Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/4cac6b-8e05-448a-83f7-6835852158d8/1/wX4zTXXZMo2WWHOKinMvyAiRYeE.roa
File: wX4zTXXZMo2WWHOKinMvyAiRYeE.roa (raw, json)
Hash identifier: dkBnWGmwxThQE3RCE6xz1EoswQLwUBpuloKrWzo2tUE=
Subject key identifier: C1:7E:33:4D:75:D9:32:8D:96:58:73:8A:8A:73:2F:C8:08:91:61:E1
Certificate issuer: /CN=c6d11b64ffe18efa42f43a6c765639dee38d027e
Certificate serial: 0194221FCE360127D747362F3D171B6B0BCB
Authority key identifier: C6:D1:1B:64:FF:E1:8E:FA:42:F4:3A:6C:76:56:39:DE:E3:8D:02:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xtEbZP_hjvpC9DpsdlY53uONAn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/4cac6b-8e05-448a-83f7-6835852158d8/1/wX4zTXXZMo2WWHOKinMvyAiRYeE.roa
Signing time: Wed 01 Jan 2025 13:48:17 +0000
ROA not before: Wed 01 Jan 2025 13:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33965
IP address blocks: 193.73.114.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ce:36:01:27:d7:47:36:2f:3d:17:1b:6b:0b:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6d11b64ffe18efa42f43a6c765639dee38d027e
Validity
Not Before: Jan 1 13:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c17e334d75d9328d9658738a8a732fc8089161e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:af:65:34:e4:9e:a3:25:ac:b6:4d:7b:fa:ea:
87:60:3a:7f:9b:1e:81:bf:11:98:01:0f:16:16:12:
00:bf:6b:93:e9:ae:a0:e9:b5:32:cd:80:b8:f0:c4:
e6:6c:b4:f8:9b:64:a3:5c:84:f5:d6:a0:13:b5:c0:
00:68:d3:b7:c0:60:99:e2:ce:32:6f:df:2a:70:74:
88:f6:04:4c:a3:f8:26:4e:0e:10:38:a4:f5:5a:87:
7a:f4:4c:a6:8d:b9:35:5a:04:b4:56:8e:42:c3:12:
c6:b6:89:a3:6f:f4:db:45:a8:13:f9:e3:63:3b:e7:
00:87:4a:fc:72:35:19:2d:e0:ed:49:3d:95:17:78:
bc:50:b5:35:df:0f:f0:00:61:fd:48:62:5c:6e:a8:
71:97:b1:f8:ee:d2:81:73:2e:72:45:2c:a7:a9:a7:
7c:27:89:a8:3d:70:97:d8:aa:d4:3d:62:13:d4:d5:
46:e3:a5:a6:96:2b:14:57:8c:0c:08:a1:a7:cc:ca:
fa:bd:9c:18:92:40:ef:ea:3d:e2:3b:3d:8f:41:3b:
a1:94:1c:84:3c:e5:92:f1:ca:ab:6d:bf:31:04:6a:
0a:9a:97:59:cc:a5:99:a6:dd:5d:9b:d2:08:32:fa:
fd:bf:67:5e:2e:2c:3c:db:4a:d4:18:ca:10:a7:7c:
c5:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:7E:33:4D:75:D9:32:8D:96:58:73:8A:8A:73:2F:C8:08:91:61:E1
X509v3 Authority Key Identifier:
keyid:C6:D1:1B:64:FF:E1:8E:FA:42:F4:3A:6C:76:56:39:DE:E3:8D:02:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xtEbZP_hjvpC9DpsdlY53uONAn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/4cac6b-8e05-448a-83f7-6835852158d8/1/wX4zTXXZMo2WWHOKinMvyAiRYeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/4cac6b-8e05-448a-83f7-6835852158d8/1/xtEbZP_hjvpC9DpsdlY53uONAn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.73.114.0/24
Signature Algorithm: sha256WithRSAEncryption
84:b4:c5:2e:a3:1e:9a:8e:12:3f:bb:26:9c:9f:c5:71:56:7c:
e8:cc:34:e8:07:9b:c6:5d:b7:00:3d:a8:c2:9e:d1:55:31:66:
f7:79:86:82:b2:0c:5d:03:81:e4:26:3a:36:91:c1:8e:cf:3f:
0c:4d:9f:35:c1:21:2f:ad:86:a6:a9:91:e4:6f:b3:78:8f:f2:
27:a9:35:d5:05:94:df:bf:c2:35:ae:a9:7c:6c:7c:1c:a4:d3:
7f:9e:b1:55:fb:d2:d0:ed:45:72:4b:a1:04:af:61:2b:20:0e:
c4:e5:d9:1a:f6:dd:f7:47:55:b8:63:57:86:6b:f2:f3:e0:39:
fd:67:66:6e:f2:5f:97:12:5f:d0:cf:47:0f:6d:80:37:99:81:
7a:08:ed:7f:50:8b:42:8a:59:61:f6:ac:9b:63:d8:74:a9:da:
59:ce:56:6a:76:d1:2e:6e:f4:94:61:3c:b6:89:1d:df:c9:8c:
35:93:26:a4:04:83:3b:ad:56:5a:a3:87:ee:71:4c:53:d6:b7:
99:38:e8:7c:05:45:f9:d5:0a:66:d5:eb:33:5c:57:f3:b5:45:
2e:80:68:9f:1b:7e:be:49:5f:f4:33:f2:85:1e:f8:6e:90:ab:
50:1e:53:73:aa:87:d5:2e:46:db:05:9b:bb:c8:86:89:7b:40:
71:64:94:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH842ASfXRzYvPRcbawvLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZDExYjY0ZmZlMThlZmE0MmY0M2E2Yzc2NTYzOWRlZTM4
ZDAyN2UwHhcNMjUwMTAxMTM0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTdlMzM0ZDc1ZDkzMjhkOTY1ODczOGE4YTczMmZjODA4OTE2MWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl69lNOSeoyWstk17+uqHYDp/mx6B
vxGYAQ8WFhIAv2uT6a6g6bUyzYC48MTmbLT4m2SjXIT11qATtcAAaNO3wGCZ4s4y
b98qcHSI9gRMo/gmTg4QOKT1Wod69Eymjbk1WgS0Vo5CwxLGtomjb/TbRagT+eNj
O+cAh0r8cjUZLeDtST2VF3i8ULU13w/wAGH9SGJcbqhxl7H47tKBcy5yRSynqad8
J4moPXCX2KrUPWIT1NVG46WmlisUV4wMCKGnzMr6vZwYkkDv6j3iOz2PQTuhlByE
POWS8cqrbb8xBGoKmpdZzKWZpt1dm9IIMvr9v2deLiw820rUGMoQp3zFwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMF+M0112TKNllhziopzL8gIkWHhMB8GA1UdIwQY
MBaAFMbRG2T/4Y76QvQ6bHZWOd7jjQJ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHRFYlpQX2hqdnBDOURwc2RsWTUzdU9OQW40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80Y2FjNmItOGUwNS00NDhhLTgzZjct
NjgzNTg1MjE1OGQ4LzEvd1g0elRYWFpNbzJXV0hPS2luTXZ5QWlSWWVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80Y2FjNmItOGUwNS00NDhhLTgzZjctNjgzNTg1MjE1OGQ4
LzEveHRFYlpQX2hqdnBDOURwc2RsWTUzdU9OQW40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwUlyMA0G
CSqGSIb3DQEBCwUAA4IBAQCEtMUuox6ajhI/uyacn8VxVnzozDToB5vGXbcAPajC
ntFVMWb3eYaCsgxdA4HkJjo2kcGOzz8MTZ81wSEvrYamqZHkb7N4j/InqTXVBZTf
v8I1rql8bHwcpNN/nrFV+9LQ7UVyS6EEr2ErIA7E5dka9t33R1W4Y1eGa/Lz4Dn9
Z2Zu8l+XEl/Qz0cPbYA3mYF6CO1/UItCillh9qybY9h0qdpZzlZqdtEubvSUYTy2
iR3fyYw1kyakBIM7rVZao4fucUxT1reZOOh8BUX51Qpm1eszXFfztUUugGifG36+
SV/0M/KFHvhukKtQHlNzqofVLkbbBZu7yIaJe0BxZJS4
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:44:39 2025 by rpki-client