Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/x2cFwDqpECVfaWCGiuWkqmtkSys.roa
File: x2cFwDqpECVfaWCGiuWkqmtkSys.roa (raw, json)
Hash identifier: 4QhBob+MOO6/vyOqa13TUWPjdVxhyYrU09Sz19q26x4=
Subject key identifier: C7:67:05:C0:3A:A9:10:25:5F:69:60:86:8A:E5:A4:AA:6B:64:4B:2B
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 01857042AC78D25B8B1E3A289B4B722B5467
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/x2cFwDqpECVfaWCGiuWkqmtkSys.roa
Signing time: Mon 02 Jan 2023 02:14:55 +0000
ROA not before: Mon 02 Jan 2023 02:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 193.53.35.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:ac:78:d2:5b:8b:1e:3a:28:9b:4b:72:2b:54:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Jan 2 02:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c76705c03aa910255f6960868ae5a4aa6b644b2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:8d:a1:e9:7c:0c:76:2f:72:af:7c:32:06:28:
d6:c4:af:fb:6d:33:34:1c:38:23:05:4a:c0:a0:f1:
15:a3:44:e6:90:a6:a8:fe:b7:96:c4:12:3f:c2:ff:
65:b4:c3:06:c3:a7:f1:c6:d2:78:fc:e8:5c:a5:77:
d0:a9:c6:b8:c8:ae:57:2e:a0:31:e1:35:f4:ca:77:
fa:ec:6d:04:c7:ea:17:a1:b3:1e:7d:a1:ab:36:df:
7b:25:46:d0:b3:be:e0:de:5a:14:ff:46:d9:fe:fe:
a3:c5:79:cd:71:e1:03:ae:48:4d:43:ae:3b:49:c8:
71:bd:5d:95:37:05:ff:bc:04:fa:7c:82:6c:67:64:
84:87:2c:6c:48:b1:f0:8d:ec:63:57:fd:9a:61:ab:
bf:f7:f6:66:f4:b1:0d:cc:9f:62:ab:5a:7e:7d:ed:
ea:46:5a:e0:07:1a:47:fd:7d:5d:f0:92:1f:d6:0d:
97:c8:b9:71:3c:8a:2a:66:97:1a:5c:36:60:29:f7:
4c:a1:ea:06:82:ce:15:e5:17:62:29:1f:92:28:b2:
d3:1b:e8:21:55:b0:5a:04:36:42:3b:07:d6:6c:cd:
68:ea:c4:53:17:c5:05:97:a5:12:66:16:1a:41:51:
36:58:20:01:6c:e2:69:cf:88:24:cc:1e:f7:b9:07:
15:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:67:05:C0:3A:A9:10:25:5F:69:60:86:8A:E5:A4:AA:6B:64:4B:2B
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/x2cFwDqpECVfaWCGiuWkqmtkSys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.53.35.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:02:c5:cf:f9:9b:f5:72:ee:56:57:6b:ad:22:be:82:c0:98:
4c:49:dc:2f:5d:e9:3b:84:ab:95:8c:96:a8:75:1d:76:a7:27:
aa:1e:5a:64:ad:7e:bc:c7:37:53:e2:5b:ca:16:bf:96:f6:49:
9f:f4:87:83:9a:59:d7:0f:a8:27:61:fc:01:01:15:ac:67:85:
02:55:57:53:a1:10:61:c8:b7:26:ec:a7:87:f1:c7:6e:25:5c:
50:7a:54:33:e2:8a:69:74:7c:a2:9c:44:be:1d:f4:db:d1:0a:
50:17:f9:ec:84:49:c2:90:5d:22:4e:d9:d0:de:0b:27:82:86:
44:9d:5c:1d:b4:e0:bc:52:cd:09:25:28:ac:0e:47:b1:60:bb:
6c:67:92:d7:25:ca:7f:b9:51:d0:68:9c:6a:f1:9a:36:b0:db:
d1:a5:78:96:ec:eb:ea:90:2d:48:85:97:64:df:9f:d6:1e:b7:
ad:e7:9a:a9:7d:e1:f0:2f:6b:f7:57:0f:36:4b:58:85:74:c2:
ad:6e:b5:6e:52:55:26:4f:6e:57:bb:29:6c:0d:b0:bf:5a:cf:
7c:13:7e:88:13:23:af:bb:82:6e:c8:34:e5:f9:fc:63:71:a1:
80:6a:23:a5:d1:2d:42:36:b6:16:86:7d:64:49:73:0a:58:be:
54:26:82:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwQqx40luLHjoom0tyK1RnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjMwMTAyMDIxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzY3MDVjMDNhYTkxMDI1NWY2OTYwODY4YWU1YTRhYTZiNjQ0YjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlo2h6XwMdi9yr3wyBijWxK/7bTM0
HDgjBUrAoPEVo0TmkKao/reWxBI/wv9ltMMGw6fxxtJ4/OhcpXfQqca4yK5XLqAx
4TX0ynf67G0Ex+oXobMefaGrNt97JUbQs77g3loU/0bZ/v6jxXnNceEDrkhNQ647
SchxvV2VNwX/vAT6fIJsZ2SEhyxsSLHwjexjV/2aYau/9/Zm9LENzJ9iq1p+fe3q
RlrgBxpH/X1d8JIf1g2XyLlxPIoqZpcaXDZgKfdMoeoGgs4V5RdiKR+SKLLTG+gh
VbBaBDZCOwfWbM1o6sRTF8UFl6USZhYaQVE2WCABbOJpz4gkzB73uQcVhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMdnBcA6qRAlX2lghorlpKprZEsrMB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEveDJjRndEcXBFQ1ZmYVdDR2l1V2txbXRrU3lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTUjMA0G
CSqGSIb3DQEBCwUAA4IBAQAOAsXP+Zv1cu5WV2utIr6CwJhMSdwvXek7hKuVjJao
dR12pyeqHlpkrX68xzdT4lvKFr+W9kmf9IeDmlnXD6gnYfwBARWsZ4UCVVdToRBh
yLcm7KeH8cduJVxQelQz4oppdHyinES+HfTb0QpQF/nshEnCkF0iTtnQ3gsngoZE
nVwdtOC8Us0JJSisDkexYLtsZ5LXJcp/uVHQaJxq8Zo2sNvRpXiW7OvqkC1IhZdk
35/WHret55qpfeHwL2v3Vw82S1iFdMKtbrVuUlUmT25XuylsDbC/Ws98E36IEyOv
u4JuyDTl+fxjcaGAaiOl0S1CNrYWhn1kSXMKWL5UJoLr
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:23:17 2025 by rpki-client