Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/7570e1-ae3d-4901-9c85-dcdc5cee276f/1/xFZl1VnxsO5HBF1HaC9R35f8bQA.roa
File: xFZl1VnxsO5HBF1HaC9R35f8bQA.roa (raw, json)
Hash identifier: MdCqIpTLbS43M8gA0CmB4PlwIslBSORvGQMQ2zPpoDA=
Subject key identifier: C4:56:65:D5:59:F1:B0:EE:47:04:5D:47:68:2F:51:DF:97:FC:6D:00
Certificate issuer: /CN=295a92b778eddfa8dcd917cbb87cde31ba2c732f
Certificate serial: 01856C65E7E150C1302340DE06109D681363
Authority key identifier: 29:5A:92:B7:78:ED:DF:A8:DC:D9:17:CB:B8:7C:DE:31:BA:2C:73:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVqSt3jt36jc2RfLuHzeMboscy8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/7570e1-ae3d-4901-9c85-dcdc5cee276f/1/xFZl1VnxsO5HBF1HaC9R35f8bQA.roa
Signing time: Sun 01 Jan 2023 08:14:55 +0000
ROA not before: Sun 01 Jan 2023 08:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209943
IP address blocks: 194.56.221.0/24 maxlen: 32
2001:67c:28ec::/48 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:e7:e1:50:c1:30:23:40:de:06:10:9d:68:13:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=295a92b778eddfa8dcd917cbb87cde31ba2c732f
Validity
Not Before: Jan 1 08:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c45665d559f1b0ee47045d47682f51df97fc6d00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2d:b3:34:5e:ee:c8:cd:fe:b4:3a:de:80:52:
c7:83:87:11:8d:fa:c7:6f:53:94:f5:de:bc:2c:c4:
3f:89:32:27:01:79:38:5c:be:fc:13:70:3f:8e:05:
de:ac:92:f9:f1:64:e9:3a:d0:e0:1a:65:98:d4:5a:
72:3c:1c:5a:83:48:c0:16:f7:9e:78:d5:a7:04:84:
cd:48:8d:d2:e5:b9:4c:96:93:80:6e:96:39:8e:f0:
c6:77:92:12:31:1c:2d:cd:0b:b4:d7:bc:20:77:7b:
09:97:8d:c5:8f:0a:17:ed:e1:89:66:4c:9b:67:40:
ae:4c:35:0e:04:b9:f4:f0:9f:df:33:7a:e1:75:3b:
0d:00:0a:80:8a:9b:bb:0c:dd:75:d7:56:36:a6:14:
3d:1f:f4:c0:a7:9c:c8:c6:0f:2f:01:7b:55:25:cd:
3e:2b:fe:c8:eb:55:70:0b:4f:86:8e:ba:31:59:8c:
ba:0e:34:9c:98:09:2b:98:80:6b:3c:09:5f:af:66:
0f:63:1d:1c:29:e9:df:7c:ef:5d:1b:43:a8:77:b4:
a8:87:15:31:64:36:99:1e:e4:9e:85:92:4e:ca:2a:
6e:2f:fa:08:33:d0:f7:af:f1:06:18:46:50:6b:01:
35:5b:8a:2a:33:60:94:30:76:6f:4d:4b:8c:3a:63:
53:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:56:65:D5:59:F1:B0:EE:47:04:5D:47:68:2F:51:DF:97:FC:6D:00
X509v3 Authority Key Identifier:
keyid:29:5A:92:B7:78:ED:DF:A8:DC:D9:17:CB:B8:7C:DE:31:BA:2C:73:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVqSt3jt36jc2RfLuHzeMboscy8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/7570e1-ae3d-4901-9c85-dcdc5cee276f/1/xFZl1VnxsO5HBF1HaC9R35f8bQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/7570e1-ae3d-4901-9c85-dcdc5cee276f/1/KVqSt3jt36jc2RfLuHzeMboscy8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.56.221.0/24
IPv6:
2001:67c:28ec::/48
Signature Algorithm: sha256WithRSAEncryption
10:35:f1:bf:0e:67:56:19:d8:37:6c:4b:50:ae:f1:94:05:e0:
cd:b1:ad:06:fa:21:35:07:e2:a4:d2:a0:e2:7a:e7:9d:a8:13:
89:fc:1e:c2:2d:5a:5e:82:3e:18:53:2f:2d:d5:d4:8e:fe:91:
4b:ed:d6:47:11:f3:6f:84:08:b5:e6:ae:a2:3b:86:8b:2e:f0:
66:0b:a3:90:62:fd:90:4a:64:77:fc:65:23:90:1f:fb:1b:fa:
1b:9e:1c:37:ab:ff:11:1d:65:7c:7f:f7:5d:c6:7a:aa:40:28:
38:3e:5d:31:ab:2c:2e:bd:cf:68:4d:01:08:fc:55:21:5f:a1:
2d:b9:94:62:f9:ad:33:8d:f8:87:8a:01:b2:cf:55:cf:cf:ee:
1a:3d:14:47:30:ea:99:b6:d4:eb:2d:6b:f9:3e:6a:37:23:bb:
e2:de:a7:37:15:90:80:64:be:2a:11:e1:12:db:be:1b:7f:38:
bb:fc:04:1c:16:1d:df:0c:8e:da:13:3d:70:c2:cf:26:82:85:
9b:84:23:e3:fa:94:82:2f:45:68:12:e8:e0:29:68:af:7a:36:
59:cd:d0:56:37:cd:50:37:42:f9:6d:73:4d:74:59:9a:ac:50:
ee:ca:5c:30:56:2f:7d:c1:4b:97:10:02:76:b4:2b:7a:24:1f:
4f:83:18:59
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsZefhUMEwI0DeBhCdaBNjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NWE5MmI3NzhlZGRmYThkY2Q5MTdjYmI4N2NkZTMxYmEy
YzczMmYwHhcNMjMwMTAxMDgxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDU2NjVkNTU5ZjFiMGVlNDcwNDVkNDc2ODJmNTFkZjk3ZmM2ZDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtC2zNF7uyM3+tDregFLHg4cRjfrH
b1OU9d68LMQ/iTInAXk4XL78E3A/jgXerJL58WTpOtDgGmWY1FpyPBxag0jAFvee
eNWnBITNSI3S5blMlpOAbpY5jvDGd5ISMRwtzQu017wgd3sJl43FjwoX7eGJZkyb
Z0CuTDUOBLn08J/fM3rhdTsNAAqAipu7DN1111Y2phQ9H/TAp5zIxg8vAXtVJc0+
K/7I61VwC0+GjroxWYy6DjScmAkrmIBrPAlfr2YPYx0cKenffO9dG0Ood7SohxUx
ZDaZHuSehZJOyipuL/oIM9D3r/EGGEZQawE1W4oqM2CUMHZvTUuMOmNT8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMRWZdVZ8bDuRwRdR2gvUd+X/G0AMB8GA1UdIwQY
MBaAFClakrd47d+o3NkXy7h83jG6LHMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1ZxU3QzanQzNmpjMlJmTHVIemVNYm9zY3k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy83NTcwZTEtYWUzZC00OTAxLTljODUt
ZGNkYzVjZWUyNzZmLzEveEZabDFWbnhzTzVIQkYxSGFDOVIzNWY4YlFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy83NTcwZTEtYWUzZC00OTAxLTljODUtZGNkYzVjZWUyNzZm
LzEvS1ZxU3QzanQzNmpjMlJmTHVIemVNYm9zY3k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwjjdMA8E
AgACMAkDBwAgAQZ8KOwwDQYJKoZIhvcNAQELBQADggEBABA18b8OZ1YZ2DdsS1Cu
8ZQF4M2xrQb6ITUH4qTSoOJ6552oE4n8HsItWl6CPhhTLy3V1I7+kUvt1kcR82+E
CLXmrqI7hosu8GYLo5Bi/ZBKZHf8ZSOQH/sb+hueHDer/xEdZXx/913GeqpAKDg+
XTGrLC69z2hNAQj8VSFfoS25lGL5rTON+IeKAbLPVc/P7ho9FEcw6pm21Osta/k+
ajcju+LepzcVkIBkvioR4RLbvht/OLv8BBwWHd8MjtoTPXDCzyaChZuEI+P6lIIv
RWgS6OApaK96NlnN0FY3zVA3Qvltc010WZqsUO7KXDBWL33BS5cQAna0K3okH0+D
GFk=
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:12:29 2025 by rpki-client