Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/759327-cc9f-4d6d-ac79-9cb8d023cc0b/1/Xv-bUtmsrHjQ28dXxWqb3uBJRDg.roa
File: Xv-bUtmsrHjQ28dXxWqb3uBJRDg.roa (raw, json)
Hash identifier: 0bOsSKKdGKKiMo/FFhxHgHDZgsrzyzkqrbIyGUoQTCk=
Subject key identifier: 5E:FF:9B:52:D9:AC:AC:78:D0:DB:C7:57:C5:6A:9B:DE:E0:49:44:38
Certificate issuer: /CN=934e7d515dde9a03c2dc87389a2fca4e7d58c4ec
Certificate serial: 0194228DE5766453D18F05444568D1C862D2
Authority key identifier: 93:4E:7D:51:5D:DE:9A:03:C2:DC:87:38:9A:2F:CA:4E:7D:58:C4:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k059UV3emgPC3Ic4mi_KTn1YxOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/759327-cc9f-4d6d-ac79-9cb8d023cc0b/1/Xv-bUtmsrHjQ28dXxWqb3uBJRDg.roa
Signing time: Wed 01 Jan 2025 15:48:32 +0000
ROA not before: Wed 01 Jan 2025 15:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215065
IP address blocks: 194.34.170.0/24 maxlen: 24
2a0c:bac0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:e5:76:64:53:d1:8f:05:44:45:68:d1:c8:62:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=934e7d515dde9a03c2dc87389a2fca4e7d58c4ec
Validity
Not Before: Jan 1 15:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5eff9b52d9acac78d0dbc757c56a9bdee0494438
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:cd:e0:a4:a8:fd:94:a5:f3:ca:76:00:ab:bb:
d9:82:3d:fe:96:93:59:43:21:05:5f:42:25:a6:15:
b3:d1:77:cb:2e:3e:eb:14:ac:7d:8b:7e:54:a6:7a:
6a:3b:68:0a:ae:c7:a2:16:d7:5f:e9:a7:d6:0c:4b:
b2:9f:63:ea:42:04:90:5b:a9:aa:69:33:e6:a4:7d:
93:4f:36:b4:ef:97:ed:e1:38:9a:4b:be:25:f1:21:
0d:1e:33:5f:f9:e6:b2:bd:02:f5:f6:58:ca:3b:4f:
3c:fa:3f:49:5a:27:bd:94:58:5e:7a:8f:bf:de:de:
93:1b:3c:ba:ef:a1:db:4a:98:7f:b8:25:bb:25:67:
08:a3:2e:a9:da:69:0c:9f:0c:03:06:44:7e:b2:36:
c1:99:bd:9e:41:55:15:ab:8f:8a:41:71:d6:4d:6d:
ca:32:a8:e1:3c:42:50:58:14:58:27:82:f4:40:24:
e8:c3:37:e3:c9:dc:b7:30:25:1d:18:95:a6:e8:03:
ee:22:26:a8:0a:a9:8f:7d:cc:b6:c4:c1:06:91:7e:
21:06:5c:a7:95:ec:23:25:54:1f:21:3e:11:8b:83:
2c:43:2d:69:da:8d:52:b4:9d:2f:5f:35:a6:00:f6:
bc:2a:10:a2:e5:7f:17:22:40:db:ea:21:19:63:a6:
5b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:FF:9B:52:D9:AC:AC:78:D0:DB:C7:57:C5:6A:9B:DE:E0:49:44:38
X509v3 Authority Key Identifier:
keyid:93:4E:7D:51:5D:DE:9A:03:C2:DC:87:38:9A:2F:CA:4E:7D:58:C4:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k059UV3emgPC3Ic4mi_KTn1YxOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/759327-cc9f-4d6d-ac79-9cb8d023cc0b/1/Xv-bUtmsrHjQ28dXxWqb3uBJRDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/759327-cc9f-4d6d-ac79-9cb8d023cc0b/1/k059UV3emgPC3Ic4mi_KTn1YxOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.170.0/24
IPv6:
2a0c:bac0::/48
Signature Algorithm: sha256WithRSAEncryption
3b:0f:a0:80:03:8e:2a:09:a7:e4:0b:0d:b1:7e:bf:0b:ea:b2:
16:68:09:f1:14:43:cd:8e:a8:6c:d0:1f:de:c6:4c:42:91:19:
7f:40:98:ca:7b:5a:8f:71:72:45:31:5f:38:ed:72:e3:8f:f9:
00:0a:da:d8:0d:79:f1:6e:3b:5c:17:aa:21:47:d4:c9:df:37:
14:4a:51:fc:ed:51:e4:a5:f8:00:52:f2:5c:8b:da:c7:5a:b4:
5f:a2:15:77:37:ff:02:41:4a:62:b2:a9:96:19:27:01:a3:25:
03:93:c2:93:59:c5:55:45:c4:bb:1d:85:82:df:88:29:1e:eb:
03:73:26:d4:a5:06:f5:1f:c3:dd:cb:83:1b:90:2f:5b:2d:4e:
80:ca:47:f0:89:6b:e1:b5:04:a3:37:51:c2:4f:0e:5d:8e:65:
5c:fe:d2:53:fe:02:9e:07:18:45:63:65:33:51:92:04:71:77:
27:c1:75:44:c5:40:38:40:4b:f0:aa:59:4c:c3:2f:ad:9e:cd:
46:d1:a5:85:7e:b3:36:94:2a:82:9b:11:14:6b:57:68:c5:13:
24:1d:d3:f0:d2:05:ef:1c:8a:09:1a:e9:17:e0:94:c5:46:44:
34:04:5f:fd:34:88:4a:99:ff:e6:14:fc:08:cb:cd:3c:34:96:
a6:1c:3d:64
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQijeV2ZFPRjwVERWjRyGLSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNGU3ZDUxNWRkZTlhMDNjMmRjODczODlhMmZjYTRlN2Q1
OGM0ZWMwHhcNMjUwMTAxMTU0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWZmOWI1MmQ5YWNhYzc4ZDBkYmM3NTdjNTZhOWJkZWUwNDk0NDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt83gpKj9lKXzynYAq7vZgj3+lpNZ
QyEFX0IlphWz0XfLLj7rFKx9i35UpnpqO2gKrseiFtdf6afWDEuyn2PqQgSQW6mq
aTPmpH2TTza075ft4TiaS74l8SENHjNf+eayvQL19ljKO088+j9JWie9lFheeo+/
3t6TGzy676HbSph/uCW7JWcIoy6p2mkMnwwDBkR+sjbBmb2eQVUVq4+KQXHWTW3K
MqjhPEJQWBRYJ4L0QCTowzfjydy3MCUdGJWm6APuIiaoCqmPfcy2xMEGkX4hBlyn
lewjJVQfIT4Ri4MsQy1p2o1StJ0vXzWmAPa8KhCi5X8XIkDb6iEZY6Zb3wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF7/m1LZrKx40NvHV8Vqm97gSUQ4MB8GA1UdIwQY
MBaAFJNOfVFd3poDwtyHOJovyk59WMTsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazA1OVVWM2VtZ1BDM0ljNG1pX0tUbjFZeE93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi83NTkzMjctY2M5Zi00ZDZkLWFjNzkt
OWNiOGQwMjNjYzBiLzEvWHYtYlV0bXNySGpRMjhkWHhXcWIzdUJKUkRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi83NTkzMjctY2M5Zi00ZDZkLWFjNzktOWNiOGQwMjNjYzBi
LzEvazA1OVVWM2VtZ1BDM0ljNG1pX0tUbjFZeE93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwiKqMA8E
AgACMAkDBwAqDLrAAAAwDQYJKoZIhvcNAQELBQADggEBADsPoIADjioJp+QLDbF+
vwvqshZoCfEUQ82OqGzQH97GTEKRGX9AmMp7Wo9xckUxXzjtcuOP+QAK2tgNefFu
O1wXqiFH1MnfNxRKUfztUeSl+ABS8lyL2sdatF+iFXc3/wJBSmKyqZYZJwGjJQOT
wpNZxVVFxLsdhYLfiCke6wNzJtSlBvUfw93LgxuQL1stToDKR/CJa+G1BKM3UcJP
Dl2OZVz+0lP+Ap4HGEVjZTNRkgRxdyfBdUTFQDhAS/CqWUzDL62ezUbRpYV+szaU
KoKbERRrV2jFEyQd0/DSBe8cigka6RfglMVGRDQEX/00iEqZ/+YU/AjLzTw0lqYc
PWQ=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:38:30 2025 by rpki-client