Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/92c1cf-5a22-453c-907f-eb1f8715eec0/1/XvQSYP0gBwV_2W1TwyZ9q7f08x4.roa
File: XvQSYP0gBwV_2W1TwyZ9q7f08x4.roa (raw, json)
Hash identifier: 4KSvLtvpZswpayMP+WjZ+QORjoSpSFJrnConIM4+/0A=
Subject key identifier: 5E:F4:12:60:FD:20:07:05:7F:D9:6D:53:C3:26:7D:AB:B7:F4:F3:1E
Certificate issuer: /CN=b3d66297c5cdbd36d86849ddeae7985979f450ca
Certificate serial: 019423692DD1B21AD1C500AACF6FF9320499
Authority key identifier: B3:D6:62:97:C5:CD:BD:36:D8:68:49:DD:EA:E7:98:59:79:F4:50:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s9Zil8XNvTbYaEnd6ueYWXn0UMo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/92c1cf-5a22-453c-907f-eb1f8715eec0/1/XvQSYP0gBwV_2W1TwyZ9q7f08x4.roa
Signing time: Wed 01 Jan 2025 19:48:03 +0000
ROA not before: Wed 01 Jan 2025 19:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 91.241.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:2d:d1:b2:1a:d1:c5:00:aa:cf:6f:f9:32:04:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3d66297c5cdbd36d86849ddeae7985979f450ca
Validity
Not Before: Jan 1 19:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ef41260fd2007057fd96d53c3267dabb7f4f31e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:31:e1:f8:26:bd:57:cb:c9:4b:c4:86:eb:cd:
44:5a:ee:ea:82:a9:91:48:a4:4d:ac:75:29:15:ee:
9d:9c:0e:90:c7:17:50:90:a2:0e:87:cd:b9:81:8c:
d7:0b:aa:1a:ba:2e:a5:01:77:1a:e4:df:cd:49:31:
d2:f8:e1:8b:2e:45:50:86:31:8f:90:10:34:d5:da:
ab:77:fc:ae:93:3c:ca:a0:0f:e7:c5:de:28:c9:b0:
68:07:bc:8e:67:a6:8f:c3:86:39:9a:a6:fe:82:b4:
1f:24:87:25:d8:81:0f:bd:79:cd:6e:dd:d2:e0:99:
80:39:2b:1e:ef:5c:30:48:18:28:c0:a5:ac:3c:1b:
12:13:36:2b:3d:82:50:8c:e9:20:82:5f:c6:88:3c:
37:50:fb:5d:3a:83:85:f2:57:f6:ec:ea:67:ff:21:
bf:4e:10:ac:5b:92:98:dd:23:a4:67:17:16:b5:62:
27:25:17:f6:09:b5:a7:61:db:87:2a:bf:7b:ef:3b:
66:a3:d3:d5:7e:19:33:58:18:08:e8:9b:77:f6:57:
78:2f:a5:f4:0b:d9:9d:48:66:c8:29:0c:24:d4:3f:
13:a7:bd:89:75:67:e1:54:10:bd:5e:51:0c:af:e3:
c4:79:53:81:86:df:a1:ae:b0:d1:77:d1:24:28:f0:
9b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:F4:12:60:FD:20:07:05:7F:D9:6D:53:C3:26:7D:AB:B7:F4:F3:1E
X509v3 Authority Key Identifier:
keyid:B3:D6:62:97:C5:CD:BD:36:D8:68:49:DD:EA:E7:98:59:79:F4:50:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9Zil8XNvTbYaEnd6ueYWXn0UMo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/92c1cf-5a22-453c-907f-eb1f8715eec0/1/XvQSYP0gBwV_2W1TwyZ9q7f08x4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/92c1cf-5a22-453c-907f-eb1f8715eec0/1/s9Zil8XNvTbYaEnd6ueYWXn0UMo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.15.0/24
Signature Algorithm: sha256WithRSAEncryption
55:1c:a1:f2:11:35:2a:69:a7:38:a0:2a:b8:fc:6b:86:dc:d3:
3a:f5:5f:0b:5b:32:64:54:8d:3d:a1:d8:bd:d2:73:89:90:94:
f2:d2:58:66:9a:b5:be:68:0d:20:95:69:9a:1c:46:c8:53:e3:
27:d2:b9:65:da:26:82:14:d8:ad:95:c1:e5:74:28:26:54:17:
35:8e:6a:65:fc:50:2c:d6:75:e1:f1:bd:4e:67:bd:d1:54:7a:
1c:93:2a:1c:87:5b:20:08:d7:0a:1a:fb:8b:4d:69:ef:09:97:
67:41:54:48:91:6b:3a:ed:ce:73:05:cc:36:75:d4:7a:c6:32:
6c:3f:ad:24:34:61:1e:b2:6c:dc:c2:0e:6f:b0:ab:08:e1:40:
7a:e3:9c:87:a3:e3:4c:80:34:e6:f8:6d:d1:07:15:ea:e2:ff:
e6:c9:51:83:03:d5:3c:c5:f2:e0:79:97:89:a1:6e:76:c7:14:
7c:3b:b5:bf:d0:f0:b0:9b:58:54:bd:5b:62:19:25:37:73:fb:
a4:bb:0d:63:db:42:2c:18:d2:a0:96:45:40:19:88:c4:76:ec:
f1:34:ef:64:69:a9:f5:63:3c:e2:f5:f5:78:16:ad:be:24:3b:
06:3b:48:15:b8:a7:f4:86:9c:17:5b:aa:8d:0a:03:41:be:91:
e9:a4:72:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaS3RshrRxQCqz2/5MgSZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZDY2Mjk3YzVjZGJkMzZkODY4NDlkZGVhZTc5ODU5Nzlm
NDUwY2EwHhcNMjUwMTAxMTk0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWY0MTI2MGZkMjAwNzA1N2ZkOTZkNTNjMzI2N2RhYmI3ZjRmMzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1DHh+Ca9V8vJS8SG681EWu7qgqmR
SKRNrHUpFe6dnA6QxxdQkKIOh825gYzXC6oaui6lAXca5N/NSTHS+OGLLkVQhjGP
kBA01dqrd/yukzzKoA/nxd4oybBoB7yOZ6aPw4Y5mqb+grQfJIcl2IEPvXnNbt3S
4JmAOSse71wwSBgowKWsPBsSEzYrPYJQjOkggl/GiDw3UPtdOoOF8lf27Opn/yG/
ThCsW5KY3SOkZxcWtWInJRf2CbWnYduHKr977ztmo9PVfhkzWBgI6Jt39ld4L6X0
C9mdSGbIKQwk1D8Tp72JdWfhVBC9XlEMr+PEeVOBht+hrrDRd9EkKPCbbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF70EmD9IAcFf9ltU8Mmfau39PMeMB8GA1UdIwQY
MBaAFLPWYpfFzb022GhJ3ernmFl59FDKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczlaaWw4WE52VGJZYUVuZDZ1ZVlXWG4wVU1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS85MmMxY2YtNWEyMi00NTNjLTkwN2Yt
ZWIxZjg3MTVlZWMwLzEvWHZRU1lQMGdCd1ZfMlcxVHd5WjlxN2YwOHg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS85MmMxY2YtNWEyMi00NTNjLTkwN2YtZWIxZjg3MTVlZWMw
LzEvczlaaWw4WE52VGJZYUVuZDZ1ZVlXWG4wVU1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/EPMA0G
CSqGSIb3DQEBCwUAA4IBAQBVHKHyETUqaac4oCq4/GuG3NM69V8LWzJkVI09odi9
0nOJkJTy0lhmmrW+aA0glWmaHEbIU+Mn0rll2iaCFNitlcHldCgmVBc1jmpl/FAs
1nXh8b1OZ73RVHockyoch1sgCNcKGvuLTWnvCZdnQVRIkWs67c5zBcw2ddR6xjJs
P60kNGEesmzcwg5vsKsI4UB645yHo+NMgDTm+G3RBxXq4v/myVGDA9U8xfLgeZeJ
oW52xxR8O7W/0PCwm1hUvVtiGSU3c/ukuw1j20IsGNKglkVAGYjEduzxNO9kaan1
Yzzi9fV4Fq2+JDsGO0gVuKf0hpwXW6qNCgNBvpHppHIU
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:13:23 2025 by rpki-client