificate issuer: /CN=24295ce712473d0e3e6daa777db8906f8001df70
Certificate serial: 019424B3FF31401F8CFC5096EE6CDC38B9C3
Authority key identifier: 24:29:5C:E7:12:47:3D:0E:3E:6D:AA:77:7D:B8:90:6F:80:01:DF:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JClc5xJHPQ4-bap3fbiQb4AB33A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/1a0c6a-1a5e-424b-9a69-995531862419/1/Xhs8fAc0SGAyN4KDD0cOKWAqtow.roa
Signing time: Thu 02 Jan 2025 01:49:23 +0000
ROA not before: Thu 02 Jan 2025 01:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42422
IP address blocks: 176.102.64.0/22 maxlen: 24
176.102.64.0/24 maxlen: 24
176.102.65.0/24 maxlen: 24
176.102.66.0/24 maxlen: 24
176.102.67.0/24 maxlen: 24
2a07:dbc0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:ff:31:40:1f:8c:fc:50:96:ee:6c:dc:38:b9:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24295ce712473d0e3e6daa777db8906f8001df70
Validity
Not Before: Jan 2 01:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e1b3c7c07344860323782830f470e29602ab68c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c6:51:30:18:d3:a9:41:2c:c2:d2:e6:57:f9:
56:d8:2d:3a:bc:91:6b:75:d0:ac:20:3d:e8:a5:a0:
65:98:60:1f:71:71:37:96:87:a4:5d:f0:c2:c8:92:
89:f1:27:16:2e:5a:e6:f0:80:c7:90:92:b1:d6:a3:
28:47:b1:9f:f8:cd:c2:dd:73:66:3e:09:86:91:07:
0d:e8:78:80:4c:83:0a:6d:98:b7:47:5a:86:3c:5e:
7f:8d:00:56:22:01:18:be:a3:49:b0:e2:c0:50:2c:
96:a4:59:e4:5e:44:09:4f:11:a2:34:43:4e:34:54:
c2:93:1b:d2:59:80:bd:11:43:e1:65:77:97:ed:1d:
ad:a7:0d:a8:00:fe:69:82:94:92:7c:e7:e2:20:7a:
e7:de:bb:79:75:b5:d5:15:90:a5:55:3b:ff:97:1e:
ce:54:93:81:9c:39:56:59:37:b7:1e:41:ed:45:0b:
f8:8e:95:66:36:fc:83:96:8a:7a:8b:37:ce:78:b7:
f2:2e:4f:d3:54:48:68:02:6e:91:62:b8:8e:da:4c:
61:2a:ee:b1:d5:a7:b7:3a:bc:ee:fd:1c:48:ac:e7:
62:9d:74:62:eb:a1:3f:b6:e9:65:10:78:72:40:07:
94:14:e6:27:ec:97:92:50:e7:38:e4:fe:f5:7c:db:
19:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:1B:3C:7C:07:34:48:60:32:37:82:83:0F:47:0E:29:60:2A:B6:8C
X509v3 Authority Key Identifier:
keyid:24:29:5C:E7:12:47:3D:0E:3E:6D:AA:77:7D:B8:90:6F:80:01:DF:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JClc5xJHPQ4-bap3fbiQb4AB33A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/1a0c6a-1a5e-424b-9a69-995531862419/1/Xhs8fAc0SGAyN4KDD0cOKWAqtow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/1a0c6a-1a5e-424b-9a69-995531862419/1/JClc5xJHPQ4-bap3fbiQb4AB33A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.102.64.0/22
IPv6:
2a07:dbc0::/32
Signature Algorithm: sha256WithRSAEncryption
9c:07:15:8a:56:19:49:69:e6:8e:77:16:ac:57:36:94:6e:19:
12:f9:ce:71:90:9d:b4:c2:c1:dc:e5:dd:92:94:fd:41:2c:0d:
6b:6c:7e:87:4b:b1:ff:55:26:d4:25:a0:d1:ae:ab:ac:64:85:
af:03:1d:bd:1c:ed:c8:ce:e1:90:99:58:e6:a2:d5:c7:95:d2:
be:fb:93:a3:e4:e2:3c:d7:ee:10:21:71:ff:35:d8:28:86:c8:
3d:7d:19:3e:0a:e2:61:43:a9:f2:e5:f8:b4:d8:46:e2:95:9c:
f3:8f:29:15:17:0b:be:b9:d4:75:5f:f0:bd:80:31:0c:4e:13:
39:05:42:32:62:5a:f1:20:2e:b3:14:15:1d:1e:42:a7:ba:34:
24:75:67:95:53:56:ac:4c:bc:11:f0:eb:81:98:2d:05:d8:aa:
6c:65:28:e5:a3:d8:59:98:01:82:9c:4d:5c:6d:d5:53:f9:c9:
6d:d2:4d:6b:89:85:6f:a9:60:d6:ab:05:d5:4c:0a:41:a5:7f:
94:44:e2:c6:81:25:35:3b:40:a8:3c:1f:2e:01:03:15:1f:b4:
a0:4b:33:07:80:c7:fe:b4:04:e4:0a:44:3b:01:69:55:ae:21:
72:be:66:d5:1c:42:cd:28:37:78:3c:ee:5c:30:6d:b6:bc:88:
6d:b4:85:1d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQks/8xQB+M/FCW7mzcOLnDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Mjk1Y2U3MTI0NzNkMGUzZTZkYWE3NzdkYjg5MDZmODAw
MWRmNzAwHhcNMjUwMTAyMDE0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTFiM2M3YzA3MzQ0ODYwMzIzNzgyODMwZjQ3MGUyOTYwMmFiNjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMZRMBjTqUEswtLmV/lW2C06vJFr
ddCsID3opaBlmGAfcXE3loekXfDCyJKJ8ScWLlrm8IDHkJKx1qMoR7Gf+M3C3XNm
PgmGkQcN6HiATIMKbZi3R1qGPF5/jQBWIgEYvqNJsOLAUCyWpFnkXkQJTxGiNENO
NFTCkxvSWYC9EUPhZXeX7R2tpw2oAP5pgpSSfOfiIHrn3rt5dbXVFZClVTv/lx7O
VJOBnDlWWTe3HkHtRQv4jpVmNvyDlop6izfOeLfyLk/TVEhoAm6RYriO2kxhKu6x
1ae3Orzu/RxIrOdinXRi66E/tullEHhyQAeUFOYn7JeSUOc45P71fNsZ6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF4bPHwHNEhgMjeCgw9HDilgKraMMB8GA1UdIwQY
MBaAFCQpXOcSRz0OPm2qd324kG+AAd9wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkNsYzV4SkhQUTQtYmFwM2ZiaVFiNEFCMzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi8xYTBjNmEtMWE1ZS00MjRiLTlhNjkt
OTk1NTMxODYyNDE5LzEvWGhzOGZBYzBTR0F5TjRLREQwY09LV0FxdG93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi8xYTBjNmEtMWE1ZS00MjRiLTlhNjktOTk1NTMxODYyNDE5
LzEvSkNsYzV4SkhQUTQtYmFwM2ZiaVFiNEFCMzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCsGZAMA0E
AgACMAcDBQAqB9vAMA0GCSqGSIb3DQEBCwUAA4IBAQCcBxWKVhlJaeaOdxasVzaU
bhkS+c5xkJ20wsHc5d2SlP1BLA1rbH6HS7H/VSbUJaDRrqusZIWvAx29HO3IzuGQ
mVjmotXHldK++5Oj5OI81+4QIXH/Ndgohsg9fRk+CuJhQ6ny5fi02EbilZzzjykV
Fwu+udR1X/C9gDEMThM5BUIyYlrxIC6zFBUdHkKnujQkdWeVU1asTLwR8OuBmC0F
2KpsZSjlo9hZmAGCnE1cbdVT+clt0k1riYVvqWDWqwXVTApBpX+UROLGgSU1O0Co
PB8uAQMVH7SgSzMHgMf+tATkCkQ7AWlVriFyvmbVHELNKDd4PO5cMG22vIhttIUd
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:31:08 2025 by rpki-client