Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/84d476-3233-4131-8ffc-465adc2959f2/1/shr4825LTA7WACZvTJAINwzh5es.roa
File: shr4825LTA7WACZvTJAINwzh5es.roa (raw, json)
Hash identifier: 3NHjYi1r6qA0bIRpL0tozcyc2l+uY71DMZbJWHal+/U=
Subject key identifier: B2:1A:F8:F3:6E:4B:4C:0E:D6:00:26:6F:4C:90:08:37:0C:E1:E5:EB
Certificate issuer: /CN=b31c4ce663e1ec245e747cd846f1a69ddb834b3b
Certificate serial: 019424448194BC18D965F4CF10E5A17CEDA5
Authority key identifier: B3:1C:4C:E6:63:E1:EC:24:5E:74:7C:D8:46:F1:A6:9D:DB:83:4B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sxxM5mPh7CRedHzYRvGmnduDSzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/84d476-3233-4131-8ffc-465adc2959f2/1/shr4825LTA7WACZvTJAINwzh5es.roa
Signing time: Wed 01 Jan 2025 23:47:36 +0000
ROA not before: Wed 01 Jan 2025 23:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 91.216.71.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:81:94:bc:18:d9:65:f4:cf:10:e5:a1:7c:ed:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b31c4ce663e1ec245e747cd846f1a69ddb834b3b
Validity
Not Before: Jan 1 23:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b21af8f36e4b4c0ed600266f4c9008370ce1e5eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:41:d3:82:30:ae:f2:f6:af:82:32:05:c6:87:
11:14:bf:2f:ea:be:f6:35:d8:8f:70:66:d4:e4:ca:
1d:71:9b:e2:79:1b:ec:8f:d5:8a:54:f6:04:ed:50:
0d:95:ec:f3:53:dc:81:da:b4:f4:44:08:a0:96:19:
26:88:14:ae:0e:72:ed:3d:81:aa:c4:70:74:9f:fe:
ee:b8:bd:d1:e3:d2:e0:bd:d0:c2:31:cd:d7:4e:99:
22:52:d8:37:84:65:ed:af:91:83:46:3d:8d:f5:a9:
12:79:1f:eb:88:c5:bd:92:6a:61:b3:3d:e1:91:a8:
06:ee:41:67:d2:4b:be:46:bd:cd:ec:ea:cb:b3:d8:
70:2b:48:35:1d:eb:93:5d:36:b7:48:ad:20:74:9e:
88:07:c5:a7:70:52:ea:ba:42:29:76:b7:5a:2f:8e:
dd:03:3f:85:18:04:67:ef:1d:00:83:6a:83:d1:16:
30:a0:0a:d7:ff:56:dc:1d:b3:7c:c4:42:80:47:83:
91:91:6a:16:3d:20:51:3c:a2:db:fe:19:18:b3:55:
6f:91:85:80:9d:0e:63:c7:21:c4:75:48:51:57:6a:
0a:d8:d2:3a:5d:1f:8a:6c:89:f7:84:0b:81:be:fd:
49:22:60:65:55:71:e9:5a:6f:87:65:39:bd:ac:0b:
b6:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:1A:F8:F3:6E:4B:4C:0E:D6:00:26:6F:4C:90:08:37:0C:E1:E5:EB
X509v3 Authority Key Identifier:
keyid:B3:1C:4C:E6:63:E1:EC:24:5E:74:7C:D8:46:F1:A6:9D:DB:83:4B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sxxM5mPh7CRedHzYRvGmnduDSzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/84d476-3233-4131-8ffc-465adc2959f2/1/shr4825LTA7WACZvTJAINwzh5es.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/84d476-3233-4131-8ffc-465adc2959f2/1/sxxM5mPh7CRedHzYRvGmnduDSzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.71.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:28:65:3e:52:8a:f6:13:33:c0:5c:c8:f4:1b:e6:bb:24:4c:
02:f9:4c:18:71:ea:c0:1c:cc:b3:3d:d3:ed:a7:a2:c2:e2:04:
f5:82:43:98:fe:d9:44:0b:47:8d:f6:d0:82:70:2f:91:6a:5c:
5c:5d:56:c6:00:4e:b1:68:10:0a:b4:27:a3:c3:56:5b:3f:fa:
a9:89:df:0f:3e:fd:0a:63:b2:6e:29:71:71:b4:3c:c4:27:0d:
72:ce:e0:d6:6b:ae:9b:4d:7d:c6:84:a6:e4:83:cd:a1:e7:31:
18:1f:39:cd:f0:60:1a:34:b2:37:d3:bf:a1:89:e7:b8:9e:e2:
9c:88:93:cd:9e:27:5f:85:d0:75:1e:bb:18:2a:fe:eb:c2:b2:
b5:9b:e6:e7:6f:e1:0d:3f:a6:a4:c6:c7:bb:5f:48:1e:e8:a9:
20:5b:75:90:46:03:5a:26:76:09:b6:36:d3:32:61:c9:9a:dd:
91:78:27:e8:ad:d6:0e:97:df:81:7a:d7:c2:5b:c9:2c:52:55:
74:47:2f:b2:1d:cc:44:53:9d:7f:ce:84:68:0f:80:5e:32:89:
94:b3:d9:b5:5b:00:fd:96:14:9f:05:36:a0:b0:80:7d:39:83:
ef:b1:56:c2:0e:b6:0c:b2:2e:9a:89:bf:c1:4b:b3:9d:ad:59:
2e:84:b4:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRIGUvBjZZfTPEOWhfO2lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMWM0Y2U2NjNlMWVjMjQ1ZTc0N2NkODQ2ZjFhNjlkZGI4
MzRiM2IwHhcNMjUwMTAxMjM0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjFhZjhmMzZlNGI0YzBlZDYwMDI2NmY0YzkwMDgzNzBjZTFlNWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuEHTgjCu8vavgjIFxocRFL8v6r72
NdiPcGbU5ModcZvieRvsj9WKVPYE7VANlezzU9yB2rT0RAiglhkmiBSuDnLtPYGq
xHB0n/7uuL3R49LgvdDCMc3XTpkiUtg3hGXtr5GDRj2N9akSeR/riMW9kmphsz3h
kagG7kFn0ku+Rr3N7OrLs9hwK0g1HeuTXTa3SK0gdJ6IB8WncFLqukIpdrdaL47d
Az+FGARn7x0Ag2qD0RYwoArX/1bcHbN8xEKAR4ORkWoWPSBRPKLb/hkYs1VvkYWA
nQ5jxyHEdUhRV2oK2NI6XR+KbIn3hAuBvv1JImBlVXHpWm+HZTm9rAu2ewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLIa+PNuS0wO1gAmb0yQCDcM4eXrMB8GA1UdIwQY
MBaAFLMcTOZj4ewkXnR82Ebxpp3bg0s7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3h4TTVtUGg3Q1JlZEh6WVJ2R21uZHVEU3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy84NGQ0NzYtMzIzMy00MTMxLThmZmMt
NDY1YWRjMjk1OWYyLzEvc2hyNDgyNUxUQTdXQUNadlRKQUlOd3poNWVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy84NGQ0NzYtMzIzMy00MTMxLThmZmMtNDY1YWRjMjk1OWYy
LzEvc3h4TTVtUGg3Q1JlZEh6WVJ2R21uZHVEU3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9hHMA0G
CSqGSIb3DQEBCwUAA4IBAQBdKGU+Uor2EzPAXMj0G+a7JEwC+UwYcerAHMyzPdPt
p6LC4gT1gkOY/tlEC0eN9tCCcC+RalxcXVbGAE6xaBAKtCejw1ZbP/qpid8PPv0K
Y7JuKXFxtDzEJw1yzuDWa66bTX3GhKbkg82h5zEYHznN8GAaNLI307+hiee4nuKc
iJPNnidfhdB1HrsYKv7rwrK1m+bnb+ENP6akxse7X0ge6KkgW3WQRgNaJnYJtjbT
MmHJmt2ReCfordYOl9+BetfCW8ksUlV0Ry+yHcxEU51/zoRoD4BeMomUs9m1WwD9
lhSfBTagsIB9OYPvsVbCDrYMsi6aib/BS7OdrVkuhLRc
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:03:11 2025 by rpki-client