Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/ba8769-8d8a-4c17-91c7-6ba7a947a7f7/1/xjFYnGP6tvKlT0bnY6Z0blojedo.roa
File: xjFYnGP6tvKlT0bnY6Z0blojedo.roa (raw, json)
Hash identifier: D4wBiEgNI0VL2j2WFme+xBy3GKKEqlCZgqQ1eMFWWqI=
Subject key identifier: C6:31:58:9C:63:FA:B6:F2:A5:4F:46:E7:63:A6:74:6E:5A:23:79:DA
Certificate issuer: /CN=8afa7e0b34a476222cb1f5bc0c05ec13bbb14a79
Certificate serial: 01942368CF2A2425B301080D03CB3212EEC7
Authority key identifier: 8A:FA:7E:0B:34:A4:76:22:2C:B1:F5:BC:0C:05:EC:13:BB:B1:4A:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ivp-CzSkdiIssfW8DAXsE7uxSnk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/ba8769-8d8a-4c17-91c7-6ba7a947a7f7/1/xjFYnGP6tvKlT0bnY6Z0blojedo.roa
Signing time: Wed 01 Jan 2025 19:47:38 +0000
ROA not before: Wed 01 Jan 2025 19:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198381
IP address blocks: 185.31.188.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:cf:2a:24:25:b3:01:08:0d:03:cb:32:12:ee:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8afa7e0b34a476222cb1f5bc0c05ec13bbb14a79
Validity
Not Before: Jan 1 19:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c631589c63fab6f2a54f46e763a6746e5a2379da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:78:11:b9:4a:46:df:00:2a:1a:7e:e2:73:1f:
38:7b:ac:cd:08:3d:54:5d:eb:88:06:c6:80:fc:a6:
7d:18:eb:74:3c:60:20:be:f3:18:5a:13:87:fa:03:
a8:e6:4d:c5:8f:05:4d:9a:60:a8:6e:66:3a:3b:54:
50:74:5b:2a:2b:07:c5:c5:b2:3e:77:ec:ae:ed:47:
e3:40:5c:29:78:94:9b:f0:32:dc:5a:7e:52:6c:e4:
88:f3:c4:84:22:f8:1d:17:90:c0:e6:94:9a:f9:7e:
08:03:62:1b:f7:2a:03:3f:2a:b2:5c:42:80:04:5a:
95:f9:61:00:9b:12:bc:00:ce:08:3d:d7:c2:a1:86:
f4:20:ad:dd:f4:06:02:94:62:22:03:99:b7:32:42:
42:43:d5:f0:57:9a:b9:80:89:85:4b:5e:4f:08:78:
81:ab:cd:6a:2a:ac:9c:fe:31:c5:1e:87:a8:86:25:
11:6b:fa:c3:3e:ff:55:5a:b9:7b:46:2e:5c:63:33:
6a:e8:38:c3:7d:e6:a4:da:df:d7:5d:d9:c7:74:c6:
c5:fe:18:85:4b:91:03:7d:8c:c5:9c:d2:ea:ac:33:
72:f9:41:f4:5a:c1:e2:f6:a2:8e:07:1b:60:c1:c9:
52:41:e7:14:c4:37:75:ff:e1:e2:07:d7:2b:79:c5:
77:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:31:58:9C:63:FA:B6:F2:A5:4F:46:E7:63:A6:74:6E:5A:23:79:DA
X509v3 Authority Key Identifier:
keyid:8A:FA:7E:0B:34:A4:76:22:2C:B1:F5:BC:0C:05:EC:13:BB:B1:4A:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ivp-CzSkdiIssfW8DAXsE7uxSnk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/ba8769-8d8a-4c17-91c7-6ba7a947a7f7/1/xjFYnGP6tvKlT0bnY6Z0blojedo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/ba8769-8d8a-4c17-91c7-6ba7a947a7f7/1/ivp-CzSkdiIssfW8DAXsE7uxSnk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.188.0/22
Signature Algorithm: sha256WithRSAEncryption
59:ee:46:1f:39:b0:92:80:1b:e0:26:61:0c:5b:b8:77:99:38:
74:2d:89:e1:3c:d1:1b:5b:11:fe:d3:d4:5a:e2:37:b2:0c:e9:
5f:ec:ad:f8:22:53:d8:72:39:b5:1b:2a:37:8f:e1:69:66:36:
64:21:1a:cd:ab:a9:74:1d:e4:a6:5d:87:51:2e:17:5a:3e:ca:
7d:de:1d:66:7d:ee:68:6d:3d:db:a6:e1:57:7e:af:23:c4:f8:
eb:bf:cf:b4:f1:df:75:43:16:21:ee:24:e1:da:64:eb:02:44:
79:c8:f4:0d:9e:c8:cb:6d:9e:97:f5:74:4f:b3:99:61:49:f4:
a5:0e:a1:ad:48:02:31:20:d0:bb:f8:07:9b:02:7c:5f:7b:65:
46:52:f6:28:fb:54:18:16:e6:5f:29:f0:fc:86:dc:79:57:cc:
c1:ad:56:32:e8:42:40:ed:4b:e5:88:0b:40:a2:75:6b:88:db:
07:96:4d:71:77:04:9e:a6:b7:f3:43:72:4a:42:91:37:21:94:
c8:58:92:f5:0a:d8:7d:5c:63:68:69:7f:1b:2e:d9:54:e6:3b:
3e:80:92:77:2e:99:6f:82:79:7c:8b:cb:cf:bd:30:e2:94:ce:
0d:2d:2f:80:62:ee:1c:9d:2e:ed:d0:4b:0e:9b:ef:e3:50:2e:
a0:40:2c:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaM8qJCWzAQgNA8syEu7HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZmE3ZTBiMzRhNDc2MjIyY2IxZjViYzBjMDVlYzEzYmJi
MTRhNzkwHhcNMjUwMTAxMTk0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjMxNTg5YzYzZmFiNmYyYTU0ZjQ2ZTc2M2E2NzQ2ZTVhMjM3OWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9HgRuUpG3wAqGn7icx84e6zNCD1U
XeuIBsaA/KZ9GOt0PGAgvvMYWhOH+gOo5k3FjwVNmmCobmY6O1RQdFsqKwfFxbI+
d+yu7UfjQFwpeJSb8DLcWn5SbOSI88SEIvgdF5DA5pSa+X4IA2Ib9yoDPyqyXEKA
BFqV+WEAmxK8AM4IPdfCoYb0IK3d9AYClGIiA5m3MkJCQ9XwV5q5gImFS15PCHiB
q81qKqyc/jHFHoeohiURa/rDPv9VWrl7Ri5cYzNq6DjDfeak2t/XXdnHdMbF/hiF
S5EDfYzFnNLqrDNy+UH0WsHi9qKOBxtgwclSQecUxDd1/+HiB9crecV3WwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMYxWJxj+rbypU9G52OmdG5aI3naMB8GA1UdIwQY
MBaAFIr6fgs0pHYiLLH1vAwF7BO7sUp5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXZwLUN6U2tkaUlzc2ZXOERBWHNFN3V4U25rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9iYTg3NjktOGQ4YS00YzE3LTkxYzct
NmJhN2E5NDdhN2Y3LzEveGpGWW5HUDZ0dktsVDBiblk2WjBibG9qZWRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9iYTg3NjktOGQ4YS00YzE3LTkxYzctNmJhN2E5NDdhN2Y3
LzEvaXZwLUN6U2tkaUlzc2ZXOERBWHNFN3V4U25rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuR+8MA0G
CSqGSIb3DQEBCwUAA4IBAQBZ7kYfObCSgBvgJmEMW7h3mTh0LYnhPNEbWxH+09Ra
4jeyDOlf7K34IlPYcjm1Gyo3j+FpZjZkIRrNq6l0HeSmXYdRLhdaPsp93h1mfe5o
bT3bpuFXfq8jxPjrv8+08d91QxYh7iTh2mTrAkR5yPQNnsjLbZ6X9XRPs5lhSfSl
DqGtSAIxINC7+AebAnxfe2VGUvYo+1QYFuZfKfD8htx5V8zBrVYy6EJA7UvliAtA
onVriNsHlk1xdwSeprfzQ3JKQpE3IZTIWJL1Cth9XGNoaX8bLtlU5js+gJJ3Lplv
gnl8i8vPvTDilM4NLS+AYu4cnS7t0EsOm+/jUC6gQCyg
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:15:44 2025 by rpki-client