Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/xmPrjXwgzAc4bi6Op-k92DP0zYQ.roa
File: xmPrjXwgzAc4bi6Op-k92DP0zYQ.roa (raw, json)
Hash identifier: Yg07yPbPmPxhkY2QOReSXpIrXS2cz6DJVyYuiKyL6xk=
Subject key identifier: C6:63:EB:8D:7C:20:CC:07:38:6E:2E:8E:A7:E9:3D:D8:33:F4:CD:84
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 0194266B09A004C417C131C2DDE64FC5FEBE
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/xmPrjXwgzAc4bi6Op-k92DP0zYQ.roa
Signing time: Thu 02 Jan 2025 09:48:56 +0000
ROA not before: Thu 02 Jan 2025 09:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 63018
IP address blocks: 194.110.173.0/24 maxlen: 24
2a09:ff00:101::/48 maxlen: 48
2a09:ff00:102::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:09:a0:04:c4:17:c1:31:c2:dd:e6:4f:c5:fe:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 2 09:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c663eb8d7c20cc07386e2e8ea7e93dd833f4cd84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:59:69:e3:dd:c6:57:40:47:5b:e5:25:91:8a:
3e:b6:01:8e:61:0b:37:aa:58:5d:07:d3:3c:28:7d:
bd:fa:1a:1d:8f:c0:01:22:94:38:62:e5:06:31:a1:
95:4e:20:80:1d:64:be:63:e8:e6:6d:be:e2:27:b5:
67:ee:53:06:30:b3:56:37:87:39:50:d5:04:b6:91:
9d:98:e2:39:0a:65:e9:2d:d1:32:f9:08:0a:0e:99:
3b:f5:d6:54:cd:2c:7a:07:6a:9a:3e:59:55:ee:f0:
31:d1:bb:b7:35:05:42:3a:0e:82:8c:ed:fd:93:a6:
a9:6f:5b:b9:27:56:b8:ee:9d:ac:fb:27:65:04:86:
a3:dc:1b:c6:97:ad:eb:08:72:65:1f:0c:6e:53:54:
c6:0f:99:63:42:92:ea:7e:24:c6:d5:71:05:59:62:
9a:2e:88:0f:69:e8:b9:41:02:ca:53:8b:fa:34:cf:
2b:13:66:ff:f2:aa:1c:73:6a:b9:ff:8e:b6:d9:6e:
f8:bb:81:f1:7e:76:9a:e0:68:1b:57:f8:cd:ad:ed:
d0:fd:21:82:4b:e1:1a:f7:98:a7:a1:15:2f:67:97:
37:25:67:04:09:08:a3:df:3f:73:1e:bf:c9:26:d2:
ab:c7:12:9d:70:9f:a8:92:99:f2:8c:25:62:02:fa:
bb:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:63:EB:8D:7C:20:CC:07:38:6E:2E:8E:A7:E9:3D:D8:33:F4:CD:84
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/xmPrjXwgzAc4bi6Op-k92DP0zYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.110.173.0/24
IPv6:
2a09:ff00:101::-2a09:ff00:102:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9e:a4:fb:a2:7c:97:8c:32:2c:c7:dc:43:a7:9c:f6:93:52:9a:
68:83:f8:a8:fd:c9:16:62:5a:31:1e:2c:c8:8b:31:bc:aa:61:
6c:14:fe:d8:f6:b0:dd:a9:1d:34:2a:20:30:da:18:75:a4:0e:
13:82:d2:42:f3:40:04:82:b8:d2:fd:50:2f:5e:16:f1:9b:c8:
6d:63:b5:bb:42:77:f8:7c:b8:59:61:fa:56:33:c6:66:54:2b:
9c:06:f3:e7:68:29:ec:a2:31:37:33:81:e2:b2:0c:2b:9f:62:
df:53:ae:fb:11:df:42:e6:56:1c:4e:1c:34:5e:40:d8:c3:bd:
e4:7b:0d:81:98:41:45:2e:ec:99:03:d3:04:a3:d5:ad:0a:6c:
29:c0:2b:ce:f9:1b:a2:d1:cb:d8:6d:15:0b:ca:7b:91:a9:62:
81:2e:01:91:98:f1:95:bb:8e:53:a4:ba:fa:6f:be:94:28:5b:
1c:f4:54:5d:5c:59:2e:9c:8a:bd:49:61:cc:de:2f:93:a8:1b:
b2:29:d2:4c:42:19:d4:5e:54:e9:9e:1b:52:9c:a4:5d:6a:e0:
c7:bf:5f:1e:6f:07:a7:b7:29:bb:50:cf:99:96:55:aa:4a:e5:
3a:dd:f7:8a:b4:7c:1f:44:6e:06:ce:b0:63:c4:c5:8a:b2:0b:
3c:f3:b6:c2
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQmawmgBMQXwTHC3eZPxf6+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjUwMTAyMDk0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjYzZWI4ZDdjMjBjYzA3Mzg2ZTJlOGVhN2U5M2RkODMzZjRjZDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Vlp493GV0BHW+UlkYo+tgGOYQs3
qlhdB9M8KH29+hodj8ABIpQ4YuUGMaGVTiCAHWS+Y+jmbb7iJ7Vn7lMGMLNWN4c5
UNUEtpGdmOI5CmXpLdEy+QgKDpk79dZUzSx6B2qaPllV7vAx0bu3NQVCOg6CjO39
k6apb1u5J1a47p2s+ydlBIaj3BvGl63rCHJlHwxuU1TGD5ljQpLqfiTG1XEFWWKa
LogPaei5QQLKU4v6NM8rE2b/8qocc2q5/4622W74u4Hxfnaa4GgbV/jNre3Q/SGC
S+Ea95inoRUvZ5c3JWcECQij3z9zHr/JJtKrxxKdcJ+okpnyjCViAvq7lQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFMZj6418IMwHOG4ujqfpPdgz9M2EMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEveG1QcmpYd2d6QWM0Ymk2T3AtazkyRFAwellRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAwm6tMBoE
AgACMBQwEgMHACoJ/wABAQMHACoJ/wABAjANBgkqhkiG9w0BAQsFAAOCAQEAnqT7
onyXjDIsx9xDp5z2k1KaaIP4qP3JFmJaMR4syIsxvKphbBT+2Paw3akdNCogMNoY
daQOE4LSQvNABIK40v1QL14W8ZvIbWO1u0J3+Hy4WWH6VjPGZlQrnAbz52gp7KIx
NzOB4rIMK59i31Ou+xHfQuZWHE4cNF5A2MO95HsNgZhBRS7smQPTBKPVrQpsKcAr
zvkbotHL2G0VC8p7kaligS4BkZjxlbuOU6S6+m++lChbHPRUXVxZLpyKvUlhzN4v
k6gbsinSTEIZ1F5U6Z4bUpykXWrgx79fHm8Hp7cpu1DPmZZVqkrlOt33irR8H0Ru
Bs6wY8TFirILPPO2wg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:45:26 2025 by rpki-client