Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/9f108a-7785-4d3f-9f0c-2ad2bb532613/1/X1HXVRGjUS2FqgMh5Es7IolTp3M.roa
File: X1HXVRGjUS2FqgMh5Es7IolTp3M.roa (raw, json)
Hash identifier: ZdR2JfGdY7ork0aTakNr5aewEZPJySl7nT5P2fOaw24=
Subject key identifier: 5F:51:D7:55:11:A3:51:2D:85:AA:03:21:E4:4B:3B:22:89:53:A7:73
Certificate issuer: /CN=17a10234cfb5522aa29b3260a75f8a9f79933e7b
Certificate serial: 019420D6070CCAC19E10047D02117836C5E0
Authority key identifier: 17:A1:02:34:CF:B5:52:2A:A2:9B:32:60:A7:5F:8A:9F:79:93:3E:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F6ECNM-1UiqimzJgp1-Kn3mTPns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/9f108a-7785-4d3f-9f0c-2ad2bb532613/1/X1HXVRGjUS2FqgMh5Es7IolTp3M.roa
Signing time: Wed 01 Jan 2025 07:48:04 +0000
ROA not before: Wed 01 Jan 2025 07:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1299
IP address blocks: 91.201.100.0/22 maxlen: 24
194.76.193.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:07:0c:ca:c1:9e:10:04:7d:02:11:78:36:c5:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17a10234cfb5522aa29b3260a75f8a9f79933e7b
Validity
Not Before: Jan 1 07:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f51d75511a3512d85aa0321e44b3b228953a773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e8:27:c8:31:54:ad:2d:3a:8d:29:0c:a3:f6:
84:2d:27:c3:4e:84:84:6a:d3:29:d9:36:27:8f:9d:
de:6e:b4:aa:f5:2e:3d:c0:e0:ee:e7:1a:c1:d9:fd:
37:56:07:69:97:5d:b1:16:75:b8:d9:73:53:ff:34:
dd:86:c0:45:50:6f:d0:12:3e:9b:15:5b:87:21:16:
bf:4e:c2:1b:9b:a8:05:52:9a:87:c8:bf:a1:ec:3f:
9d:b1:b8:c8:e4:73:e5:20:a1:19:af:cb:cd:3a:c3:
b0:78:c7:87:b4:b6:13:8f:e9:1a:f7:27:60:53:a6:
50:e6:43:39:33:5b:95:83:ae:c8:4b:b9:14:dc:27:
70:43:14:5c:6c:fa:d1:42:a2:5a:da:5b:cc:a8:d3:
81:a2:61:88:f9:ab:2d:79:ba:08:ad:a0:3d:20:dc:
e3:ec:f3:24:bf:6d:6e:24:76:97:54:54:b1:64:60:
a3:65:1a:8a:bd:7c:20:99:5a:c6:0b:cd:9d:2a:bb:
30:9c:29:66:e5:25:ac:b1:72:50:42:fd:e5:d6:82:
9e:55:3c:a3:38:13:96:69:12:62:1b:96:07:fc:7a:
14:84:ba:52:7d:63:f5:c2:e8:88:23:99:f0:97:05:
d2:3e:b9:08:fc:74:16:b0:b5:24:45:5d:04:36:e9:
20:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:51:D7:55:11:A3:51:2D:85:AA:03:21:E4:4B:3B:22:89:53:A7:73
X509v3 Authority Key Identifier:
keyid:17:A1:02:34:CF:B5:52:2A:A2:9B:32:60:A7:5F:8A:9F:79:93:3E:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F6ECNM-1UiqimzJgp1-Kn3mTPns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9f108a-7785-4d3f-9f0c-2ad2bb532613/1/X1HXVRGjUS2FqgMh5Es7IolTp3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9f108a-7785-4d3f-9f0c-2ad2bb532613/1/F6ECNM-1UiqimzJgp1-Kn3mTPns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.100.0/22
194.76.193.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:3c:7b:f5:a2:aa:b5:88:9d:14:3c:a1:c8:40:e7:2b:ee:15:
1b:ea:9d:f9:14:20:88:92:43:3a:71:f4:99:37:0e:c8:90:91:
89:16:23:ad:80:87:32:05:ae:40:d2:9b:6d:9a:c3:35:60:c9:
9c:96:25:9d:05:11:c0:24:53:cf:2e:91:b8:4b:9f:fa:c3:e1:
91:2b:24:bb:2b:97:8f:3d:c9:f5:02:b7:45:18:24:3e:82:92:
ff:fb:f0:05:b9:52:33:4e:82:99:79:11:ba:a0:26:f0:fc:16:
41:c3:90:eb:a7:56:7d:bb:2a:39:eb:ba:09:be:d2:a3:50:8e:
77:a7:70:ed:04:24:bc:e4:80:d9:f9:74:ad:87:25:d6:55:fe:
d3:73:12:ef:a1:7b:a6:73:2e:95:9b:f6:32:76:19:f1:e0:c8:
bf:d1:c8:61:32:b0:23:c4:83:ab:f0:6e:9e:2a:9f:20:df:f0:
2b:a8:7b:c7:a8:38:3f:9a:7a:61:41:7a:ef:dd:c6:53:ae:7a:
6b:ba:79:85:f4:71:2e:e1:6f:fd:d5:52:23:76:26:11:54:33:
3a:a1:6c:93:a7:aa:07:24:97:8a:34:93:25:8b:22:a3:46:73:
66:76:75:30:37:17:6b:26:77:5c:2a:e1:e1:cf:75:b7:96:4a:
95:c0:ee:37
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQg1gcMysGeEAR9AhF4NsXgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YTEwMjM0Y2ZiNTUyMmFhMjliMzI2MGE3NWY4YTlmNzk5
MzNlN2IwHhcNMjUwMTAxMDc0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjUxZDc1NTExYTM1MTJkODVhYTAzMjFlNDRiM2IyMjg5NTNhNzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOgnyDFUrS06jSkMo/aELSfDToSE
atMp2TYnj53ebrSq9S49wODu5xrB2f03Vgdpl12xFnW42XNT/zTdhsBFUG/QEj6b
FVuHIRa/TsIbm6gFUpqHyL+h7D+dsbjI5HPlIKEZr8vNOsOweMeHtLYTj+ka9ydg
U6ZQ5kM5M1uVg67IS7kU3CdwQxRcbPrRQqJa2lvMqNOBomGI+asteboIraA9INzj
7PMkv21uJHaXVFSxZGCjZRqKvXwgmVrGC82dKrswnClm5SWssXJQQv3l1oKeVTyj
OBOWaRJiG5YH/HoUhLpSfWP1wuiII5nwlwXSPrkI/HQWsLUkRV0ENukgTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF9R11URo1EthaoDIeRLOyKJU6dzMB8GA1UdIwQY
MBaAFBehAjTPtVIqopsyYKdfip95kz57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjZFQ05NLTFVaXFpbXpKZ3AxLUtuM21UUG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi85ZjEwOGEtNzc4NS00ZDNmLTlmMGMt
MmFkMmJiNTMyNjEzLzEvWDFIWFZSR2pVUzJGcWdNaDVFczdJb2xUcDNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi85ZjEwOGEtNzc4NS00ZDNmLTlmMGMtMmFkMmJiNTMyNjEz
LzEvRjZFQ05NLTFVaXFpbXpKZ3AxLUtuM21UUG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8lkAwQA
wkzBMA0GCSqGSIb3DQEBCwUAA4IBAQB/PHv1oqq1iJ0UPKHIQOcr7hUb6p35FCCI
kkM6cfSZNw7IkJGJFiOtgIcyBa5A0pttmsM1YMmcliWdBRHAJFPPLpG4S5/6w+GR
KyS7K5ePPcn1ArdFGCQ+gpL/+/AFuVIzToKZeRG6oCbw/BZBw5Drp1Z9uyo567oJ
vtKjUI53p3DtBCS85IDZ+XSthyXWVf7TcxLvoXumcy6Vm/Yydhnx4Mi/0chhMrAj
xIOr8G6eKp8g3/ArqHvHqDg/mnphQXrv3cZTrnprunmF9HEu4W/91VIjdiYRVDM6
oWyTp6oHJJeKNJMliyKjRnNmdnUwNxdrJndcKuHhz3W3lkqVwO43
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:56:25 2025 by rpki-client