Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/d54bc0-f781-48b0-9f6d-b5f0d21053f8/1/B7NZ-u78J5mcpsov1XyIGK10cH0.roa
File: B7NZ-u78J5mcpsov1XyIGK10cH0.roa (raw, json)
Hash identifier: U6kZ6B0tG819VSZmmXYNrc7xdPGbBot/5/JsXAv6Iss=
Subject key identifier: 07:B3:59:FA:EE:FC:27:99:9C:A6:CA:2F:D5:7C:88:18:AD:74:70:7D
Certificate issuer: /CN=5d82ca6f8eb685a573e5d1d91f8f06121ab02a37
Certificate serial: 019421445581345B9B700FC256A529A4F52E
Authority key identifier: 5D:82:CA:6F:8E:B6:85:A5:73:E5:D1:D9:1F:8F:06:12:1A:B0:2A:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYLKb462haVz5dHZH48GEhqwKjc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/d54bc0-f781-48b0-9f6d-b5f0d21053f8/1/B7NZ-u78J5mcpsov1XyIGK10cH0.roa
Signing time: Wed 01 Jan 2025 09:48:33 +0000
ROA not before: Wed 01 Jan 2025 09:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19551
IP address blocks: 91.231.192.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:55:81:34:5b:9b:70:0f:c2:56:a5:29:a4:f5:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d82ca6f8eb685a573e5d1d91f8f06121ab02a37
Validity
Not Before: Jan 1 09:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07b359faeefc27999ca6ca2fd57c8818ad74707d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f1:96:ec:21:20:41:91:3d:7e:26:04:40:70:
74:26:a8:5c:4b:ee:02:3a:f4:5e:9a:03:72:c8:91:
c4:86:e5:8b:fb:83:97:dc:c6:b2:f1:4a:6a:c2:03:
20:63:96:21:4a:72:45:d1:2c:6e:c8:95:bc:aa:83:
f4:2b:1e:22:2b:7d:7f:76:79:28:38:7a:de:83:f2:
8b:f8:09:21:a3:94:ea:6d:76:fc:40:e8:08:ac:c4:
a9:3c:c2:c1:a8:3d:e0:13:21:d8:77:10:77:26:67:
60:df:e5:d1:45:e0:7a:e6:eb:b4:4a:99:34:31:ca:
26:fe:95:ae:47:e1:06:99:53:d2:4b:d5:f2:f7:7d:
80:cd:c0:d9:76:d9:da:14:e3:bb:51:26:6a:2f:39:
13:bd:04:cd:54:4a:12:40:da:1f:20:1e:39:5e:3b:
85:4d:ff:04:47:fa:07:45:1e:39:5e:21:65:43:80:
d7:9b:69:54:70:91:7e:4a:51:9a:ec:97:20:77:7f:
a3:29:15:44:16:5c:87:e3:65:fb:6e:cc:76:e9:e8:
8f:2a:ae:54:60:53:fe:3c:4c:43:e8:a0:c4:3e:a5:
e5:ee:a6:ae:31:e6:96:28:40:4b:de:b7:6d:8b:5d:
82:f2:36:65:d2:41:88:3f:21:c7:63:67:f7:be:83:
b7:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:B3:59:FA:EE:FC:27:99:9C:A6:CA:2F:D5:7C:88:18:AD:74:70:7D
X509v3 Authority Key Identifier:
keyid:5D:82:CA:6F:8E:B6:85:A5:73:E5:D1:D9:1F:8F:06:12:1A:B0:2A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYLKb462haVz5dHZH48GEhqwKjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d54bc0-f781-48b0-9f6d-b5f0d21053f8/1/B7NZ-u78J5mcpsov1XyIGK10cH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d54bc0-f781-48b0-9f6d-b5f0d21053f8/1/XYLKb462haVz5dHZH48GEhqwKjc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.192.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:6b:f5:fc:7d:04:2c:0c:c0:b2:90:c1:ca:04:e0:16:d8:15:
61:6f:91:5f:8c:30:2c:5b:cd:d3:28:49:bd:38:3f:02:ad:07:
42:64:fb:b0:08:18:8e:cf:42:15:2a:5f:d4:32:3c:9f:3c:5d:
db:02:dc:31:0b:42:1b:88:09:d2:6e:75:01:90:00:e1:1c:f0:
34:14:33:61:9f:a5:2b:83:42:d7:8a:a3:9c:80:49:60:db:38:
68:5c:12:28:24:7b:5c:29:55:6d:53:b6:9f:f5:55:de:81:54:
f2:3e:07:ee:54:2c:a2:54:32:ad:be:b5:80:48:6a:67:5b:6a:
ce:bf:b0:3d:04:7a:69:90:4e:ca:46:94:5f:e0:de:57:db:3e:
f4:b8:55:fd:8e:58:31:37:7c:88:4d:15:c1:17:c3:8f:81:83:
5a:04:f9:a7:90:8e:cb:1e:09:df:1b:5a:96:1f:2a:7f:fc:2e:
cc:71:6b:b5:bc:c0:2f:ea:c9:45:e4:d5:75:0e:6b:29:f7:4f:
55:96:7c:ef:e4:13:f0:dc:21:3f:9e:3b:31:7f:74:6b:6d:b0:
6c:90:2f:e1:ee:49:59:7c:a2:ff:42:6a:78:b5:e1:14:6e:99:
78:15:65:87:87:96:56:c2:e4:6b:31:da:4f:a6:e0:f2:7d:ca:
9b:b7:3a:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRFWBNFubcA/CVqUppPUuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkODJjYTZmOGViNjg1YTU3M2U1ZDFkOTFmOGYwNjEyMWFi
MDJhMzcwHhcNMjUwMTAxMDk0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2IzNTlmYWVlZmMyNzk5OWNhNmNhMmZkNTdjODgxOGFkNzQ3MDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvGW7CEgQZE9fiYEQHB0JqhcS+4C
OvRemgNyyJHEhuWL+4OX3May8UpqwgMgY5YhSnJF0SxuyJW8qoP0Kx4iK31/dnko
OHreg/KL+Akho5TqbXb8QOgIrMSpPMLBqD3gEyHYdxB3Jmdg3+XRReB65uu0Spk0
Mcom/pWuR+EGmVPSS9Xy932AzcDZdtnaFOO7USZqLzkTvQTNVEoSQNofIB45XjuF
Tf8ER/oHRR45XiFlQ4DXm2lUcJF+SlGa7Jcgd3+jKRVEFlyH42X7bsx26eiPKq5U
YFP+PExD6KDEPqXl7qauMeaWKEBL3rdti12C8jZl0kGIPyHHY2f3voO3lQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAezWfru/CeZnKbKL9V8iBitdHB9MB8GA1UdIwQY
MBaAFF2Cym+OtoWlc+XR2R+PBhIasCo3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFlMS2I0NjJoYVZ6NWRIWkg0OEdFaHF3S2pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9kNTRiYzAtZjc4MS00OGIwLTlmNmQt
YjVmMGQyMTA1M2Y4LzEvQjdOWi11NzhKNW1jcHNvdjFYeUlHSzEwY0gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9kNTRiYzAtZjc4MS00OGIwLTlmNmQtYjVmMGQyMTA1M2Y4
LzEvWFlMS2I0NjJoYVZ6NWRIWkg0OEdFaHF3S2pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+fAMA0G
CSqGSIb3DQEBCwUAA4IBAQCfa/X8fQQsDMCykMHKBOAW2BVhb5FfjDAsW83TKEm9
OD8CrQdCZPuwCBiOz0IVKl/UMjyfPF3bAtwxC0IbiAnSbnUBkADhHPA0FDNhn6Ur
g0LXiqOcgElg2zhoXBIoJHtcKVVtU7af9VXegVTyPgfuVCyiVDKtvrWASGpnW2rO
v7A9BHppkE7KRpRf4N5X2z70uFX9jlgxN3yITRXBF8OPgYNaBPmnkI7LHgnfG1qW
Hyp//C7McWu1vMAv6slF5NV1Dmsp909Vlnzv5BPw3CE/njsxf3RrbbBskC/h7klZ
fKL/Qmp4teEUbpl4FWWHh5ZWwuRrMdpPpuDyfcqbtzob
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:16:47 2025 by rpki-client