Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/xzhHaw1u4vyWJOy8wzv_GA0Hy8w.roa
File: xzhHaw1u4vyWJOy8wzv_GA0Hy8w.roa (raw, json)
Hash identifier: CWKK/bGUgV9l6R4l2jDK6+bx3tv6jjiAzLSyy1GKphs=
Subject key identifier: C7:38:47:6B:0D:6E:E2:FC:96:24:EC:BC:C3:3B:FF:18:0D:07:CB:CC
Certificate issuer: /CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Certificate serial: 019422FB5A341541E3CF5069E6869BFFC41C
Authority key identifier: 0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/xzhHaw1u4vyWJOy8wzv_GA0Hy8w.roa
Signing time: Wed 01 Jan 2025 17:48:05 +0000
ROA not before: Wed 01 Jan 2025 17:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44571
IP address blocks: 91.202.60.0/24 maxlen: 24
91.202.61.0/24 maxlen: 24
91.202.62.0/24 maxlen: 24
91.202.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:5a:34:15:41:e3:cf:50:69:e6:86:9b:ff:c4:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Validity
Not Before: Jan 1 17:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c738476b0d6ee2fc9624ecbcc33bff180d07cbcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:19:a8:c6:aa:1e:8d:60:4c:9d:28:29:51:77:
d4:52:42:89:be:60:1f:26:10:5c:68:37:ed:59:34:
9a:6f:ec:99:fe:19:14:73:11:72:ef:44:b8:c4:54:
d4:c4:03:e4:4d:c2:0a:45:e6:97:3f:0d:b5:e8:2b:
a8:9b:f1:b5:1e:ed:2e:88:88:e0:73:14:09:7c:16:
79:18:da:06:a3:5d:ad:80:d9:2d:65:dd:79:69:e0:
01:86:99:36:91:8f:7d:73:db:51:56:b3:d2:75:7a:
c5:bb:99:71:12:b8:03:ad:d9:d9:e1:03:ae:48:ca:
70:10:69:14:3b:e3:a0:d9:1c:07:eb:6b:98:e2:f9:
eb:99:5c:91:c2:78:b0:de:1d:4c:76:19:1f:8b:20:
0e:ca:06:b3:4e:f1:7c:1a:84:58:3c:b9:b8:1d:a2:
c4:c8:6e:85:16:85:ac:91:d0:4a:6b:d3:00:f0:75:
10:4c:74:82:21:7f:05:88:10:7a:43:4d:4c:80:ad:
c7:0f:c5:4f:bb:0a:ad:74:f3:06:b3:84:9a:3e:bc:
c3:8f:64:e5:b2:97:c0:75:f2:1c:73:58:82:13:f7:
a3:39:87:15:c6:5c:5c:9f:41:92:d6:f8:4b:25:8b:
5a:8a:de:0c:23:04:1f:d6:63:07:f6:47:44:a8:d7:
83:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:38:47:6B:0D:6E:E2:FC:96:24:EC:BC:C3:3B:FF:18:0D:07:CB:CC
X509v3 Authority Key Identifier:
keyid:0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/xzhHaw1u4vyWJOy8wzv_GA0Hy8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.60.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:56:5e:bf:6e:c1:45:f7:bd:a6:d0:aa:09:1c:ce:d1:51:49:
b0:8f:e1:fa:56:0b:a2:23:d1:a7:d2:1c:bf:57:d5:82:29:8e:
4a:7c:d3:f8:f2:e3:93:cf:de:24:24:99:fe:38:bd:cf:31:f1:
7e:42:ee:4b:0e:a7:c5:b2:11:13:7a:16:07:f5:cf:37:87:b3:
4a:e7:6a:46:50:1b:22:c5:e3:77:f1:d8:47:ca:83:22:4f:ae:
e9:e7:99:35:64:bc:10:45:94:5e:43:e6:a7:61:a7:9c:29:ab:
d8:d9:00:57:26:d0:e2:f3:8c:87:89:25:1c:98:7a:d8:3b:f0:
62:54:42:7b:10:b4:04:7a:a6:9f:ba:35:83:6f:59:43:9a:c5:
3b:64:ad:08:3f:da:70:00:79:26:84:9b:4d:11:5d:ea:99:a5:
7a:f6:69:f7:a7:24:6e:02:40:59:8c:60:e5:ed:e1:3a:1e:dd:
34:68:97:5c:d2:bc:ca:0a:6a:50:cf:e5:5e:64:0e:94:df:e0:
f8:df:62:a6:c6:3d:c1:68:a5:43:e3:d5:45:f5:98:64:9f:1b:
0b:32:90:8e:92:d7:dd:9c:ab:aa:92:58:7d:25:e7:30:ea:0d:
c3:a6:03:1c:ca:ec:cc:8a:42:b6:99:e4:5a:53:19:54:87:67:
af:b7:7d:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+1o0FUHjz1Bp5oab/8QcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZWJmYmZkNmY5MzdjNWFlMzllM2UzOGU4YWI4Mzg0MTA3
NDIxYTYwHhcNMjUwMTAxMTc0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzM4NDc2YjBkNmVlMmZjOTYyNGVjYmNjMzNiZmYxODBkMDdjYmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxmoxqoejWBMnSgpUXfUUkKJvmAf
JhBcaDftWTSab+yZ/hkUcxFy70S4xFTUxAPkTcIKReaXPw216Cuom/G1Hu0uiIjg
cxQJfBZ5GNoGo12tgNktZd15aeABhpk2kY99c9tRVrPSdXrFu5lxErgDrdnZ4QOu
SMpwEGkUO+Og2RwH62uY4vnrmVyRwniw3h1MdhkfiyAOygazTvF8GoRYPLm4HaLE
yG6FFoWskdBKa9MA8HUQTHSCIX8FiBB6Q01MgK3HD8VPuwqtdPMGs4SaPrzDj2Tl
spfAdfIcc1iCE/ejOYcVxlxcn0GS1vhLJYtait4MIwQf1mMH9kdEqNeDYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMc4R2sNbuL8liTsvMM7/xgNB8vMMB8GA1UdIwQY
MBaAFA/r+/1vk3xa454+OOirg4QQdCGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGIt
N2Q3MDM3NGQ3NmQyLzEveHpoSGF3MXU0dnlXSk95OHd6dl9HQTBIeTh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGItN2Q3MDM3NGQ3NmQy
LzEvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8o8MA0G
CSqGSIb3DQEBCwUAA4IBAQCeVl6/bsFF972m0KoJHM7RUUmwj+H6VguiI9Gn0hy/
V9WCKY5KfNP48uOTz94kJJn+OL3PMfF+Qu5LDqfFshETehYH9c83h7NK52pGUBsi
xeN38dhHyoMiT67p55k1ZLwQRZReQ+anYaecKavY2QBXJtDi84yHiSUcmHrYO/Bi
VEJ7ELQEeqafujWDb1lDmsU7ZK0IP9pwAHkmhJtNEV3qmaV69mn3pyRuAkBZjGDl
7eE6Ht00aJdc0rzKCmpQz+VeZA6U3+D432Kmxj3BaKVD49VF9ZhknxsLMpCOktfd
nKuqklh9Jecw6g3DpgMcyuzMikK2meRaUxlUh2evt31W
-----END CERTIFICATE-----
Generated at Tue Apr 8 19:17:02 2025 by rpki-client