Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/7c1727-9eaf-49c9-aafc-f99453a95a99/1/fE9SL4lgGLEucOlyvk7fngTw64k.roa
File: fE9SL4lgGLEucOlyvk7fngTw64k.roa (raw, json)
Hash identifier: TGIMqMFtt0hwRVhPYaYtgV4OglJO1aoAg/NqO7iMJrc=
Subject key identifier: 7C:4F:52:2F:89:60:18:B1:2E:70:E9:72:BE:4E:DF:9E:04:F0:EB:89
Certificate issuer: /CN=3b5fc69b7c6ee869930ce0b8391ee5d84c53494a
Certificate serial: 0194453B9083B83BE2FF3E487088308B5B22
Authority key identifier: 3B:5F:C6:9B:7C:6E:E8:69:93:0C:E0:B8:39:1E:E5:D8:4C:53:49:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O1_Gm3xu6GmTDOC4OR7l2ExTSUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/7c1727-9eaf-49c9-aafc-f99453a95a99/1/fE9SL4lgGLEucOlyvk7fngTw64k.roa
Signing time: Wed 08 Jan 2025 09:25:19 +0000
ROA not before: Wed 08 Jan 2025 09:25:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213635
IP address blocks: 91.211.196.0/22 maxlen: 24
193.109.152.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:45:3b:90:83:b8:3b:e2:ff:3e:48:70:88:30:8b:5b:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b5fc69b7c6ee869930ce0b8391ee5d84c53494a
Validity
Not Before: Jan 8 09:25:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c4f522f896018b12e70e972be4edf9e04f0eb89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c2:12:a0:a8:6f:0e:8b:45:db:f1:aa:35:22:
88:43:34:b9:4d:93:0e:14:d8:8b:8d:0a:90:c6:02:
8f:cf:ec:44:b2:23:d0:90:a2:51:87:4f:6c:1d:8e:
5a:48:5a:a2:2b:0a:25:13:ca:93:bf:8f:e3:42:64:
2e:8b:ed:e5:7f:4b:55:7a:62:c3:e7:d5:62:b1:a4:
1f:51:0e:db:42:ba:01:6a:ca:38:bd:10:4f:00:51:
f5:22:aa:6d:04:38:8f:22:bf:e6:8a:44:04:f5:0d:
3b:83:1a:5e:cc:c0:3f:e9:fc:5b:a2:15:5f:48:8c:
b5:eb:99:0f:c9:a2:6c:8c:45:dc:9e:fe:86:3c:2b:
45:f8:69:76:17:92:d3:41:33:37:25:52:e2:55:ae:
62:6a:69:94:a6:70:c2:4c:41:b5:1e:33:e4:47:c3:
6f:53:27:03:7b:52:20:7e:db:c5:ea:5c:b8:ed:93:
74:95:c2:37:ce:87:b0:ac:6b:a2:b2:a1:a1:23:c7:
fd:24:57:1b:a5:0e:aa:9e:a6:80:95:cd:b7:d9:23:
da:c0:60:ee:a9:14:69:e2:02:4b:ce:82:e4:07:10:
bd:b9:81:d4:f4:bb:b9:ee:52:c0:ae:8f:97:36:b1:
bd:30:c0:e2:32:1e:ae:0d:d6:e1:99:75:23:b3:79:
28:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:4F:52:2F:89:60:18:B1:2E:70:E9:72:BE:4E:DF:9E:04:F0:EB:89
X509v3 Authority Key Identifier:
keyid:3B:5F:C6:9B:7C:6E:E8:69:93:0C:E0:B8:39:1E:E5:D8:4C:53:49:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1_Gm3xu6GmTDOC4OR7l2ExTSUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/7c1727-9eaf-49c9-aafc-f99453a95a99/1/fE9SL4lgGLEucOlyvk7fngTw64k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/7c1727-9eaf-49c9-aafc-f99453a95a99/1/O1_Gm3xu6GmTDOC4OR7l2ExTSUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.196.0/22
193.109.152.0/21
Signature Algorithm: sha256WithRSAEncryption
b7:5a:60:85:3b:23:14:79:a2:3b:6f:f9:51:68:30:04:93:f6:
11:19:5c:53:29:d1:43:09:32:f9:d5:6a:a1:44:7c:78:ba:cb:
43:e6:4d:f2:cc:93:b2:4f:93:5e:1e:f0:a0:12:ff:da:0c:98:
87:f5:b3:6c:3f:89:06:9d:ab:d3:aa:2d:65:0a:44:03:41:91:
3b:28:c9:6d:ad:6d:a9:93:02:95:83:8d:46:9c:84:14:9b:09:
89:1c:4d:21:4b:f0:e1:12:2c:cf:92:59:86:aa:66:ab:92:a0:
dd:31:74:f6:61:d8:b7:af:79:74:d0:0a:e2:df:95:11:ba:1a:
a2:bb:15:5e:e6:9c:84:20:3d:ac:ed:61:91:00:82:00:90:a2:
28:72:10:ef:7d:af:fa:68:28:4a:e4:18:c3:8f:84:c2:03:8b:
39:3a:0a:c3:3e:8f:60:58:e2:14:f8:4f:7f:01:dc:f1:82:49:
4f:91:cd:71:77:ec:ec:68:b5:3d:8a:02:97:b8:1a:0b:b8:05:
5b:22:e4:0b:1d:5c:e3:b0:61:4f:36:04:33:7e:2d:c1:55:dc:
49:3f:f6:bc:8f:ea:df:b7:e7:8d:5d:b6:3d:fa:b3:88:7e:ac:
b3:d6:b3:85:2c:4a:fa:ad:05:64:c7:ee:c6:27:18:f5:5d:7e:
8d:01:4b:bb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZRFO5CDuDvi/z5IcIgwi1siMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNWZjNjliN2M2ZWU4Njk5MzBjZTBiODM5MWVlNWQ4NGM1
MzQ5NGEwHhcNMjUwMTA4MDkyNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzRmNTIyZjg5NjAxOGIxMmU3MGU5NzJiZTRlZGY5ZTA0ZjBlYjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcISoKhvDotF2/GqNSKIQzS5TZMO
FNiLjQqQxgKPz+xEsiPQkKJRh09sHY5aSFqiKwolE8qTv4/jQmQui+3lf0tVemLD
59VisaQfUQ7bQroBaso4vRBPAFH1IqptBDiPIr/mikQE9Q07gxpezMA/6fxbohVf
SIy165kPyaJsjEXcnv6GPCtF+Gl2F5LTQTM3JVLiVa5iammUpnDCTEG1HjPkR8Nv
UycDe1IgftvF6ly47ZN0lcI3zoewrGuisqGhI8f9JFcbpQ6qnqaAlc232SPawGDu
qRRp4gJLzoLkBxC9uYHU9Lu57lLAro+XNrG9MMDiMh6uDdbhmXUjs3kowQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHxPUi+JYBixLnDpcr5O354E8OuJMB8GA1UdIwQY
MBaAFDtfxpt8buhpkwzguDke5dhMU0lKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzFfR20zeHU2R21URE9DNE9SN2wyRXhUU1VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC83YzE3MjctOWVhZi00OWM5LWFhZmMt
Zjk5NDUzYTk1YTk5LzEvZkU5U0w0bGdHTEV1Y09seXZrN2ZuZ1R3NjRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC83YzE3MjctOWVhZi00OWM5LWFhZmMtZjk5NDUzYTk1YTk5
LzEvTzFfR20zeHU2R21URE9DNE9SN2wyRXhUU1VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW9PEAwQD
wW2YMA0GCSqGSIb3DQEBCwUAA4IBAQC3WmCFOyMUeaI7b/lRaDAEk/YRGVxTKdFD
CTL51WqhRHx4ustD5k3yzJOyT5NeHvCgEv/aDJiH9bNsP4kGnavTqi1lCkQDQZE7
KMltrW2pkwKVg41GnIQUmwmJHE0hS/DhEizPklmGqmarkqDdMXT2Ydi3r3l00Ari
35URuhqiuxVe5pyEID2s7WGRAIIAkKIochDvfa/6aChK5BjDj4TCA4s5OgrDPo9g
WOIU+E9/AdzxgklPkc1xd+zsaLU9igKXuBoLuAVbIuQLHVzjsGFPNgQzfi3BVdxJ
P/a8j+rft+eNXbY9+rOIfqyz1rOFLEr6rQVkx+7GJxj1XX6NAUu7
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:10:39 2025 by rpki-client