Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/X8i2WUIHeMMAMXhte2eivaCZS6A.roa
File: X8i2WUIHeMMAMXhte2eivaCZS6A.roa (raw, json)
Hash identifier: CXcpnLAbgNQRrOYKxiexYs2FXHaaspTSzPfgRFKe2VY=
Subject key identifier: 5F:C8:B6:59:42:07:78:C3:00:31:78:6D:7B:67:A2:BD:A0:99:4B:A0
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 018CC5002DF1EF4607BED1BB7FD73CB2E350
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/X8i2WUIHeMMAMXhte2eivaCZS6A.roa
Signing time: Mon 01 Jan 2024 12:29:32 +0000
ROA not before: Mon 01 Jan 2024 12:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 91.213.174.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:2d:f1:ef:46:07:be:d1:bb:7f:d7:3c:b2:e3:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: Jan 1 12:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fc8b659420778c30031786d7b67a2bda0994ba0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:16:02:bb:2e:49:9e:39:18:a5:16:4c:de:f7:
dd:01:75:72:86:70:4c:54:e5:a8:c9:9a:4d:d9:5b:
28:af:76:9a:b1:c8:77:42:53:6d:21:bf:50:0c:95:
1a:08:2c:ed:a2:fb:47:8d:6c:c2:3e:b9:57:87:ef:
32:0a:64:81:e3:13:51:87:4f:9b:fa:02:ae:89:a9:
8f:84:65:38:c7:34:ad:e0:15:2a:0a:e5:5f:b8:f2:
77:08:0e:69:3a:eb:27:36:ab:e4:da:d1:ad:4e:4c:
c2:31:f7:16:a9:61:80:90:f5:09:23:3f:d6:86:7d:
d8:bf:35:fe:27:a0:15:51:88:9c:53:ba:87:3d:d0:
62:30:66:7b:ca:12:a4:72:2b:c8:1d:e1:70:a4:dc:
3a:ba:d9:37:f4:5e:2b:3e:f0:a9:26:89:ce:84:3a:
8c:50:d3:73:66:00:c0:c9:21:f3:6a:49:ee:ec:b4:
67:74:78:f2:77:b4:7c:9a:48:ce:97:fa:cf:fd:c8:
47:da:4b:68:a5:12:f1:aa:02:3a:42:b1:82:88:76:
71:9e:32:a0:08:8d:a6:97:80:a4:35:e4:d5:bf:3b:
b4:44:e9:5a:a5:71:98:11:d4:ae:0a:73:a1:f0:eb:
ad:b5:09:74:a1:ed:d8:6e:0f:6e:0f:ce:aa:ec:39:
1d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:C8:B6:59:42:07:78:C3:00:31:78:6D:7B:67:A2:BD:A0:99:4B:A0
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/X8i2WUIHeMMAMXhte2eivaCZS6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.174.0/24
Signature Algorithm: sha256WithRSAEncryption
53:ce:1d:7e:a4:c8:b4:1f:8a:5f:9a:0e:d5:8a:ba:74:03:a4:
b4:ab:c0:dc:5f:e4:f5:70:c8:36:d3:24:de:56:85:99:23:c9:
99:df:22:aa:d8:3f:e2:d7:9b:49:6e:8c:be:cc:56:91:2b:c6:
df:c7:19:29:2a:cc:50:84:6f:78:65:8b:28:75:8f:46:d7:76:
1a:5f:c2:9e:ec:61:80:ac:99:9c:7a:17:2b:7e:39:93:81:74:
25:7f:2e:15:a4:6b:68:a6:53:f0:90:00:89:29:f7:51:64:57:
a1:a1:d6:57:c9:fb:e4:1c:06:75:c1:0b:be:eb:48:7a:f5:86:
f1:e8:48:38:94:2d:ca:e2:ef:5b:f3:04:8c:17:55:a8:52:34:
67:14:65:95:d0:90:b8:71:90:54:cb:51:23:e0:e4:35:40:cc:
4b:f9:f5:21:17:7d:7d:29:6d:a7:4c:64:09:4a:b5:fc:e8:18:
07:c7:a8:84:a6:cb:34:5b:32:86:37:77:ec:01:1c:f8:53:7b:
b8:c7:d3:9c:fa:2b:d4:1a:f7:5c:2c:05:76:26:ae:f2:2f:79:
13:54:12:23:05:c3:95:65:90:90:78:dd:ee:9b:82:d2:98:de:
9a:51:ac:93:0d:45:48:4a:5c:8b:9b:44:3b:81:f2:1c:ca:ab:
ba:34:09:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAC3x70YHvtG7f9c8suNQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjQwMTAxMTIyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmM4YjY1OTQyMDc3OGMzMDAzMTc4NmQ3YjY3YTJiZGEwOTk0YmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRYCuy5JnjkYpRZM3vfdAXVyhnBM
VOWoyZpN2Vsor3aasch3QlNtIb9QDJUaCCztovtHjWzCPrlXh+8yCmSB4xNRh0+b
+gKuiamPhGU4xzSt4BUqCuVfuPJ3CA5pOusnNqvk2tGtTkzCMfcWqWGAkPUJIz/W
hn3YvzX+J6AVUYicU7qHPdBiMGZ7yhKkcivIHeFwpNw6utk39F4rPvCpJonOhDqM
UNNzZgDAySHzaknu7LRndHjyd7R8mkjOl/rP/chH2ktopRLxqgI6QrGCiHZxnjKg
CI2ml4CkNeTVvzu0ROlapXGYEdSuCnOh8OuttQl0oe3Ybg9uD86q7DkddwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF/ItllCB3jDADF4bXtnor2gmUugMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvWDhpMldVSUhlTU1BTVhodGUyZWl2YUNaUzZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9WuMA0G
CSqGSIb3DQEBCwUAA4IBAQBTzh1+pMi0H4pfmg7Virp0A6S0q8DcX+T1cMg20yTe
VoWZI8mZ3yKq2D/i15tJboy+zFaRK8bfxxkpKsxQhG94ZYsodY9G13YaX8Ke7GGA
rJmcehcrfjmTgXQlfy4VpGtoplPwkACJKfdRZFehodZXyfvkHAZ1wQu+60h69Ybx
6Eg4lC3K4u9b8wSMF1WoUjRnFGWV0JC4cZBUy1Ej4OQ1QMxL+fUhF319KW2nTGQJ
SrX86BgHx6iEpss0WzKGN3fsARz4U3u4x9Oc+ivUGvdcLAV2Jq7yL3kTVBIjBcOV
ZZCQeN3um4LSmN6aUayTDUVISlyLm0Q7gfIcyqu6NAlU
-----END CERTIFICATE-----
Generated at Mon Apr 7 06:13:37 2025 by rpki-client