Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/XcZitHkXUN8Brj3qDCFXEJCPhHQ.roa
File: XcZitHkXUN8Brj3qDCFXEJCPhHQ.roa (raw, json)
Hash identifier: k0KjTVDvATliNJtOgMZhmvGHdJ0hJTlOms8u6gPv/nY=
Subject key identifier: 5D:C6:62:B4:79:17:50:DF:01:AE:3D:EA:0C:21:57:10:90:8F:84:74
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0194228D2157184B79790300EE315BDC0260
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/XcZitHkXUN8Brj3qDCFXEJCPhHQ.roa
Signing time: Wed 01 Jan 2025 15:47:41 +0000
ROA not before: Wed 01 Jan 2025 15:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13075
IP address blocks: 83.149.13.0/24 maxlen: 24
83.149.14.0/24 maxlen: 24
91.213.104.0/24 maxlen: 24
2a03:d000:9000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:21:57:18:4b:79:79:03:00:ee:31:5b:dc:02:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 15:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5dc662b4791750df01ae3dea0c215710908f8474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:41:1f:6d:5b:c0:3d:89:0a:9c:cb:09:94:cc:
cd:ae:bf:31:12:1a:b2:8b:23:52:64:8e:dc:56:62:
4e:9e:e1:7d:6e:46:d6:8b:b5:77:5e:d4:e1:5a:6d:
95:bd:a0:66:1c:44:2e:c4:a5:bb:3d:5d:f7:10:3d:
18:ba:79:f0:99:9a:fe:a8:6c:38:19:7c:2b:4e:13:
2b:9d:0d:12:29:9d:aa:76:23:9f:b6:cb:52:b1:e6:
71:b5:5a:47:78:c3:15:91:5d:3d:d4:a9:e2:42:e7:
e1:7e:a3:6e:ae:5b:38:43:ab:0f:2c:3b:b2:01:11:
7c:a9:68:22:f3:3e:69:7c:f3:8f:f8:88:7c:1d:9b:
28:06:7f:20:0c:2a:94:63:7d:32:dc:38:f1:b4:65:
fe:ca:ec:1f:86:8a:d2:5a:99:da:6e:f2:75:ec:79:
c4:e8:18:4c:10:4d:95:0f:b3:a1:86:34:37:e3:ec:
70:16:f5:2d:52:ab:db:29:c9:05:25:b4:3d:d3:f0:
d4:58:e9:9c:a6:26:6e:3c:28:e9:d4:1e:3b:b0:6d:
4e:6b:ce:0e:46:d8:dc:3f:ba:1e:83:c2:ee:23:1d:
75:c1:b4:24:fc:b2:1f:70:1e:10:5c:15:ba:1f:1e:
13:53:b0:5c:12:15:26:e0:08:87:66:da:77:8d:e3:
70:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:C6:62:B4:79:17:50:DF:01:AE:3D:EA:0C:21:57:10:90:8F:84:74
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/XcZitHkXUN8Brj3qDCFXEJCPhHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.149.13.0-83.149.14.255
91.213.104.0/24
IPv6:
2a03:d000:9000::/48
Signature Algorithm: sha256WithRSAEncryption
a7:87:2d:be:d5:91:0c:1d:e4:ba:da:f0:1a:08:72:5e:8b:2a:
29:8a:17:c6:e3:ef:1a:05:3a:ed:d7:9a:89:61:1f:ab:c3:36:
0e:9d:bd:17:b2:73:a0:09:b8:8d:7e:52:be:ff:cc:8e:c8:ae:
6b:04:c5:79:ef:36:41:1c:64:fe:63:6e:b4:03:d2:7b:73:3e:
a0:49:4b:17:4d:93:1f:fc:a8:97:a3:5b:d6:13:f3:cf:01:52:
30:ff:0a:46:6b:3e:81:c6:b2:12:34:e4:37:6c:9a:60:8a:bc:
ae:2a:bb:d3:ff:3d:ca:3c:59:2d:73:f7:2c:30:c9:98:c1:6b:
65:33:ca:19:19:3f:b6:1c:9b:7c:19:2e:b1:b1:5c:92:7f:a7:
25:e6:e3:a6:5b:ed:9a:ad:26:cc:d1:15:63:83:87:c1:19:e3:
50:1c:fd:0a:72:06:98:ea:2d:a5:9f:65:47:3c:67:b4:62:54:
51:10:1b:0d:58:26:da:16:38:3a:b7:96:83:91:48:c0:c6:ad:
f9:53:ea:d1:23:12:36:38:6c:0e:8b:1d:6f:9d:a7:43:6e:93:
e4:44:bc:d7:9c:d0:b3:62:69:73:3c:a1:5d:e9:22:26:31:29:
72:3d:a6:32:a9:42:6e:9e:ea:ff:99:cb:0b:e0:63:da:b0:d2:
52:2d:fd:ed
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZQijSFXGEt5eQMA7jFb3AJgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjUwMTAxMTU0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGM2NjJiNDc5MTc1MGRmMDFhZTNkZWEwYzIxNTcxMDkwOGY4NDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA50EfbVvAPYkKnMsJlMzNrr8xEhqy
iyNSZI7cVmJOnuF9bkbWi7V3XtThWm2VvaBmHEQuxKW7PV33ED0YunnwmZr+qGw4
GXwrThMrnQ0SKZ2qdiOftstSseZxtVpHeMMVkV091KniQufhfqNurls4Q6sPLDuy
ARF8qWgi8z5pfPOP+Ih8HZsoBn8gDCqUY30y3DjxtGX+yuwfhorSWpnabvJ17HnE
6BhMEE2VD7OhhjQ34+xwFvUtUqvbKckFJbQ90/DUWOmcpiZuPCjp1B47sG1Oa84O
RtjcP7oeg8LuIx11wbQk/LIfcB4QXBW6Hx4TU7BcEhUm4AiHZtp3jeNwvwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFF3GYrR5F1DfAa496gwhVxCQj4R0MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvWGNaaXRIa1hVTjhCcmozcURDRlhFSkNQaEhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUMAwDBABTlQ0D
BABTlQ4DBABb1WgwDwQCAAIwCQMHACoD0ACQADANBgkqhkiG9w0BAQsFAAOCAQEA
p4ctvtWRDB3kutrwGghyXosqKYoXxuPvGgU67deaiWEfq8M2Dp29F7JzoAm4jX5S
vv/MjsiuawTFee82QRxk/mNutAPSe3M+oElLF02TH/yol6Nb1hPzzwFSMP8KRms+
gcayEjTkN2yaYIq8riq70/89yjxZLXP3LDDJmMFrZTPKGRk/thybfBkusbFckn+n
Jebjplvtmq0mzNEVY4OHwRnjUBz9CnIGmOotpZ9lRzxntGJUURAbDVgm2hY4OreW
g5FIwMat+VPq0SMSNjhsDosdb52nQ26T5ES815zQs2JpczyhXekiJjEpcj2mMqlC
bp7q/5nLC+Bj2rDSUi397Q==
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:31:22 2025 by rpki-client