Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/4c1b8b-aa6b-4eb1-b913-605341a393c3/1/2kEetgke8asJUIGjfrkZ-Ow0hLY.roa
File: 2kEetgke8asJUIGjfrkZ-Ow0hLY.roa (raw, json)
Hash identifier: Zm68tOecJDyU3dvZDmsOuKad33NnfWTI0Gv1J65logY=
Subject key identifier: DA:41:1E:B6:09:1E:F1:AB:09:50:81:A3:7E:B9:19:F8:EC:34:84:B6
Certificate issuer: /CN=c4638485e75c4d8a36018ca36d78932110486127
Certificate serial: 0502193D
Authority key identifier: C4:63:84:85:E7:5C:4D:8A:36:01:8C:A3:6D:78:93:21:10:48:61:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGOEhedcTYo2AYyjbXiTIRBIYSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/4c1b8b-aa6b-4eb1-b913-605341a393c3/1/2kEetgke8asJUIGjfrkZ-Ow0hLY.roa
Signing time: Sat 01 Jan 2022 07:03:28 +0000
ROA not before: Sat 01 Jan 2022 07:03:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197495
IP address blocks: 91.221.196.0/23 maxlen: 23
185.10.10.0/24 maxlen: 24
2a03:53c0::/32 maxlen: 32
2001:67c:3c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84023613 (0x502193d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4638485e75c4d8a36018ca36d78932110486127
Validity
Not Before: Jan 1 07:03:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da411eb6091ef1ab095081a37eb919f8ec3484b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:7e:9c:31:20:0d:40:c6:5e:f8:79:27:c2:4b:
59:8d:a6:c7:35:78:0f:d8:06:5f:e4:3e:34:bc:e8:
61:fd:c3:ec:73:f7:d8:86:ec:2e:8a:a3:8a:61:3d:
98:89:1b:10:68:00:bc:56:22:0f:fd:d0:a6:39:19:
40:2c:31:64:c0:b1:f8:a3:4c:27:68:3e:2e:57:f3:
4a:c8:88:2e:dc:cf:f6:03:20:d0:29:88:b9:ed:2c:
b9:a3:ee:93:c5:db:53:3c:2d:68:17:b4:96:09:ee:
33:a6:71:b2:5d:15:83:bb:18:55:32:8a:4a:97:0f:
80:12:c1:bd:99:3a:aa:51:eb:ac:5e:7d:28:c1:bc:
28:59:cb:25:c1:8f:f8:dc:fb:f3:9b:44:12:cf:a4:
fa:26:34:18:76:f8:3e:6f:58:c4:96:6e:1e:8d:de:
59:45:0b:ac:ab:2d:c0:3a:81:b4:51:b2:c7:7e:81:
e8:18:c8:34:02:0b:1a:33:e5:39:e5:eb:c8:a8:15:
64:64:c5:d1:75:5b:bd:f5:76:2d:6a:4e:f0:58:ff:
62:d4:a3:4a:a3:05:2c:88:af:8c:ac:ac:9e:ed:e7:
09:8a:bc:94:b4:97:05:31:de:7e:74:46:72:7f:6c:
9c:d4:64:3b:72:d7:04:83:6d:c3:b0:10:6a:50:ed:
67:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:41:1E:B6:09:1E:F1:AB:09:50:81:A3:7E:B9:19:F8:EC:34:84:B6
X509v3 Authority Key Identifier:
keyid:C4:63:84:85:E7:5C:4D:8A:36:01:8C:A3:6D:78:93:21:10:48:61:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGOEhedcTYo2AYyjbXiTIRBIYSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/4c1b8b-aa6b-4eb1-b913-605341a393c3/1/2kEetgke8asJUIGjfrkZ-Ow0hLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/4c1b8b-aa6b-4eb1-b913-605341a393c3/1/xGOEhedcTYo2AYyjbXiTIRBIYSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.196.0/23
185.10.10.0/24
IPv6:
2001:67c:3c0::/48
2a03:53c0::/32
Signature Algorithm: sha256WithRSAEncryption
5a:3b:5f:19:e6:e2:bd:c9:07:c7:51:44:0c:ff:d6:ab:ad:06:
99:3d:9d:c1:a8:0a:39:b5:fc:15:8e:7e:84:94:b8:de:d7:ea:
19:17:04:f6:80:b0:b0:9c:1b:0d:b5:fc:4c:c9:de:a3:2c:28:
62:8d:26:46:fd:3d:b4:0e:90:ef:c6:69:b3:d3:de:8e:82:cb:
5a:ec:20:36:a8:ee:a0:41:1d:8b:3d:fb:7a:75:19:2f:65:97:
76:19:8a:f9:20:0f:8b:fe:b2:2f:08:a3:74:9f:45:93:2e:08:
45:f1:85:0d:8e:db:ac:a4:fc:f7:b6:8b:48:05:55:11:69:e0:
11:6c:5b:50:12:82:df:39:e1:66:4c:66:da:98:7d:72:17:59:
9a:9b:65:68:d6:fa:90:bd:ea:fb:f3:02:26:79:cd:22:56:17:
12:f4:53:f9:ba:9c:2d:00:5d:8f:30:b5:34:64:06:44:f8:f0:
a4:97:78:05:c9:91:a3:70:e2:b4:83:69:6b:d3:dd:38:67:c7:
01:af:40:19:3c:a9:a1:14:e1:54:be:8c:42:0c:db:8c:d6:8a:
59:7b:2c:61:6d:bc:75:a2:bd:f8:78:d9:d4:65:fa:16:cb:d3:
82:75:57:99:d2:43:3e:2b:13:09:82:23:43:a2:76:f5:75:5a:
ce:1a:b3:60
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEBQIZPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDYzODQ4NWU3NWM0ZDhhMzYwMThjYTM2ZDc4OTMyMTEwNDg2MTI3MB4XDTIyMDEw
MTA3MDMyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGE0MTFlYjYwOTFl
ZjFhYjA5NTA4MWEzN2ViOTE5ZjhlYzM0ODRiNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALN+nDEgDUDGXvh5J8JLWY2mxzV4D9gGX+Q+NLzoYf3D7HP3
2IbsLoqjimE9mIkbEGgAvFYiD/3QpjkZQCwxZMCx+KNMJ2g+LlfzSsiILtzP9gMg
0CmIue0suaPuk8XbUzwtaBe0lgnuM6Zxsl0Vg7sYVTKKSpcPgBLBvZk6qlHrrF59
KMG8KFnLJcGP+Nz785tEEs+k+iY0GHb4Pm9YxJZuHo3eWUULrKstwDqBtFGyx36B
6BjINAILGjPlOeXryKgVZGTF0XVbvfV2LWpO8Fj/YtSjSqMFLIivjKysnu3nCYq8
lLSXBTHefnRGcn9snNRkO3LXBINtw7AQalDtZ5ECAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBTaQR62CR7xqwlQgaN+uRn47DSEtjAfBgNVHSMEGDAWgBTEY4SF51xNijYB
jKNteJMhEEhhJzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHT0VoZWRjVFlvMkFZeWpiWGlUSVJCSVlTYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvNGMxYjhiLWFhNmItNGViMS1iOTEzLTYwNTM0MWEzOTNjMy8x
LzJrRWV0Z2tlOGFzSlVJR2pmcmtaLU93MGhMWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Iv
NGMxYjhiLWFhNmItNGViMS1iOTEzLTYwNTM0MWEzOTNjMy8xL3hHT0VoZWRjVFlv
MkFZeWpiWGlUSVJCSVlTYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwEgQCAAEwDAMEAVvdxAMEALkKCjAWBAIAAjAQAwcA
IAEGfAPAAwUAKgNTwDANBgkqhkiG9w0BAQsFAAOCAQEAWjtfGebivckHx1FEDP/W
q60GmT2dwagKObX8FY5+hJS43tfqGRcE9oCwsJwbDbX8TMneoywoYo0mRv09tA6Q
78Zps9PejoLLWuwgNqjuoEEdiz37enUZL2WXdhmK+SAPi/6yLwijdJ9Fky4IRfGF
DY7brKT897aLSAVVEWngEWxbUBKC3znhZkxm2ph9chdZmptlaNb6kL3q+/MCJnnN
IlYXEvRT+bqcLQBdjzC1NGQGRPjwpJd4BcmRo3DitINpa9PdOGfHAa9AGTypoRTh
VL6MQgzbjNaKWXssYW28daK9+HjZ1GX6FsvTgnVXmdJDPisTCYIjQ6J29XVazhqz
YA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:29:16 2025 by rpki-client