Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/84d476-3233-4131-8ffc-465adc2959f2/1/ajJCmI9naixX5UBkVx_yei7njkY.roa
File: ajJCmI9naixX5UBkVx_yei7njkY.roa (raw, json)
Hash identifier: ejKpSCjXem97ELLTG6tTFvgMx5IDevtJLZDCguDQQIQ=
Subject key identifier: 6A:32:42:98:8F:67:6A:2C:57:E5:40:64:57:1F:F2:7A:2E:E7:8E:46
Certificate issuer: /CN=b31c4ce663e1ec245e747cd846f1a69ddb834b3b
Certificate serial: 0195542DC234F4F472284B9B30E372AF9FB5
Authority key identifier: B3:1C:4C:E6:63:E1:EC:24:5E:74:7C:D8:46:F1:A6:9D:DB:83:4B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sxxM5mPh7CRedHzYRvGmnduDSzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/84d476-3233-4131-8ffc-465adc2959f2/1/ajJCmI9naixX5UBkVx_yei7njkY.roa
Signing time: Sun 02 Mar 2025 00:07:19 +0000
ROA not before: Sun 02 Mar 2025 00:07:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36352
IP address blocks: 91.216.71.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:54:2d:c2:34:f4:f4:72:28:4b:9b:30:e3:72:af:9f:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b31c4ce663e1ec245e747cd846f1a69ddb834b3b
Validity
Not Before: Mar 2 00:07:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a3242988f676a2c57e54064571ff27a2ee78e46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b7:2f:86:82:f5:d2:7c:5d:09:76:23:50:17:
32:f3:69:2a:5a:55:0b:02:56:5c:4c:7e:b8:68:4c:
a5:48:8d:c0:20:c8:5b:36:d5:bd:c6:7d:bb:15:84:
f4:db:0c:45:d6:06:74:81:76:c8:25:f1:f1:00:eb:
3f:de:38:06:48:f1:f7:d6:44:b1:36:e4:7c:b0:45:
e0:40:36:90:b8:ee:19:dd:bd:88:bd:63:4a:4f:5e:
3b:ad:52:83:ec:97:0e:22:ce:aa:0b:ec:b4:70:1c:
e9:a2:4f:53:61:bd:0e:f9:fc:92:e8:d1:fe:a7:e4:
d6:16:71:2b:d7:a8:59:7b:42:05:88:f0:18:d6:78:
47:1a:fc:c8:2d:b2:ad:ce:69:33:a5:a4:c8:5d:43:
8e:af:e2:cf:f2:2b:06:f8:53:f3:bb:a4:fd:f0:84:
21:96:23:2a:cc:3d:db:2a:84:21:b3:ce:9e:ee:9c:
f7:be:91:fd:73:29:ec:cd:15:b4:fe:f6:bd:fc:4f:
7a:60:e2:61:0e:dc:ae:30:92:1e:80:52:cd:76:24:
ca:0b:a1:56:53:07:ce:49:f0:bf:17:76:3f:25:dc:
22:ce:fc:58:ba:e7:5c:bb:82:a5:5e:8a:f1:37:b1:
bb:99:db:f2:a5:ca:ca:be:7a:c5:2a:3e:83:2b:d6:
0d:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:32:42:98:8F:67:6A:2C:57:E5:40:64:57:1F:F2:7A:2E:E7:8E:46
X509v3 Authority Key Identifier:
keyid:B3:1C:4C:E6:63:E1:EC:24:5E:74:7C:D8:46:F1:A6:9D:DB:83:4B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sxxM5mPh7CRedHzYRvGmnduDSzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/84d476-3233-4131-8ffc-465adc2959f2/1/ajJCmI9naixX5UBkVx_yei7njkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/84d476-3233-4131-8ffc-465adc2959f2/1/sxxM5mPh7CRedHzYRvGmnduDSzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.71.0/24
Signature Algorithm: sha256WithRSAEncryption
18:88:02:02:21:7d:72:71:ad:b4:50:62:83:84:c2:02:6b:9f:
61:51:57:26:93:20:7d:39:73:51:f2:cd:03:af:3d:f2:82:b5:
74:9d:b0:22:9a:35:27:bd:f2:65:69:f7:e3:26:1c:5d:bf:a3:
b7:89:82:fc:25:f7:61:51:6b:40:54:1e:ca:91:75:1b:9f:22:
d9:cb:e5:f3:59:24:2b:5f:74:6e:03:42:ea:99:fb:cc:cb:27:
c4:33:bb:ae:ce:98:fb:3f:f6:fb:2b:72:d6:3b:83:14:31:db:
62:15:73:66:25:d5:a9:0a:8b:d2:db:18:1e:34:ef:0b:f3:f3:
e3:fd:ba:d6:97:c7:fa:f1:d2:15:7b:d6:a7:8c:bb:6c:14:98:
9a:fc:e2:a1:62:9a:9e:46:25:79:42:db:1a:f9:da:1c:2f:4d:
64:d4:b7:01:ec:33:dd:cd:ab:30:ef:3f:82:61:fa:42:8a:c5:
e7:1d:88:68:fd:22:f3:26:5c:d9:4e:52:01:33:3e:ef:fb:5c:
b6:60:84:f0:34:84:8b:8f:51:d1:ee:f5:7a:c2:3a:55:da:4d:
fc:33:03:26:87:4a:ff:1d:69:0e:54:ff:38:4e:7d:e1:d5:7f:
c4:b6:e3:c5:04:c7:7e:32:93:d3:76:1f:89:85:33:de:83:26:
be:bd:d4:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVULcI09PRyKEubMONyr5+1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMWM0Y2U2NjNlMWVjMjQ1ZTc0N2NkODQ2ZjFhNjlkZGI4
MzRiM2IwHhcNMjUwMzAyMDAwNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTMyNDI5ODhmNjc2YTJjNTdlNTQwNjQ1NzFmZjI3YTJlZTc4ZTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7cvhoL10nxdCXYjUBcy82kqWlUL
AlZcTH64aEylSI3AIMhbNtW9xn27FYT02wxF1gZ0gXbIJfHxAOs/3jgGSPH31kSx
NuR8sEXgQDaQuO4Z3b2IvWNKT147rVKD7JcOIs6qC+y0cBzpok9TYb0O+fyS6NH+
p+TWFnEr16hZe0IFiPAY1nhHGvzILbKtzmkzpaTIXUOOr+LP8isG+FPzu6T98IQh
liMqzD3bKoQhs86e7pz3vpH9cynszRW0/va9/E96YOJhDtyuMJIegFLNdiTKC6FW
UwfOSfC/F3Y/JdwizvxYuudcu4KlXorxN7G7mdvypcrKvnrFKj6DK9YNRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGoyQpiPZ2osV+VAZFcf8nou545GMB8GA1UdIwQY
MBaAFLMcTOZj4ewkXnR82Ebxpp3bg0s7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3h4TTVtUGg3Q1JlZEh6WVJ2R21uZHVEU3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy84NGQ0NzYtMzIzMy00MTMxLThmZmMt
NDY1YWRjMjk1OWYyLzEvYWpKQ21JOW5haXhYNVVCa1Z4X3llaTduamtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy84NGQ0NzYtMzIzMy00MTMxLThmZmMtNDY1YWRjMjk1OWYy
LzEvc3h4TTVtUGg3Q1JlZEh6WVJ2R21uZHVEU3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9hHMA0G
CSqGSIb3DQEBCwUAA4IBAQAYiAICIX1yca20UGKDhMICa59hUVcmkyB9OXNR8s0D
rz3ygrV0nbAimjUnvfJlaffjJhxdv6O3iYL8JfdhUWtAVB7KkXUbnyLZy+XzWSQr
X3RuA0LqmfvMyyfEM7uuzpj7P/b7K3LWO4MUMdtiFXNmJdWpCovS2xgeNO8L8/Pj
/brWl8f68dIVe9anjLtsFJia/OKhYpqeRiV5Qtsa+docL01k1LcB7DPdzasw7z+C
YfpCisXnHYho/SLzJlzZTlIBMz7v+1y2YITwNISLj1HR7vV6wjpV2k38MwMmh0r/
HWkOVP84Tn3h1X/EtuPFBMd+MpPTdh+JhTPegya+vdRM
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:03:11 2025 by rpki-client