Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/1-XFjCTUni033nHhYRmJOqM9jlGc.roa
File: 1-XFjCTUni033nHhYRmJOqM9jlGc.roa (raw, json)
Hash identifier: a6F7TxtLe6JNcWkFZlc6LgK7OW6wowgqvJVbNywVDGY=
Subject key identifier: F9:71:63:09:35:27:8B:4D:F7:9C:78:58:46:62:4E:A8:CF:63:94:67
Certificate issuer: /CN=bbb865fd6dfaaba771249b7ebae8ebd5280a0c97
Certificate serial: 018570D521BE7BF1D8E94B8D7B4E35739C03
Authority key identifier: BB:B8:65:FD:6D:FA:AB:A7:71:24:9B:7E:BA:E8:EB:D5:28:0A:0C:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u7hl_W36q6dxJJt-uujr1SgKDJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/1-XFjCTUni033nHhYRmJOqM9jlGc.roa
Signing time: Mon 02 Jan 2023 04:54:54 +0000
ROA not before: Mon 02 Jan 2023 04:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34691
IP address blocks: 45.136.110.0/24 maxlen: 24
194.69.60.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:21:be:7b:f1:d8:e9:4b:8d:7b:4e:35:73:9c:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbb865fd6dfaaba771249b7ebae8ebd5280a0c97
Validity
Not Before: Jan 2 04:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f971630935278b4df79c785846624ea8cf639467
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d1:d1:c8:c4:07:a1:03:a2:7c:20:9c:4d:b7:
6f:51:f3:88:05:2a:f7:71:d2:74:90:28:fc:5b:f1:
61:01:8c:ab:cf:4b:71:41:6a:cc:a8:3d:4f:27:fb:
73:71:9d:68:4f:1f:9f:95:5b:b2:3b:e8:fc:23:3b:
08:1c:b2:e0:e8:df:ab:40:7e:1e:55:e9:9a:e6:45:
e6:96:f8:b5:79:79:a3:9d:7f:94:21:72:8f:f5:00:
fb:f8:af:8d:88:be:14:f1:8c:61:b2:79:2e:e8:5a:
07:fa:e7:fd:3c:c9:0a:9c:bd:40:25:33:3e:ec:c7:
d1:36:6e:9a:59:7d:aa:71:08:6e:3d:de:0e:a3:db:
c6:ca:a9:ec:f2:95:b7:6f:42:82:32:55:ca:d3:a5:
fb:9d:cd:05:7a:2c:4a:1e:9d:5e:78:e7:86:fd:1a:
c7:fd:ef:74:65:86:5a:13:f0:00:e9:2e:67:01:6c:
ad:f5:c9:f0:88:38:6b:50:a2:2c:c1:62:e4:cf:90:
93:3a:b1:e3:9f:3b:ce:44:fd:38:51:a0:20:3c:78:
84:7d:bf:79:74:5a:1c:2d:a0:e5:4c:ef:f1:e3:4c:
e8:c7:6f:c6:dd:17:8b:ea:93:5c:e1:21:17:d0:90:
cd:c8:79:66:05:35:50:f1:ae:a9:5e:d3:23:81:cf:
e5:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:71:63:09:35:27:8B:4D:F7:9C:78:58:46:62:4E:A8:CF:63:94:67
X509v3 Authority Key Identifier:
keyid:BB:B8:65:FD:6D:FA:AB:A7:71:24:9B:7E:BA:E8:EB:D5:28:0A:0C:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u7hl_W36q6dxJJt-uujr1SgKDJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/1-XFjCTUni033nHhYRmJOqM9jlGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/u7hl_W36q6dxJJt-uujr1SgKDJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.110.0/24
194.69.60.0/22
Signature Algorithm: sha256WithRSAEncryption
21:70:69:ca:9e:9c:34:21:4b:d4:d7:3e:4c:c5:07:e6:a9:9f:
f3:c1:c0:a8:f7:82:71:1c:47:9f:99:4b:6b:39:b2:44:09:79:
06:81:c9:5a:06:83:80:f9:99:c9:cf:63:67:ac:48:62:cd:6d:
7d:bc:13:60:e5:50:43:bb:67:3d:f0:02:20:13:6c:c0:dd:0c:
97:b3:ea:f5:0b:d2:c4:3c:e8:95:92:02:9e:3d:95:91:70:78:
02:e8:3e:cd:61:43:15:0c:35:d0:7c:3e:97:e4:cc:4d:41:c5:
94:06:9f:66:bb:aa:62:36:a1:9f:0e:8e:47:51:09:bc:f8:a4:
4c:5c:a7:ef:bb:06:82:ba:1d:ec:04:73:11:70:37:01:e9:94:
b2:1c:f9:08:db:17:b1:69:4c:4c:78:0f:82:3e:50:c5:d5:73:
a2:07:63:b1:df:ef:6e:a7:2e:ff:02:89:96:e8:b9:29:53:fb:
f5:17:63:e3:de:0b:e5:04:19:35:ee:4a:ee:c0:36:60:73:e3:
0e:13:c4:bd:7c:d4:47:84:96:9b:65:a6:2a:2e:32:7d:3e:17:
cc:9a:67:c3:ab:ca:05:d1:d3:72:52:8c:fe:33:75:03:f8:55:
3c:e3:07:3a:d4:68:53:8f:46:b9:32:5d:44:25:e3:e5:f3:0b:
54:87:02:ae
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYVw1SG+e/HY6UuNe041c5wDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYjg2NWZkNmRmYWFiYTc3MTI0OWI3ZWJhZThlYmQ1Mjgw
YTBjOTcwHhcNMjMwMTAyMDQ1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTcxNjMwOTM1Mjc4YjRkZjc5Yzc4NTg0NjYyNGVhOGNmNjM5NDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9HRyMQHoQOifCCcTbdvUfOIBSr3
cdJ0kCj8W/FhAYyrz0txQWrMqD1PJ/tzcZ1oTx+flVuyO+j8IzsIHLLg6N+rQH4e
Vema5kXmlvi1eXmjnX+UIXKP9QD7+K+NiL4U8Yxhsnku6FoH+uf9PMkKnL1AJTM+
7MfRNm6aWX2qcQhuPd4Oo9vGyqns8pW3b0KCMlXK06X7nc0FeixKHp1eeOeG/RrH
/e90ZYZaE/AA6S5nAWyt9cnwiDhrUKIswWLkz5CTOrHjnzvORP04UaAgPHiEfb95
dFocLaDlTO/x40zox2/G3ReL6pNc4SEX0JDNyHlmBTVQ8a6pXtMjgc/l5wIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPlxYwk1J4tN95x4WEZiTqjPY5RnMB8GA1UdIwQY
MBaAFLu4Zf1t+quncSSbfrro69UoCgyXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTdobF9XMzZxNmR4Skp0LXV1anIxU2dLREpjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80M2JiOTQtOTRjNi00ZGFkLWEzNzIt
NWZjZmE0MjE5NzVjLzEvMS1YRmpDVFVuaTAzM25IaFlSbUpPcU05amxHYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGEvNDNiYjk0LTk0YzYtNGRhZC1hMzcyLTVmY2ZhNDIxOTc1
Yy8xL3U3aGxfVzM2cTZkeEpKdC11dWpyMVNnS0RKYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC2IbgME
AsJFPDANBgkqhkiG9w0BAQsFAAOCAQEAIXBpyp6cNCFL1Nc+TMUH5qmf88HAqPeC
cRxHn5lLazmyRAl5BoHJWgaDgPmZyc9jZ6xIYs1tfbwTYOVQQ7tnPfACIBNswN0M
l7Pq9QvSxDzolZICnj2VkXB4Aug+zWFDFQw10Hw+l+TMTUHFlAafZruqYjahnw6O
R1EJvPikTFyn77sGgrod7ARzEXA3AemUshz5CNsXsWlMTHgPgj5QxdVzogdjsd/v
bqcu/wKJlui5KVP79Rdj494L5QQZNe5K7sA2YHPjDhPEvXzUR4SWm2WmKi4yfT4X
zJpnw6vKBdHTclKM/jN1A/hVPOMHOtRoU49GuTJdRCXj5fMLVIcCrg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:49:06 2025 by rpki-client