Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/6VwRzGeN7Aw-2-kYrAIearsgeJI.roa
File: 6VwRzGeN7Aw-2-kYrAIearsgeJI.roa (raw, json)
Hash identifier: 1RBt0EOiw+gmhCcV4qD8Gl3QveqKsX3A4AQ+JvudWRY=
Subject key identifier: E9:5C:11:CC:67:8D:EC:0C:3E:DB:E9:18:AC:02:1E:6A:BB:20:78:92
Certificate issuer: /CN=0170a169b6cd411022279e9ff997f134ff54ab1c
Certificate serial: 01942521E428761073B39F05AFFDFDF51CB0
Authority key identifier: 01:70:A1:69:B6:CD:41:10:22:27:9E:9F:F9:97:F1:34:FF:54:AB:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AXChabbNQRAiJ56f-ZfxNP9Uqxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/6VwRzGeN7Aw-2-kYrAIearsgeJI.roa
Signing time: Thu 02 Jan 2025 03:49:25 +0000
ROA not before: Thu 02 Jan 2025 03:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201942
IP address blocks: 91.126.64.0/22 maxlen: 22
91.126.80.0/21 maxlen: 21
91.126.152.0/21 maxlen: 21
91.126.160.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:e4:28:76:10:73:b3:9f:05:af:fd:fd:f5:1c:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0170a169b6cd411022279e9ff997f134ff54ab1c
Validity
Not Before: Jan 2 03:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e95c11cc678dec0c3edbe918ac021e6abb207892
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fa:3d:e8:39:69:84:94:68:a1:f1:42:81:a7:
86:d8:c7:de:b8:ea:b4:9c:b9:e9:40:c4:6b:9f:e1:
45:4c:7c:5a:48:49:db:5d:b3:41:fb:ff:d6:30:49:
3c:df:72:1c:60:03:8b:53:11:cd:f7:27:13:63:9b:
fe:cc:7d:b6:48:23:00:7c:72:3d:ae:3f:88:52:dc:
55:06:32:e1:fe:57:5f:aa:6c:18:01:6e:73:13:fd:
51:6a:44:54:f8:2a:7f:51:c6:a9:3d:3b:6b:4f:35:
29:be:63:f3:f4:dc:10:43:d5:ab:5f:19:cc:7f:64:
ce:de:0b:f0:7e:4e:75:4a:6f:95:d8:ad:ca:b2:d5:
6b:3d:33:6d:cc:99:a5:65:f0:8b:1e:39:a4:14:63:
e5:1d:4e:26:fd:1a:cc:e2:54:f7:7e:7b:43:19:5a:
9b:da:02:1c:38:99:61:0d:09:40:fd:9c:b6:f5:c6:
1d:c8:ce:58:ba:41:fb:93:88:62:30:1d:da:02:c6:
f6:bd:49:17:89:be:95:ff:29:d1:72:f4:be:66:a7:
85:34:9a:4c:bc:70:3a:7b:00:b0:ad:7b:8b:6a:25:
8d:8e:c9:c9:02:9b:70:62:48:ee:f9:fa:fa:92:dc:
5f:56:bf:dc:16:ca:61:7b:46:63:9c:fb:4d:bf:b4:
52:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:5C:11:CC:67:8D:EC:0C:3E:DB:E9:18:AC:02:1E:6A:BB:20:78:92
X509v3 Authority Key Identifier:
keyid:01:70:A1:69:B6:CD:41:10:22:27:9E:9F:F9:97:F1:34:FF:54:AB:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AXChabbNQRAiJ56f-ZfxNP9Uqxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/6VwRzGeN7Aw-2-kYrAIearsgeJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/AXChabbNQRAiJ56f-ZfxNP9Uqxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.126.64.0/22
91.126.80.0/21
91.126.152.0-91.126.175.255
Signature Algorithm: sha256WithRSAEncryption
07:de:60:d9:36:f6:02:a9:e3:71:a4:2d:5f:21:3c:ff:40:ac:
1b:b6:fa:86:2f:4e:76:45:ea:7d:a4:62:e3:08:3b:77:bf:f2:
e1:68:37:02:b7:48:1e:35:d7:7c:54:08:2c:f4:87:0b:0c:68:
ba:f3:18:c8:6f:b4:e4:f9:bd:b9:f7:d1:0b:54:63:ce:cb:d8:
cc:1f:d0:96:35:b6:75:53:02:37:99:61:a9:32:d5:19:11:0f:
6a:fd:81:13:1c:e2:6e:3b:45:85:cc:a6:32:ac:a4:67:65:47:
1c:06:17:49:c8:c7:a9:18:89:b4:7d:c1:79:de:cc:8c:61:28:
bf:5c:98:47:91:0d:dd:db:ae:0b:5d:a1:86:b6:84:b1:4e:88:
b7:27:ea:50:8e:7a:bb:10:35:b6:b4:25:73:f9:38:d2:5d:27:
bd:02:95:3d:90:47:23:fe:ec:aa:bb:06:9d:e6:16:20:9a:4a:
7f:99:3f:f5:3b:6a:93:9b:6a:c7:1d:ec:a6:72:d2:53:f8:ae:
84:af:b5:df:e0:21:a9:35:8d:f8:d5:52:f6:3f:5f:91:ea:22:
1e:23:f4:0a:9a:df:7b:45:36:31:82:3f:a0:37:0a:68:8f:14:
1d:54:94:21:e9:39:cd:c6:78:6f:71:5e:40:e1:87:61:26:23:
53:5c:e5:56
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQlIeQodhBzs58Fr/399RywMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNzBhMTY5YjZjZDQxMTAyMjI3OWU5ZmY5OTdmMTM0ZmY1
NGFiMWMwHhcNMjUwMTAyMDM0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTVjMTFjYzY3OGRlYzBjM2VkYmU5MThhYzAyMWU2YWJiMjA3ODkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/o96DlphJRoofFCgaeG2MfeuOq0
nLnpQMRrn+FFTHxaSEnbXbNB+//WMEk833IcYAOLUxHN9ycTY5v+zH22SCMAfHI9
rj+IUtxVBjLh/ldfqmwYAW5zE/1RakRU+Cp/UcapPTtrTzUpvmPz9NwQQ9WrXxnM
f2TO3gvwfk51Sm+V2K3KstVrPTNtzJmlZfCLHjmkFGPlHU4m/RrM4lT3fntDGVqb
2gIcOJlhDQlA/Zy29cYdyM5YukH7k4hiMB3aAsb2vUkXib6V/ynRcvS+ZqeFNJpM
vHA6ewCwrXuLaiWNjsnJAptwYkju+fr6ktxfVr/cFsphe0ZjnPtNv7RSTwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOlcEcxnjewMPtvpGKwCHmq7IHiSMB8GA1UdIwQY
MBaAFAFwoWm2zUEQIieen/mX8TT/VKscMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVhDaGFiYk5RUkFpSjU2Zi1aZnhOUDlVcXh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8xZTc3N2YtOTg2Yi00ZTM0LThkODEt
N2Q0YmIyMzgwNDg3LzEvNlZ3UnpHZU43QXctMi1rWXJBSWVhcnNnZUpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8xZTc3N2YtOTg2Yi00ZTM0LThkODEtN2Q0YmIyMzgwNDg3
LzEvQVhDaGFiYk5RUkFpSjU2Zi1aZnhOUDlVcXh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCW35AAwQD
W35QMAwDBANbfpgDBARbfqAwDQYJKoZIhvcNAQELBQADggEBAAfeYNk29gKp43Gk
LV8hPP9ArBu2+oYvTnZF6n2kYuMIO3e/8uFoNwK3SB4113xUCCz0hwsMaLrzGMhv
tOT5vbn30QtUY87L2Mwf0JY1tnVTAjeZYaky1RkRD2r9gRMc4m47RYXMpjKspGdl
RxwGF0nIx6kYibR9wXnezIxhKL9cmEeRDd3brgtdoYa2hLFOiLcn6lCOersQNba0
JXP5ONJdJ70ClT2QRyP+7Kq7Bp3mFiCaSn+ZP/U7apObascd7KZy0lP4roSvtd/g
Iak1jfjVUvY/X5HqIh4j9Aqa33tFNjGCP6A3CmiPFB1UlCHpOc3GeG9xXkDhh2Em
I1Nc5VY=
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:51:13 2025 by rpki-client