Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1fa945-50e7-479a-9d92-ddcd4d935030/1/pRWXyV2ouQj69_vUKv49a4sWtMg.roa
File: pRWXyV2ouQj69_vUKv49a4sWtMg.roa (raw, json)
Hash identifier: axPiiJGubcup9MAHPGd47fmcoZdhYKLBtgVaOQhjiRQ=
Subject key identifier: A5:15:97:C9:5D:A8:B9:08:FA:F7:FB:D4:2A:FE:3D:6B:8B:16:B4:C8
Certificate issuer: /CN=78d636c505d56af42a414c167d52407d356b3d0b
Certificate serial: 095B7C0E
Authority key identifier: 78:D6:36:C5:05:D5:6A:F4:2A:41:4C:16:7D:52:40:7D:35:6B:3D:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eNY2xQXVavQqQUwWfVJAfTVrPQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/1fa945-50e7-479a-9d92-ddcd4d935030/1/pRWXyV2ouQj69_vUKv49a4sWtMg.roa
Signing time: Sat 01 Jan 2022 07:53:40 +0000
ROA not before: Sat 01 Jan 2022 07:53:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201011
IP address blocks: 188.65.144.0/21 maxlen: 21
91.204.168.0/22 maxlen: 22
2a00:1aa0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156990478 (0x95b7c0e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78d636c505d56af42a414c167d52407d356b3d0b
Validity
Not Before: Jan 1 07:53:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a51597c95da8b908faf7fbd42afe3d6b8b16b4c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:25:0b:de:98:36:1a:37:76:83:b6:6b:68:d6:
6c:42:7c:4e:81:79:3d:6b:10:c4:92:01:ca:f8:a7:
5b:87:57:e5:35:c7:72:b6:91:4f:15:67:93:f1:43:
7b:93:33:23:a0:f4:97:10:68:cd:91:e1:c5:8f:dc:
83:3d:94:60:20:51:c8:a3:9d:41:ca:8b:4d:c8:34:
ad:61:4a:59:d7:69:13:95:f8:bf:3b:b4:9b:17:75:
a8:89:3d:3a:03:e5:4b:39:81:8d:f1:12:9c:74:aa:
aa:4d:4e:84:ca:86:e5:4f:49:5e:18:bd:13:86:ce:
a3:ec:61:85:50:2f:08:c5:97:c2:06:60:5e:b9:68:
83:95:3d:db:71:36:8c:c4:dd:33:aa:c2:54:18:ed:
bf:a3:4e:24:d9:a8:77:63:0f:fe:d0:6b:b7:68:08:
bd:a7:ca:87:28:40:c1:04:1d:c1:29:eb:32:a0:ac:
55:8d:d0:0f:8b:33:de:97:07:33:74:92:01:4c:c3:
5a:65:c8:26:41:89:31:70:96:21:0a:55:98:40:dc:
a7:55:b7:d5:29:b4:cf:70:97:7d:d2:e2:30:79:28:
7f:7a:12:83:19:84:af:ac:ff:40:1f:26:cf:78:fc:
76:e2:ff:8b:eb:a4:c2:15:29:7f:d6:43:58:81:7b:
92:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:15:97:C9:5D:A8:B9:08:FA:F7:FB:D4:2A:FE:3D:6B:8B:16:B4:C8
X509v3 Authority Key Identifier:
keyid:78:D6:36:C5:05:D5:6A:F4:2A:41:4C:16:7D:52:40:7D:35:6B:3D:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eNY2xQXVavQqQUwWfVJAfTVrPQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1fa945-50e7-479a-9d92-ddcd4d935030/1/pRWXyV2ouQj69_vUKv49a4sWtMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1fa945-50e7-479a-9d92-ddcd4d935030/1/eNY2xQXVavQqQUwWfVJAfTVrPQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.168.0/22
188.65.144.0/21
IPv6:
2a00:1aa0::/32
Signature Algorithm: sha256WithRSAEncryption
17:19:a5:d0:85:b8:39:dc:23:29:aa:41:a7:d8:97:65:8b:a8:
70:fe:dd:c7:65:1b:37:8d:0b:e6:b1:15:ff:18:41:08:f1:b2:
04:1b:27:bd:60:83:8f:49:21:76:cd:c8:65:9b:60:64:e6:e7:
c3:b2:0b:94:d0:e4:db:87:68:0b:4e:18:12:4e:ba:28:d3:75:
c1:0e:73:1e:b8:3f:28:f8:26:3e:57:27:c5:15:0b:52:2e:8e:
dc:b4:6b:7d:ef:70:b7:d3:e8:db:b7:d4:b8:26:90:63:57:57:
a3:34:0e:a5:fa:00:1d:ad:85:bc:a5:32:dc:91:93:b0:35:04:
6b:45:7a:f3:00:a9:96:6a:5b:c0:a2:b1:3b:08:f6:60:c5:43:
26:00:37:43:39:1c:7b:24:6a:19:8c:19:48:48:7c:ab:ad:4a:
b3:c9:8e:6b:af:bf:5a:c4:9c:fe:82:dc:7f:ec:29:74:05:98:
6a:6a:65:98:ea:51:2b:80:ea:96:6a:f2:52:cd:13:4c:21:0b:
48:db:bb:9d:fb:47:3b:2b:bc:7e:2a:a4:d2:2d:b2:37:35:24:
82:0f:94:5b:e9:ae:77:f0:07:04:f2:99:07:70:60:1c:e8:06:
ef:9e:85:f4:68:14:fd:23:90:c3:c8:d2:4a:ce:84:b4:4e:eb:
df:25:de:7a
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECVt8DjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
OGQ2MzZjNTA1ZDU2YWY0MmE0MTRjMTY3ZDUyNDA3ZDM1NmIzZDBiMB4XDTIyMDEw
MTA3NTM0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTUxNTk3Yzk1ZGE4
YjkwOGZhZjdmYmQ0MmFmZTNkNmI4YjE2YjRjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMolC96YNho3doO2a2jWbEJ8ToF5PWsQxJIByvinW4dX5TXH
craRTxVnk/FDe5MzI6D0lxBozZHhxY/cgz2UYCBRyKOdQcqLTcg0rWFKWddpE5X4
vzu0mxd1qIk9OgPlSzmBjfESnHSqqk1OhMqG5U9JXhi9E4bOo+xhhVAvCMWXwgZg
Xrlog5U923E2jMTdM6rCVBjtv6NOJNmod2MP/tBrt2gIvafKhyhAwQQdwSnrMqCs
VY3QD4sz3pcHM3SSAUzDWmXIJkGJMXCWIQpVmEDcp1W31Sm0z3CXfdLiMHkof3oS
gxmEr6z/QB8mz3j8duL/i+ukwhUpf9ZDWIF7ktUCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSlFZfJXai5CPr3+9Qq/j1rixa0yDAfBgNVHSMEGDAWgBR41jbFBdVq9CpB
TBZ9UkB9NWs9CzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VOWTJ4UVhWYXZRcVFVd1dmVkpBZlRWclBRcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvMWZhOTQ1LTUwZTctNDc5YS05ZDkyLWRkY2Q0ZDkzNTAzMC8x
L3BSV1h5VjJvdVFqNjlfdlVLdjQ5YTRzV3RNZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
MWZhOTQ1LTUwZTctNDc5YS05ZDkyLWRkY2Q0ZDkzNTAzMC8xL2VOWTJ4UVhWYXZR
cVFVd1dmVkpBZlRWclBRcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAlvMqAMEA7xBkDANBAIAAjAHAwUA
KgAaoDANBgkqhkiG9w0BAQsFAAOCAQEAFxml0IW4OdwjKapBp9iXZYuocP7dx2Ub
N40L5rEV/xhBCPGyBBsnvWCDj0khds3IZZtgZObnw7ILlNDk24doC04YEk66KNN1
wQ5zHrg/KPgmPlcnxRULUi6O3LRrfe9wt9Po27fUuCaQY1dXozQOpfoAHa2FvKUy
3JGTsDUEa0V68wCplmpbwKKxOwj2YMVDJgA3QzkceyRqGYwZSEh8q61Ks8mOa6+/
WsSc/oLcf+wpdAWYamplmOpRK4DqlmryUs0TTCELSNu7nftHOyu8fiqk0i2yNzUk
gg+UW+mud/AHBPKZB3BgHOgG756F9GgU/SOQw8jSSs6EtE7r3yXeeg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:37:48 2025 by rpki-client