Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/c8bd33-f2c6-4381-83e4-059e0d7da369/1/XTW89P4NsGwostDDJbTwBNuH-rc.roa
File: XTW89P4NsGwostDDJbTwBNuH-rc.roa (raw, json)
Hash identifier: eeiZdmuN1PctvfN1wdPst83+SyR0xdabkoaWaIoE0qw=
Subject key identifier: 5D:35:BC:F4:FE:0D:B0:6C:28:B2:D0:C3:25:B4:F0:04:DB:87:FA:B7
Certificate issuer: /CN=7abca3cc0aa411940be93134f1bb4294488c89b1
Certificate serial: 014CF8
Authority key identifier: 7A:BC:A3:CC:0A:A4:11:94:0B:E9:31:34:F1:BB:42:94:48:8C:89:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eryjzAqkEZQL6TE08btClEiMibE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/c8bd33-f2c6-4381-83e4-059e0d7da369/1/XTW89P4NsGwostDDJbTwBNuH-rc.roa
Signing time: Fri 28 Jan 2022 12:58:38 +0000
ROA not before: Fri 28 Jan 2022 12:58:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50629
IP address blocks: 195.191.196.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85240 (0x14cf8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7abca3cc0aa411940be93134f1bb4294488c89b1
Validity
Not Before: Jan 28 12:58:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d35bcf4fe0db06c28b2d0c325b4f004db87fab7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:34:39:d5:4d:9e:a8:48:48:61:9d:f4:da:30:
68:ab:37:87:96:71:fa:45:dd:b5:a2:9f:3f:f5:fe:
62:77:18:d8:ba:7e:4d:f3:3c:b7:12:3b:d8:f0:e6:
07:da:a6:43:f9:48:2f:fd:7f:9a:99:09:e3:f2:a5:
a5:04:96:0f:74:6d:29:16:55:02:88:c9:fc:26:5f:
86:25:c1:7d:13:af:69:27:bf:16:b4:a5:35:af:53:
2b:f3:ca:fa:6c:16:7c:c1:2d:4d:91:4a:ad:c5:01:
a7:97:9b:d0:23:6d:d9:9b:c6:a8:5b:15:2e:ef:07:
3b:23:57:b7:46:12:f5:42:55:f9:a5:56:b7:ab:ac:
6d:1a:9e:d4:f3:6e:73:ff:ff:1d:72:ee:19:10:46:
f0:cd:dc:6b:66:d8:eb:d4:e1:8e:49:00:cb:88:db:
95:8c:94:95:fb:2d:e9:4c:42:e6:71:c9:37:65:65:
bc:09:bb:00:b2:cc:bb:0e:08:3b:2b:1c:92:3e:2d:
c4:38:47:50:6c:b6:79:0a:fa:4a:b3:bf:bf:a0:a2:
19:ca:2c:ad:c6:52:b6:6c:9e:2e:40:d5:f1:0d:70:
24:2f:29:68:1c:13:ed:a3:fc:c5:41:d8:60:5f:73:
78:8a:d4:59:41:62:77:9f:20:24:88:05:25:1f:b4:
db:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:35:BC:F4:FE:0D:B0:6C:28:B2:D0:C3:25:B4:F0:04:DB:87:FA:B7
X509v3 Authority Key Identifier:
keyid:7A:BC:A3:CC:0A:A4:11:94:0B:E9:31:34:F1:BB:42:94:48:8C:89:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eryjzAqkEZQL6TE08btClEiMibE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/c8bd33-f2c6-4381-83e4-059e0d7da369/1/XTW89P4NsGwostDDJbTwBNuH-rc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/c8bd33-f2c6-4381-83e4-059e0d7da369/1/eryjzAqkEZQL6TE08btClEiMibE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.196.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:5e:1d:4e:b1:20:0f:e1:6f:e5:c0:f1:45:54:4e:d0:b4:78:
79:ff:b1:2d:45:64:1a:38:f1:c2:04:0e:f8:fb:d4:6f:49:ba:
1e:fb:b3:14:d0:e3:95:4c:c7:df:37:10:ad:b6:7c:98:c1:97:
77:0e:25:f8:3f:ad:de:b9:99:84:04:6a:8b:ce:12:99:fb:0a:
3b:c5:d2:0f:b5:0d:21:44:d7:0a:09:a4:70:63:9f:88:c8:f9:
fb:38:0d:55:9b:89:12:3b:2e:73:36:08:cb:ed:6e:00:66:9c:
46:a6:bd:c7:2a:ff:d7:6e:48:fe:b0:e0:16:7d:89:d4:dd:16:
cb:de:88:e2:7c:82:8e:bb:ed:3b:20:8d:0a:cb:0b:12:77:9a:
c4:76:52:cb:32:b8:42:71:f7:48:c8:5f:b3:30:87:4c:b4:03:
40:0f:3d:e5:61:34:00:72:a1:e3:47:a8:3d:62:fc:6e:6f:ff:
b7:23:cd:38:60:a8:a0:e7:19:a7:c7:e4:06:6d:77:36:ec:6c:
84:90:2c:3c:0a:38:92:4c:1f:9e:39:16:ed:24:e6:23:ab:45:
2a:d3:34:aa:6b:2f:bd:a6:01:39:b7:5b:cf:0e:29:fa:8b:46:
18:c2:47:83:81:33:17:ca:a5:1c:56:f4:b4:a0:3f:e9:8b:fd:
c4:ba:e8:29
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAUz4MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDdh
YmNhM2NjMGFhNDExOTQwYmU5MzEzNGYxYmI0Mjk0NDg4Yzg5YjEwHhcNMjIwMTI4
MTI1ODM4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1ZDM1YmNmNGZlMGRi
MDZjMjhiMmQwYzMyNWI0ZjAwNGRiODdmYWI3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAszQ51U2eqEhIYZ302jBoqzeHlnH6Rd21op8/9f5idxjYun5N
8zy3EjvY8OYH2qZD+Ugv/X+amQnj8qWlBJYPdG0pFlUCiMn8Jl+GJcF9E69pJ78W
tKU1r1Mr88r6bBZ8wS1NkUqtxQGnl5vQI23Zm8aoWxUu7wc7I1e3RhL1QlX5pVa3
q6xtGp7U825z//8dcu4ZEEbwzdxrZtjr1OGOSQDLiNuVjJSV+y3pTELmcck3ZWW8
CbsAssy7Dgg7KxySPi3EOEdQbLZ5CvpKs7+/oKIZyiytxlK2bJ4uQNXxDXAkLylo
HBPto/zFQdhgX3N4itRZQWJ3nyAkiAUlH7TbOQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFF01vPT+DbBsKLLQwyW08ATbh/q3MB8GA1UdIwQYMBaAFHq8o8wKpBGUC+kx
NPG7QpRIjImxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ZXJ5anpBcWtFWlFMNlRFMDhidENsRWlNaWJFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83MS9jOGJkMzMtZjJjNi00MzgxLTgzZTQtMDU5ZTBkN2RhMzY5LzEv
WFRXODlQNE5zR3dvc3REREpiVHdCTnVILXJjLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9j
OGJkMzMtZjJjNi00MzgxLTgzZTQtMDU5ZTBkN2RhMzY5LzEvZXJ5anpBcWtFWlFM
NlRFMDhidENsRWlNaWJFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw7/EMA0GCSqGSIb3DQEBCwUAA4IB
AQCLXh1OsSAP4W/lwPFFVE7QtHh5/7EtRWQaOPHCBA74+9RvSboe+7MU0OOVTMff
NxCttnyYwZd3DiX4P63euZmEBGqLzhKZ+wo7xdIPtQ0hRNcKCaRwY5+IyPn7OA1V
m4kSOy5zNgjL7W4AZpxGpr3HKv/Xbkj+sOAWfYnU3RbL3ojifIKOu+07II0KywsS
d5rEdlLLMrhCcfdIyF+zMIdMtANADz3lYTQAcqHjR6g9Yvxub/+3I804YKig5xmn
x+QGbXc27GyEkCw8CjiSTB+eORbtJOYjq0Uq0zSqay+9pgE5t1vPDin6i0YYwkeD
gTMXyqUcVvS0oD/pi/3Euugp
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:07:16 2025 by rpki-client