Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/d3ed5e-3d25-4fc9-a552-33c93ae6587f/1/cFe0fcTVTSC7B0d5gvNTXz-xep4.roa
File: cFe0fcTVTSC7B0d5gvNTXz-xep4.roa (raw, json)
Hash identifier: ZQYaaS1K6tl7IhYwt/p+rn1rZG3UhpXFq8Qzr2zV5hQ=
Subject key identifier: 70:57:B4:7D:C4:D5:4D:20:BB:07:47:79:82:F3:53:5F:3F:B1:7A:9E
Certificate issuer: /CN=74d7ef44d7019e4a5723a91b1d98fa8fd5d78ed7
Certificate serial: 018572C370CA66A996D7492E9163E125854F
Authority key identifier: 74:D7:EF:44:D7:01:9E:4A:57:23:A9:1B:1D:98:FA:8F:D5:D7:8E:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dNfvRNcBnkpXI6kbHZj6j9XXjtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/d3ed5e-3d25-4fc9-a552-33c93ae6587f/1/cFe0fcTVTSC7B0d5gvNTXz-xep4.roa
Signing time: Mon 02 Jan 2023 13:54:49 +0000
ROA not before: Mon 02 Jan 2023 13:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 553
IP address blocks: 192.109.76.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:c3:70:ca:66:a9:96:d7:49:2e:91:63:e1:25:85:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74d7ef44d7019e4a5723a91b1d98fa8fd5d78ed7
Validity
Not Before: Jan 2 13:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7057b47dc4d54d20bb07477982f3535f3fb17a9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ee:9e:6a:ce:7f:c6:80:5f:79:b0:ec:b9:29:
86:37:9e:8f:72:95:aa:4a:83:dc:a4:8f:da:f2:ea:
36:f7:e3:4c:8c:87:fb:8a:2d:f4:6c:73:6a:6b:99:
28:8e:68:36:c4:be:ae:e4:17:aa:5b:a8:47:ff:76:
9c:12:07:e7:40:3a:cf:32:ca:a0:9d:fc:38:00:32:
99:88:76:74:72:fe:92:3c:5e:e3:6c:64:95:8d:d6:
19:de:49:28:c8:18:20:ae:7e:3e:6d:36:91:67:3d:
fb:bc:56:b7:85:6e:6d:c6:d9:f3:03:c6:98:67:07:
8f:4a:8e:c7:40:35:68:93:41:c4:eb:e4:f2:f6:99:
f0:4a:a4:54:08:91:05:ee:c9:53:31:9a:66:96:04:
99:cc:c9:65:53:ef:a2:e4:de:9b:63:0d:ff:6e:fe:
c7:ac:6d:88:4e:de:48:7e:ae:91:05:ac:b7:40:30:
ab:a5:81:5c:79:85:39:39:0b:aa:11:25:dd:1d:26:
64:c5:09:a1:24:58:0f:da:8a:56:4d:5d:2d:4e:3c:
ca:9a:f5:cb:77:6d:fb:c0:38:20:f4:d5:14:c7:b7:
37:ac:12:60:9b:42:c0:b6:5d:af:88:a5:8a:83:26:
e6:99:48:0e:90:e4:b7:d9:31:a4:a5:15:3f:ff:b5:
34:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:57:B4:7D:C4:D5:4D:20:BB:07:47:79:82:F3:53:5F:3F:B1:7A:9E
X509v3 Authority Key Identifier:
keyid:74:D7:EF:44:D7:01:9E:4A:57:23:A9:1B:1D:98:FA:8F:D5:D7:8E:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dNfvRNcBnkpXI6kbHZj6j9XXjtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/d3ed5e-3d25-4fc9-a552-33c93ae6587f/1/cFe0fcTVTSC7B0d5gvNTXz-xep4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/d3ed5e-3d25-4fc9-a552-33c93ae6587f/1/dNfvRNcBnkpXI6kbHZj6j9XXjtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.76.0/24
Signature Algorithm: sha256WithRSAEncryption
75:05:d0:f7:f2:99:d3:43:c1:af:c8:aa:1b:55:67:31:3e:3f:
9f:cd:f8:1d:77:ff:de:e5:36:43:20:fb:f4:71:d3:af:fd:1d:
66:8a:40:ba:e6:81:77:bf:2b:60:9c:a7:ed:be:5a:b3:82:f0:
4a:2a:82:a3:5f:7d:21:86:84:3c:7a:95:96:42:d2:fe:f3:4a:
1e:e1:b6:60:12:26:72:d9:64:c6:38:5d:4a:25:2d:ef:09:48:
7e:c6:86:9f:4b:01:cd:80:f4:01:01:3b:7c:ab:93:f5:f2:51:
44:18:7a:bd:55:06:ed:02:00:c5:fc:b0:33:84:15:12:27:c0:
b3:f3:be:5c:1c:46:98:59:c4:d3:e2:f0:2a:23:3f:cf:9a:80:
6c:9f:c5:de:01:6b:e3:5d:4d:8f:ab:52:61:a8:9d:25:01:64:
12:9f:76:01:94:e6:26:c8:e0:ff:68:a0:4a:dd:32:3f:f2:a3:
db:c0:f4:31:03:28:a5:0a:e2:fc:95:fe:94:20:99:d0:9c:36:
14:39:63:aa:f7:74:d9:15:b9:da:d4:f8:8a:5c:ff:99:a1:da:
7a:5a:92:bb:56:2b:30:61:ad:4f:66:f3:ff:04:ff:95:50:23:
1e:eb:d9:17:67:b4:3c:e9:ae:c1:bb:c6:b8:b1:ea:36:3d:fa:
fc:34:ce:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyw3DKZqmW10kukWPhJYVPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZDdlZjQ0ZDcwMTllNGE1NzIzYTkxYjFkOThmYThmZDVk
NzhlZDcwHhcNMjMwMTAyMTM1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDU3YjQ3ZGM0ZDU0ZDIwYmIwNzQ3Nzk4MmYzNTM1ZjNmYjE3YTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiu6eas5/xoBfebDsuSmGN56PcpWq
SoPcpI/a8uo29+NMjIf7ii30bHNqa5kojmg2xL6u5BeqW6hH/3acEgfnQDrPMsqg
nfw4ADKZiHZ0cv6SPF7jbGSVjdYZ3kkoyBggrn4+bTaRZz37vFa3hW5txtnzA8aY
ZwePSo7HQDVok0HE6+Ty9pnwSqRUCJEF7slTMZpmlgSZzMllU++i5N6bYw3/bv7H
rG2ITt5Ifq6RBay3QDCrpYFceYU5OQuqESXdHSZkxQmhJFgP2opWTV0tTjzKmvXL
d237wDgg9NUUx7c3rBJgm0LAtl2viKWKgybmmUgOkOS32TGkpRU//7U0fwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHBXtH3E1U0guwdHeYLzU18/sXqeMB8GA1UdIwQY
MBaAFHTX70TXAZ5KVyOpGx2Y+o/V147XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE5mdlJOY0Jua3BYSTZrYkhaajZqOVhYanRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9kM2VkNWUtM2QyNS00ZmM5LWE1NTIt
MzNjOTNhZTY1ODdmLzEvY0ZlMGZjVFZUU0M3QjBkNWd2TlRYei14ZXA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9kM2VkNWUtM2QyNS00ZmM5LWE1NTItMzNjOTNhZTY1ODdm
LzEvZE5mdlJOY0Jua3BYSTZrYkhaajZqOVhYanRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG1MMA0G
CSqGSIb3DQEBCwUAA4IBAQB1BdD38pnTQ8GvyKobVWcxPj+fzfgdd//e5TZDIPv0
cdOv/R1mikC65oF3vytgnKftvlqzgvBKKoKjX30hhoQ8epWWQtL+80oe4bZgEiZy
2WTGOF1KJS3vCUh+xoafSwHNgPQBATt8q5P18lFEGHq9VQbtAgDF/LAzhBUSJ8Cz
875cHEaYWcTT4vAqIz/PmoBsn8XeAWvjXU2Pq1JhqJ0lAWQSn3YBlOYmyOD/aKBK
3TI/8qPbwPQxAyilCuL8lf6UIJnQnDYUOWOq93TZFbna1PiKXP+Zodp6WpK7Visw
Ya1PZvP/BP+VUCMe69kXZ7Q86a7Bu8a4seo2Pfr8NM69
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:36:38 2025 by rpki-client