Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/ea1df7-808a-47c3-ae51-b0843ec38823/1/XKCgbBOF2hVHKDo78niiU6jULHg.roa
File: XKCgbBOF2hVHKDo78niiU6jULHg.roa (raw, json)
Hash identifier: QEaRFAJhUUsQeo4vGH+Fx3VQmk/EsBaPpLYF/MqkgOs=
Subject key identifier: 5C:A0:A0:6C:13:85:DA:15:47:28:3A:3B:F2:78:A2:53:A8:D4:2C:78
Certificate issuer: /CN=a50f21c3dc93757fc03282a835600d659f961e8e
Certificate serial: 019420D5B698430796B6F7334E38C942FB86
Authority key identifier: A5:0F:21:C3:DC:93:75:7F:C0:32:82:A8:35:60:0D:65:9F:96:1E:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pQ8hw9yTdX_AMoKoNWANZZ-WHo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/ea1df7-808a-47c3-ae51-b0843ec38823/1/XKCgbBOF2hVHKDo78niiU6jULHg.roa
Signing time: Wed 01 Jan 2025 07:47:44 +0000
ROA not before: Wed 01 Jan 2025 07:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13000
IP address blocks: 91.207.64.0/23 maxlen: 23
91.208.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:b6:98:43:07:96:b6:f7:33:4e:38:c9:42:fb:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a50f21c3dc93757fc03282a835600d659f961e8e
Validity
Not Before: Jan 1 07:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ca0a06c1385da1547283a3bf278a253a8d42c78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:75:4f:f2:1b:3e:7d:98:69:af:87:45:25:71:
6d:9d:01:e7:7a:db:20:70:6f:48:e0:46:ff:68:c1:
f7:5d:e9:e0:e0:b3:4c:85:c0:4f:c6:58:32:10:8f:
d7:a8:1f:d1:c7:71:a6:a0:a7:8a:c0:8d:e8:4e:95:
c3:8c:72:a6:9f:98:aa:b8:58:15:7a:81:3e:b8:e3:
b7:8f:6f:98:48:97:85:7f:d0:7d:ea:fb:8e:0e:6a:
c3:f3:89:c9:a8:ca:f4:47:f7:57:6f:bb:25:04:f6:
51:11:6e:c1:d2:95:b9:69:79:3c:7c:bf:0e:3a:a0:
33:a1:7c:8a:87:86:f7:5f:a5:27:35:67:ad:2b:36:
a5:ae:4b:d0:26:53:87:15:87:72:96:db:78:72:0a:
da:43:54:a9:95:25:d3:78:69:d6:33:bc:af:c9:e3:
eb:9d:f0:41:37:96:53:b2:e9:44:55:70:a0:02:87:
b7:ac:b8:14:a5:12:4f:81:8a:53:f4:3c:bd:58:ce:
f2:4c:21:1c:c6:db:3d:d9:8c:1f:e7:5e:25:5b:b2:
d2:c5:5d:79:bd:bd:9e:9c:99:12:e4:1c:50:1c:cc:
dc:16:cf:ba:7e:dc:21:aa:5b:c3:bb:57:53:0d:d9:
5e:ba:c0:ec:20:18:36:f8:74:d0:40:2c:bd:73:4e:
07:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:A0:A0:6C:13:85:DA:15:47:28:3A:3B:F2:78:A2:53:A8:D4:2C:78
X509v3 Authority Key Identifier:
keyid:A5:0F:21:C3:DC:93:75:7F:C0:32:82:A8:35:60:0D:65:9F:96:1E:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pQ8hw9yTdX_AMoKoNWANZZ-WHo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/ea1df7-808a-47c3-ae51-b0843ec38823/1/XKCgbBOF2hVHKDo78niiU6jULHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/ea1df7-808a-47c3-ae51-b0843ec38823/1/pQ8hw9yTdX_AMoKoNWANZZ-WHo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.64.0/23
91.208.247.0/24
Signature Algorithm: sha256WithRSAEncryption
55:ea:53:36:7c:81:22:3c:9d:00:a0:0f:c1:f2:3d:cb:81:c0:
76:d9:1a:cb:65:b0:2b:43:24:c5:36:f4:a1:d3:27:a4:3f:81:
80:7b:19:bd:2f:0b:c6:5a:01:b2:1a:40:29:26:08:41:50:2e:
53:fc:47:12:81:62:f3:cb:dc:c2:f6:03:d3:ef:56:20:10:7a:
cc:15:df:a5:da:a1:08:85:d0:1f:2f:1a:03:2d:c4:c7:c6:a5:
a7:a0:b4:b5:70:5a:90:b9:f0:47:28:6a:45:d7:76:28:6c:80:
85:23:73:5d:3d:5d:26:98:d3:77:b2:a3:47:75:59:ae:62:63:
7c:60:56:1e:fb:d7:db:cb:3c:63:90:55:ad:44:9c:29:01:58:
34:ec:fc:88:8a:7a:9d:db:4d:16:4e:9b:8c:65:0c:dd:0d:7e:
9d:3e:88:15:35:07:87:5c:78:6b:47:f7:83:6d:0f:9b:74:3a:
f7:af:c9:94:3a:6f:82:89:7b:d0:b5:b1:85:ad:53:4e:53:09:
33:8d:e7:8c:69:95:6b:fa:91:ae:b5:b1:12:15:df:81:f1:17:
fc:f8:29:48:fb:e9:b0:53:a0:e9:7a:16:32:e3:c2:9e:57:cb:
7a:10:29:a4:ec:ee:de:26:a3:b9:54:0c:87:9a:08:81:e8:8c:
ab:5e:88:da
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQg1baYQweWtvczTjjJQvuGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MGYyMWMzZGM5Mzc1N2ZjMDMyODJhODM1NjAwZDY1OWY5
NjFlOGUwHhcNMjUwMTAxMDc0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2EwYTA2YzEzODVkYTE1NDcyODNhM2JmMjc4YTI1M2E4ZDQyYzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonVP8hs+fZhpr4dFJXFtnQHnetsg
cG9I4Eb/aMH3Xeng4LNMhcBPxlgyEI/XqB/Rx3GmoKeKwI3oTpXDjHKmn5iquFgV
eoE+uOO3j2+YSJeFf9B96vuODmrD84nJqMr0R/dXb7slBPZREW7B0pW5aXk8fL8O
OqAzoXyKh4b3X6UnNWetKzalrkvQJlOHFYdyltt4cgraQ1SplSXTeGnWM7yvyePr
nfBBN5ZTsulEVXCgAoe3rLgUpRJPgYpT9Dy9WM7yTCEcxts92Ywf514lW7LSxV15
vb2enJkS5BxQHMzcFs+6ftwhqlvDu1dTDdleusDsIBg2+HTQQCy9c04HJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFygoGwThdoVRyg6O/J4olOo1Cx4MB8GA1UdIwQY
MBaAFKUPIcPck3V/wDKCqDVgDWWflh6OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFE4aHc5eVRkWF9BTW9Lb05XQU5aWi1XSG80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9lYTFkZjctODA4YS00N2MzLWFlNTEt
YjA4NDNlYzM4ODIzLzEvWEtDZ2JCT0YyaFZIS0RvNzhuaWlVNmpVTEhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9lYTFkZjctODA4YS00N2MzLWFlNTEtYjA4NDNlYzM4ODIz
LzEvcFE4aHc5eVRkWF9BTW9Lb05XQU5aWi1XSG80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW89AAwQA
W9D3MA0GCSqGSIb3DQEBCwUAA4IBAQBV6lM2fIEiPJ0AoA/B8j3LgcB22RrLZbAr
QyTFNvSh0yekP4GAexm9LwvGWgGyGkApJghBUC5T/EcSgWLzy9zC9gPT71YgEHrM
Fd+l2qEIhdAfLxoDLcTHxqWnoLS1cFqQufBHKGpF13YobICFI3NdPV0mmNN3sqNH
dVmuYmN8YFYe+9fbyzxjkFWtRJwpAVg07PyIinqd200WTpuMZQzdDX6dPogVNQeH
XHhrR/eDbQ+bdDr3r8mUOm+CiXvQtbGFrVNOUwkzjeeMaZVr+pGutbESFd+B8Rf8
+ClI++mwU6DpehYy48KeV8t6ECmk7O7eJqO5VAyHmgiB6IyrXoja
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:27:09 2025 by rpki-client