Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/01608d-08f1-4ab5-a926-be561ccded2c/1/xOQc72Z94YWZ0x4WXA9ac2DfTkA.roa
File: xOQc72Z94YWZ0x4WXA9ac2DfTkA.roa (raw, json)
Hash identifier: JOazIpcEkdoXe7dHpDJ/1wfs3pC+0YfgMICoYiHagPk=
Subject key identifier: C4:E4:1C:EF:66:7D:E1:85:99:D3:1E:16:5C:0F:5A:73:60:DF:4E:40
Certificate issuer: /CN=ff8ced3b09a905eb96869c58f66b4f8b591503b0
Certificate serial: 0194221FBD490A5E006918AA81FC9AE01D35
Authority key identifier: FF:8C:ED:3B:09:A9:05:EB:96:86:9C:58:F6:6B:4F:8B:59:15:03:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4ztOwmpBeuWhpxY9mtPi1kVA7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/01608d-08f1-4ab5-a926-be561ccded2c/1/xOQc72Z94YWZ0x4WXA9ac2DfTkA.roa
Signing time: Wed 01 Jan 2025 13:48:12 +0000
ROA not before: Wed 01 Jan 2025 13:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24881
IP address blocks: 91.192.156.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:bd:49:0a:5e:00:69:18:aa:81:fc:9a:e0:1d:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff8ced3b09a905eb96869c58f66b4f8b591503b0
Validity
Not Before: Jan 1 13:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c4e41cef667de18599d31e165c0f5a7360df4e40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9a:ab:3f:0a:43:bc:4e:db:d2:82:cc:c6:00:
28:b5:32:47:2e:ff:4b:f6:8c:3a:59:10:56:4d:1e:
58:52:f0:d7:68:cf:33:4b:42:af:e8:ab:f4:3a:47:
7f:99:ee:85:46:d6:d3:e8:8c:3a:90:68:85:c8:6c:
06:f2:a5:8e:f1:01:76:70:ed:01:8d:80:70:1d:cb:
91:9c:04:bd:a5:04:e1:a2:28:d8:19:7a:b6:fe:ce:
ad:4d:41:41:57:99:ce:02:79:4b:f6:7b:b6:33:42:
60:26:7a:26:f2:29:cf:51:f7:73:58:9c:eb:4f:e8:
bd:8f:c4:aa:c2:05:e1:09:46:13:dd:a7:92:3f:9e:
8d:f5:7e:1e:2f:4f:5f:9d:56:3f:17:af:aa:99:3c:
7c:ba:d4:9c:ce:c3:46:c8:29:48:10:5d:37:a1:6b:
d4:23:e7:1e:64:f1:ec:23:49:cf:8f:98:2c:52:75:
d9:1f:d2:ba:44:15:19:41:38:c9:64:af:a1:df:a8:
36:17:e2:ba:2e:19:bc:9a:c0:24:a9:e2:a9:15:90:
97:84:b2:3f:02:c6:a9:43:c9:eb:45:4f:ec:a5:f6:
c4:3e:7d:fe:64:aa:80:a2:5d:87:39:0c:48:93:0e:
ed:f7:eb:78:41:06:58:33:1e:c7:f1:de:b0:6e:c6:
e7:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:E4:1C:EF:66:7D:E1:85:99:D3:1E:16:5C:0F:5A:73:60:DF:4E:40
X509v3 Authority Key Identifier:
keyid:FF:8C:ED:3B:09:A9:05:EB:96:86:9C:58:F6:6B:4F:8B:59:15:03:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4ztOwmpBeuWhpxY9mtPi1kVA7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/01608d-08f1-4ab5-a926-be561ccded2c/1/xOQc72Z94YWZ0x4WXA9ac2DfTkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/01608d-08f1-4ab5-a926-be561ccded2c/1/_4ztOwmpBeuWhpxY9mtPi1kVA7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.156.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:5d:d1:fb:b5:17:82:70:57:02:3c:7b:07:ca:ea:b7:c5:f0:
36:5b:97:28:9d:64:9a:bc:db:84:d7:89:a0:4a:b9:6d:8b:be:
64:0c:85:92:74:9e:58:cb:e7:59:c6:94:23:71:3f:67:5d:84:
52:e4:c2:7a:a3:4b:c9:db:7e:bc:f7:17:ed:39:aa:84:5f:df:
7e:43:95:52:de:9d:5d:cf:a9:8a:19:39:9b:5e:35:e5:65:3f:
70:1c:67:8c:a9:37:a9:23:2d:55:8c:6e:4a:d4:0f:85:b6:3b:
aa:1a:27:6c:34:12:76:f3:7b:86:26:52:76:49:ce:17:ef:d7:
34:fc:c7:73:ad:d4:1e:54:7e:54:dc:9f:3e:32:e9:c1:f6:50:
c3:8a:f4:c6:57:08:77:5b:2c:b8:d2:d3:c1:77:22:59:8c:76:
a5:41:b5:67:8a:6c:a7:35:da:42:37:e6:49:d1:e8:38:d4:11:
a4:57:08:62:0b:01:b7:9e:0b:d6:05:22:80:f8:3e:f9:40:13:
71:41:1c:b4:8e:d0:6e:6a:c1:69:f8:41:32:ea:c6:20:ec:a5:
4e:97:50:b3:92:83:41:16:39:c7:d2:a2:ef:2e:2d:a3:5d:28:
1d:21:1b:ae:97:cb:4c:19:85:5c:3a:5e:10:a1:14:72:54:df:
66:2c:05:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH71JCl4AaRiqgfya4B01MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmOGNlZDNiMDlhOTA1ZWI5Njg2OWM1OGY2NmI0ZjhiNTkx
NTAzYjAwHhcNMjUwMTAxMTM0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGU0MWNlZjY2N2RlMTg1OTlkMzFlMTY1YzBmNWE3MzYwZGY0ZTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5qrPwpDvE7b0oLMxgAotTJHLv9L
9ow6WRBWTR5YUvDXaM8zS0Kv6Kv0Okd/me6FRtbT6Iw6kGiFyGwG8qWO8QF2cO0B
jYBwHcuRnAS9pQThoijYGXq2/s6tTUFBV5nOAnlL9nu2M0JgJnom8inPUfdzWJzr
T+i9j8SqwgXhCUYT3aeSP56N9X4eL09fnVY/F6+qmTx8utSczsNGyClIEF03oWvU
I+ceZPHsI0nPj5gsUnXZH9K6RBUZQTjJZK+h36g2F+K6Lhm8msAkqeKpFZCXhLI/
AsapQ8nrRU/spfbEPn3+ZKqAol2HOQxIkw7t9+t4QQZYMx7H8d6wbsbnEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMTkHO9mfeGFmdMeFlwPWnNg305AMB8GA1UdIwQY
MBaAFP+M7TsJqQXrloacWPZrT4tZFQOwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzR6dE93bXBCZXVXaHB4WTltdFBpMWtWQTdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8wMTYwOGQtMDhmMS00YWI1LWE5MjYt
YmU1NjFjY2RlZDJjLzEveE9RYzcyWjk0WVdaMHg0V1hBOWFjMkRmVGtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8wMTYwOGQtMDhmMS00YWI1LWE5MjYtYmU1NjFjY2RlZDJj
LzEvXzR6dE93bXBCZXVXaHB4WTltdFBpMWtWQTdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8CcMA0G
CSqGSIb3DQEBCwUAA4IBAQBtXdH7tReCcFcCPHsHyuq3xfA2W5conWSavNuE14mg
Srlti75kDIWSdJ5Yy+dZxpQjcT9nXYRS5MJ6o0vJ23689xftOaqEX99+Q5VS3p1d
z6mKGTmbXjXlZT9wHGeMqTepIy1VjG5K1A+FtjuqGidsNBJ283uGJlJ2Sc4X79c0
/MdzrdQeVH5U3J8+MunB9lDDivTGVwh3Wyy40tPBdyJZjHalQbVnimynNdpCN+ZJ
0eg41BGkVwhiCwG3ngvWBSKA+D75QBNxQRy0jtBuasFp+EEy6sYg7KVOl1CzkoNB
FjnH0qLvLi2jXSgdIRuul8tMGYVcOl4QoRRyVN9mLAV1
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:47 2025 by rpki-client on console.sobornost.net