Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/2343a3-d0f2-4e8a-87d4-4ae3306da793/1/Xaf_adaEk34l87Y0UzQQZjHD3uU.roa
File: Xaf_adaEk34l87Y0UzQQZjHD3uU.roa (raw, json)
Hash identifier: RtEuhMllYELC+PU6yqfyctqQo+07f0YVdbie5OODqqY=
Subject key identifier: 5D:A7:FF:69:D6:84:93:7E:25:F3:B6:34:53:34:10:66:31:C3:DE:E5
Certificate issuer: /CN=8796b1c31fdde2bd5e98f8fbb7798abc47493cf2
Certificate serial: 01941FFA87128706C9C3E01B1D8D735CDC35
Authority key identifier: 87:96:B1:C3:1F:DD:E2:BD:5E:98:F8:FB:B7:79:8A:BC:47:49:3C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h5axwx_d4r1emPj7t3mKvEdJPPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/2343a3-d0f2-4e8a-87d4-4ae3306da793/1/Xaf_adaEk34l87Y0UzQQZjHD3uU.roa
Signing time: Wed 01 Jan 2025 03:48:19 +0000
ROA not before: Wed 01 Jan 2025 03:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8792
IP address blocks: 91.220.134.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:87:12:87:06:c9:c3:e0:1b:1d:8d:73:5c:dc:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8796b1c31fdde2bd5e98f8fbb7798abc47493cf2
Validity
Not Before: Jan 1 03:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5da7ff69d684937e25f3b6345334106631c3dee5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:79:39:a9:ae:f1:b3:fc:07:51:91:f3:e0:31:
e0:0a:c0:33:0d:ce:d9:b4:d8:c7:06:8f:93:d2:52:
e1:95:3a:ea:d5:94:98:0a:e8:a6:4a:11:50:f6:f1:
6c:88:59:e3:ca:52:b2:0d:66:a6:ee:3c:7c:23:e4:
21:92:f7:a8:ab:e7:51:aa:b2:8c:79:d6:0c:4b:be:
a1:6c:d7:81:07:1d:2c:e1:74:84:57:d5:eb:51:c7:
ce:1e:29:05:20:25:76:75:9b:75:1f:45:28:6e:88:
69:23:aa:94:78:da:ad:7e:6d:8c:ca:5e:59:73:79:
17:10:b6:ed:58:6b:9a:46:d2:43:71:b3:08:86:0f:
25:be:f1:e5:cf:22:2d:b1:e3:d2:11:05:b4:36:37:
1f:ee:44:e3:41:82:e2:3f:ff:d3:42:77:f6:0c:05:
83:58:cf:38:35:8c:c0:2d:7f:91:e1:c5:5f:ff:11:
68:45:81:ba:fd:11:43:6a:af:08:73:1f:6d:b2:1d:
5d:1c:c3:18:b2:0c:f3:9c:03:bf:17:80:98:ec:4f:
91:8e:33:a9:10:5e:df:09:fa:86:b5:e1:a9:99:18:
13:72:e3:45:dc:22:47:89:16:8e:88:08:5d:9b:d5:
d7:80:c0:46:f1:ee:7f:9f:06:cf:9b:d7:7d:ee:5e:
b3:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:A7:FF:69:D6:84:93:7E:25:F3:B6:34:53:34:10:66:31:C3:DE:E5
X509v3 Authority Key Identifier:
keyid:87:96:B1:C3:1F:DD:E2:BD:5E:98:F8:FB:B7:79:8A:BC:47:49:3C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h5axwx_d4r1emPj7t3mKvEdJPPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/2343a3-d0f2-4e8a-87d4-4ae3306da793/1/Xaf_adaEk34l87Y0UzQQZjHD3uU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/2343a3-d0f2-4e8a-87d4-4ae3306da793/1/h5axwx_d4r1emPj7t3mKvEdJPPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.134.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:8a:b6:fb:e3:97:b6:9f:d8:2c:55:e1:15:e8:f7:d0:83:6e:
f4:ad:22:a9:42:ef:09:dd:5b:0d:8d:78:8d:67:51:f0:f3:f1:
cd:a6:7e:c5:45:f7:3b:41:26:86:0d:2b:5d:80:96:ca:30:b7:
2e:15:cb:ab:f2:d6:94:69:f5:d4:ac:25:61:2b:c8:90:0f:b0:
2a:be:61:8b:2d:99:9a:40:c9:6d:17:96:0c:08:ba:21:7e:d8:
08:ce:69:73:8d:48:fa:12:25:36:a5:5d:9f:ad:57:ca:9b:57:
63:48:1b:7a:cb:2b:30:53:d0:ab:e2:fd:e2:9a:f9:c3:78:6f:
cb:99:4b:7a:ed:50:7e:e5:d2:af:88:3f:09:d9:f4:da:f8:3b:
71:9a:05:69:39:6d:90:19:76:d4:34:fc:62:92:ab:62:2c:b4:
91:b5:9f:b4:96:96:bd:8a:a6:c7:8f:3b:3c:93:e2:dc:5b:8a:
61:73:1b:84:a1:06:96:bd:12:d7:6d:e2:41:43:fc:0c:89:33:
22:2f:22:d5:f4:1b:44:6c:b2:fd:3a:f4:fb:5c:12:6c:13:38:
8a:ef:f1:75:cb:72:2c:a4:e0:da:25:9b:9f:a7:a7:f9:43:ca:
c5:8e:44:b0:30:74:3c:6c:cf:98:f9:7f:af:13:8d:fe:be:94:
7f:e0:bd:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+ocShwbJw+AbHY1zXNw1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3OTZiMWMzMWZkZGUyYmQ1ZTk4ZjhmYmI3Nzk4YWJjNDc0
OTNjZjIwHhcNMjUwMTAxMDM0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGE3ZmY2OWQ2ODQ5MzdlMjVmM2I2MzQ1MzM0MTA2NjMxYzNkZWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXk5qa7xs/wHUZHz4DHgCsAzDc7Z
tNjHBo+T0lLhlTrq1ZSYCuimShFQ9vFsiFnjylKyDWam7jx8I+Qhkveoq+dRqrKM
edYMS76hbNeBBx0s4XSEV9XrUcfOHikFICV2dZt1H0UobohpI6qUeNqtfm2Myl5Z
c3kXELbtWGuaRtJDcbMIhg8lvvHlzyItsePSEQW0Njcf7kTjQYLiP//TQnf2DAWD
WM84NYzALX+R4cVf/xFoRYG6/RFDaq8Icx9tsh1dHMMYsgzznAO/F4CY7E+RjjOp
EF7fCfqGteGpmRgTcuNF3CJHiRaOiAhdm9XXgMBG8e5/nwbPm9d97l6zLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF2n/2nWhJN+JfO2NFM0EGYxw97lMB8GA1UdIwQY
MBaAFIeWscMf3eK9Xpj4+7d5irxHSTzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDVheHd4X2Q0cjFlbVBqN3QzbUt2RWRKUFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8yMzQzYTMtZDBmMi00ZThhLTg3ZDQt
NGFlMzMwNmRhNzkzLzEvWGFmX2FkYUVrMzRsODdZMFV6UVFaakhEM3VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8yMzQzYTMtZDBmMi00ZThhLTg3ZDQtNGFlMzMwNmRhNzkz
LzEvaDVheHd4X2Q0cjFlbVBqN3QzbUt2RWRKUFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9yGMA0G
CSqGSIb3DQEBCwUAA4IBAQA6irb745e2n9gsVeEV6PfQg270rSKpQu8J3VsNjXiN
Z1Hw8/HNpn7FRfc7QSaGDStdgJbKMLcuFcur8taUafXUrCVhK8iQD7AqvmGLLZma
QMltF5YMCLohftgIzmlzjUj6EiU2pV2frVfKm1djSBt6yyswU9Cr4v3imvnDeG/L
mUt67VB+5dKviD8J2fTa+DtxmgVpOW2QGXbUNPxikqtiLLSRtZ+0lpa9iqbHjzs8
k+LcW4phcxuEoQaWvRLXbeJBQ/wMiTMiLyLV9BtEbLL9OvT7XBJsEziK7/F1y3Is
pODaJZufp6f5Q8rFjkSwMHQ8bM+Y+X+vE43+vpR/4L1B
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:18:28 2025 by rpki-client