Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1f57d5-99c2-4ca9-9350-17735e2c255f/1/xy0ayvCMPxVGUij5mpyeTNFKRNw.roa
File: xy0ayvCMPxVGUij5mpyeTNFKRNw.roa (raw, json)
Hash identifier: tXbOwwPUAQhZJRCjintnYpclKOHIFWoxy2lUX1RBhtc=
Subject key identifier: C7:2D:1A:CA:F0:8C:3F:15:46:52:28:F9:9A:9C:9E:4C:D1:4A:44:DC
Certificate issuer: /CN=b77813f6c5670a58686adc3d4955744295dd1419
Certificate serial: 01941FFA109EDD97125E4513F92021A6D179
Authority key identifier: B7:78:13:F6:C5:67:0A:58:68:6A:DC:3D:49:55:74:42:95:DD:14:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t3gT9sVnClhoatw9SVV0QpXdFBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1f57d5-99c2-4ca9-9350-17735e2c255f/1/xy0ayvCMPxVGUij5mpyeTNFKRNw.roa
Signing time: Wed 01 Jan 2025 03:47:49 +0000
ROA not before: Wed 01 Jan 2025 03:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199806
IP address blocks: 193.84.252.0/24 maxlen: 24
2001:67c:1828::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:10:9e:dd:97:12:5e:45:13:f9:20:21:a6:d1:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b77813f6c5670a58686adc3d4955744295dd1419
Validity
Not Before: Jan 1 03:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c72d1acaf08c3f15465228f99a9c9e4cd14a44dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:cb:65:3d:3d:62:9e:13:7a:e7:d6:df:6b:36:
51:12:0f:97:44:b8:6b:e0:8b:cf:1e:a2:93:c8:dc:
99:fb:32:c7:11:f8:89:e6:f1:e7:f5:bd:2e:c4:bc:
b4:5d:9f:8c:6b:f4:d8:fc:93:aa:97:27:04:30:03:
b1:a0:5e:71:7b:87:83:ad:1b:f9:16:2e:e6:b3:30:
3e:7f:4a:6b:c4:9b:e9:51:da:b1:88:ab:c7:ee:9b:
61:9b:ec:52:fb:8f:9f:bf:fa:44:d6:b6:98:33:fb:
af:c7:92:8c:54:6f:e2:1e:5f:7c:42:ff:56:ab:e9:
be:c1:81:7e:b3:30:d2:30:45:de:0a:9e:8e:30:14:
d0:28:27:aa:3e:46:ac:36:9d:de:0d:91:df:a9:0a:
fc:04:d6:de:61:c8:32:a3:67:27:b5:08:e3:eb:7a:
ab:27:7b:78:27:e5:b4:fe:43:48:de:c6:c9:55:df:
b5:f0:ba:f8:c8:e8:b9:fb:d1:f7:04:93:5f:6e:8d:
20:d9:05:99:29:44:09:bb:ab:14:88:53:e9:6a:e6:
e9:54:e5:01:fc:3c:5c:c4:5b:41:d0:12:5f:ca:b3:
57:10:ef:07:2b:86:be:31:88:a2:1d:58:32:72:e9:
a2:53:6e:3f:cb:17:eb:80:06:8e:1f:08:44:d6:fa:
1b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:2D:1A:CA:F0:8C:3F:15:46:52:28:F9:9A:9C:9E:4C:D1:4A:44:DC
X509v3 Authority Key Identifier:
keyid:B7:78:13:F6:C5:67:0A:58:68:6A:DC:3D:49:55:74:42:95:DD:14:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t3gT9sVnClhoatw9SVV0QpXdFBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1f57d5-99c2-4ca9-9350-17735e2c255f/1/xy0ayvCMPxVGUij5mpyeTNFKRNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1f57d5-99c2-4ca9-9350-17735e2c255f/1/t3gT9sVnClhoatw9SVV0QpXdFBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.84.252.0/24
IPv6:
2001:67c:1828::/48
Signature Algorithm: sha256WithRSAEncryption
2f:4b:2e:49:3d:b5:83:28:4c:15:5f:03:7f:65:d4:27:c7:89:
37:20:c5:4b:1d:69:15:5d:fe:00:91:67:c6:c8:10:49:38:6e:
68:2c:b9:35:38:d5:7c:a0:8b:54:c2:6d:f4:c2:18:e0:b6:72:
ed:99:61:d3:8c:7e:21:49:2d:8e:60:5a:f9:30:f7:c1:59:7b:
34:2b:a4:d6:74:c7:fc:a6:f9:9a:e7:05:3d:5d:17:7c:7e:a9:
6a:1d:bb:8a:32:7b:fe:0e:ad:01:f8:f9:f3:6d:07:c0:af:a8:
0a:f9:58:2c:3b:16:03:2c:44:76:d5:bd:52:bb:18:3e:38:f6:
9c:eb:89:64:b6:13:b8:05:00:63:b5:07:25:80:f2:3b:23:39:
81:93:03:c7:26:11:ac:76:71:8e:b6:2a:cb:09:7f:37:50:34:
5e:0a:9a:a7:97:d0:c5:c4:c0:9c:83:6c:ac:80:92:b4:eb:f8:
5a:07:55:8c:90:79:e5:25:39:fc:31:dc:6c:fa:29:85:a1:23:
a9:ba:40:a7:d5:41:76:ae:9c:5f:f4:aa:e6:8b:d5:df:1e:e1:
5f:c6:38:9a:a2:62:51:e4:8a:78:f7:ea:73:cd:a6:91:5b:99:
c6:9d:c4:a9:f6:ce:c5:6d:a1:83:5d:cd:ff:3f:29:d6:fa:d4:
02:4b:fd:b5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQf+hCe3ZcSXkUT+SAhptF5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NzgxM2Y2YzU2NzBhNTg2ODZhZGMzZDQ5NTU3NDQyOTVk
ZDE0MTkwHhcNMjUwMTAxMDM0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzJkMWFjYWYwOGMzZjE1NDY1MjI4Zjk5YTljOWU0Y2QxNGE0NGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2MtlPT1inhN659bfazZREg+XRLhr
4IvPHqKTyNyZ+zLHEfiJ5vHn9b0uxLy0XZ+Ma/TY/JOqlycEMAOxoF5xe4eDrRv5
Fi7mszA+f0prxJvpUdqxiKvH7pthm+xS+4+fv/pE1raYM/uvx5KMVG/iHl98Qv9W
q+m+wYF+szDSMEXeCp6OMBTQKCeqPkasNp3eDZHfqQr8BNbeYcgyo2cntQjj63qr
J3t4J+W0/kNI3sbJVd+18Lr4yOi5+9H3BJNfbo0g2QWZKUQJu6sUiFPpaubpVOUB
/DxcxFtB0BJfyrNXEO8HK4a+MYiiHVgycumiU24/yxfrgAaOHwhE1vob2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMctGsrwjD8VRlIo+ZqcnkzRSkTcMB8GA1UdIwQY
MBaAFLd4E/bFZwpYaGrcPUlVdEKV3RQZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDNnVDlzVm5DbGhvYXR3OVNWVjBRcFhkRkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xZjU3ZDUtOTljMi00Y2E5LTkzNTAt
MTc3MzVlMmMyNTVmLzEveHkwYXl2Q01QeFZHVWlqNW1weWVUTkZLUk53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xZjU3ZDUtOTljMi00Y2E5LTkzNTAtMTc3MzVlMmMyNTVm
LzEvdDNnVDlzVm5DbGhvYXR3OVNWVjBRcFhkRkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwVT8MA8E
AgACMAkDBwAgAQZ8GCgwDQYJKoZIhvcNAQELBQADggEBAC9LLkk9tYMoTBVfA39l
1CfHiTcgxUsdaRVd/gCRZ8bIEEk4bmgsuTU41Xygi1TCbfTCGOC2cu2ZYdOMfiFJ
LY5gWvkw98FZezQrpNZ0x/ym+ZrnBT1dF3x+qWodu4oye/4OrQH4+fNtB8CvqAr5
WCw7FgMsRHbVvVK7GD449pzriWS2E7gFAGO1ByWA8jsjOYGTA8cmEax2cY62KssJ
fzdQNF4KmqeX0MXEwJyDbKyAkrTr+FoHVYyQeeUlOfwx3Gz6KYWhI6m6QKfVQXau
nF/0quaL1d8e4V/GOJqiYlHkinj36nPNppFbmcadxKn2zsVtoYNdzf8/Kdb61AJL
/bU=
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:00:36 2025 by rpki-client