Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/c176a7-0a8d-457b-94a7-ffba8dc6d33c/1/xzTAe3bJau73y5DHzpW-T9bDxzw.roa
File: xzTAe3bJau73y5DHzpW-T9bDxzw.roa (raw, json)
Hash identifier: m8L4muVkl73bpOfeUid8rP0VwDIzNFeXedYJaRnBn04=
Subject key identifier: C7:34:C0:7B:76:C9:6A:EE:F7:CB:90:C7:CE:95:BE:4F:D6:C3:C7:3C
Certificate issuer: /CN=c91bbcc5a4e5cf9a2d28e728dfbc130f688bb8dd
Certificate serial: 09D4CCD1
Authority key identifier: C9:1B:BC:C5:A4:E5:CF:9A:2D:28:E7:28:DF:BC:13:0F:68:8B:B8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yRu8xaTlz5otKOco37wTD2iLuN0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/c176a7-0a8d-457b-94a7-ffba8dc6d33c/1/xzTAe3bJau73y5DHzpW-T9bDxzw.roa
Signing time: Sat 01 Jan 2022 09:55:54 +0000
ROA not before: Sat 01 Jan 2022 09:55:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62242
IP address blocks: 193.23.28.0/24 maxlen: 24
2a04:9ac0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 164941009 (0x9d4ccd1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c91bbcc5a4e5cf9a2d28e728dfbc130f688bb8dd
Validity
Not Before: Jan 1 09:55:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c734c07b76c96aeef7cb90c7ce95be4fd6c3c73c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:2b:14:13:15:8a:0b:60:31:3a:76:d4:d5:c3:
30:9c:cf:6e:43:99:fe:0c:87:72:a3:69:2e:c8:42:
83:63:4f:bf:0e:7a:61:64:8c:2d:0e:00:4b:18:b1:
4e:48:b5:5f:ac:fb:8e:cc:a8:0d:62:be:d2:7b:54:
31:4f:6d:11:79:13:67:2e:3b:ab:03:a5:9e:ba:3c:
52:7a:19:f7:e4:53:8e:a9:dc:05:94:74:b5:8c:09:
c9:7c:05:eb:d2:13:1d:f3:60:09:a0:14:68:b9:af:
80:e0:d6:23:d1:77:31:a9:07:4d:a3:e8:cb:01:c5:
a8:f0:7e:3e:81:a1:f6:91:cb:1b:f2:9f:83:67:df:
cf:fc:33:51:98:e0:38:2f:f4:7e:2d:43:f4:b6:98:
8b:f9:75:52:e2:73:b4:9e:e8:63:0a:e8:5e:c1:2f:
b6:e5:09:aa:1b:62:91:35:d2:0f:f5:4f:94:82:58:
4f:3b:e0:22:79:b2:88:a3:1b:d3:e2:fd:42:eb:ee:
b3:f4:43:1c:0c:0e:74:ef:3d:0c:55:60:1b:8d:27:
bf:24:ac:f3:fe:04:e0:92:37:7f:03:4c:d0:fe:13:
25:e6:69:ba:c6:61:45:43:70:a1:6d:3e:d0:f8:ab:
3b:ed:e8:31:98:57:4e:49:86:fe:f1:d4:2d:29:80:
4f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:34:C0:7B:76:C9:6A:EE:F7:CB:90:C7:CE:95:BE:4F:D6:C3:C7:3C
X509v3 Authority Key Identifier:
keyid:C9:1B:BC:C5:A4:E5:CF:9A:2D:28:E7:28:DF:BC:13:0F:68:8B:B8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yRu8xaTlz5otKOco37wTD2iLuN0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/c176a7-0a8d-457b-94a7-ffba8dc6d33c/1/xzTAe3bJau73y5DHzpW-T9bDxzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/c176a7-0a8d-457b-94a7-ffba8dc6d33c/1/yRu8xaTlz5otKOco37wTD2iLuN0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.23.28.0/24
IPv6:
2a04:9ac0::/32
Signature Algorithm: sha256WithRSAEncryption
1c:6c:33:ed:98:73:38:e6:d9:86:bd:37:b9:2e:60:4c:2d:47:
ee:37:85:d9:5f:99:f8:19:51:a7:3d:80:49:0e:84:29:3f:d8:
c2:50:01:79:e8:9d:2d:67:98:c5:b7:41:a0:b9:63:f2:f2:ea:
82:1c:8e:37:04:0a:81:33:53:ea:4e:69:b6:68:98:57:93:9f:
5b:4c:5b:8e:48:2b:a1:89:db:74:bd:7e:69:ef:e3:64:c4:c0:
85:29:91:82:64:35:2d:78:75:43:e5:b9:7b:b0:21:ac:a7:18:
ff:ca:3d:79:b5:9f:4c:5b:bf:55:b7:a2:2c:e8:cf:98:c9:e8:
03:23:6b:be:fa:8e:f9:24:a4:b9:49:91:61:87:a9:08:49:a4:
cd:1e:a8:02:d3:57:c0:f3:79:9f:20:b4:26:18:22:75:a9:e9:
7a:82:6a:90:95:6a:87:b3:e9:67:55:67:9b:fd:4e:56:94:19:
38:ef:40:c7:93:53:e4:0d:ec:87:36:33:30:da:f5:40:3e:2d:
4a:ae:f5:32:bf:b0:9a:b2:5e:83:0f:f5:34:b3:6c:ab:30:2a:
63:db:11:c1:0b:13:5c:b2:de:da:1e:16:9f:45:41:5c:86:b0:
38:d7:7b:52:6a:c4:68:b5:ee:11:ee:25:c9:5b:36:b8:52:03:
b9:02:42:3b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECdTM0TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
OTFiYmNjNWE0ZTVjZjlhMmQyOGU3MjhkZmJjMTMwZjY4OGJiOGRkMB4XDTIyMDEw
MTA5NTU1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzczNGMwN2I3NmM5
NmFlZWY3Y2I5MGM3Y2U5NWJlNGZkNmMzYzczYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMkrFBMVigtgMTp21NXDMJzPbkOZ/gyHcqNpLshCg2NPvw56
YWSMLQ4ASxixTki1X6z7jsyoDWK+0ntUMU9tEXkTZy47qwOlnro8UnoZ9+RTjqnc
BZR0tYwJyXwF69ITHfNgCaAUaLmvgODWI9F3MakHTaPoywHFqPB+PoGh9pHLG/Kf
g2ffz/wzUZjgOC/0fi1D9LaYi/l1UuJztJ7oYwroXsEvtuUJqhtikTXSD/VPlIJY
TzvgInmyiKMb0+L9Quvus/RDHAwOdO89DFVgG40nvySs8/4E4JI3fwNM0P4TJeZp
usZhRUNwoW0+0PirO+3oMZhXTkmG/vHULSmATyUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTHNMB7dslq7vfLkMfOlb5P1sPHPDAfBgNVHSMEGDAWgBTJG7zFpOXPmi0o
5yjfvBMPaIu43TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lSdTh4YVRsejVvdEtPY28zN3dURDJpTHVOMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvYzE3NmE3LTBhOGQtNDU3Yi05NGE3LWZmYmE4ZGM2ZDMzYy8x
L3h6VEFlM2JKYXU3M3k1REh6cFctVDliRHh6dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
YzE3NmE3LTBhOGQtNDU3Yi05NGE3LWZmYmE4ZGM2ZDMzYy8xL3lSdTh4YVRsejVv
dEtPY28zN3dURDJpTHVOMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAMEXHDANBAIAAjAHAwUAKgSawDAN
BgkqhkiG9w0BAQsFAAOCAQEAHGwz7ZhzOObZhr03uS5gTC1H7jeF2V+Z+BlRpz2A
SQ6EKT/YwlABeeidLWeYxbdBoLlj8vLqghyONwQKgTNT6k5ptmiYV5OfW0xbjkgr
oYnbdL1+ae/jZMTAhSmRgmQ1LXh1Q+W5e7AhrKcY/8o9ebWfTFu/VbeiLOjPmMno
AyNrvvqO+SSkuUmRYYepCEmkzR6oAtNXwPN5nyC0JhgidanpeoJqkJVqh7PpZ1Vn
m/1OVpQZOO9Ax5NT5A3shzYzMNr1QD4tSq71Mr+wmrJegw/1NLNsqzAqY9sRwQsT
XLLe2h4Wn0VBXIawONd7UmrEaLXuEe4lyVs2uFIDuQJCOw==
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:48:04 2025 by rpki-client