Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/fc0a4a-a74a-4c2b-833b-1049c997bc7a/1/R-wXA-kWQa5PdCJfUeOG1Bar_7E.roa
File: R-wXA-kWQa5PdCJfUeOG1Bar_7E.roa (raw, json)
Hash identifier: eg3vfMOt4/2VviBbur6gIcbu+ezOh6ft9BbXqbZkqec=
Subject key identifier: 47:EC:17:03:E9:16:41:AE:4F:74:22:5F:51:E3:86:D4:16:AB:FF:B1
Certificate issuer: /CN=706f0a161b217b9cefd3781ce2611951be419dba
Certificate serial: 0194222021C046A6FF68A5A56FA4228A173F
Authority key identifier: 70:6F:0A:16:1B:21:7B:9C:EF:D3:78:1C:E2:61:19:51:BE:41:9D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cG8KFhshe5zv03gc4mEZUb5Bnbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/fc0a4a-a74a-4c2b-833b-1049c997bc7a/1/R-wXA-kWQa5PdCJfUeOG1Bar_7E.roa
Signing time: Wed 01 Jan 2025 13:48:38 +0000
ROA not before: Wed 01 Jan 2025 13:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198893
IP address blocks: 91.195.228.0/23 maxlen: 23
2001:67c:ca4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:21:c0:46:a6:ff:68:a5:a5:6f:a4:22:8a:17:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=706f0a161b217b9cefd3781ce2611951be419dba
Validity
Not Before: Jan 1 13:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=47ec1703e91641ae4f74225f51e386d416abffb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:49:4b:16:0b:e7:2d:56:ac:de:b6:44:f5:5e:
f2:a7:4f:d3:34:20:51:8e:4e:48:7f:99:41:f2:1e:
c5:16:b6:49:70:16:b9:17:5a:44:0b:38:74:79:af:
bb:09:76:25:24:e0:14:ad:0a:fe:ad:7c:b9:a8:35:
95:6a:e2:55:3c:dc:0e:1d:a7:f8:e4:30:4e:fe:89:
aa:ff:4d:7e:e5:fd:20:4d:d6:41:e6:e6:9a:03:e2:
4a:d8:71:78:d9:45:51:6d:ba:9a:7c:04:ef:63:16:
60:26:c8:ff:46:67:af:51:46:66:6c:5f:69:4d:ff:
e3:8e:c9:df:7a:d2:3a:06:f1:64:0f:ca:28:e5:5d:
44:a5:6a:92:d3:92:0c:cd:7f:7e:47:c6:5a:c1:ec:
70:a4:bd:56:d3:8d:93:40:c0:e1:37:80:40:ac:ef:
3a:6d:4c:5e:63:48:f9:2c:27:fc:32:bf:85:d7:cf:
91:9b:e3:d2:ad:a6:00:d9:9c:d4:e6:55:e0:45:19:
ff:0c:a4:87:a7:ae:2b:1a:c4:0c:6e:86:0c:13:d4:
81:da:15:c4:8b:72:b8:98:c2:63:91:60:03:e2:bc:
4b:03:c5:15:76:4d:2b:2d:03:32:73:85:c2:9e:11:
4a:14:a0:6f:6e:f2:e4:4f:11:e0:ef:30:e8:e0:29:
e8:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:EC:17:03:E9:16:41:AE:4F:74:22:5F:51:E3:86:D4:16:AB:FF:B1
X509v3 Authority Key Identifier:
keyid:70:6F:0A:16:1B:21:7B:9C:EF:D3:78:1C:E2:61:19:51:BE:41:9D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cG8KFhshe5zv03gc4mEZUb5Bnbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/fc0a4a-a74a-4c2b-833b-1049c997bc7a/1/R-wXA-kWQa5PdCJfUeOG1Bar_7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/fc0a4a-a74a-4c2b-833b-1049c997bc7a/1/cG8KFhshe5zv03gc4mEZUb5Bnbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.228.0/23
IPv6:
2001:67c:ca4::/48
Signature Algorithm: sha256WithRSAEncryption
01:e5:ed:7e:ff:f0:82:55:f8:4d:53:68:9a:a7:90:e7:ce:28:
a8:cc:a8:73:4b:ce:4a:1d:e2:68:c0:4c:7f:2f:f6:76:85:5b:
fd:0a:2c:ff:12:bc:10:2e:7d:17:45:d1:37:f2:66:9b:bd:fd:
d5:eb:73:50:d5:4f:e5:44:40:67:3a:a0:d8:f8:a0:42:88:2c:
d7:74:f4:53:85:38:0d:b5:2c:35:f7:63:a2:e5:8c:a1:81:86:
87:31:1f:0a:f3:9a:41:7b:8d:95:f1:27:ec:0a:b0:78:be:76:
2d:a6:13:a6:a3:71:53:a0:b5:16:e8:73:11:cb:68:94:6b:1f:
35:5c:eb:81:64:34:40:6e:72:96:ec:09:88:af:34:0b:b4:9c:
6b:34:41:f8:29:b3:1f:55:3b:d1:75:4c:eb:07:5f:63:a4:fc:
35:4b:89:e1:95:99:c6:4b:3a:94:f5:1e:ef:0d:b9:9c:c7:d2:
ab:49:0c:cb:a1:bd:ea:98:f7:8a:52:39:cc:04:b9:ca:b4:76:
f3:e9:df:67:d8:cf:f7:65:aa:af:46:17:2c:33:a1:b8:8f:fa:
57:de:49:dd:6c:d3:a8:1d:6f:52:21:e2:05:3e:7c:72:84:78:
25:72:06:f7:63:e2:10:e1:52:7d:1c:d8:9b:dd:ef:28:54:e9:
17:95:c6:65
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQiICHARqb/aKWlb6Qiihc/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNmYwYTE2MWIyMTdiOWNlZmQzNzgxY2UyNjExOTUxYmU0
MTlkYmEwHhcNMjUwMTAxMTM0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2VjMTcwM2U5MTY0MWFlNGY3NDIyNWY1MWUzODZkNDE2YWJmZmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoElLFgvnLVas3rZE9V7yp0/TNCBR
jk5If5lB8h7FFrZJcBa5F1pECzh0ea+7CXYlJOAUrQr+rXy5qDWVauJVPNwOHaf4
5DBO/omq/01+5f0gTdZB5uaaA+JK2HF42UVRbbqafATvYxZgJsj/RmevUUZmbF9p
Tf/jjsnfetI6BvFkD8oo5V1EpWqS05IMzX9+R8ZawexwpL1W042TQMDhN4BArO86
bUxeY0j5LCf8Mr+F18+Rm+PSraYA2ZzU5lXgRRn/DKSHp64rGsQMboYME9SB2hXE
i3K4mMJjkWAD4rxLA8UVdk0rLQMyc4XCnhFKFKBvbvLkTxHg7zDo4CnoKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEfsFwPpFkGuT3QiX1HjhtQWq/+xMB8GA1UdIwQY
MBaAFHBvChYbIXuc79N4HOJhGVG+QZ26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0c4S0Zoc2hlNXp2MDNnYzRtRVpVYjVCbmJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9mYzBhNGEtYTc0YS00YzJiLTgzM2It
MTA0OWM5OTdiYzdhLzEvUi13WEEta1dRYTVQZENKZlVlT0cxQmFyXzdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9mYzBhNGEtYTc0YS00YzJiLTgzM2ItMTA0OWM5OTdiYzdh
LzEvY0c4S0Zoc2hlNXp2MDNnYzRtRVpVYjVCbmJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW8PkMA8E
AgACMAkDBwAgAQZ8DKQwDQYJKoZIhvcNAQELBQADggEBAAHl7X7/8IJV+E1TaJqn
kOfOKKjMqHNLzkod4mjATH8v9naFW/0KLP8SvBAufRdF0TfyZpu9/dXrc1DVT+VE
QGc6oNj4oEKILNd09FOFOA21LDX3Y6LljKGBhocxHwrzmkF7jZXxJ+wKsHi+di2m
E6ajcVOgtRbocxHLaJRrHzVc64FkNEBucpbsCYivNAu0nGs0Qfgpsx9VO9F1TOsH
X2Ok/DVLieGVmcZLOpT1Hu8NuZzH0qtJDMuhveqY94pSOcwEucq0dvPp32fYz/dl
qq9GFywzobiP+lfeSd1s06gdb1Ih4gU+fHKEeCVyBvdj4hDhUn0c2Jvd7yhU6ReV
xmU=
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:18:56 2025 by rpki-client