Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/b281ce-0e59-4911-82aa-0a08e47f27d1/1/kXWpaANdUMJMwanQwRAp9VsR924.roa
File: kXWpaANdUMJMwanQwRAp9VsR924.roa (raw, json)
Hash identifier: VrKaWfgP2YD4zBUR1fauArs0uChZMLQH1LUfE+NfVwE=
Subject key identifier: 91:75:A9:68:03:5D:50:C2:4C:C1:A9:D0:C1:10:29:F5:5B:11:F7:6E
Certificate issuer: /CN=bd2aac0640e07c735e13488ae87035bd083b5a21
Certificate serial: 01857169DA927E72C01B2F4A92062E1952D3
Authority key identifier: BD:2A:AC:06:40:E0:7C:73:5E:13:48:8A:E8:70:35:BD:08:3B:5A:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vSqsBkDgfHNeE0iK6HA1vQg7WiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/b281ce-0e59-4911-82aa-0a08e47f27d1/1/kXWpaANdUMJMwanQwRAp9VsR924.roa
Signing time: Mon 02 Jan 2023 07:37:20 +0000
ROA not before: Mon 02 Jan 2023 07:37:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8677
IP address blocks: 193.41.176.0/22 maxlen: 24
194.9.220.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:da:92:7e:72:c0:1b:2f:4a:92:06:2e:19:52:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd2aac0640e07c735e13488ae87035bd083b5a21
Validity
Not Before: Jan 2 07:37:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9175a968035d50c24cc1a9d0c11029f55b11f76e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:bd:e9:1b:4c:65:96:e1:6d:47:50:5a:51:63:
b7:f9:24:d3:55:04:95:22:09:31:69:80:c7:6c:2c:
af:3d:46:1d:12:4a:ba:bb:32:f3:05:17:41:a7:d3:
48:ea:e8:4f:f5:12:4e:22:88:50:bb:3a:9b:59:7c:
28:6d:46:cb:32:63:e9:c5:13:21:f5:bc:09:44:58:
8f:16:67:d6:22:ec:de:23:1d:28:bd:69:a3:79:94:
af:54:47:63:00:0d:d0:8c:67:ad:23:5d:91:8c:55:
01:29:f7:90:38:4f:72:da:20:53:fb:83:e4:eb:a2:
9d:de:b1:ee:76:73:2f:1f:b2:05:e2:60:85:2a:a1:
19:d9:08:46:3a:59:35:3e:d1:0f:9e:34:56:7d:2e:
3c:43:42:09:1b:ae:2b:8f:df:3e:06:5b:1b:17:b9:
ef:a1:dc:ec:05:73:50:36:e9:92:cd:94:bb:7e:85:
a5:de:eb:55:8a:bc:d9:26:11:c0:6c:f9:07:31:63:
ae:5d:e4:a6:ca:a2:5c:74:af:91:62:f8:b2:36:70:
9f:cb:1f:ea:ee:39:9e:74:65:27:60:eb:67:ab:42:
87:14:34:e2:f7:a5:71:db:99:e7:a5:37:bb:a0:58:
61:a5:90:85:e3:fc:ac:f9:e3:9b:d8:e6:66:bd:52:
b9:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:75:A9:68:03:5D:50:C2:4C:C1:A9:D0:C1:10:29:F5:5B:11:F7:6E
X509v3 Authority Key Identifier:
keyid:BD:2A:AC:06:40:E0:7C:73:5E:13:48:8A:E8:70:35:BD:08:3B:5A:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vSqsBkDgfHNeE0iK6HA1vQg7WiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/b281ce-0e59-4911-82aa-0a08e47f27d1/1/kXWpaANdUMJMwanQwRAp9VsR924.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/b281ce-0e59-4911-82aa-0a08e47f27d1/1/vSqsBkDgfHNeE0iK6HA1vQg7WiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.41.176.0/22
194.9.220.0/23
Signature Algorithm: sha256WithRSAEncryption
61:03:6f:7c:10:7e:3e:60:bb:5a:e5:ce:26:99:31:67:1e:8f:
96:ae:ac:c7:19:5c:8c:4e:07:e0:32:63:ee:86:29:e4:61:86:
53:b9:90:43:51:18:f0:c0:74:3a:00:bf:09:11:cf:e0:62:cf:
4e:a1:85:2a:31:01:a0:1b:68:70:b6:58:d9:ea:fc:40:11:04:
4a:60:f2:85:88:fd:53:ac:4e:9e:d8:07:20:cd:4e:cb:f7:16:
a0:16:d9:6a:54:c4:06:18:52:43:15:91:c7:e7:65:23:e2:b2:
24:7f:84:b2:57:e2:14:db:1e:16:a5:07:22:f0:1c:9e:75:5c:
3b:e2:d3:06:d6:62:a1:dd:16:11:42:d0:20:91:85:85:12:31:
34:28:0e:bd:fe:d3:df:d5:4e:90:d3:25:22:50:7f:1d:0b:25:
8b:81:a5:39:1c:a2:c3:68:11:f5:ce:14:9e:5d:1a:24:a4:47:
7c:cb:11:28:0b:2d:49:ac:ba:ac:ec:94:34:51:ed:fe:c7:22:
59:07:1d:6d:22:fb:5a:d6:55:15:65:bc:57:64:d8:36:6b:8f:
ea:10:5a:aa:b4:25:e5:01:4c:bc:2a:f4:58:1e:6a:a1:90:97:
e0:d9:15:9b:55:22:f7:2e:df:2c:06:10:7c:5d:f7:5a:db:15:
1d:38:d4:7c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxadqSfnLAGy9KkgYuGVLTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMmFhYzA2NDBlMDdjNzM1ZTEzNDg4YWU4NzAzNWJkMDgz
YjVhMjEwHhcNMjMwMTAyMDczNzIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTc1YTk2ODAzNWQ1MGMyNGNjMWE5ZDBjMTEwMjlmNTViMTFmNzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6b3pG0xlluFtR1BaUWO3+STTVQSV
IgkxaYDHbCyvPUYdEkq6uzLzBRdBp9NI6uhP9RJOIohQuzqbWXwobUbLMmPpxRMh
9bwJRFiPFmfWIuzeIx0ovWmjeZSvVEdjAA3QjGetI12RjFUBKfeQOE9y2iBT+4Pk
66Kd3rHudnMvH7IF4mCFKqEZ2QhGOlk1PtEPnjRWfS48Q0IJG64rj98+BlsbF7nv
odzsBXNQNumSzZS7foWl3utVirzZJhHAbPkHMWOuXeSmyqJcdK+RYviyNnCfyx/q
7jmedGUnYOtnq0KHFDTi96Vx25nnpTe7oFhhpZCF4/ys+eOb2OZmvVK5pQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJF1qWgDXVDCTMGp0MEQKfVbEfduMB8GA1UdIwQY
MBaAFL0qrAZA4HxzXhNIiuhwNb0IO1ohMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlNxc0JrRGdmSE5lRTBpSzZIQTF2UWc3V2lFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9iMjgxY2UtMGU1OS00OTExLTgyYWEt
MGEwOGU0N2YyN2QxLzEva1hXcGFBTmRVTUpNd2FuUXdSQXA5VnNSOTI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9iMjgxY2UtMGU1OS00OTExLTgyYWEtMGEwOGU0N2YyN2Qx
LzEvdlNxc0JrRGdmSE5lRTBpSzZIQTF2UWc3V2lFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwSmwAwQB
wgncMA0GCSqGSIb3DQEBCwUAA4IBAQBhA298EH4+YLta5c4mmTFnHo+WrqzHGVyM
TgfgMmPuhinkYYZTuZBDURjwwHQ6AL8JEc/gYs9OoYUqMQGgG2hwtljZ6vxAEQRK
YPKFiP1TrE6e2AcgzU7L9xagFtlqVMQGGFJDFZHH52Uj4rIkf4SyV+IU2x4WpQci
8ByedVw74tMG1mKh3RYRQtAgkYWFEjE0KA69/tPf1U6Q0yUiUH8dCyWLgaU5HKLD
aBH1zhSeXRokpEd8yxEoCy1JrLqs7JQ0Ue3+xyJZBx1tIvta1lUVZbxXZNg2a4/q
EFqqtCXlAUy8KvRYHmqhkJfg2RWbVSL3Lt8sBhB8Xfda2xUdONR8
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:29:10 2025 by rpki-client