Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/xwhEAx2VE0gucAj4mFhYH2uYVFI.roa
File: xwhEAx2VE0gucAj4mFhYH2uYVFI.roa (raw, json)
Hash identifier: nFpFXOMp97LHbzG3/tbWsearfU/sSkX/vvtwwnlnskI=
Subject key identifier: C7:08:44:03:1D:95:13:48:2E:70:08:F8:98:58:58:1F:6B:98:54:52
Certificate issuer: /CN=44fc887c977393575de6257e75fa99cde2037c6c
Certificate serial: 019424B38712FD6D3387427451630F040387
Authority key identifier: 44:FC:88:7C:97:73:93:57:5D:E6:25:7E:75:FA:99:CD:E2:03:7C:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RPyIfJdzk1dd5iV-dfqZzeIDfGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/xwhEAx2VE0gucAj4mFhYH2uYVFI.roa
Signing time: Thu 02 Jan 2025 01:48:52 +0000
ROA not before: Thu 02 Jan 2025 01:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208794
IP address blocks: 193.43.139.0/24 maxlen: 24
2a0e:b280::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:87:12:fd:6d:33:87:42:74:51:63:0f:04:03:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44fc887c977393575de6257e75fa99cde2037c6c
Validity
Not Before: Jan 2 01:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c70844031d9513482e7008f89858581f6b985452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:1f:59:ec:c7:aa:a4:84:83:8b:c5:65:bc:ea:
7d:42:07:a2:f7:7c:97:a9:6e:dd:86:4f:ce:e7:58:
69:af:0d:90:4e:c9:cc:97:b1:dc:56:b7:36:44:e8:
d2:7d:7e:bf:e2:cd:df:96:dd:6c:4d:b9:f6:5b:bf:
33:4f:53:8c:f2:2a:b6:09:db:29:15:16:df:2e:2d:
c9:7d:a1:7d:39:65:31:10:2b:00:e3:48:4b:ae:f2:
c3:19:00:da:35:25:ad:5a:d7:1b:02:d1:49:fc:d4:
46:57:c3:e8:c8:0a:38:37:ec:51:53:db:93:a8:09:
e4:dd:d1:19:92:2d:d8:74:0b:5c:39:54:83:d8:bd:
37:59:78:27:95:21:a0:b6:89:b7:4b:91:73:48:49:
c1:a9:7d:e1:ae:db:20:21:8b:4e:47:dd:78:60:6a:
79:0e:da:f9:8c:6d:9e:fe:e9:2a:08:75:1d:5b:a3:
03:b2:a9:e3:24:37:ad:39:c1:77:3b:9d:98:c9:79:
b4:a4:44:3d:01:5f:f3:d7:ef:6e:45:d4:4b:bb:be:
e8:8d:8d:1d:b2:36:f7:24:2b:b5:47:e8:47:51:10:
67:94:7f:eb:70:e6:7d:4d:2f:31:ef:53:a8:9f:1d:
7f:48:a9:ef:7a:10:ff:fa:0f:2d:ed:3a:ee:b5:68:
59:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:08:44:03:1D:95:13:48:2E:70:08:F8:98:58:58:1F:6B:98:54:52
X509v3 Authority Key Identifier:
keyid:44:FC:88:7C:97:73:93:57:5D:E6:25:7E:75:FA:99:CD:E2:03:7C:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPyIfJdzk1dd5iV-dfqZzeIDfGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/xwhEAx2VE0gucAj4mFhYH2uYVFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/RPyIfJdzk1dd5iV-dfqZzeIDfGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.43.139.0/24
IPv6:
2a0e:b280::/29
Signature Algorithm: sha256WithRSAEncryption
1a:2b:76:18:19:67:54:fb:38:28:13:1b:b3:0e:bb:9c:8d:30:
59:59:c7:9c:98:00:f4:62:17:54:74:de:68:38:60:0b:1b:b1:
97:b6:15:3b:6b:63:1d:04:b7:8e:7c:33:3a:e9:8e:e3:94:5d:
ff:27:af:22:b7:91:e8:6d:dc:b8:0d:14:27:a9:f2:bd:be:6c:
d2:ad:88:c1:34:e1:09:a8:91:82:ba:71:a2:11:8f:0d:31:df:
09:4c:6c:1c:69:d5:30:86:17:b0:83:ea:09:d1:da:9e:86:d9:
77:5c:8e:07:8b:46:3e:94:46:7d:89:af:7a:63:aa:37:91:ab:
c8:ec:10:01:f0:54:ab:ef:fa:c0:da:d2:ec:5a:9a:b1:ba:43:
98:44:7c:ce:79:f1:fb:7d:09:cf:4c:94:af:62:9c:de:ba:64:
24:c0:86:3b:42:39:0e:95:38:e5:56:8a:e0:12:03:f1:32:de:
6f:4f:47:82:ac:2e:88:b9:be:30:73:d5:65:97:f1:5d:e5:45:
85:f0:3f:ea:0e:b5:eb:fc:18:9a:9b:27:2a:8b:a4:45:56:bc:
5c:8b:49:c6:ec:8a:be:32:68:12:8a:b0:05:db:3d:35:75:6d:
76:00:96:73:ec:af:db:5c:8c:d7:e7:05:74:34:07:04:43:8f:
41:92:9e:9c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQks4cS/W0zh0J0UWMPBAOHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZmM4ODdjOTc3MzkzNTc1ZGU2MjU3ZTc1ZmE5OWNkZTIw
MzdjNmMwHhcNMjUwMTAyMDE0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzA4NDQwMzFkOTUxMzQ4MmU3MDA4Zjg5ODU4NTgxZjZiOTg1NDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8B9Z7MeqpISDi8VlvOp9Qgei93yX
qW7dhk/O51hprw2QTsnMl7HcVrc2ROjSfX6/4s3flt1sTbn2W78zT1OM8iq2Cdsp
FRbfLi3JfaF9OWUxECsA40hLrvLDGQDaNSWtWtcbAtFJ/NRGV8PoyAo4N+xRU9uT
qAnk3dEZki3YdAtcOVSD2L03WXgnlSGgtom3S5FzSEnBqX3hrtsgIYtOR914YGp5
Dtr5jG2e/ukqCHUdW6MDsqnjJDetOcF3O52YyXm0pEQ9AV/z1+9uRdRLu77ojY0d
sjb3JCu1R+hHURBnlH/rcOZ9TS8x71Oonx1/SKnvehD/+g8t7TrutWhZrwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMcIRAMdlRNILnAI+JhYWB9rmFRSMB8GA1UdIwQY
MBaAFET8iHyXc5NXXeYlfnX6mc3iA3xsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlB5SWZKZHprMWRkNWlWLWRmcVp6ZUlEZkd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMDdjNjYtNDczZC00MzVhLWI2OTMt
YzM2OWMxZDRjMzM3LzEveHdoRUF4MlZFMGd1Y0FqNG1GaFlIMnVZVkZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mMDdjNjYtNDczZC00MzVhLWI2OTMtYzM2OWMxZDRjMzM3
LzEvUlB5SWZKZHprMWRkNWlWLWRmcVp6ZUlEZkd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwSuLMA0E
AgACMAcDBQMqDrKAMA0GCSqGSIb3DQEBCwUAA4IBAQAaK3YYGWdU+zgoExuzDruc
jTBZWcecmAD0YhdUdN5oOGALG7GXthU7a2MdBLeOfDM66Y7jlF3/J68it5Hobdy4
DRQnqfK9vmzSrYjBNOEJqJGCunGiEY8NMd8JTGwcadUwhhewg+oJ0dqehtl3XI4H
i0Y+lEZ9ia96Y6o3kavI7BAB8FSr7/rA2tLsWpqxukOYRHzOefH7fQnPTJSvYpze
umQkwIY7QjkOlTjlVorgEgPxMt5vT0eCrC6Iub4wc9Vll/Fd5UWF8D/qDrXr/Bia
mycqi6RFVrxci0nG7Iq+MmgSirAF2z01dW12AJZz7K/bXIzX5wV0NAcEQ49Bkp6c
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:52 2025 by rpki-client