Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/0e8bad-121c-4a56-96cd-aacfc0dbed12/1/xw1wxyD1fMrJTbgYiyQiF0uQJK0.roa
File: xw1wxyD1fMrJTbgYiyQiF0uQJK0.roa (raw, json)
Hash identifier: TVVXOUY13A6nRw+KZkyghJdyM7alOs0fCSWauNlbS0U=
Subject key identifier: C7:0D:70:C7:20:F5:7C:CA:C9:4D:B8:18:8B:24:22:17:4B:90:24:AD
Certificate issuer: /CN=e6cc65c27c23298b0c5a0e0bc74ba51034a704c8
Certificate serial: 01942143D4F03A967751CE7F918128F25C31
Authority key identifier: E6:CC:65:C2:7C:23:29:8B:0C:5A:0E:0B:C7:4B:A5:10:34:A7:04:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5sxlwnwjKYsMWg4Lx0ulEDSnBMg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/0e8bad-121c-4a56-96cd-aacfc0dbed12/1/xw1wxyD1fMrJTbgYiyQiF0uQJK0.roa
Signing time: Wed 01 Jan 2025 09:48:00 +0000
ROA not before: Wed 01 Jan 2025 09:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31010
IP address blocks: 91.212.85.0/24 maxlen: 24
2001:678:598::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:d4:f0:3a:96:77:51:ce:7f:91:81:28:f2:5c:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6cc65c27c23298b0c5a0e0bc74ba51034a704c8
Validity
Not Before: Jan 1 09:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c70d70c720f57ccac94db8188b2422174b9024ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3b:21:33:42:7d:f3:0f:e7:d3:a7:79:9e:84:
1c:93:d1:89:7d:97:a9:21:aa:cb:b1:41:e4:49:b4:
57:f8:56:c3:fa:b7:9d:cf:66:1e:b5:9d:6c:d8:6c:
19:47:b4:13:09:7f:10:10:2d:f9:f0:d1:7d:92:7d:
29:9a:7a:89:f6:a4:36:62:a0:c7:1a:f1:3c:a0:a2:
ce:60:57:f4:ab:a1:22:5e:4d:cd:d6:78:0f:ef:08:
c8:28:90:61:77:71:09:de:97:39:65:65:a8:b8:f9:
2f:ff:7d:44:36:f7:63:09:1e:5c:d8:76:ee:a5:ce:
81:87:eb:ac:c2:d3:19:b8:5d:c3:d8:65:19:09:17:
ac:03:fa:e1:5d:35:95:b9:33:5c:9c:29:9b:b1:ed:
63:e2:fb:8f:c5:04:f2:3d:89:8a:78:73:32:24:1c:
43:21:2b:19:1d:b8:d6:36:93:e0:d1:4c:6c:1b:75:
2b:aa:ae:79:d7:2d:ed:6e:04:34:d4:19:85:3d:19:
74:f9:8f:73:0a:da:ff:ac:2f:9d:6f:14:84:b9:57:
bd:52:92:ce:45:cd:31:46:bc:80:f7:80:7e:40:24:
d1:e1:27:83:27:5d:17:15:97:4c:44:97:d6:ed:fe:
2b:a3:11:f5:8c:aa:c9:4f:73:7e:13:3d:0d:97:9f:
c2:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:0D:70:C7:20:F5:7C:CA:C9:4D:B8:18:8B:24:22:17:4B:90:24:AD
X509v3 Authority Key Identifier:
keyid:E6:CC:65:C2:7C:23:29:8B:0C:5A:0E:0B:C7:4B:A5:10:34:A7:04:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5sxlwnwjKYsMWg4Lx0ulEDSnBMg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0e8bad-121c-4a56-96cd-aacfc0dbed12/1/xw1wxyD1fMrJTbgYiyQiF0uQJK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0e8bad-121c-4a56-96cd-aacfc0dbed12/1/5sxlwnwjKYsMWg4Lx0ulEDSnBMg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.85.0/24
IPv6:
2001:678:598::/48
Signature Algorithm: sha256WithRSAEncryption
1b:23:de:b7:6e:7d:88:70:81:74:0d:ff:a9:ef:38:0a:49:c1:
27:ac:96:45:00:0b:0f:44:86:08:d8:4c:15:b5:b0:42:05:a4:
90:d6:c0:6b:c1:69:91:97:9e:56:aa:95:2e:78:91:74:be:ff:
d6:10:52:39:32:f5:5a:de:b3:49:3e:b7:ff:78:6b:07:b0:c3:
2e:ec:9a:d5:7f:36:e2:16:35:b3:bd:d7:8e:ce:df:7f:69:6b:
f0:5f:35:c7:df:cf:d5:b7:bd:51:61:04:a6:f4:d7:28:88:d7:
69:e6:31:5d:55:50:1d:af:0b:da:a2:32:c9:ab:98:28:86:13:
b4:64:ed:ff:24:e6:a3:1f:b9:59:4f:5e:34:74:d1:f3:38:6c:
fc:b1:a1:9c:03:6d:34:60:29:55:c4:28:6d:35:40:bf:f2:e3:
f3:3c:62:cc:77:f7:81:d3:c4:9a:b6:02:0a:4b:f2:e2:30:69:
e6:24:40:01:91:16:31:4d:03:50:d9:6e:99:1a:49:99:5c:ba:
32:ea:fb:b3:b5:32:e8:c7:f3:0c:18:b8:34:2c:1e:61:d7:52:
94:fd:d6:df:3c:69:34:e9:ef:0a:2b:d1:30:76:d6:75:35:c3:
5c:27:cc:28:36:06:25:04:15:8d:0b:17:6e:f6:62:8a:d6:38:
9a:bf:06:64
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQhQ9TwOpZ3Uc5/kYEo8lwxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2Y2M2NWMyN2MyMzI5OGIwYzVhMGUwYmM3NGJhNTEwMzRh
NzA0YzgwHhcNMjUwMTAxMDk0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzBkNzBjNzIwZjU3Y2NhYzk0ZGI4MTg4YjI0MjIxNzRiOTAyNGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzshM0J98w/n06d5noQck9GJfZep
IarLsUHkSbRX+FbD+redz2YetZ1s2GwZR7QTCX8QEC358NF9kn0pmnqJ9qQ2YqDH
GvE8oKLOYFf0q6EiXk3N1ngP7wjIKJBhd3EJ3pc5ZWWouPkv/31ENvdjCR5c2Hbu
pc6Bh+uswtMZuF3D2GUZCResA/rhXTWVuTNcnCmbse1j4vuPxQTyPYmKeHMyJBxD
ISsZHbjWNpPg0UxsG3Urqq551y3tbgQ01BmFPRl0+Y9zCtr/rC+dbxSEuVe9UpLO
Rc0xRryA94B+QCTR4SeDJ10XFZdMRJfW7f4roxH1jKrJT3N+Ez0Nl5/C2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMcNcMcg9XzKyU24GIskIhdLkCStMB8GA1UdIwQY
MBaAFObMZcJ8IymLDFoOC8dLpRA0pwTIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXN4bHdud2pLWXNNV2c0THgwdWxFRFNuQk1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8wZThiYWQtMTIxYy00YTU2LTk2Y2Qt
YWFjZmMwZGJlZDEyLzEveHcxd3h5RDFmTXJKVGJnWWl5UWlGMHVRSkswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8wZThiYWQtMTIxYy00YTU2LTk2Y2QtYWFjZmMwZGJlZDEy
LzEvNXN4bHdud2pLWXNNV2c0THgwdWxFRFNuQk1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9RVMA8E
AgACMAkDBwAgAQZ4BZgwDQYJKoZIhvcNAQELBQADggEBABsj3rdufYhwgXQN/6nv
OApJwSeslkUACw9EhgjYTBW1sEIFpJDWwGvBaZGXnlaqlS54kXS+/9YQUjky9Vre
s0k+t/94awewwy7smtV/NuIWNbO9147O339pa/BfNcffz9W3vVFhBKb01yiI12nm
MV1VUB2vC9qiMsmrmCiGE7Rk7f8k5qMfuVlPXjR00fM4bPyxoZwDbTRgKVXEKG01
QL/y4/M8Ysx394HTxJq2AgpL8uIwaeYkQAGRFjFNA1DZbpkaSZlcujLq+7O1MujH
8wwYuDQsHmHXUpT91t88aTTp7wor0TB21nU1w1wnzCg2BiUEFY0LF272YorWOJq/
BmQ=
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:39:43 2025 by rpki-client