Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/2XcIFvymOz_xpRH7mb-dp0Gv7sg.roa
File: 2XcIFvymOz_xpRH7mb-dp0Gv7sg.roa (raw, json)
Hash identifier: adFEcUq2Kg/p+KKP8AkLSQP253I2fGhp2IjqSB4BWFk=
Subject key identifier: D9:77:08:16:FC:A6:3B:3F:F1:A5:11:FB:99:BF:9D:A7:41:AF:EE:C8
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019422FBC984E78B748DABBD50659B7D8E46
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/2XcIFvymOz_xpRH7mb-dp0Gv7sg.roa
Signing time: Wed 01 Jan 2025 17:48:33 +0000
ROA not before: Wed 01 Jan 2025 17:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396579
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.53/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:c9:84:e7:8b:74:8d:ab:bd:50:65:9b:7d:8e:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Jan 1 17:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9770816fca63b3ff1a511fb99bf9da741afeec8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c5:34:d9:1e:bd:f5:df:77:fd:ca:60:e5:a4:
b0:18:b7:05:7d:16:2b:ad:58:d4:8b:25:cf:ed:7e:
f4:66:f5:bc:e8:07:93:73:da:80:9e:fb:29:cb:f7:
12:d1:67:9a:b5:d0:9d:cc:30:b4:6b:78:cf:8f:31:
43:7c:29:76:70:0c:08:ec:b2:61:61:a5:a2:90:57:
eb:09:75:27:a8:f2:10:d7:b8:b7:ad:1b:43:7d:46:
2d:f6:f9:53:aa:26:63:e1:91:ec:4a:81:2f:9c:ec:
16:ca:ce:32:58:de:96:73:37:6e:10:49:d5:7e:7d:
d1:58:62:6e:3d:cb:a1:06:b0:d3:e3:59:74:a7:32:
22:2c:25:64:35:1e:38:e4:45:57:a7:22:c2:de:20:
16:15:95:14:28:02:5c:46:19:29:26:d2:5d:8e:a2:
84:bf:68:e4:f4:55:75:3f:ec:dd:83:5f:a6:78:f7:
c7:f7:a8:cd:13:7f:1a:5b:0c:94:d5:96:a9:29:85:
00:ea:30:84:a8:48:64:81:48:8b:2f:d0:19:db:ec:
a5:19:9c:97:e4:59:a1:19:e4:2a:a4:cd:ab:cf:ab:
4b:ba:9d:e9:94:10:66:06:4b:83:85:b8:6c:8b:54:
fd:9c:be:53:36:c1:b6:65:2b:75:b9:de:d0:05:13:
3b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:77:08:16:FC:A6:3B:3F:F1:A5:11:FB:99:BF:9D:A7:41:AF:EE:C8
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/2XcIFvymOz_xpRH7mb-dp0Gv7sg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.53/32
Signature Algorithm: sha256WithRSAEncryption
1b:79:7f:d2:81:b1:ce:ac:a1:2d:2f:ae:a4:6d:e2:4b:47:91:
3b:62:8f:0b:7c:60:40:c3:0f:e7:a4:62:91:18:72:3f:d4:31:
84:d2:9c:aa:d4:dd:d2:e1:2a:ee:90:6f:d4:b8:12:3e:25:67:
37:0c:41:aa:f0:6e:4d:94:67:5f:aa:f7:df:7f:c5:1c:2f:60:
bb:3c:55:3a:58:7a:39:c3:c9:39:5b:c8:88:d0:7f:c1:70:d3:
e4:44:3e:bf:a4:f0:f4:f1:15:ae:3b:97:0d:ee:41:e7:8f:85:
16:a5:fc:ce:e9:4e:ce:89:07:dc:77:81:99:02:fc:05:b7:1a:
3f:ef:df:34:d5:16:b5:f1:5f:b6:55:29:44:c0:32:49:cc:02:
ca:c6:21:36:10:5b:50:13:13:73:5c:a3:91:81:9f:0d:bb:14:
05:bb:f3:ac:94:d1:01:6d:a9:50:76:5c:20:fd:4a:c1:36:33:
a1:69:cb:86:e8:a8:0d:ef:da:70:e0:93:fb:b0:73:d4:8d:e6:
ee:5e:58:08:1d:ba:48:9a:e3:9d:8b:2b:06:1a:e1:57:44:63:
e7:33:2d:7d:3a:ac:23:b4:74:9d:05:3e:cb:4f:75:d1:05:c5:
40:21:64:97:e9:e4:9f:99:d6:3c:61:ad:c4:85:c2:f4:be:17:
7b:b1:80:19
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQi+8mE54t0jau9UGWbfY5GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjUwMTAxMTc0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTc3MDgxNmZjYTYzYjNmZjFhNTExZmI5OWJmOWRhNzQxYWZlZWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMU02R699d93/cpg5aSwGLcFfRYr
rVjUiyXP7X70ZvW86AeTc9qAnvspy/cS0WeatdCdzDC0a3jPjzFDfCl2cAwI7LJh
YaWikFfrCXUnqPIQ17i3rRtDfUYt9vlTqiZj4ZHsSoEvnOwWys4yWN6WczduEEnV
fn3RWGJuPcuhBrDT41l0pzIiLCVkNR445EVXpyLC3iAWFZUUKAJcRhkpJtJdjqKE
v2jk9FV1P+zdg1+mePfH96jNE38aWwyU1ZapKYUA6jCEqEhkgUiLL9AZ2+ylGZyX
5FmhGeQqpM2rz6tLup3plBBmBkuDhbhsi1T9nL5TNsG2ZSt1ud7QBRM7IwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNl3CBb8pjs/8aUR+5m/nadBr+7IMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvMlhjSUZ2eW1Pel94cFJIN21iLWRwMEd2N3NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUBURPDHgMF
ALlkADUwDQYJKoZIhvcNAQELBQADggEBABt5f9KBsc6soS0vrqRt4ktHkTtijwt8
YEDDD+ekYpEYcj/UMYTSnKrU3dLhKu6Qb9S4Ej4lZzcMQarwbk2UZ1+q999/xRwv
YLs8VTpYejnDyTlbyIjQf8Fw0+REPr+k8PTxFa47lw3uQeePhRal/M7pTs6JB9x3
gZkC/AW3Gj/v3zTVFrXxX7ZVKUTAMknMAsrGITYQW1ATE3Nco5GBnw27FAW786yU
0QFtqVB2XCD9SsE2M6Fpy4boqA3v2nDgk/uwc9SN5u5eWAgdukia452LKwYa4VdE
Y+czLX06rCO0dJ0FPstPddEFxUAhZJfp5J+Z1jxhrcSFwvS+F3uxgBk=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:23:11 2025 by rpki-client