Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/220b38-77ca-4de4-8b86-9f845c546470/1/XbP44H3vmNpq_6C_0jvpv9umOf0.roa
File: XbP44H3vmNpq_6C_0jvpv9umOf0.roa (raw, json)
Hash identifier: DcrY51YDFwazT333yz0LqnUGv8gSeHfRdQ2uMNMEV+M=
Subject key identifier: 5D:B3:F8:E0:7D:EF:98:DA:6A:FF:A0:BF:D2:3B:E9:BF:DB:A6:39:FD
Certificate issuer: /CN=4e36cce2142ca18b505897158d26e5839d2b417f
Certificate serial: 0194236973D9E0EEAE39D9F7DC92720FEB49
Authority key identifier: 4E:36:CC:E2:14:2C:A1:8B:50:58:97:15:8D:26:E5:83:9D:2B:41:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TjbM4hQsoYtQWJcVjSblg50rQX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/220b38-77ca-4de4-8b86-9f845c546470/1/XbP44H3vmNpq_6C_0jvpv9umOf0.roa
Signing time: Wed 01 Jan 2025 19:48:21 +0000
ROA not before: Wed 01 Jan 2025 19:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51520
IP address blocks: 91.194.2.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:73:d9:e0:ee:ae:39:d9:f7:dc:92:72:0f:eb:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e36cce2142ca18b505897158d26e5839d2b417f
Validity
Not Before: Jan 1 19:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5db3f8e07def98da6affa0bfd23be9bfdba639fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:42:44:2a:c9:e6:f3:df:cf:b0:a4:73:02:ff:
74:64:8a:55:a2:4e:f4:01:92:f9:78:30:53:e7:c3:
c0:c3:6f:87:e1:53:60:69:39:e1:6e:1e:6e:92:05:
e7:b6:11:ff:1f:81:c7:27:69:a7:c5:66:2b:da:47:
11:70:4a:1a:7e:29:14:c0:e9:ff:a5:72:71:a5:60:
2f:6d:11:24:b6:d0:b2:a1:96:77:03:0c:7f:12:04:
bc:79:43:35:cc:d8:d3:75:f1:bd:8d:f0:f3:bc:99:
6a:1c:1f:4b:04:ee:e5:ce:4d:3b:3f:d4:5a:1c:cc:
d7:59:81:96:65:71:a5:1f:a0:38:6d:ec:96:b2:f7:
b5:7e:a6:72:2a:31:0a:75:48:d2:d4:fc:76:8a:ed:
9f:16:69:83:bf:3e:04:d3:db:73:fd:20:d3:fe:3c:
a5:e8:5c:5a:af:d7:98:12:28:fd:1b:44:f6:5e:e5:
c2:98:41:35:28:b0:d8:40:cb:01:50:21:e5:67:06:
55:d7:6e:d4:c4:68:62:41:e1:87:0a:9e:44:8a:d8:
eb:d7:dc:c8:ce:bc:44:b8:c2:9c:1c:6f:39:53:69:
49:4a:eb:7e:c4:99:e5:05:5d:37:83:9c:71:0f:6e:
b7:5f:25:33:4e:b0:d7:ce:59:5d:4c:4d:21:28:fb:
8a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:B3:F8:E0:7D:EF:98:DA:6A:FF:A0:BF:D2:3B:E9:BF:DB:A6:39:FD
X509v3 Authority Key Identifier:
keyid:4E:36:CC:E2:14:2C:A1:8B:50:58:97:15:8D:26:E5:83:9D:2B:41:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TjbM4hQsoYtQWJcVjSblg50rQX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/220b38-77ca-4de4-8b86-9f845c546470/1/XbP44H3vmNpq_6C_0jvpv9umOf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/220b38-77ca-4de4-8b86-9f845c546470/1/TjbM4hQsoYtQWJcVjSblg50rQX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.2.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:cf:7e:3a:5b:09:51:58:b6:42:fe:d8:70:da:e7:af:34:da:
1c:2b:99:d1:61:8a:36:e8:48:c6:06:d0:e6:53:7c:9b:8a:72:
f1:4c:44:13:86:fd:58:29:02:4e:3c:89:0f:e1:81:9f:ae:8b:
42:b2:21:7e:7b:06:d5:b1:7b:57:9e:bb:b8:91:24:a4:11:ff:
46:c4:29:30:69:02:98:06:17:31:85:0b:0e:e0:26:cb:75:cf:
ab:98:f5:07:cb:64:7d:7d:0e:64:51:e4:03:fd:c2:b7:4f:7d:
0b:82:30:1f:97:d1:7a:09:4c:8b:0a:b2:3c:18:a8:47:9f:27:
c4:82:5d:d0:88:e0:6c:14:72:36:aa:25:80:6d:0b:b8:02:78:
47:1e:89:57:ca:6e:bb:de:db:9e:71:05:8f:2d:45:f9:4b:b9:
5b:85:37:b1:02:bb:77:64:75:9b:72:68:c9:2f:cd:f6:c4:ef:
6b:c0:9d:c5:94:d2:7f:19:c6:da:d1:2d:60:7a:14:3f:ca:71:
84:de:a3:db:c9:29:33:33:8b:f3:7b:f5:3e:7a:a0:73:39:87:
a4:dd:78:ce:02:8f:06:21:5e:40:a3:d5:fe:a4:33:39:2f:4b:
98:81:7d:21:54:0a:58:96:c3:d6:3e:35:da:73:a9:08:f6:33:
10:74:95:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaXPZ4O6uOdn33JJyD+tJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMzZjY2UyMTQyY2ExOGI1MDU4OTcxNThkMjZlNTgzOWQy
YjQxN2YwHhcNMjUwMTAxMTk0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGIzZjhlMDdkZWY5OGRhNmFmZmEwYmZkMjNiZTliZmRiYTYzOWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8EJEKsnm89/PsKRzAv90ZIpVok70
AZL5eDBT58PAw2+H4VNgaTnhbh5ukgXnthH/H4HHJ2mnxWYr2kcRcEoafikUwOn/
pXJxpWAvbREkttCyoZZ3Awx/EgS8eUM1zNjTdfG9jfDzvJlqHB9LBO7lzk07P9Ra
HMzXWYGWZXGlH6A4beyWsve1fqZyKjEKdUjS1Px2iu2fFmmDvz4E09tz/SDT/jyl
6Fxar9eYEij9G0T2XuXCmEE1KLDYQMsBUCHlZwZV127UxGhiQeGHCp5Eitjr19zI
zrxEuMKcHG85U2lJSut+xJnlBV03g5xxD263XyUzTrDXzlldTE0hKPuKOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF2z+OB975jaav+gv9I76b/bpjn9MB8GA1UdIwQY
MBaAFE42zOIULKGLUFiXFY0m5YOdK0F/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGpiTTRoUXNvWXRRV0pjVmpTYmxnNTByUVg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC8yMjBiMzgtNzdjYS00ZGU0LThiODYt
OWY4NDVjNTQ2NDcwLzEvWGJQNDRIM3ZtTnBxXzZDXzBqdnB2OXVtT2YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC8yMjBiMzgtNzdjYS00ZGU0LThiODYtOWY4NDVjNTQ2NDcw
LzEvVGpiTTRoUXNvWXRRV0pjVmpTYmxnNTByUVg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8ICMA0G
CSqGSIb3DQEBCwUAA4IBAQAvz346WwlRWLZC/thw2uevNNocK5nRYYo26EjGBtDm
U3ybinLxTEQThv1YKQJOPIkP4YGfrotCsiF+ewbVsXtXnru4kSSkEf9GxCkwaQKY
BhcxhQsO4CbLdc+rmPUHy2R9fQ5kUeQD/cK3T30LgjAfl9F6CUyLCrI8GKhHnyfE
gl3QiOBsFHI2qiWAbQu4AnhHHolXym673tuecQWPLUX5S7lbhTexArt3ZHWbcmjJ
L832xO9rwJ3FlNJ/Gcba0S1gehQ/ynGE3qPbySkzM4vze/U+eqBzOYek3XjOAo8G
IV5Ao9X+pDM5L0uYgX0hVApYlsPWPjXac6kI9jMQdJUY
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:59:07 2025 by rpki-client