Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/66e06a-5e47-4fa9-bd3b-0bc47f4ff714/1/_KxvEwb-05zypoulu-kOqoL22-A.roa
File: _KxvEwb-05zypoulu-kOqoL22-A.roa (raw, json)
Hash identifier: iIrzlSKXJeml3wWcOMj0MUUk02aq1R81c8+dmUXm/h4=
Subject key identifier: FC:AC:6F:13:06:FE:D3:9C:F2:A6:8B:A5:BB:E9:0E:AA:82:F6:DB:E0
Certificate issuer: /CN=fa178e38bb8ef98bbf2b31b896397f4879f6b0f7
Certificate serial: 01941FFAB27D84416CC9F4F912E02ABEF169
Authority key identifier: FA:17:8E:38:BB:8E:F9:8B:BF:2B:31:B8:96:39:7F:48:79:F6:B0:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-heOOLuO-Yu_KzG4ljl_SHn2sPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/66e06a-5e47-4fa9-bd3b-0bc47f4ff714/1/_KxvEwb-05zypoulu-kOqoL22-A.roa
Signing time: Wed 01 Jan 2025 03:48:30 +0000
ROA not before: Wed 01 Jan 2025 03:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58118
IP address blocks: 91.239.8.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:b2:7d:84:41:6c:c9:f4:f9:12:e0:2a:be:f1:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa178e38bb8ef98bbf2b31b896397f4879f6b0f7
Validity
Not Before: Jan 1 03:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fcac6f1306fed39cf2a68ba5bbe90eaa82f6dbe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d9:20:d0:23:11:0a:95:c5:97:12:80:a2:8c:
a7:79:82:ac:14:fd:57:4e:32:e5:69:0c:09:0f:c1:
f0:f3:f6:fa:1f:98:46:42:b4:5e:4d:33:2a:04:aa:
18:87:f7:4f:18:fd:57:a5:b6:19:46:ec:03:a3:ed:
c5:bd:35:75:ee:3c:7d:82:94:9c:08:1d:28:f8:7c:
d6:a9:6c:64:49:af:73:48:91:25:3a:f6:9e:b9:34:
08:c7:a2:ae:b0:cc:76:b2:2d:5f:d5:5f:20:ff:01:
83:73:01:96:11:d1:3d:74:6e:21:a4:1c:79:1f:85:
ac:a8:99:70:56:d7:4e:7f:49:6b:73:f9:d8:c3:fa:
8e:d7:f3:f8:ab:bc:02:21:12:e3:23:6e:65:8c:48:
1e:b0:0a:35:46:8f:2e:8b:7c:63:fd:77:d0:31:36:
3d:3e:18:93:9b:dc:1a:c6:64:89:f1:2d:55:86:04:
00:d0:14:17:97:7b:93:f6:23:6a:2e:cb:ad:dd:fa:
ba:24:12:10:26:97:b9:26:00:2a:88:25:d8:5c:d9:
6d:27:d2:be:3b:a0:1b:06:b4:1c:1a:d4:bc:60:fe:
0b:77:a1:d0:3e:07:c0:45:93:b8:c1:ac:bb:bd:51:
fe:a6:a8:f7:47:7d:b8:28:6d:c6:d7:7f:4f:9a:79:
a2:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:AC:6F:13:06:FE:D3:9C:F2:A6:8B:A5:BB:E9:0E:AA:82:F6:DB:E0
X509v3 Authority Key Identifier:
keyid:FA:17:8E:38:BB:8E:F9:8B:BF:2B:31:B8:96:39:7F:48:79:F6:B0:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-heOOLuO-Yu_KzG4ljl_SHn2sPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/66e06a-5e47-4fa9-bd3b-0bc47f4ff714/1/_KxvEwb-05zypoulu-kOqoL22-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/66e06a-5e47-4fa9-bd3b-0bc47f4ff714/1/1-heOOLuO-Yu_KzG4ljl_SHn2sPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.8.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:5e:af:50:8c:d0:54:17:c8:f8:b7:2f:38:36:67:92:d9:6f:
38:0d:73:b6:9a:5c:fb:2f:ee:5e:83:63:c6:9a:2b:3d:65:65:
cb:24:7a:2b:cc:47:07:c2:10:8f:d7:e2:76:ce:1e:f0:fc:a3:
7b:3c:6d:50:6e:f7:0a:26:4f:1b:2d:32:93:ca:82:12:67:95:
92:fb:f8:06:fc:24:7c:10:ce:2b:7f:02:d7:ca:3d:c0:3c:89:
55:e9:5a:e4:13:e2:95:08:cd:f4:ad:e8:f5:8d:bb:bb:40:26:
49:80:ea:27:0b:2e:02:84:47:b7:28:97:ed:59:63:64:58:d8:
c6:35:00:df:c2:7b:bf:ba:97:ee:02:a4:59:7e:dc:b4:02:09:
8c:5c:4e:e5:26:fa:b1:18:a0:59:56:2a:1f:3a:7b:f1:ba:21:
17:55:e2:85:ab:10:67:fd:5c:e4:7a:ba:a3:67:12:0d:c7:9a:
ad:67:e3:ff:76:04:dd:f6:0d:c6:a3:c0:38:52:e2:15:01:1c:
01:17:45:03:b4:84:20:81:91:a5:04:12:d5:81:4c:6c:e9:d9:
e2:7e:f4:fd:ca:76:fb:b6:bd:69:23:78:cb:33:a7:bc:94:ce:
da:c7:ce:f9:e2:99:ce:7f:ac:9b:4c:87:83:76:46:0a:f8:08:
4e:57:fe:a1
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQf+rJ9hEFsyfT5EuAqvvFpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhMTc4ZTM4YmI4ZWY5OGJiZjJiMzFiODk2Mzk3ZjQ4Nzlm
NmIwZjcwHhcNMjUwMTAxMDM0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2FjNmYxMzA2ZmVkMzljZjJhNjhiYTViYmU5MGVhYTgyZjZkYmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9kg0CMRCpXFlxKAooyneYKsFP1X
TjLlaQwJD8Hw8/b6H5hGQrReTTMqBKoYh/dPGP1XpbYZRuwDo+3FvTV17jx9gpSc
CB0o+HzWqWxkSa9zSJElOvaeuTQIx6KusMx2si1f1V8g/wGDcwGWEdE9dG4hpBx5
H4WsqJlwVtdOf0lrc/nYw/qO1/P4q7wCIRLjI25ljEgesAo1Ro8ui3xj/XfQMTY9
PhiTm9waxmSJ8S1VhgQA0BQXl3uT9iNqLsut3fq6JBIQJpe5JgAqiCXYXNltJ9K+
O6AbBrQcGtS8YP4Ld6HQPgfARZO4way7vVH+pqj3R324KG3G139PmnmikQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPysbxMG/tOc8qaLpbvpDqqC9tvgMB8GA1UdIwQY
MBaAFPoXjji7jvmLvysxuJY5f0h59rD3MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1oZU9PTHVPLVl1X0t6RzRsamxfU0huMnNQYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTQvNjZlMDZhLTVlNDctNGZhOS1iZDNi
LTBiYzQ3ZjRmZjcxNC8xL19LeHZFd2ItMDV6eXBvdWx1LWtPcW9MMjItQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTQvNjZlMDZhLTVlNDctNGZhOS1iZDNiLTBiYzQ3ZjRmZjcx
NC8xLzEtaGVPT0x1Ty1ZdV9Lekc0bGpsX1NIbjJzUGMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJb7wgw
DQYJKoZIhvcNAQELBQADggEBAEper1CM0FQXyPi3Lzg2Z5LZbzgNc7aaXPsv7l6D
Y8aaKz1lZcskeivMRwfCEI/X4nbOHvD8o3s8bVBu9womTxstMpPKghJnlZL7+Ab8
JHwQzit/AtfKPcA8iVXpWuQT4pUIzfSt6PWNu7tAJkmA6icLLgKER7col+1ZY2RY
2MY1AN/Ce7+6l+4CpFl+3LQCCYxcTuUm+rEYoFlWKh86e/G6IRdV4oWrEGf9XOR6
uqNnEg3Hmq1n4/92BN32DcajwDhS4hUBHAEXRQO0hCCBkaUEEtWBTGzp2eJ+9P3K
dvu2vWkjeMszp7yUztrHzvnimc5/rJtMh4N2Rgr4CE5X/qE=
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:07:05 2025 by rpki-client