Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/xWICqvpq-aio997r-Jl_e84mBzs.roa
File: xWICqvpq-aio997r-Jl_e84mBzs.roa (raw, json)
Hash identifier: VzAED4IrYDOzI6JIjXM468jZwannD/UKmDolCUU8kg4=
Subject key identifier: C5:62:02:AA:FA:6A:F9:A8:A8:F7:DE:EB:F8:99:7F:7B:CE:26:07:3B
Certificate issuer: /CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Certificate serial: 0194206820C44A57A21A2AA316D6EFF6B52E
Authority key identifier: A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/xWICqvpq-aio997r-Jl_e84mBzs.roa
Signing time: Wed 01 Jan 2025 05:48:02 +0000
ROA not before: Wed 01 Jan 2025 05:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43477
IP address blocks: 194.191.17.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:20:c4:4a:57:a2:1a:2a:a3:16:d6:ef:f6:b5:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Validity
Not Before: Jan 1 05:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c56202aafa6af9a8a8f7deebf8997f7bce26073b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:39:4f:a0:3f:75:92:15:a3:f1:9d:55:65:4f:
b9:d3:b7:8b:45:40:c5:57:a1:d1:4e:11:97:0d:81:
3f:37:15:b3:29:0e:23:d0:37:19:e7:4c:8a:72:9f:
c1:ca:51:87:89:f7:14:71:1d:62:82:7b:f6:d8:1f:
a8:5b:00:c5:9c:5a:ae:a5:f2:16:d6:2f:01:01:b9:
b2:99:1e:71:e5:98:c5:60:c3:ad:d8:85:a1:54:36:
20:b8:b4:d8:54:e3:0e:a2:b6:76:52:9e:9f:e7:6a:
3c:30:1b:a0:82:70:fd:0f:0c:50:ca:ca:19:3d:ae:
5f:e9:20:35:ed:53:69:e7:1c:da:cb:aa:97:b2:9e:
96:65:ff:c5:a4:6e:42:3e:df:f3:85:b1:0f:c7:86:
47:1e:46:46:60:25:b2:86:78:e5:d4:ac:bf:1b:8d:
73:b7:9c:a7:f1:a5:f0:e3:3e:54:8a:d7:25:f0:62:
ea:90:13:75:e9:e2:ed:dd:59:83:d3:6e:83:9b:23:
b1:5a:d4:96:b9:83:cb:55:8a:a1:c4:3a:80:2b:08:
f9:e1:60:d0:08:6b:8a:fe:60:38:4e:70:85:b4:9e:
2c:de:ec:77:e4:30:4b:81:13:08:3c:de:8e:18:fb:
a0:d1:b4:2a:0d:35:38:55:75:db:b0:65:82:7c:7d:
e8:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:62:02:AA:FA:6A:F9:A8:A8:F7:DE:EB:F8:99:7F:7B:CE:26:07:3B
X509v3 Authority Key Identifier:
keyid:A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/xWICqvpq-aio997r-Jl_e84mBzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/p0xnBuP769_xRqihTsKjKEqSumI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.191.17.0/24
Signature Algorithm: sha256WithRSAEncryption
be:5f:bf:03:0c:53:1c:5a:6d:8a:3e:2c:bf:54:4a:cf:d7:6c:
5e:fd:cd:11:13:b7:f4:2b:51:1f:2d:57:07:5f:0f:6e:5b:ee:
30:24:bd:fc:2a:f1:c0:0a:ee:f8:fb:e5:21:84:fb:9c:05:96:
79:e7:b9:dd:bc:0d:64:ff:94:3b:b9:6e:c1:4b:6c:e5:5c:0b:
6c:3a:3a:a6:87:01:52:9e:4e:0f:0d:44:3b:8e:08:48:80:2d:
1b:57:8f:cb:7d:c6:98:00:3d:4d:86:70:68:95:cf:2d:5c:5d:
0a:e2:0c:53:bb:5f:2a:53:c2:c8:e0:78:e2:1d:6b:51:5a:53:
76:ce:43:d5:39:c1:fc:45:ff:fa:d4:ad:73:c0:01:f2:fb:00:
df:fc:ee:b9:98:bb:2a:90:cb:89:b3:a9:a9:43:73:c8:bb:f4:
bc:f5:0c:3d:61:61:79:24:c5:80:08:27:59:1c:f4:2a:72:a8:
b7:2a:9e:3a:17:40:19:68:52:33:84:ef:21:ee:92:ef:97:66:
59:0d:c7:25:0a:17:0c:9c:34:33:55:5f:f9:f2:af:49:70:3e:
b8:74:f6:e9:80:91:a4:44:82:ce:6c:bb:fa:ea:c1:8b:ba:75:
d6:ab:a5:d8:a9:c9:b1:9b:df:53:26:16:97:9e:ef:e7:4d:aa:
56:3a:a1:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaCDESleiGiqjFtbv9rUuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NGM2NzA2ZTNmYmViZGZmMTQ2YThhMTRlYzJhMzI4NGE5
MmJhNjIwHhcNMjUwMTAxMDU0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTYyMDJhYWZhNmFmOWE4YThmN2RlZWJmODk5N2Y3YmNlMjYwNzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1TlPoD91khWj8Z1VZU+507eLRUDF
V6HRThGXDYE/NxWzKQ4j0DcZ50yKcp/BylGHifcUcR1ignv22B+oWwDFnFqupfIW
1i8BAbmymR5x5ZjFYMOt2IWhVDYguLTYVOMOorZ2Up6f52o8MBuggnD9DwxQysoZ
Pa5f6SA17VNp5xzay6qXsp6WZf/FpG5CPt/zhbEPx4ZHHkZGYCWyhnjl1Ky/G41z
t5yn8aXw4z5Uitcl8GLqkBN16eLt3VmD026DmyOxWtSWuYPLVYqhxDqAKwj54WDQ
CGuK/mA4TnCFtJ4s3ux35DBLgRMIPN6OGPug0bQqDTU4VXXbsGWCfH3obwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMViAqr6avmoqPfe6/iZf3vOJgc7MB8GA1UdIwQY
MBaAFKdMZwbj++vf8UaooU7CoyhKkrpiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDB4bkJ1UDc2OV94UnFpaFRzS2pLRXFTdW1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9hMGM0NDQtOTc5Ni00ZjA2LTgzZjIt
YWE3ODhhNDIwYWVjLzEveFdJQ3F2cHEtYWlvOTk3ci1KbF9lODRtQnpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9hMGM0NDQtOTc5Ni00ZjA2LTgzZjItYWE3ODhhNDIwYWVj
LzEvcDB4bkJ1UDc2OV94UnFpaFRzS2pLRXFTdW1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwr8RMA0G
CSqGSIb3DQEBCwUAA4IBAQC+X78DDFMcWm2KPiy/VErP12xe/c0RE7f0K1EfLVcH
Xw9uW+4wJL38KvHACu74++UhhPucBZZ557ndvA1k/5Q7uW7BS2zlXAtsOjqmhwFS
nk4PDUQ7jghIgC0bV4/LfcaYAD1NhnBolc8tXF0K4gxTu18qU8LI4HjiHWtRWlN2
zkPVOcH8Rf/61K1zwAHy+wDf/O65mLsqkMuJs6mpQ3PIu/S89Qw9YWF5JMWACCdZ
HPQqcqi3Kp46F0AZaFIzhO8h7pLvl2ZZDcclChcMnDQzVV/58q9JcD64dPbpgJGk
RILObLv66sGLunXWq6XYqcmxm99TJhaXnu/nTapWOqHF
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:25 2025 by rpki-client