Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/af310c-2bd8-4efd-88e4-80c31db20ac5/1/kXwe6i_ywP7BuQfaKeMIx8MSFQ8.roa
File: kXwe6i_ywP7BuQfaKeMIx8MSFQ8.roa (raw, json)
Hash identifier: /QfuO16P3y+Nn1KiVZoDEz0J7D7ghuw9uLlF/vWhXd4=
Subject key identifier: 91:7C:1E:EA:2F:F2:C0:FE:C1:B9:07:DA:29:E3:08:C7:C3:12:15:0F
Certificate issuer: /CN=721a6b3f5ed5fb74d03512216513c4c81efe1e5c
Certificate serial: 019422FBB0D59BC41D8C829C6D22D9140051
Authority key identifier: 72:1A:6B:3F:5E:D5:FB:74:D0:35:12:21:65:13:C4:C8:1E:FE:1E:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/chprP17V-3TQNRIhZRPEyB7-Hlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/af310c-2bd8-4efd-88e4-80c31db20ac5/1/kXwe6i_ywP7BuQfaKeMIx8MSFQ8.roa
Signing time: Wed 01 Jan 2025 17:48:27 +0000
ROA not before: Wed 01 Jan 2025 17:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21087
IP address blocks: 91.210.160.0/22 maxlen: 22
178.217.64.0/21 maxlen: 21
194.176.114.0/24 maxlen: 24
195.93.128.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:b0:d5:9b:c4:1d:8c:82:9c:6d:22:d9:14:00:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=721a6b3f5ed5fb74d03512216513c4c81efe1e5c
Validity
Not Before: Jan 1 17:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=917c1eea2ff2c0fec1b907da29e308c7c312150f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1b:e9:77:40:90:6a:5d:7a:07:56:b2:d6:cc:
51:8c:67:b5:63:c5:66:6e:6b:a9:de:a7:fa:e5:a1:
36:04:e7:57:18:67:d3:b1:7c:77:0a:96:c3:15:0d:
a9:cb:02:e8:dd:d1:bf:e6:70:b5:93:ad:fa:17:da:
09:98:ea:fc:9d:01:04:11:1b:e7:f1:da:41:67:11:
f5:70:8f:fd:2d:17:40:2e:85:d2:db:bd:d5:3a:3e:
2d:2a:26:5b:47:42:00:cc:f9:90:9e:74:e2:91:c6:
79:0f:8c:3f:6b:13:b3:60:8a:29:6f:19:ef:87:43:
1f:5a:d2:aa:78:9f:c3:90:f1:b0:78:aa:c8:40:e4:
a9:6e:b6:ae:b7:18:63:99:82:d4:10:8d:37:49:d0:
ac:47:54:c6:6d:dc:5d:2f:0e:cf:65:a8:36:ef:ac:
d8:d5:92:27:a1:20:75:0f:8b:ad:41:ad:34:09:c9:
48:17:60:3e:02:1b:35:68:40:e7:5b:d0:9b:b5:5d:
cf:e1:f6:4b:85:16:78:ba:7f:21:9b:1e:65:ff:f8:
3f:01:75:81:bd:86:6d:fa:85:42:6d:06:a8:66:e5:
e5:9a:ef:6b:59:cd:ac:c5:3e:64:f7:ff:63:ce:53:
61:30:94:6e:3f:d6:f4:65:c1:13:48:df:64:b4:7e:
5c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:7C:1E:EA:2F:F2:C0:FE:C1:B9:07:DA:29:E3:08:C7:C3:12:15:0F
X509v3 Authority Key Identifier:
keyid:72:1A:6B:3F:5E:D5:FB:74:D0:35:12:21:65:13:C4:C8:1E:FE:1E:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/chprP17V-3TQNRIhZRPEyB7-Hlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/af310c-2bd8-4efd-88e4-80c31db20ac5/1/kXwe6i_ywP7BuQfaKeMIx8MSFQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/af310c-2bd8-4efd-88e4-80c31db20ac5/1/chprP17V-3TQNRIhZRPEyB7-Hlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.160.0/22
178.217.64.0/21
194.176.114.0/24
195.93.128.0/23
Signature Algorithm: sha256WithRSAEncryption
22:c6:47:37:f5:0a:a0:ae:a7:71:52:dc:16:13:ad:f1:63:7f:
ca:2b:1b:e3:67:1a:67:88:a4:82:88:11:68:dd:87:c8:13:e3:
91:b5:5a:0f:4c:e0:03:cc:36:11:8d:54:68:d1:7b:fc:5a:12:
00:0d:d7:45:19:85:0b:b0:d1:b3:40:a3:2b:a5:a6:59:1e:00:
cb:ef:b2:ab:3f:94:45:63:59:78:8b:0e:b0:c3:cd:56:9e:1d:
8c:d9:98:62:6f:91:d6:4a:ed:c0:35:fb:1a:4b:6b:d6:82:7d:
9d:72:65:f5:63:2d:d3:99:aa:ba:ec:13:40:37:64:05:ca:e2:
5c:d3:89:1f:1c:a2:0f:de:39:d6:be:c3:57:86:3b:f4:a9:bb:
67:c3:21:d0:92:55:dc:73:32:68:2b:fe:18:b4:2b:ea:b4:2d:
f9:cd:50:cc:b9:9f:b1:ca:23:5f:cb:29:3b:b2:eb:a8:a1:0a:
6b:c0:bd:d6:29:2f:ef:03:0f:e3:e4:b2:61:11:e7:54:24:54:
10:8d:f0:16:de:37:82:fe:37:95:4f:41:37:90:b0:b1:8e:eb:
46:6b:4f:b4:18:c0:19:ae:a7:a7:ef:68:e8:68:8f:42:05:af:
ca:82:f8:6f:d9:6c:71:5a:3b:73:26:0d:63:c1:2d:23:ba:73:
3f:da:6c:45
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQi+7DVm8QdjIKcbSLZFABRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMWE2YjNmNWVkNWZiNzRkMDM1MTIyMTY1MTNjNGM4MWVm
ZTFlNWMwHhcNMjUwMTAxMTc0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTdjMWVlYTJmZjJjMGZlYzFiOTA3ZGEyOWUzMDhjN2MzMTIxNTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxvpd0CQal16B1ay1sxRjGe1Y8Vm
bmup3qf65aE2BOdXGGfTsXx3CpbDFQ2pywLo3dG/5nC1k636F9oJmOr8nQEEERvn
8dpBZxH1cI/9LRdALoXS273VOj4tKiZbR0IAzPmQnnTikcZ5D4w/axOzYIopbxnv
h0MfWtKqeJ/DkPGweKrIQOSpbrautxhjmYLUEI03SdCsR1TGbdxdLw7PZag276zY
1ZInoSB1D4utQa00CclIF2A+Ahs1aEDnW9CbtV3P4fZLhRZ4un8hmx5l//g/AXWB
vYZt+oVCbQaoZuXlmu9rWc2sxT5k9/9jzlNhMJRuP9b0ZcETSN9ktH5cNwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJF8Huov8sD+wbkH2injCMfDEhUPMB8GA1UdIwQY
MBaAFHIaaz9e1ft00DUSIWUTxMge/h5cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2hwclAxN1YtM1RRTlJJaFpSUEV5QjctSGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9hZjMxMGMtMmJkOC00ZWZkLTg4ZTQt
ODBjMzFkYjIwYWM1LzEva1h3ZTZpX3l3UDdCdVFmYUtlTUl4OE1TRlE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9hZjMxMGMtMmJkOC00ZWZkLTg4ZTQtODBjMzFkYjIwYWM1
LzEvY2hwclAxN1YtM1RRTlJJaFpSUEV5QjctSGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW9KgAwQD
stlAAwQAwrByAwQBw12AMA0GCSqGSIb3DQEBCwUAA4IBAQAixkc39QqgrqdxUtwW
E63xY3/KKxvjZxpniKSCiBFo3YfIE+ORtVoPTOADzDYRjVRo0Xv8WhIADddFGYUL
sNGzQKMrpaZZHgDL77KrP5RFY1l4iw6ww81Wnh2M2Zhib5HWSu3ANfsaS2vWgn2d
cmX1Yy3Tmaq67BNAN2QFyuJc04kfHKIP3jnWvsNXhjv0qbtnwyHQklXcczJoK/4Y
tCvqtC35zVDMuZ+xyiNfyyk7suuooQprwL3WKS/vAw/j5LJhEedUJFQQjfAW3jeC
/jeVT0E3kLCxjutGa0+0GMAZrqen72joaI9CBa/Kgvhv2WxxWjtzJg1jwS0junM/
2mxF
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:09:59 2025 by rpki-client