Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/ccbc52-e094-4e15-b672-71a4c6f9c887/1/x4oE4qGeN5l63LfuOk7vKfX29zo.roa
File: x4oE4qGeN5l63LfuOk7vKfX29zo.roa (raw, json)
Hash identifier: OSd/JTxiVPLGBGqth2LnKDtRXcHjfdTHd6t3Ot2XaUg=
Subject key identifier: C7:8A:04:E2:A1:9E:37:99:7A:DC:B7:EE:3A:4E:EF:29:F5:F6:F7:3A
Certificate issuer: /CN=3269cc291ba260fc71118684e7b302f50ce9628d
Certificate serial: 06D922B9
Authority key identifier: 32:69:CC:29:1B:A2:60:FC:71:11:86:84:E7:B3:02:F5:0C:E9:62:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmnMKRuiYPxxEYaE57MC9QzpYo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/ccbc52-e094-4e15-b672-71a4c6f9c887/1/x4oE4qGeN5l63LfuOk7vKfX29zo.roa
Signing time: Sat 01 Jan 2022 10:57:43 +0000
ROA not before: Sat 01 Jan 2022 10:57:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21485
IP address blocks: 91.231.153.0/24 maxlen: 24
2001:67c:15ec::/48 maxlen: 48
2a0a:3500::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114893497 (0x6d922b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3269cc291ba260fc71118684e7b302f50ce9628d
Validity
Not Before: Jan 1 10:57:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c78a04e2a19e37997adcb7ee3a4eef29f5f6f73a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:12:2e:ce:d5:18:58:c4:a3:a1:b6:65:61:41:
28:13:e4:5d:28:55:fd:c1:fe:84:33:b7:7b:32:bf:
6c:cf:86:fd:7e:f0:8a:c7:29:11:61:e1:66:07:b5:
65:d1:11:02:50:ff:36:6f:49:a6:01:db:15:ab:03:
0a:57:b1:5a:e5:72:f6:0d:23:08:ae:c4:7a:84:d0:
cb:cf:0a:db:aa:7f:02:92:2f:5a:b6:0c:fb:9d:2e:
3e:89:33:cd:44:c3:4c:02:d8:a1:7e:0c:f4:bd:b0:
5f:ea:8a:db:28:59:3b:76:03:22:29:34:b3:3d:83:
bb:a6:fa:e3:4e:59:4b:d1:45:ec:a8:cb:04:8d:f5:
50:21:12:0b:86:65:5f:53:1f:e0:c0:fc:bb:b2:51:
0e:9d:e0:d6:9a:af:ff:51:52:54:ca:1a:16:d8:48:
37:d2:71:8a:35:17:f0:2a:37:0b:ec:ea:7f:d8:eb:
d6:58:a6:60:ae:7b:d0:ad:b9:f9:24:d2:fe:7f:b9:
51:2b:3a:7f:e7:12:66:35:22:af:4f:ab:23:a3:5a:
e0:f1:01:d0:10:97:a2:76:7b:d7:b2:22:89:30:0f:
66:59:91:01:94:6c:73:fe:1a:55:4d:da:17:ff:4e:
90:09:d5:bb:8c:0e:cb:8e:ff:ef:3f:d3:6b:a1:84:
8b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:8A:04:E2:A1:9E:37:99:7A:DC:B7:EE:3A:4E:EF:29:F5:F6:F7:3A
X509v3 Authority Key Identifier:
keyid:32:69:CC:29:1B:A2:60:FC:71:11:86:84:E7:B3:02:F5:0C:E9:62:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmnMKRuiYPxxEYaE57MC9QzpYo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ccbc52-e094-4e15-b672-71a4c6f9c887/1/x4oE4qGeN5l63LfuOk7vKfX29zo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ccbc52-e094-4e15-b672-71a4c6f9c887/1/MmnMKRuiYPxxEYaE57MC9QzpYo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.153.0/24
IPv6:
2001:67c:15ec::/48
2a0a:3500::/32
Signature Algorithm: sha256WithRSAEncryption
29:3c:4f:cd:06:f3:f2:17:be:83:cf:ef:47:15:df:23:5c:9a:
c8:af:bf:0e:2f:02:77:c3:bb:bd:c2:75:9c:db:e0:08:15:33:
cd:d5:98:90:43:97:98:1b:b6:0e:cb:7e:cb:16:5d:00:22:b3:
69:f9:95:e1:c1:6d:cf:09:e0:9d:42:bc:7b:17:76:70:c2:a1:
90:03:03:ad:e5:9c:29:51:c2:de:8b:20:4c:dc:a1:89:08:eb:
58:6a:64:9b:80:d7:86:b0:73:d7:1a:d5:4a:5e:93:c9:e0:26:
3b:d2:63:1c:cd:0e:ef:1c:56:5a:48:36:4c:4a:1f:9d:f5:58:
b5:cc:ab:be:7b:f0:ea:b3:f4:d3:e4:75:4e:5f:92:2b:b3:93:
a1:04:55:54:95:5f:8b:4e:f2:91:66:36:37:fe:03:9a:74:f5:
74:2e:cf:38:26:1e:60:5e:c5:e2:a9:3a:d2:45:9e:90:9e:e3:
ea:0e:85:3f:6b:c1:ba:be:d1:46:8f:87:89:fd:6c:d1:e9:9f:
73:21:65:a8:ec:8d:3e:94:a2:66:a3:53:3b:28:71:fa:af:85:
31:28:87:46:05:f4:13:dd:06:2d:cd:bd:f7:cc:56:d7:16:d9:
e9:d1:2f:82:e0:b2:42:f2:24:5d:19:57:e2:dc:a3:7a:2f:c5:
79:50:39:ef
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEBtkiuTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MjY5Y2MyOTFiYTI2MGZjNzExMTg2ODRlN2IzMDJmNTBjZTk2MjhkMB4XDTIyMDEw
MTEwNTc0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzc4YTA0ZTJhMTll
Mzc5OTdhZGNiN2VlM2E0ZWVmMjlmNWY2ZjczYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALMSLs7VGFjEo6G2ZWFBKBPkXShV/cH+hDO3ezK/bM+G/X7w
iscpEWHhZge1ZdERAlD/Nm9JpgHbFasDClexWuVy9g0jCK7EeoTQy88K26p/ApIv
WrYM+50uPokzzUTDTALYoX4M9L2wX+qK2yhZO3YDIik0sz2Du6b6405ZS9FF7KjL
BI31UCESC4ZlX1Mf4MD8u7JRDp3g1pqv/1FSVMoaFthIN9JxijUX8Co3C+zqf9jr
1limYK570K25+STS/n+5USs6f+cSZjUir0+rI6Na4PEB0BCXonZ717IiiTAPZlmR
AZRsc/4aVU3aF/9OkAnVu4wOy47/7z/Ta6GEiwMCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBTHigTioZ43mXrct+46Tu8p9fb3OjAfBgNVHSMEGDAWgBQyacwpG6Jg/HER
hoTnswL1DOlijTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01tbk1LUnVpWVB4eEVZYUU1N01DOVF6cFlvMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvY2NiYzUyLWUwOTQtNGUxNS1iNjcyLTcxYTRjNmY5Yzg4Ny8x
L3g0b0U0cUdlTjVsNjNMZnVPazd2S2ZYMjl6by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Iv
Y2NiYzUyLWUwOTQtNGUxNS1iNjcyLTcxYTRjNmY5Yzg4Ny8xL01tbk1LUnVpWVB4
eEVZYUU1N01DOVF6cFlvMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwDAQCAAEwBgMEAFvnmTAWBAIAAjAQAwcAIAEGfBXs
AwUAKgo1ADANBgkqhkiG9w0BAQsFAAOCAQEAKTxPzQbz8he+g8/vRxXfI1yayK+/
Di8Cd8O7vcJ1nNvgCBUzzdWYkEOXmBu2Dst+yxZdACKzafmV4cFtzwngnUK8exd2
cMKhkAMDreWcKVHC3osgTNyhiQjrWGpkm4DXhrBz1xrVSl6TyeAmO9JjHM0O7xxW
Wkg2TEofnfVYtcyrvnvw6rP00+R1Tl+SK7OToQRVVJVfi07ykWY2N/4DmnT1dC7P
OCYeYF7F4qk60kWekJ7j6g6FP2vBur7RRo+Hif1s0emfcyFlqOyNPpSiZqNTOyhx
+q+FMSiHRgX0E90GLc2998xW1xbZ6dEvguCyQvIkXRlX4tyjei/FeVA57w==
-----END CERTIFICATE-----
Generated at Wed Jun 11 10:20:31 2025 by rpki-client