Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/871268-bcc1-4722-b14b-dd02811903df/1/rkFFxagKsCZzL6ha1afROc46-i4.roa
File: rkFFxagKsCZzL6ha1afROc46-i4.roa (raw, json)
Hash identifier: X8v0BqEuUtbA/N/cHBtFm11dCr+R+u6qXiVNMBQlsf4=
Subject key identifier: AE:41:45:C5:A8:0A:B0:26:73:2F:A8:5A:D5:A7:D1:39:CE:3A:FA:2E
Certificate issuer: /CN=cd73f238d96cf67a5efc0c37476fd306029af552
Certificate serial: 0195419DE8EC0D27E47B879C5ACA383288BB
Authority key identifier: CD:73:F2:38:D9:6C:F6:7A:5E:FC:0C:37:47:6F:D3:06:02:9A:F5:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zXPyONls9npe_Aw3R2_TBgKa9VI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/871268-bcc1-4722-b14b-dd02811903df/1/rkFFxagKsCZzL6ha1afROc46-i4.roa
Signing time: Wed 26 Feb 2025 09:37:02 +0000
ROA not before: Wed 26 Feb 2025 09:37:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 185.91.113.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:41:9d:e8:ec:0d:27:e4:7b:87:9c:5a:ca:38:32:88:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd73f238d96cf67a5efc0c37476fd306029af552
Validity
Not Before: Feb 26 09:37:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae4145c5a80ab026732fa85ad5a7d139ce3afa2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:cb:a5:af:8d:0a:0c:e1:a8:02:ce:51:54:b7:
8b:27:d9:3e:66:b7:57:c0:5f:c2:79:4a:1b:d2:f7:
9f:09:e2:fd:ef:dd:98:db:6b:e3:33:03:37:8a:76:
ca:39:8e:fc:8e:8b:eb:7e:84:3d:80:62:87:a4:30:
7d:cb:b5:48:4a:ef:f5:ef:b6:96:f7:ec:9f:f4:78:
93:f1:9e:6b:83:0d:f2:76:b5:2c:58:c7:7f:6c:46:
16:04:1a:d5:72:9d:a7:88:7d:e8:59:d9:67:77:dd:
9e:11:cf:d7:a0:74:86:9c:7a:9b:ea:7f:da:4f:c0:
6a:3e:07:67:0b:f1:70:c2:d6:f4:b3:e5:f7:ca:d5:
8b:89:ca:90:ea:4e:57:3b:72:d1:3f:ee:3f:5f:5f:
49:1e:e5:d5:e8:8b:21:65:2d:c6:69:49:43:9b:f2:
b3:af:ff:16:3e:2a:1d:36:cc:bd:21:d5:72:93:ef:
16:b6:44:3a:77:fe:b7:a2:15:c3:99:2f:d5:70:b7:
cf:a4:00:ee:b1:4d:ed:50:c2:1b:a4:81:f2:e8:83:
e8:38:2c:71:7c:d8:54:74:1b:b9:2f:2f:12:63:68:
4f:0d:2e:af:23:bf:4d:12:64:49:55:5f:07:d0:22:
4e:07:6b:b8:5f:52:00:7c:f9:0b:be:1f:77:2c:4a:
61:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:41:45:C5:A8:0A:B0:26:73:2F:A8:5A:D5:A7:D1:39:CE:3A:FA:2E
X509v3 Authority Key Identifier:
keyid:CD:73:F2:38:D9:6C:F6:7A:5E:FC:0C:37:47:6F:D3:06:02:9A:F5:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zXPyONls9npe_Aw3R2_TBgKa9VI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/871268-bcc1-4722-b14b-dd02811903df/1/rkFFxagKsCZzL6ha1afROc46-i4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/871268-bcc1-4722-b14b-dd02811903df/1/zXPyONls9npe_Aw3R2_TBgKa9VI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.113.0/24
Signature Algorithm: sha256WithRSAEncryption
40:02:da:67:d2:01:1d:54:6d:c4:ea:a7:a4:e4:ec:bf:b0:1a:
c0:9c:b1:f8:16:16:b0:a9:4f:67:fe:7c:41:c1:51:2d:b9:0e:
0f:d5:54:5f:29:4b:2b:bc:2a:0e:e0:89:99:87:ac:02:7e:1d:
19:b4:04:52:f4:f0:f0:51:ea:86:2a:f1:ac:7e:19:81:48:41:
2c:04:68:54:12:89:a9:7f:20:d5:9b:d7:64:5c:fd:70:02:34:
9f:f2:1a:8d:75:96:29:5c:a7:86:99:b8:4f:78:03:a6:5b:29:
4f:ac:f5:b6:1f:b2:dd:ae:7d:a6:9e:57:71:e5:87:0a:61:90:
ba:d1:ed:f7:dd:15:01:b5:92:e3:74:86:8b:a9:3a:79:91:b3:
44:5c:56:5d:df:40:be:46:96:94:c8:59:61:91:2c:ad:2c:83:
05:6d:73:32:87:89:3f:fc:01:a1:87:b5:e9:15:e4:f0:76:e6:
b5:b7:97:9f:4c:d5:5a:13:5d:1c:dc:4b:b8:a0:8b:e0:86:1f:
18:3b:6f:22:bb:74:59:69:99:b9:81:72:42:86:67:d2:a0:b0:
9a:ba:3c:2b:43:a8:0a:ef:45:10:f2:d6:51:e7:27:d3:3e:23:
fe:a0:25:08:fe:a6:66:31:0d:7d:ad:48:8e:e2:b4:03:e0:16:
8e:37:cd:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVBnejsDSfke4ecWso4Moi7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNzNmMjM4ZDk2Y2Y2N2E1ZWZjMGMzNzQ3NmZkMzA2MDI5
YWY1NTIwHhcNMjUwMjI2MDkzNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTQxNDVjNWE4MGFiMDI2NzMyZmE4NWFkNWE3ZDEzOWNlM2FmYTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwculr40KDOGoAs5RVLeLJ9k+ZrdX
wF/CeUob0vefCeL9792Y22vjMwM3inbKOY78jovrfoQ9gGKHpDB9y7VISu/177aW
9+yf9HiT8Z5rgw3ydrUsWMd/bEYWBBrVcp2niH3oWdlnd92eEc/XoHSGnHqb6n/a
T8BqPgdnC/Fwwtb0s+X3ytWLicqQ6k5XO3LRP+4/X19JHuXV6IshZS3GaUlDm/Kz
r/8WPiodNsy9IdVyk+8WtkQ6d/63ohXDmS/VcLfPpADusU3tUMIbpIHy6IPoOCxx
fNhUdBu5Ly8SY2hPDS6vI79NEmRJVV8H0CJOB2u4X1IAfPkLvh93LEphhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK5BRcWoCrAmcy+oWtWn0TnOOvouMB8GA1UdIwQY
MBaAFM1z8jjZbPZ6XvwMN0dv0wYCmvVSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelhQeU9ObHM5bnBlX0F3M1IyX1RCZ0thOVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy84NzEyNjgtYmNjMS00NzIyLWIxNGIt
ZGQwMjgxMTkwM2RmLzEvcmtGRnhhZ0tzQ1p6TDZoYTFhZlJPYzQ2LWk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy84NzEyNjgtYmNjMS00NzIyLWIxNGItZGQwMjgxMTkwM2Rm
LzEvelhQeU9ObHM5bnBlX0F3M1IyX1RCZ0thOVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVtxMA0G
CSqGSIb3DQEBCwUAA4IBAQBAAtpn0gEdVG3E6qek5Oy/sBrAnLH4FhawqU9n/nxB
wVEtuQ4P1VRfKUsrvCoO4ImZh6wCfh0ZtARS9PDwUeqGKvGsfhmBSEEsBGhUEomp
fyDVm9dkXP1wAjSf8hqNdZYpXKeGmbhPeAOmWylPrPW2H7Ldrn2mnldx5YcKYZC6
0e333RUBtZLjdIaLqTp5kbNEXFZd30C+RpaUyFlhkSytLIMFbXMyh4k//AGhh7Xp
FeTwdua1t5efTNVaE10c3Eu4oIvghh8YO28iu3RZaZm5gXJChmfSoLCaujwrQ6gK
70UQ8tZR5yfTPiP+oCUI/qZmMQ19rUiO4rQD4BaON80Z
-----END CERTIFICATE-----
Generated at Sat Apr 12 07:52:57 2025 by rpki-client