Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/nUdXFkRC6j_t0iDcBq4lTROhWhw.roa
File: nUdXFkRC6j_t0iDcBq4lTROhWhw.roa (raw, json)
Hash identifier: uqthB9fT7KTzDqVKd37giaeIGdIgCJotFj13ckGDIlc=
Subject key identifier: 9D:47:57:16:44:42:EA:3F:ED:D2:20:DC:06:AE:25:4D:13:A1:5A:1C
Certificate issuer: /CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Certificate serial: 01856D01D22B0003CC437F12CA9117940C7E
Authority key identifier: 1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/nUdXFkRC6j_t0iDcBq4lTROhWhw.roa
Signing time: Sun 01 Jan 2023 11:05:13 +0000
ROA not before: Sun 01 Jan 2023 11:05:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212563
IP address blocks: 91.132.73.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:d2:2b:00:03:cc:43:7f:12:ca:91:17:94:0c:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Validity
Not Before: Jan 1 11:05:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d4757164442ea3fedd220dc06ae254d13a15a1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d9:97:fa:80:a7:21:f8:b1:c5:a0:7c:e8:83:
a3:3a:4b:74:1a:68:9e:b9:f9:14:3f:2b:ce:1a:b8:
66:97:92:09:da:a3:08:c0:81:eb:14:69:a9:b3:b7:
19:b5:7f:a3:72:36:1b:22:c0:2b:44:a7:62:61:49:
c5:c8:9b:f3:68:88:22:ec:a9:82:97:ea:08:36:84:
12:e6:16:9b:7c:5a:29:e1:4b:50:50:97:7b:18:05:
2e:e2:e8:a4:54:52:fb:56:3c:c3:35:22:20:48:59:
2c:c0:49:21:b0:4c:29:62:db:de:63:c9:7f:78:60:
42:2e:43:0b:14:69:4f:f6:d0:d4:da:cf:59:82:90:
3f:8c:50:73:6f:7b:71:69:38:61:c2:0d:f7:95:78:
a3:88:22:a0:d2:61:7b:5f:cf:94:86:c3:47:46:97:
aa:9b:7b:cd:06:09:b1:bf:b7:b9:12:9a:be:ec:0b:
7d:0f:33:19:e6:60:32:fb:67:43:dd:73:77:fa:49:
ce:39:72:c0:28:e1:17:f3:53:d1:ff:94:be:5c:c7:
18:26:77:48:8c:8b:4e:79:2e:cd:a9:af:87:52:df:
5e:72:4d:39:dd:e3:cd:96:ab:5b:89:b2:56:ca:3e:
92:19:2e:11:1b:4d:85:3e:c4:22:ea:28:5a:c1:18:
19:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:47:57:16:44:42:EA:3F:ED:D2:20:DC:06:AE:25:4D:13:A1:5A:1C
X509v3 Authority Key Identifier:
keyid:1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/nUdXFkRC6j_t0iDcBq4lTROhWhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/HHsGv0EwDcTTDz0OGAybldK83f8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.73.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:52:25:41:f9:31:a4:20:b8:62:ba:5f:76:be:a8:ba:8e:eb:
6b:bb:46:e5:5d:87:b2:9b:72:66:35:bc:e9:3c:f6:d6:4c:f3:
93:ae:80:18:c0:30:07:8f:b9:04:ac:e9:31:fd:c4:69:80:85:
71:05:da:cd:1b:44:25:07:04:cd:9d:8c:16:b3:91:a8:d4:c1:
6f:4b:59:86:9e:8e:f8:27:62:e5:d6:b5:c2:3f:7e:d0:b1:a4:
44:e6:61:4f:5d:67:b6:b0:4b:1c:d7:d5:58:ca:7c:41:63:a1:
e0:ee:ff:cd:17:23:86:9e:c6:e4:39:6a:3e:49:bc:1e:da:07:
70:69:9e:65:b6:a4:f3:5b:97:0d:07:7f:dd:b0:28:67:ce:56:
c6:aa:6b:f0:79:be:14:1d:c9:78:5d:36:a8:36:fd:4b:91:f6:
44:cf:a9:c9:a9:44:bf:b0:4e:62:43:c3:51:a9:af:ee:c0:64:
7f:ee:b8:87:2e:81:83:bb:cf:d5:74:46:1b:3f:83:5e:b6:00:
1f:85:3b:c2:3a:3d:cc:34:19:81:52:51:83:2d:c3:25:a7:f6:
e9:36:04:b0:f6:8c:79:b0:ed:fc:3c:d7:ce:d6:3f:d3:3a:88:
f0:b6:4d:74:69:e6:dc:56:3b:88:c3:1d:77:4c:ee:bd:a1:d1:
8d:47:0e:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtAdIrAAPMQ38SypEXlAx+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2IwNmJmNDEzMDBkYzRkMzBmM2QwZTE4MGM5Yjk1ZDJi
Y2RkZmYwHhcNMjMwMTAxMTEwNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDQ3NTcxNjQ0NDJlYTNmZWRkMjIwZGMwNmFlMjU0ZDEzYTE1YTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptmX+oCnIfixxaB86IOjOkt0Gmie
ufkUPyvOGrhml5IJ2qMIwIHrFGmps7cZtX+jcjYbIsArRKdiYUnFyJvzaIgi7KmC
l+oINoQS5habfFop4UtQUJd7GAUu4uikVFL7VjzDNSIgSFkswEkhsEwpYtveY8l/
eGBCLkMLFGlP9tDU2s9ZgpA/jFBzb3txaThhwg33lXijiCKg0mF7X8+UhsNHRpeq
m3vNBgmxv7e5Epq+7At9DzMZ5mAy+2dD3XN3+knOOXLAKOEX81PR/5S+XMcYJndI
jItOeS7Nqa+HUt9eck053ePNlqtbibJWyj6SGS4RG02FPsQi6ihawRgZrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ1HVxZEQuo/7dIg3AauJU0ToVocMB8GA1UdIwQY
MBaAFBx7Br9BMA3E0w89DhgMm5XSvN3/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAt
MjRmZGRjNmQxNDdiLzEvblVkWEZrUkM2al90MGlEY0JxNGxUUk9oV2h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAtMjRmZGRjNmQxNDdi
LzEvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW4RJMA0G
CSqGSIb3DQEBCwUAA4IBAQC2UiVB+TGkILhiul92vqi6jutru0blXYeym3JmNbzp
PPbWTPOTroAYwDAHj7kErOkx/cRpgIVxBdrNG0QlBwTNnYwWs5Go1MFvS1mGno74
J2Ll1rXCP37QsaRE5mFPXWe2sEsc19VYynxBY6Hg7v/NFyOGnsbkOWo+Sbwe2gdw
aZ5ltqTzW5cNB3/dsChnzlbGqmvweb4UHcl4XTaoNv1LkfZEz6nJqUS/sE5iQ8NR
qa/uwGR/7riHLoGDu8/VdEYbP4NetgAfhTvCOj3MNBmBUlGDLcMlp/bpNgSw9ox5
sO38PNfO1j/TOojwtk10aebcVjuIwx13TO69odGNRw5W
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:26:17 2025 by rpki-client