Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/xReg7CX81OySjTqt-ub27xCbGok.roa
File: xReg7CX81OySjTqt-ub27xCbGok.roa (raw, json)
Hash identifier: HSRRhPtrmEm+HNwkPt/0Ket5ap5Qln4uEuc+BatSZ4I=
Subject key identifier: C5:17:A0:EC:25:FC:D4:EC:92:8D:3A:AD:FA:E6:F6:EF:10:9B:1A:89
Certificate issuer: /CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Certificate serial: 054524FD
Authority key identifier: D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/xReg7CX81OySjTqt-ub27xCbGok.roa
Signing time: Sat 01 Jan 2022 06:04:05 +0000
ROA not before: Sat 01 Jan 2022 06:04:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44070
IP address blocks: 89.31.8.0/21 maxlen: 21
78.41.8.0/21 maxlen: 21
2a10:c540::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88417533 (0x54524fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Validity
Not Before: Jan 1 06:04:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c517a0ec25fcd4ec928d3aadfae6f6ef109b1a89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:9e:9b:c3:1d:bc:a3:b9:55:01:49:96:e3:26:
ae:c4:a0:0a:ba:2e:93:bb:3d:03:d3:34:d6:0d:c7:
63:52:99:bd:c0:37:1d:d3:63:56:3b:07:29:38:69:
94:06:67:d1:57:3d:9c:0d:2b:6e:e3:c6:cf:1f:5c:
dd:8c:02:9c:52:a8:f3:91:68:5f:6e:d0:88:eb:f4:
26:8f:3a:d8:a2:ef:4c:54:b6:79:31:a0:22:70:4d:
70:11:d5:a0:07:90:62:76:8b:52:90:4c:19:e3:c8:
9a:b0:e1:83:64:0b:e3:e8:79:aa:56:da:0d:29:e6:
c5:e8:01:fd:12:1a:10:ba:3d:e7:f4:d2:59:be:86:
40:16:01:bc:82:cb:63:13:2f:b4:08:e5:7a:92:a3:
e4:46:d2:fe:72:30:12:1d:dc:b3:d7:3c:b9:6d:30:
5b:0a:a2:b3:06:03:b3:8c:00:48:9b:16:d0:cf:5f:
0f:d2:cb:ae:b8:4c:b7:15:c0:5c:c0:25:d0:e7:f8:
74:7e:bc:c9:b8:b6:a5:14:b5:26:40:de:14:f2:0d:
d6:e9:75:8b:76:e3:4a:e2:05:f4:c9:d1:e6:22:f7:
fd:9d:29:c6:27:db:94:60:e5:8b:4f:73:f4:95:f1:
da:97:d6:5e:55:df:a5:1c:64:2a:f3:90:01:47:5f:
44:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:17:A0:EC:25:FC:D4:EC:92:8D:3A:AD:FA:E6:F6:EF:10:9B:1A:89
X509v3 Authority Key Identifier:
keyid:D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/xReg7CX81OySjTqt-ub27xCbGok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/1P8P7Ne_RBSJMXiN_n8g1npnoNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.8.0/21
89.31.8.0/21
IPv6:
2a10:c540::/29
Signature Algorithm: sha256WithRSAEncryption
97:7c:df:3b:6b:01:9b:4f:c7:cf:b0:69:36:7e:a1:49:39:03:
75:ad:fe:3a:f9:c7:91:60:38:cc:f3:4e:81:84:6c:2c:dd:62:
ca:96:12:f9:c9:1f:3c:41:dd:4e:fb:4c:68:63:50:e2:04:8f:
94:6f:9a:b1:c1:e3:68:a5:08:8f:f9:ba:0f:0b:17:bc:aa:79:
e0:43:97:ea:44:bd:25:68:60:8e:55:c4:7f:52:9a:cb:c4:b5:
c3:d9:82:92:8e:84:e5:bc:32:e4:e0:51:75:72:05:93:a4:42:
dc:cc:06:87:3f:d5:84:21:5b:78:9b:ba:71:13:49:cd:5f:9c:
0e:9a:86:07:93:0a:b7:e8:1f:c4:68:48:3f:04:c5:70:fc:be:
b5:05:0b:ab:1e:6a:7e:1d:dc:12:10:03:e7:ef:43:e5:92:99:
f8:31:f9:31:19:f1:ae:83:fd:a2:92:7f:2a:68:d4:a0:38:39:
78:7d:ef:e3:39:56:63:f9:91:a3:a8:de:db:60:36:e0:ef:db:
57:d0:3e:b3:33:45:66:bb:d5:ef:cb:75:b6:95:79:8f:d3:4f:
c7:25:b1:38:30:ac:6a:4c:94:a4:1b:79:7e:4c:6b:48:bc:37:
6a:cc:9e:1e:85:af:63:ba:50:0a:35:43:df:47:51:3b:01:5b:
42:11:5e:74
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBUUk/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NGZmMGZlY2Q3YmY0NDE0ODkzMTc4OGRmZTdmMjBkNjdhNjdhMGRiMB4XDTIyMDEw
MTA2MDQwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzUxN2EwZWMyNWZj
ZDRlYzkyOGQzYWFkZmFlNmY2ZWYxMDliMWE4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIWem8MdvKO5VQFJluMmrsSgCrouk7s9A9M01g3HY1KZvcA3
HdNjVjsHKThplAZn0Vc9nA0rbuPGzx9c3YwCnFKo85FoX27QiOv0Jo862KLvTFS2
eTGgInBNcBHVoAeQYnaLUpBMGePImrDhg2QL4+h5qlbaDSnmxegB/RIaELo95/TS
Wb6GQBYBvILLYxMvtAjlepKj5EbS/nIwEh3cs9c8uW0wWwqiswYDs4wASJsW0M9f
D9LLrrhMtxXAXMAl0Of4dH68ybi2pRS1JkDeFPIN1ul1i3bjSuIF9MnR5iL3/Z0p
xifblGDli09z9JXx2pfWXlXfpRxkKvOQAUdfRCECAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTFF6DsJfzU7JKNOq365vbvEJsaiTAfBgNVHSMEGDAWgBTU/w/s179EFIkx
eI3+fyDWemeg2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFQOFA3TmVfUkJTSk1YaU5fbjhnMW5wbm9Ocy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmIvMGMwYzY1LTlmODItNDQ1MC05MTY1LWYwYzIxZjgxODZmMC8x
L3hSZWc3Q1g4MU95U2pUcXQtdWIyN3hDYkdvay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIv
MGMwYzY1LTlmODItNDQ1MC05MTY1LWYwYzIxZjgxODZmMC8xLzFQOFA3TmVfUkJT
Sk1YaU5fbjhnMW5wbm9Ocy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA04pCAMEA1kfCDANBAIAAjAHAwUD
KhDFQDANBgkqhkiG9w0BAQsFAAOCAQEAl3zfO2sBm0/Hz7BpNn6hSTkDda3+OvnH
kWA4zPNOgYRsLN1iypYS+ckfPEHdTvtMaGNQ4gSPlG+ascHjaKUIj/m6DwsXvKp5
4EOX6kS9JWhgjlXEf1Kay8S1w9mCko6E5bwy5OBRdXIFk6RC3MwGhz/VhCFbeJu6
cRNJzV+cDpqGB5MKt+gfxGhIPwTFcPy+tQULqx5qfh3cEhAD5+9D5ZKZ+DH5MRnx
roP9opJ/KmjUoDg5eH3v4zlWY/mRo6je22A24O/bV9A+szNFZrvV78t1tpV5j9NP
xyWxODCsakyUpBt5fkxrSLw3asyeHoWvY7pQCjVD30dROwFbQhFedA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:53:12 2025 by rpki-client