Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/84d476-3233-4131-8ffc-465adc2959f2/1/4ydM46ceuY4huZElDk2r44NJc4k.roa
File: 4ydM46ceuY4huZElDk2r44NJc4k.roa (raw, json)
Hash identifier: Mhg7uKPj5iusS34grwOqQFn5XvPrgQMUHLNx+3TSeWM=
Subject key identifier: E3:27:4C:E3:A7:1E:B9:8E:21:B9:91:25:0E:4D:AB:E3:83:49:73:89
Certificate issuer: /CN=b31c4ce663e1ec245e747cd846f1a69ddb834b3b
Certificate serial: 0194C881A268962C378DE84D6A5F8D7AA7AC
Authority key identifier: B3:1C:4C:E6:63:E1:EC:24:5E:74:7C:D8:46:F1:A6:9D:DB:83:4B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sxxM5mPh7CRedHzYRvGmnduDSzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/84d476-3233-4131-8ffc-465adc2959f2/1/4ydM46ceuY4huZElDk2r44NJc4k.roa
Signing time: Sun 02 Feb 2025 21:12:06 +0000
ROA not before: Sun 02 Feb 2025 21:12:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202391
IP address blocks: 91.216.71.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c8:81:a2:68:96:2c:37:8d:e8:4d:6a:5f:8d:7a:a7:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b31c4ce663e1ec245e747cd846f1a69ddb834b3b
Validity
Not Before: Feb 2 21:12:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3274ce3a71eb98e21b991250e4dabe383497389
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:a7:42:19:ee:2d:31:62:57:37:01:4a:91:b5:
6b:f8:4c:25:25:f3:d2:71:89:f2:bf:b7:f9:41:b0:
03:9b:79:65:6c:fa:f9:24:00:e6:e6:02:c5:ce:dc:
47:f3:71:bc:c8:16:f9:88:b1:27:3b:91:c2:e9:29:
ef:14:70:40:4b:19:6d:b2:3c:64:63:c4:57:ae:52:
72:c5:4b:04:d4:65:4f:3f:29:57:98:15:b9:b3:e2:
08:ea:48:36:fb:33:e6:e1:70:89:e3:e5:3e:38:05:
ce:b5:e1:e3:e4:04:06:76:df:a3:98:31:51:c5:69:
19:ef:fc:57:c4:bc:60:7a:a7:c7:1b:d6:da:17:1d:
d1:ea:c7:86:4c:3e:d6:54:a8:2a:45:de:01:47:62:
79:4a:86:25:ff:cd:5f:c0:02:e9:2f:9f:09:e4:41:
13:6a:23:4f:c8:7f:d5:48:fa:56:42:c0:d0:58:ad:
9d:4e:02:23:3f:d3:96:5c:ce:51:81:ff:c8:81:5d:
3a:da:25:73:f6:ce:66:d0:15:69:c0:4d:f6:4e:cf:
aa:7d:e0:fd:71:fe:e2:30:82:77:2e:e8:73:21:b2:
5f:57:f3:c1:02:54:28:5e:f2:07:fa:89:6a:a7:35:
03:2c:0f:c5:f1:d1:bb:e1:18:dd:81:a4:d1:66:26:
da:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:27:4C:E3:A7:1E:B9:8E:21:B9:91:25:0E:4D:AB:E3:83:49:73:89
X509v3 Authority Key Identifier:
keyid:B3:1C:4C:E6:63:E1:EC:24:5E:74:7C:D8:46:F1:A6:9D:DB:83:4B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sxxM5mPh7CRedHzYRvGmnduDSzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/84d476-3233-4131-8ffc-465adc2959f2/1/4ydM46ceuY4huZElDk2r44NJc4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/84d476-3233-4131-8ffc-465adc2959f2/1/sxxM5mPh7CRedHzYRvGmnduDSzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.71.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:a6:89:2c:ef:da:0d:81:c9:6f:4a:a7:53:f5:27:9b:4c:bf:
4a:37:1d:a0:2c:80:f0:c2:ad:45:dc:80:34:df:fe:2d:bb:50:
ec:c4:07:28:85:a5:56:d7:5e:5e:90:53:93:75:dc:d3:24:70:
08:8d:d5:de:d2:bf:d0:13:9f:2c:e7:50:78:29:61:c3:62:0a:
34:ba:4b:41:cb:31:69:99:06:b3:14:f0:15:20:35:8b:80:d0:
1f:7e:75:55:a9:65:6c:8c:c0:33:72:60:62:d2:59:d0:f4:2e:
d1:db:68:c3:f6:fb:39:95:76:a6:c9:40:9e:c3:36:35:76:21:
7f:60:23:ad:02:30:82:dd:ad:6c:1b:2d:09:f5:ee:73:5b:82:
cd:21:c2:37:31:37:b3:0e:3a:70:c5:8e:8a:00:0a:c5:72:f8:
cc:83:a1:88:83:7f:40:56:d2:5f:ac:36:d8:c9:51:3c:ed:a9:
c8:94:50:73:af:4c:16:b4:0f:b4:6b:4b:08:70:f2:4d:88:25:
85:ae:4d:ce:3c:a2:6a:c8:82:d6:11:a1:05:ac:2c:7b:b7:75:
de:e9:45:d1:22:1f:85:eb:d2:e9:01:3b:0e:35:15:3d:08:62:
c7:0d:c6:3d:1e:04:84:10:2c:e8:a1:12:14:e6:5b:0e:5f:c4:
5d:56:0b:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTIgaJoliw3jehNal+NeqesMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMWM0Y2U2NjNlMWVjMjQ1ZTc0N2NkODQ2ZjFhNjlkZGI4
MzRiM2IwHhcNMjUwMjAyMjExMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzI3NGNlM2E3MWViOThlMjFiOTkxMjUwZTRkYWJlMzgzNDk3Mzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6dCGe4tMWJXNwFKkbVr+EwlJfPS
cYnyv7f5QbADm3llbPr5JADm5gLFztxH83G8yBb5iLEnO5HC6SnvFHBASxltsjxk
Y8RXrlJyxUsE1GVPPylXmBW5s+II6kg2+zPm4XCJ4+U+OAXOteHj5AQGdt+jmDFR
xWkZ7/xXxLxgeqfHG9baFx3R6seGTD7WVKgqRd4BR2J5SoYl/81fwALpL58J5EET
aiNPyH/VSPpWQsDQWK2dTgIjP9OWXM5Rgf/IgV062iVz9s5m0BVpwE32Ts+qfeD9
cf7iMIJ3LuhzIbJfV/PBAlQoXvIH+olqpzUDLA/F8dG74RjdgaTRZibaKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOMnTOOnHrmOIbmRJQ5Nq+ODSXOJMB8GA1UdIwQY
MBaAFLMcTOZj4ewkXnR82Ebxpp3bg0s7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3h4TTVtUGg3Q1JlZEh6WVJ2R21uZHVEU3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy84NGQ0NzYtMzIzMy00MTMxLThmZmMt
NDY1YWRjMjk1OWYyLzEvNHlkTTQ2Y2V1WTRodVpFbERrMnI0NE5KYzRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy84NGQ0NzYtMzIzMy00MTMxLThmZmMtNDY1YWRjMjk1OWYy
LzEvc3h4TTVtUGg3Q1JlZEh6WVJ2R21uZHVEU3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9hHMA0G
CSqGSIb3DQEBCwUAA4IBAQB+poks79oNgclvSqdT9SebTL9KNx2gLIDwwq1F3IA0
3/4tu1DsxAcohaVW115ekFOTddzTJHAIjdXe0r/QE58s51B4KWHDYgo0uktByzFp
mQazFPAVIDWLgNAffnVVqWVsjMAzcmBi0lnQ9C7R22jD9vs5lXamyUCewzY1diF/
YCOtAjCC3a1sGy0J9e5zW4LNIcI3MTezDjpwxY6KAArFcvjMg6GIg39AVtJfrDbY
yVE87anIlFBzr0wWtA+0a0sIcPJNiCWFrk3OPKJqyILWEaEFrCx7t3Xe6UXRIh+F
69LpATsONRU9CGLHDcY9HgSEECzooRIU5lsOX8RdVgsY
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:07:51 2025 by rpki-client