Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1fa945-50e7-479a-9d92-ddcd4d935030/1/svxDHUv8I0v3-tH5FV4yv_iCNyQ.roa
File: svxDHUv8I0v3-tH5FV4yv_iCNyQ.roa (raw, json)
Hash identifier: gLZpf0gYdb78njtSEGhBZqRIOyfSiFnunbdXhyt+pPA=
Subject key identifier: B2:FC:43:1D:4B:FC:23:4B:F7:FA:D1:F9:15:5E:32:BF:F8:82:37:24
Certificate issuer: /CN=78d636c505d56af42a414c167d52407d356b3d0b
Certificate serial: 018CC3493A9EB72A8D307CECAB25F9E73689
Authority key identifier: 78:D6:36:C5:05:D5:6A:F4:2A:41:4C:16:7D:52:40:7D:35:6B:3D:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eNY2xQXVavQqQUwWfVJAfTVrPQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/1fa945-50e7-479a-9d92-ddcd4d935030/1/svxDHUv8I0v3-tH5FV4yv_iCNyQ.roa
Signing time: Mon 01 Jan 2024 04:30:05 +0000
ROA not before: Mon 01 Jan 2024 04:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209480
IP address blocks: 188.65.144.0/21 maxlen: 21
91.204.168.0/22 maxlen: 22
2a00:1aa0::/32 maxlen: 32
2a00:1aa0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:3a:9e:b7:2a:8d:30:7c:ec:ab:25:f9:e7:36:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78d636c505d56af42a414c167d52407d356b3d0b
Validity
Not Before: Jan 1 04:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2fc431d4bfc234bf7fad1f9155e32bff8823724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:1c:8e:26:f1:41:09:1f:6d:fb:1e:d5:c4:93:
17:44:63:f8:81:c4:a5:01:b4:4f:be:66:ec:7e:ea:
0c:79:be:d9:00:1c:ca:d0:e3:1a:97:06:32:41:2d:
ab:a9:4d:88:51:14:d9:38:8c:00:76:a8:58:f2:ad:
1e:92:ea:7f:f7:b1:4d:b3:e6:f0:66:cd:df:03:c5:
d2:31:26:77:1a:2e:8f:2e:33:0c:4f:20:0f:a8:49:
9f:60:51:6b:c0:3c:43:f3:7f:d7:d7:14:fe:4e:81:
bf:26:c2:f1:3e:ce:b3:a2:42:7d:71:26:7e:07:70:
78:fe:e4:4b:60:e1:fb:be:cf:00:56:ec:d2:1e:f4:
09:26:e0:49:9c:16:4c:e7:ea:a2:cd:ad:b8:e1:6a:
f3:92:d2:94:c0:98:16:3b:60:d2:e5:8b:dd:9e:e1:
2b:9e:f6:70:86:67:fe:b0:00:cb:ab:2d:a7:a0:ba:
25:9b:a9:8b:c4:22:f7:27:dc:22:1b:b8:00:96:0f:
31:ff:f9:03:97:eb:07:d8:4e:58:04:6b:e0:02:d3:
62:46:8e:1f:1c:53:f8:be:78:67:ac:26:d3:df:5c:
34:10:1c:64:87:22:97:56:47:bf:23:29:df:0c:d4:
c9:be:d4:88:1e:8a:6e:15:45:4c:a6:db:19:4f:16:
9e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:FC:43:1D:4B:FC:23:4B:F7:FA:D1:F9:15:5E:32:BF:F8:82:37:24
X509v3 Authority Key Identifier:
keyid:78:D6:36:C5:05:D5:6A:F4:2A:41:4C:16:7D:52:40:7D:35:6B:3D:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eNY2xQXVavQqQUwWfVJAfTVrPQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1fa945-50e7-479a-9d92-ddcd4d935030/1/svxDHUv8I0v3-tH5FV4yv_iCNyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1fa945-50e7-479a-9d92-ddcd4d935030/1/eNY2xQXVavQqQUwWfVJAfTVrPQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.168.0/22
188.65.144.0/21
IPv6:
2a00:1aa0::/29
Signature Algorithm: sha256WithRSAEncryption
35:0c:34:75:dc:05:6a:7e:ae:9f:eb:69:8e:06:eb:38:dd:62:
f1:fb:78:2c:23:30:18:51:14:e3:a5:92:08:68:14:26:65:ee:
97:c7:92:ba:7d:d9:4b:ac:8f:bc:8f:b2:10:df:5f:ea:58:0c:
bf:a1:a2:38:19:01:d8:db:09:ef:35:86:35:b9:21:cc:72:93:
8d:68:68:82:0b:b8:77:bc:c4:05:d3:e9:d9:be:57:2f:89:ea:
64:b4:4c:13:c6:99:ef:2d:14:bb:ee:5e:ce:e5:d7:3a:75:86:
63:9d:b1:fd:69:d2:cc:f3:16:98:ee:14:4c:a0:31:34:55:b3:
4a:c7:8a:89:64:c6:34:04:dd:d9:b3:b4:38:b9:7e:74:33:82:
d8:cc:c6:96:32:3c:27:d2:36:7b:0a:cc:f1:45:28:b6:63:4f:
04:6a:8a:f1:99:c1:31:60:c4:79:20:ba:3b:61:89:a3:27:e3:
d0:ea:06:b6:d0:8a:1e:b3:0b:ff:c2:d6:4a:d5:d6:95:ee:aa:
8e:1d:dc:23:8b:ae:32:c6:d3:a8:b1:1c:4d:30:07:54:25:b7:
b3:65:26:b2:f3:b9:3a:29:dc:26:90:88:fe:30:c8:6b:55:db:
48:cf:19:fb:dd:1d:b9:eb:c2:ed:7b:52:73:b2:79:22:2d:e3:
ba:49:93:ad
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDSTqetyqNMHzsqyX55zaJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4ZDYzNmM1MDVkNTZhZjQyYTQxNGMxNjdkNTI0MDdkMzU2
YjNkMGIwHhcNMjQwMTAxMDQzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmZjNDMxZDRiZmMyMzRiZjdmYWQxZjkxNTVlMzJiZmY4ODIzNzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoByOJvFBCR9t+x7VxJMXRGP4gcSl
AbRPvmbsfuoMeb7ZABzK0OMalwYyQS2rqU2IURTZOIwAdqhY8q0ekup/97FNs+bw
Zs3fA8XSMSZ3Gi6PLjMMTyAPqEmfYFFrwDxD83/X1xT+ToG/JsLxPs6zokJ9cSZ+
B3B4/uRLYOH7vs8AVuzSHvQJJuBJnBZM5+qiza244WrzktKUwJgWO2DS5YvdnuEr
nvZwhmf+sADLqy2noLolm6mLxCL3J9wiG7gAlg8x//kDl+sH2E5YBGvgAtNiRo4f
HFP4vnhnrCbT31w0EBxkhyKXVke/IynfDNTJvtSIHopuFUVMptsZTxaeiwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLL8Qx1L/CNL9/rR+RVeMr/4gjckMB8GA1UdIwQY
MBaAFHjWNsUF1Wr0KkFMFn1SQH01az0LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZU5ZMnhRWFZhdlFxUVV3V2ZWSkFmVFZyUFFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xZmE5NDUtNTBlNy00NzlhLTlkOTIt
ZGRjZDRkOTM1MDMwLzEvc3Z4REhVdjhJMHYzLXRINUZWNHl2X2lDTnlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xZmE5NDUtNTBlNy00NzlhLTlkOTItZGRjZDRkOTM1MDMw
LzEvZU5ZMnhRWFZhdlFxUVV3V2ZWSkFmVFZyUFFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8yoAwQD
vEGQMA0EAgACMAcDBQMqABqgMA0GCSqGSIb3DQEBCwUAA4IBAQA1DDR13AVqfq6f
62mOBus43WLx+3gsIzAYURTjpZIIaBQmZe6Xx5K6fdlLrI+8j7IQ31/qWAy/oaI4
GQHY2wnvNYY1uSHMcpONaGiCC7h3vMQF0+nZvlcviepktEwTxpnvLRS77l7O5dc6
dYZjnbH9adLM8xaY7hRMoDE0VbNKx4qJZMY0BN3Zs7Q4uX50M4LYzMaWMjwn0jZ7
CszxRSi2Y08EaorxmcExYMR5ILo7YYmjJ+PQ6ga20Ioeswv/wtZK1daV7qqOHdwj
i64yxtOosRxNMAdUJbezZSay87k6KdwmkIj+MMhrVdtIzxn73R2568Lte1Jzsnki
LeO6SZOt
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:01:06 2025 by rpki-client