Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/666786-561c-4bd0-a7b0-8f7fd3dc15fe/1/XFj03ZPCOj3qqoe8oMNPGmud9a4.roa
File: XFj03ZPCOj3qqoe8oMNPGmud9a4.roa (raw, json)
Hash identifier: m6E7RZQpvmKbh+R69KgZ6bmoskHz5Bb8/AlaawR8U/0=
Subject key identifier: 5C:58:F4:DD:93:C2:3A:3D:EA:AA:87:BC:A0:C3:4F:1A:6B:9D:F5:AE
Certificate issuer: /CN=31aadcca96f44a457392d8907c6b964be0fcf921
Certificate serial: 019428243905F4028DB54744A80DBB635A1F
Authority key identifier: 31:AA:DC:CA:96:F4:4A:45:73:92:D8:90:7C:6B:96:4B:E0:FC:F9:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Marcypb0SkVzktiQfGuWS-D8-SE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/666786-561c-4bd0-a7b0-8f7fd3dc15fe/1/XFj03ZPCOj3qqoe8oMNPGmud9a4.roa
Signing time: Thu 02 Jan 2025 17:50:50 +0000
ROA not before: Thu 02 Jan 2025 17:50:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47412
IP address blocks: 91.206.44.0/24 maxlen: 24
91.206.45.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:39:05:f4:02:8d:b5:47:44:a8:0d:bb:63:5a:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31aadcca96f44a457392d8907c6b964be0fcf921
Validity
Not Before: Jan 2 17:50:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c58f4dd93c23a3deaaa87bca0c34f1a6b9df5ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a0:ed:49:66:8e:a3:35:c6:c9:fd:7c:9d:80:
0f:42:09:17:02:84:84:2f:f6:9d:7c:ee:18:b3:c9:
9d:3f:c7:bf:58:fa:81:9b:e9:66:c5:47:e6:83:b1:
6b:52:64:b8:dc:3e:e4:ad:e3:ee:a6:54:b0:c0:82:
68:dc:a5:38:3c:d1:9c:2e:30:95:4d:f9:95:8a:47:
fe:3f:91:ae:c2:46:69:30:6e:e8:a6:e2:f2:e1:e9:
83:cf:18:42:de:ea:81:09:07:73:59:3a:ba:c8:1d:
da:e6:7b:f7:bc:ce:3f:df:d6:ec:c9:53:e6:62:1b:
0d:82:13:6a:4e:1b:56:70:61:69:9b:5a:33:dc:78:
d0:7f:82:3a:e0:6d:f8:66:fc:de:b7:23:35:73:4c:
09:19:8a:d7:d6:1a:d4:fd:94:52:5e:61:fe:39:e9:
41:95:4e:57:cc:61:52:31:42:4d:5a:ce:71:5a:46:
f4:7a:5c:9e:77:d7:ae:98:6a:ba:25:97:6d:c2:65:
8d:a5:f0:7f:2f:49:9b:8a:e6:73:9b:69:a4:e9:53:
f4:1d:50:e1:99:b2:d9:11:f4:37:c8:e4:e3:0a:43:
40:e2:37:d6:d9:8b:a4:55:81:ed:47:55:7f:10:0e:
fd:e5:ad:f4:45:9f:b8:bc:41:20:a4:5d:12:eb:ce:
bc:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:58:F4:DD:93:C2:3A:3D:EA:AA:87:BC:A0:C3:4F:1A:6B:9D:F5:AE
X509v3 Authority Key Identifier:
keyid:31:AA:DC:CA:96:F4:4A:45:73:92:D8:90:7C:6B:96:4B:E0:FC:F9:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Marcypb0SkVzktiQfGuWS-D8-SE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/666786-561c-4bd0-a7b0-8f7fd3dc15fe/1/XFj03ZPCOj3qqoe8oMNPGmud9a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/666786-561c-4bd0-a7b0-8f7fd3dc15fe/1/Marcypb0SkVzktiQfGuWS-D8-SE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.44.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:57:96:62:70:63:64:73:2d:0a:6d:e8:77:a4:b1:fe:d0:cb:
fc:53:85:c9:8c:fd:25:29:7d:a7:7b:05:9f:51:0a:37:da:1c:
5a:63:0d:34:b1:99:a4:02:c1:5e:55:01:a8:90:f8:97:c0:a9:
1f:c8:c4:29:70:60:0b:8c:d8:19:e9:6d:99:e9:ee:5e:7e:6b:
dc:de:1a:57:5a:48:fd:4c:26:a4:ef:f9:52:4c:1c:bf:5c:47:
9a:b1:34:e7:c5:c3:7d:f7:25:b9:3c:10:01:35:ca:21:a3:2f:
67:06:84:fc:53:41:94:63:f4:c4:50:04:ee:fa:53:aa:65:c4:
7f:59:ba:e8:0e:d5:ba:af:3c:1d:60:9f:19:09:df:57:de:9d:
de:85:48:9b:02:24:90:88:3a:e2:04:1f:1e:9d:b8:99:80:41:
02:ab:a0:46:5e:13:26:f1:b4:7b:7c:cc:e5:c7:0c:64:0a:fa:
7f:14:33:be:b6:f4:75:56:ab:92:e3:20:6a:43:db:85:f3:4c:
32:57:2d:34:2c:b3:e2:f3:df:76:71:19:7f:d7:5d:27:22:ed:
c0:27:72:86:08:e8:e8:9d:d0:b5:db:2f:c9:c7:79:0f:8a:bb:
e8:f5:91:0b:54:e5:7a:7f:c7:d0:ba:16:6f:25:bc:97:91:57:
ae:df:04:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJDkF9AKNtUdEqA27Y1ofMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYWFkY2NhOTZmNDRhNDU3MzkyZDg5MDdjNmI5NjRiZTBm
Y2Y5MjEwHhcNMjUwMTAyMTc1MDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzU4ZjRkZDkzYzIzYTNkZWFhYTg3YmNhMGMzNGYxYTZiOWRmNWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnaDtSWaOozXGyf18nYAPQgkXAoSE
L/adfO4Ys8mdP8e/WPqBm+lmxUfmg7FrUmS43D7krePuplSwwIJo3KU4PNGcLjCV
TfmVikf+P5GuwkZpMG7opuLy4emDzxhC3uqBCQdzWTq6yB3a5nv3vM4/39bsyVPm
YhsNghNqThtWcGFpm1oz3HjQf4I64G34ZvzetyM1c0wJGYrX1hrU/ZRSXmH+OelB
lU5XzGFSMUJNWs5xWkb0elyed9eumGq6JZdtwmWNpfB/L0mbiuZzm2mk6VP0HVDh
mbLZEfQ3yOTjCkNA4jfW2YukVYHtR1V/EA795a30RZ+4vEEgpF0S68685wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFxY9N2Twjo96qqHvKDDTxprnfWuMB8GA1UdIwQY
MBaAFDGq3MqW9EpFc5LYkHxrlkvg/PkhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFyY3lwYjBTa1Z6a3RpUWZHdVdTLUQ4LVNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni82NjY3ODYtNTYxYy00YmQwLWE3YjAt
OGY3ZmQzZGMxNWZlLzEvWEZqMDNaUENPajNxcW9lOG9NTlBHbXVkOWE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni82NjY3ODYtNTYxYy00YmQwLWE3YjAtOGY3ZmQzZGMxNWZl
LzEvTWFyY3lwYjBTa1Z6a3RpUWZHdVdTLUQ4LVNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW84sMA0G
CSqGSIb3DQEBCwUAA4IBAQCdV5ZicGNkcy0Kbeh3pLH+0Mv8U4XJjP0lKX2newWf
UQo32hxaYw00sZmkAsFeVQGokPiXwKkfyMQpcGALjNgZ6W2Z6e5efmvc3hpXWkj9
TCak7/lSTBy/XEeasTTnxcN99yW5PBABNcohoy9nBoT8U0GUY/TEUATu+lOqZcR/
WbroDtW6rzwdYJ8ZCd9X3p3ehUibAiSQiDriBB8enbiZgEECq6BGXhMm8bR7fMzl
xwxkCvp/FDO+tvR1VquS4yBqQ9uF80wyVy00LLPi8992cRl/110nIu3AJ3KGCOjo
ndC12y/Jx3kPirvo9ZELVOV6f8fQuhZvJbyXkVeu3wTS
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:27:05 2025 by rpki-client