Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/70c477-a8cd-4a72-b669-1f93c239a012/1/XyfRuc4kupwWuvivIxyG_eB9gmg.roa
File: XyfRuc4kupwWuvivIxyG_eB9gmg.roa (raw, json)
Hash identifier: KYzWwUCDT/C8f7tzUEGe7k72yVFrK9hL5A1TsIJ1sdw=
Subject key identifier: 5F:27:D1:B9:CE:24:BA:9C:16:BA:F8:AF:23:1C:86:FD:E0:7D:82:68
Certificate issuer: /CN=1bd2d463ae15346d5edd7937b8bfa8e09b14376d
Certificate serial: 01941FFA0582F4619AF03B73675F7BD94FB4
Authority key identifier: 1B:D2:D4:63:AE:15:34:6D:5E:DD:79:37:B8:BF:A8:E0:9B:14:37:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G9LUY64VNG1e3Xk3uL-o4JsUN20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/70c477-a8cd-4a72-b669-1f93c239a012/1/XyfRuc4kupwWuvivIxyG_eB9gmg.roa
Signing time: Wed 01 Jan 2025 03:47:46 +0000
ROA not before: Wed 01 Jan 2025 03:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210166
IP address blocks: 194.61.32.0/24 maxlen: 24
194.61.33.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:05:82:f4:61:9a:f0:3b:73:67:5f:7b:d9:4f:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bd2d463ae15346d5edd7937b8bfa8e09b14376d
Validity
Not Before: Jan 1 03:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f27d1b9ce24ba9c16baf8af231c86fde07d8268
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:70:d8:8b:85:41:99:95:9d:fc:b3:a0:90:f5:
fa:90:6e:e9:d8:4e:80:c0:bc:4e:56:be:ae:ab:50:
2d:04:b4:ee:0d:84:04:70:1a:b0:65:d3:0e:92:f7:
81:59:9a:16:78:c1:6c:5c:18:18:3d:1d:f7:09:31:
8c:66:4b:83:7d:cb:9b:cc:ff:fd:f0:02:9b:86:79:
0f:e2:54:e9:a0:2c:f7:66:6a:db:38:9b:63:02:91:
cd:0b:7c:c2:a5:19:9a:36:1c:25:21:54:ea:4f:6d:
62:0b:cd:df:49:6f:d5:e0:25:d3:34:32:f4:25:e3:
12:39:ed:2f:75:b2:e1:14:d3:02:0a:5a:86:b0:7d:
3a:80:ba:e1:ba:35:c2:2d:ce:82:90:6c:c6:bf:5c:
37:9d:7a:ca:12:d0:12:77:e9:62:33:bf:05:2b:78:
d4:ee:fb:05:eb:98:8e:5e:ac:c2:f9:53:c2:31:b8:
2f:8f:dd:77:08:f3:22:f0:6a:00:13:34:91:a4:66:
b3:74:e6:b2:63:70:d0:22:f9:9c:6c:2c:46:50:e5:
4e:9c:54:a7:d1:6b:76:4b:c1:c0:9f:80:e5:88:8e:
86:f7:56:b9:fc:57:95:44:61:66:be:48:f6:bb:af:
c3:4e:9a:5f:3d:a5:bc:b1:f5:92:df:5d:71:ee:4d:
84:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:27:D1:B9:CE:24:BA:9C:16:BA:F8:AF:23:1C:86:FD:E0:7D:82:68
X509v3 Authority Key Identifier:
keyid:1B:D2:D4:63:AE:15:34:6D:5E:DD:79:37:B8:BF:A8:E0:9B:14:37:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G9LUY64VNG1e3Xk3uL-o4JsUN20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/70c477-a8cd-4a72-b669-1f93c239a012/1/XyfRuc4kupwWuvivIxyG_eB9gmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/70c477-a8cd-4a72-b669-1f93c239a012/1/G9LUY64VNG1e3Xk3uL-o4JsUN20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.61.32.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:38:cd:bf:08:51:11:f3:12:a6:8f:3b:ad:14:c4:14:ed:3b:
02:6b:26:ac:1e:ca:8e:38:12:34:b1:67:0d:ba:5c:be:d3:56:
d0:11:69:c9:60:d6:51:5c:69:41:fc:22:58:4f:ae:27:98:7d:
cd:20:0b:11:f6:b9:52:df:c5:a2:17:a8:89:46:a4:38:ff:f3:
fa:05:a4:2e:b9:2c:2a:01:90:a5:7c:8c:86:81:c2:ac:f2:63:
ea:a3:9e:21:e1:41:a3:63:f5:9a:dc:34:48:5b:6b:64:01:ac:
21:32:c4:28:28:6b:c3:c1:92:89:ed:c3:2a:84:0c:87:13:d3:
7a:c2:39:07:a8:89:02:20:a6:0f:96:75:92:8e:2c:9e:af:3f:
04:9e:4c:0e:27:49:93:af:22:62:07:6f:44:24:d3:c1:97:7a:
4d:21:69:27:8b:7a:95:10:ca:cf:3d:72:1a:75:06:06:d3:4d:
bf:ed:c7:4e:f2:53:2f:98:bb:46:a2:24:61:65:18:93:9e:c8:
be:f2:de:b0:bb:34:5f:50:7f:e4:e4:ea:3d:fd:a0:9a:9f:31:
fa:8d:b0:63:8e:33:6a:b3:51:43:01:4a:07:fb:dc:40:b5:a2:
89:ea:99:04:da:34:ad:10:6c:30:71:63:32:36:ba:d1:1d:b4:
54:11:de:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+gWC9GGa8DtzZ1972U+0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZDJkNDYzYWUxNTM0NmQ1ZWRkNzkzN2I4YmZhOGUwOWIx
NDM3NmQwHhcNMjUwMTAxMDM0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjI3ZDFiOWNlMjRiYTljMTZiYWY4YWYyMzFjODZmZGUwN2Q4MjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3DYi4VBmZWd/LOgkPX6kG7p2E6A
wLxOVr6uq1AtBLTuDYQEcBqwZdMOkveBWZoWeMFsXBgYPR33CTGMZkuDfcubzP/9
8AKbhnkP4lTpoCz3ZmrbOJtjApHNC3zCpRmaNhwlIVTqT21iC83fSW/V4CXTNDL0
JeMSOe0vdbLhFNMCClqGsH06gLrhujXCLc6CkGzGv1w3nXrKEtASd+liM78FK3jU
7vsF65iOXqzC+VPCMbgvj913CPMi8GoAEzSRpGazdOayY3DQIvmcbCxGUOVOnFSn
0Wt2S8HAn4DliI6G91a5/FeVRGFmvkj2u6/DTppfPaW8sfWS311x7k2EiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF8n0bnOJLqcFrr4ryMchv3gfYJoMB8GA1UdIwQY
MBaAFBvS1GOuFTRtXt15N7i/qOCbFDdtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzlMVVk2NFZORzFlM1hrM3VMLW80SnNVTjIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC83MGM0NzctYThjZC00YTcyLWI2Njkt
MWY5M2MyMzlhMDEyLzEvWHlmUnVjNGt1cHdXdXZpdkl4eUdfZUI5Z21nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC83MGM0NzctYThjZC00YTcyLWI2NjktMWY5M2MyMzlhMDEy
LzEvRzlMVVk2NFZORzFlM1hrM3VMLW80SnNVTjIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwj0gMA0G
CSqGSIb3DQEBCwUAA4IBAQBrOM2/CFER8xKmjzutFMQU7TsCayasHsqOOBI0sWcN
uly+01bQEWnJYNZRXGlB/CJYT64nmH3NIAsR9rlS38WiF6iJRqQ4//P6BaQuuSwq
AZClfIyGgcKs8mPqo54h4UGjY/Wa3DRIW2tkAawhMsQoKGvDwZKJ7cMqhAyHE9N6
wjkHqIkCIKYPlnWSjiyerz8EnkwOJ0mTryJiB29EJNPBl3pNIWkni3qVEMrPPXIa
dQYG002/7cdO8lMvmLtGoiRhZRiTnsi+8t6wuzRfUH/k5Oo9/aCanzH6jbBjjjNq
s1FDAUoH+9xAtaKJ6pkE2jStEGwwcWMyNrrRHbRUEd5H
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:14 2025 by rpki-client on console.sobornost.net