Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/xXPje22kQWotZEDmug62wH0gDiA.roa
File: xXPje22kQWotZEDmug62wH0gDiA.roa (raw, json)
Hash identifier: agsgwd8NBBgzTmUw5oBm+qVdc/ai59WAMmo29EAFg6c=
Subject key identifier: C5:73:E3:7B:6D:A4:41:6A:2D:64:40:E6:BA:0E:B6:C0:7D:20:0E:20
Certificate issuer: /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial: 019427B3DB7BA3964B24E3CA109685225E8F
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/xXPje22kQWotZEDmug62wH0gDiA.roa
Signing time: Thu 02 Jan 2025 15:48:06 +0000
ROA not before: Thu 02 Jan 2025 15:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198912
IP address blocks: 57.191.127.0/24 maxlen: 24
57.191.192.0/19 maxlen: 24
57.191.224.0/19 maxlen: 24
57.250.220.0/24 maxlen: 24
2a0a:90c2::/36 maxlen: 36
2a0a:90c2:1000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:db:7b:a3:96:4b:24:e3:ca:10:96:85:22:5e:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Validity
Not Before: Jan 2 15:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c573e37b6da4416a2d6440e6ba0eb6c07d200e20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:12:d9:fe:f0:e3:32:fc:a5:48:92:82:59:44:
5d:d1:39:6b:19:a0:ba:81:98:72:40:05:50:75:3e:
2c:29:26:9e:96:4f:77:4b:8d:c0:23:27:55:08:f0:
ec:4f:a3:4a:53:a9:59:a6:90:7c:18:c9:cd:b9:17:
2b:1d:a2:07:62:1e:05:ae:d6:17:13:a2:c0:02:9c:
84:c1:a8:82:2a:25:f1:d5:42:51:25:59:8f:d3:87:
91:03:df:eb:5a:4b:27:2b:fd:d3:4a:5c:77:b3:8a:
2a:10:4f:2b:f3:28:fa:81:08:5a:07:72:f5:48:17:
7a:e3:cc:30:a5:7e:5d:d7:9f:18:5d:0d:df:d1:ea:
6d:a4:c6:c5:5c:42:22:52:88:c4:16:18:07:be:6b:
fd:5c:c6:5c:33:3e:03:f6:b9:68:c1:99:0f:cb:0d:
9b:6c:4a:67:be:14:8a:82:fc:f6:91:de:6b:11:b9:
4c:a8:a6:7d:11:d3:9d:b0:31:7d:87:c5:02:a4:8a:
c3:b4:07:78:df:20:c1:1d:1a:a5:8f:ee:f9:0b:3b:
a1:4a:93:b5:33:1c:16:fd:6a:78:7b:45:90:55:fb:
67:c7:04:73:18:34:15:46:85:e8:c4:bd:4a:98:b9:
3c:37:c3:cb:e8:22:05:24:78:14:29:4a:b5:2d:93:
e2:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:73:E3:7B:6D:A4:41:6A:2D:64:40:E6:BA:0E:B6:C0:7D:20:0E:20
X509v3 Authority Key Identifier:
keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/xXPje22kQWotZEDmug62wH0gDiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.191.127.0/24
57.191.192.0/18
57.250.220.0/24
IPv6:
2a0a:90c2::/35
Signature Algorithm: sha256WithRSAEncryption
36:1c:d4:76:99:d4:a3:9a:6e:8b:38:ef:e8:9e:40:02:6e:dd:
76:8b:a9:6a:df:49:d3:26:e4:6a:b0:c7:ca:bd:7d:ae:da:05:
57:90:f3:96:ec:44:63:d4:76:ce:2f:a4:38:0c:21:f8:d8:9f:
36:c3:c2:95:71:f6:af:a1:43:c4:d0:8e:a2:b4:90:ba:0a:3c:
b5:98:df:34:db:36:34:a7:f2:a1:82:29:c0:04:ac:71:d3:ce:
6a:2e:85:b2:93:3e:4d:7a:37:48:81:0a:a6:cb:78:d6:0e:55:
d4:b2:45:17:14:53:9e:97:df:e6:a0:17:be:5d:a6:f6:73:c5:
c7:bf:ac:9c:36:46:b4:16:59:53:ca:7f:db:8a:d5:35:8f:f9:
9c:4b:88:cc:00:46:ff:35:37:ce:26:67:72:8b:44:a8:fd:47:
65:3a:6b:aa:d3:0d:22:7c:3a:4b:ca:0a:bf:11:4c:5c:7c:de:
6c:29:1e:c9:3d:a3:cb:1b:8f:5e:0a:59:1f:da:b5:be:d6:2e:
23:8c:37:ae:fc:c1:d4:20:59:a3:7b:f5:8c:2a:93:82:74:8a:
8f:17:ba:f7:27:c6:42:cb:1a:ce:7a:4a:c6:80:7b:ad:11:6a:
50:78:6c:e7:34:51:4b:d5:09:14:62:58:68:dd:8e:94:12:54:
7f:59:3b:35
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQns9t7o5ZLJOPKEJaFIl6PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjUwMTAyMTU0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTczZTM3YjZkYTQ0MTZhMmQ2NDQwZTZiYTBlYjZjMDdkMjAwZTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthLZ/vDjMvylSJKCWURd0TlrGaC6
gZhyQAVQdT4sKSaelk93S43AIydVCPDsT6NKU6lZppB8GMnNuRcrHaIHYh4FrtYX
E6LAApyEwaiCKiXx1UJRJVmP04eRA9/rWksnK/3TSlx3s4oqEE8r8yj6gQhaB3L1
SBd648wwpX5d158YXQ3f0eptpMbFXEIiUojEFhgHvmv9XMZcMz4D9rlowZkPyw2b
bEpnvhSKgvz2kd5rEblMqKZ9EdOdsDF9h8UCpIrDtAd43yDBHRqlj+75CzuhSpO1
MxwW/Wp4e0WQVftnxwRzGDQVRoXoxL1KmLk8N8PL6CIFJHgUKUq1LZPiSQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFMVz43ttpEFqLWRA5roOtsB9IA4gMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEveFhQamUyMmtRV290WkVEbXVnNjJ3SDBnRGlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQAOb9/AwQG
Ob/AAwQAOfrcMA4EAgACMAgDBgUqCpDCADANBgkqhkiG9w0BAQsFAAOCAQEANhzU
dpnUo5puizjv6J5AAm7ddoupat9J0ybkarDHyr19rtoFV5DzluxEY9R2zi+kOAwh
+NifNsPClXH2r6FDxNCOorSQugo8tZjfNNs2NKfyoYIpwASscdPOai6FspM+TXo3
SIEKpst41g5V1LJFFxRTnpff5qAXvl2m9nPFx7+snDZGtBZZU8p/24rVNY/5nEuI
zABG/zU3ziZncotEqP1HZTprqtMNInw6S8oKvxFMXHzebCkeyT2jyxuPXgpZH9q1
vtYuI4w3rvzB1CBZo3v1jCqTgnSKjxe69yfGQssaznpKxoB7rRFqUHhs5zRRS9UJ
FGJYaN2OlBJUf1k7NQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:21:50 2025 by rpki-client