Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/Vfz_XI34h0n1ABRWW0I8TbCl2Ks.roa
File: Vfz_XI34h0n1ABRWW0I8TbCl2Ks.roa (raw, json)
Hash identifier: 5McLJpTXPeaX6NxvYmzQe8oLwKFov9vgW9zM/HLDWFk=
Subject key identifier: 55:FC:FF:5C:8D:F8:87:49:F5:00:14:56:5B:42:3C:4D:B0:A5:D8:AB
Certificate issuer: /CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Certificate serial: 01941F8C266735FB7DC8F52837F552D497D2
Authority key identifier: AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/Vfz_XI34h0n1ABRWW0I8TbCl2Ks.roa
Signing time: Wed 01 Jan 2025 01:47:46 +0000
ROA not before: Wed 01 Jan 2025 01:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210283
IP address blocks: 91.228.200.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:26:67:35:fb:7d:c8:f5:28:37:f5:52:d4:97:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Validity
Not Before: Jan 1 01:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=55fcff5c8df88749f50014565b423c4db0a5d8ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:f2:12:12:a9:82:99:30:c1:c6:ee:2b:77:bd:
d4:b9:15:66:ae:cc:e9:b0:96:96:68:58:10:bd:67:
69:14:3e:94:31:13:ff:b6:f8:a0:cb:b0:26:f5:1e:
3a:de:52:68:2a:9d:2c:f3:7f:86:67:3b:4a:cc:bc:
46:94:a6:51:53:0e:65:1d:93:a8:af:b6:2c:e5:56:
49:92:f1:67:4d:d2:aa:85:5d:73:af:d9:b2:68:4c:
8a:23:59:b2:46:97:77:b2:1e:06:c2:de:98:05:04:
fa:a2:71:d3:e1:75:44:7f:81:50:9f:9e:4a:45:4c:
8f:a8:a9:d3:f0:77:81:bc:dc:e6:52:fd:15:0c:38:
09:72:07:fd:ed:37:4d:2a:5f:fb:49:64:d7:53:5b:
ff:dd:0c:60:57:a0:45:10:00:38:5c:5e:13:21:77:
de:9c:57:69:8c:ff:8e:71:9c:c2:c4:c5:17:0b:7a:
d3:c1:1d:6b:4b:79:90:ff:cc:ec:78:fe:4b:8c:71:
b6:85:99:fa:2e:ee:6f:a4:28:78:42:3f:b9:fe:ce:
9e:bc:f3:60:a1:f7:6b:9d:6f:ba:cf:9c:77:84:26:
b4:c5:6d:18:49:64:d7:82:27:78:32:ef:9b:f5:86:
03:70:76:7a:24:33:b4:33:ac:23:b3:af:e1:a2:49:
84:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:FC:FF:5C:8D:F8:87:49:F5:00:14:56:5B:42:3C:4D:B0:A5:D8:AB
X509v3 Authority Key Identifier:
keyid:AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/Vfz_XI34h0n1ABRWW0I8TbCl2Ks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.200.0/23
Signature Algorithm: sha256WithRSAEncryption
40:73:8c:71:82:49:86:5c:14:57:1e:92:22:fa:9f:dc:fb:f2:
01:59:28:11:8e:9b:f5:c5:b2:5b:32:a1:69:55:2f:d6:4a:d4:
0a:73:ad:fa:10:5b:a8:7b:94:a6:a1:66:41:74:55:94:98:a0:
0a:48:5f:81:eb:b2:d9:f6:b9:80:78:34:c5:3c:93:83:0e:23:
32:88:06:97:bc:91:cf:9b:cc:b7:3b:23:38:4c:ae:c1:bc:8b:
9a:94:95:1d:4a:82:08:cb:16:dc:db:ec:53:c9:0e:c5:67:5b:
ab:ec:0f:bc:c9:16:60:ac:50:2d:1d:e5:b1:6e:e7:3f:66:7c:
f6:ef:ea:b7:2c:64:98:3d:22:39:71:53:80:9f:ca:e9:ad:f9:
23:da:cd:48:b3:83:37:d5:14:df:38:9f:65:f2:a1:e2:93:b3:
6f:74:f6:d0:1c:35:00:0f:fa:41:48:43:c9:ac:10:2f:0c:88:
df:f9:e0:90:57:fa:c5:64:a2:92:8e:22:0d:f6:62:d0:a9:1c:
ad:bb:fd:a8:4e:6c:a0:51:74:dd:9e:29:44:6e:2c:67:0a:34:
1b:94:10:ca:44:aa:e5:76:9c:73:8a:20:e7:fa:d7:76:d8:a4:
04:e2:0d:b3:ea:45:4d:01:5d:2e:d8:f7:f0:2f:a3:da:1a:57:
96:de:13:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjCZnNft9yPUoN/VS1JfSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNWU5M2Y5MDIzNTRjZTQ4MDRiNGNiMDQ5Y2Y2OGIyMGY3
NmFlYjIwHhcNMjUwMTAxMDE0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWZjZmY1YzhkZjg4NzQ5ZjUwMDE0NTY1YjQyM2M0ZGIwYTVkOGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0fISEqmCmTDBxu4rd73UuRVmrszp
sJaWaFgQvWdpFD6UMRP/tvigy7Am9R463lJoKp0s83+GZztKzLxGlKZRUw5lHZOo
r7Ys5VZJkvFnTdKqhV1zr9myaEyKI1myRpd3sh4Gwt6YBQT6onHT4XVEf4FQn55K
RUyPqKnT8HeBvNzmUv0VDDgJcgf97TdNKl/7SWTXU1v/3QxgV6BFEAA4XF4TIXfe
nFdpjP+OcZzCxMUXC3rTwR1rS3mQ/8zseP5LjHG2hZn6Lu5vpCh4Qj+5/s6evPNg
ofdrnW+6z5x3hCa0xW0YSWTXgid4Mu+b9YYDcHZ6JDO0M6wjs6/hokmEdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFX8/1yN+IdJ9QAUVltCPE2wpdirMB8GA1UdIwQY
MBaAFK9ek/kCNUzkgEtMsEnPaLIPdq6yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWIt
N2UwNWFkMDE5MGNlLzEvVmZ6X1hJMzRoMG4xQUJSV1cwSThUYkNsMktzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWItN2UwNWFkMDE5MGNl
LzEvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+TIMA0G
CSqGSIb3DQEBCwUAA4IBAQBAc4xxgkmGXBRXHpIi+p/c+/IBWSgRjpv1xbJbMqFp
VS/WStQKc636EFuoe5SmoWZBdFWUmKAKSF+B67LZ9rmAeDTFPJODDiMyiAaXvJHP
m8y3OyM4TK7BvIualJUdSoIIyxbc2+xTyQ7FZ1ur7A+8yRZgrFAtHeWxbuc/Znz2
7+q3LGSYPSI5cVOAn8rprfkj2s1Is4M31RTfOJ9l8qHik7NvdPbQHDUAD/pBSEPJ
rBAvDIjf+eCQV/rFZKKSjiIN9mLQqRytu/2oTmygUXTdnilEbixnCjQblBDKRKrl
dpxziiDn+td22KQE4g2z6kVNAV0u2PfwL6PaGleW3hOF
-----END CERTIFICATE-----
Generated at Sun Apr 6 23:35:04 2025 by rpki-client