Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/e74e65-5c9d-46c7-967c-44d1e24b7b25/1/8xnH2EyFugJWapFt0CpHPblFsPY.roa
File: 8xnH2EyFugJWapFt0CpHPblFsPY.roa (raw, json)
Hash identifier: XrkRQTN/1NhwGqzw1tcTB1Z4+v0pWU4DY/KepWXR+ho=
Subject key identifier: F3:19:C7:D8:4C:85:BA:02:56:6A:91:6D:D0:2A:47:3D:B9:45:B0:F6
Certificate issuer: /CN=77bfffd67a4b99454ac9a400e7479c760d5546cc
Certificate serial: 01942369922B23E4A06C2F885C24799B9ECE
Authority key identifier: 77:BF:FF:D6:7A:4B:99:45:4A:C9:A4:00:E7:47:9C:76:0D:55:46:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d7__1npLmUVKyaQA50ecdg1VRsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/e74e65-5c9d-46c7-967c-44d1e24b7b25/1/8xnH2EyFugJWapFt0CpHPblFsPY.roa
Signing time: Wed 01 Jan 2025 19:48:28 +0000
ROA not before: Wed 01 Jan 2025 19:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50448
IP address blocks: 91.219.24.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:92:2b:23:e4:a0:6c:2f:88:5c:24:79:9b:9e:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77bfffd67a4b99454ac9a400e7479c760d5546cc
Validity
Not Before: Jan 1 19:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f319c7d84c85ba02566a916dd02a473db945b0f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:2f:95:06:f2:c3:36:21:8d:17:a7:4a:d8:cb:
45:25:37:1c:a2:db:9a:5b:a6:f3:96:11:f0:1b:f7:
e4:97:f0:69:ea:fb:ed:76:26:71:4d:2f:e0:5f:88:
ab:ae:aa:dd:59:95:d5:3a:38:e0:5e:2d:e3:0b:b5:
ae:6f:10:0d:cb:41:ab:cc:b5:26:2a:73:f9:87:05:
4d:40:67:e6:a1:37:4c:31:a4:37:3a:b7:d9:e9:d5:
77:80:83:f2:0f:2b:66:43:59:95:51:04:5e:8c:32:
a0:fa:5d:fc:06:85:ef:4d:c4:e9:6f:f7:0e:c3:8d:
fb:da:03:cc:93:de:57:22:a9:86:59:fa:24:b8:cb:
ca:33:11:11:0f:3a:b0:37:72:f6:6f:1e:d4:db:1e:
7d:4e:21:9e:15:7c:8a:1e:3b:88:0d:3b:67:d7:62:
57:43:42:82:93:74:2c:c8:b3:d6:c0:20:d0:25:6e:
e2:44:e0:ab:a3:96:53:b8:fe:56:2b:fe:f4:17:d4:
30:10:00:27:9d:0a:aa:7b:71:45:56:50:81:c9:32:
81:1d:28:cc:4e:b3:fc:b0:71:48:d8:5f:66:28:59:
29:dd:bf:97:24:81:bb:e4:ef:28:f8:83:52:a1:94:
ef:b2:9e:59:3e:29:5e:c0:32:79:cf:c5:68:9e:e7:
a9:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:19:C7:D8:4C:85:BA:02:56:6A:91:6D:D0:2A:47:3D:B9:45:B0:F6
X509v3 Authority Key Identifier:
keyid:77:BF:FF:D6:7A:4B:99:45:4A:C9:A4:00:E7:47:9C:76:0D:55:46:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7__1npLmUVKyaQA50ecdg1VRsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e74e65-5c9d-46c7-967c-44d1e24b7b25/1/8xnH2EyFugJWapFt0CpHPblFsPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e74e65-5c9d-46c7-967c-44d1e24b7b25/1/d7__1npLmUVKyaQA50ecdg1VRsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.24.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:1a:f6:5b:05:2f:b2:56:ff:93:a4:9b:30:af:e1:15:0a:3d:
78:ec:7f:c8:58:92:09:91:6b:49:4a:aa:58:cb:e6:ab:0b:ba:
56:31:b5:b8:34:79:e0:a6:71:cf:bd:ce:4c:4e:f5:71:6c:10:
80:69:b7:b4:38:d1:19:a1:b3:c9:71:da:c6:3b:f7:58:08:0d:
5a:92:54:27:fb:8d:a9:a0:52:9e:0d:a9:41:41:73:38:e7:db:
5f:82:9f:68:69:1d:92:e2:bf:c7:a5:60:a5:3e:79:73:5b:fe:
58:b7:f6:01:13:0f:10:e4:c8:24:f0:b4:e3:56:8a:00:69:4d:
05:ab:7a:47:ca:bb:11:2b:f0:80:e3:69:d2:76:13:9d:c4:88:
a2:08:10:02:4f:b5:a8:02:23:8a:de:bc:b0:df:da:02:bd:63:
67:dc:8b:0a:c7:a7:48:e1:ad:58:d7:24:22:27:c6:38:01:95:
ee:3d:f2:aa:f6:07:4c:9a:c4:3a:cd:29:41:33:7c:9f:5a:61:
58:4a:a6:c7:28:e5:24:1d:37:3f:d8:97:7d:41:c0:a5:c7:85:
5c:cd:c7:2e:c1:0b:2b:78:7b:77:e2:47:1c:68:f5:d8:46:12:
df:29:f5:f3:6d:84:07:97:1e:15:39:73:4f:03:8a:42:6d:e2:
48:9c:bd:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaZIrI+SgbC+IXCR5m57OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YmZmZmQ2N2E0Yjk5NDU0YWM5YTQwMGU3NDc5Yzc2MGQ1
NTQ2Y2MwHhcNMjUwMTAxMTk0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzE5YzdkODRjODViYTAyNTY2YTkxNmRkMDJhNDczZGI5NDViMGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApi+VBvLDNiGNF6dK2MtFJTccotua
W6bzlhHwG/fkl/Bp6vvtdiZxTS/gX4irrqrdWZXVOjjgXi3jC7WubxANy0GrzLUm
KnP5hwVNQGfmoTdMMaQ3OrfZ6dV3gIPyDytmQ1mVUQRejDKg+l38BoXvTcTpb/cO
w4372gPMk95XIqmGWfokuMvKMxERDzqwN3L2bx7U2x59TiGeFXyKHjuIDTtn12JX
Q0KCk3QsyLPWwCDQJW7iROCro5ZTuP5WK/70F9QwEAAnnQqqe3FFVlCByTKBHSjM
TrP8sHFI2F9mKFkp3b+XJIG75O8o+INSoZTvsp5ZPilewDJ5z8VonuepnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPMZx9hMhboCVmqRbdAqRz25RbD2MB8GA1UdIwQY
MBaAFHe//9Z6S5lFSsmkAOdHnHYNVUbMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDdfXzFucExtVVZLeWFRQTUwZWNkZzFWUnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9lNzRlNjUtNWM5ZC00NmM3LTk2N2Mt
NDRkMWUyNGI3YjI1LzEvOHhuSDJFeUZ1Z0pXYXBGdDBDcEhQYmxGc1BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9lNzRlNjUtNWM5ZC00NmM3LTk2N2MtNDRkMWUyNGI3YjI1
LzEvZDdfXzFucExtVVZLeWFRQTUwZWNkZzFWUnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW9sYMA0G
CSqGSIb3DQEBCwUAA4IBAQCjGvZbBS+yVv+TpJswr+EVCj147H/IWJIJkWtJSqpY
y+arC7pWMbW4NHngpnHPvc5MTvVxbBCAabe0ONEZobPJcdrGO/dYCA1aklQn+42p
oFKeDalBQXM459tfgp9oaR2S4r/HpWClPnlzW/5Yt/YBEw8Q5Mgk8LTjVooAaU0F
q3pHyrsRK/CA42nSdhOdxIiiCBACT7WoAiOK3ryw39oCvWNn3IsKx6dI4a1Y1yQi
J8Y4AZXuPfKq9gdMmsQ6zSlBM3yfWmFYSqbHKOUkHTc/2Jd9QcClx4VczccuwQsr
eHt34kccaPXYRhLfKfXzbYQHlx4VOXNPA4pCbeJInL3c
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:40:50 2025 by rpki-client