Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/ce3fa7-fc88-4f48-a5ce-a45bbcb34de5/1/hfYnlizg3MwR5qQug8OaGFYUftA.roa
File: hfYnlizg3MwR5qQug8OaGFYUftA.roa (raw, json)
Hash identifier: DTFlk5aAr3e9+sYI7V08QHNOE3ZymaaIt731TRyJnHQ=
Subject key identifier: 85:F6:27:96:2C:E0:DC:CC:11:E6:A4:2E:83:C3:9A:18:56:14:7E:D0
Certificate issuer: /CN=07d75335f77bf4240976277b1dd0e19bb23a8e1d
Certificate serial: 0194244572AC608BDDD886DADFFFC77C2A18
Authority key identifier: 07:D7:53:35:F7:7B:F4:24:09:76:27:7B:1D:D0:E1:9B:B2:3A:8E:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B9dTNfd79CQJdid7HdDhm7I6jh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/ce3fa7-fc88-4f48-a5ce-a45bbcb34de5/1/hfYnlizg3MwR5qQug8OaGFYUftA.roa
Signing time: Wed 01 Jan 2025 23:48:38 +0000
ROA not before: Wed 01 Jan 2025 23:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205019
IP address blocks: 91.103.82.0/24 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:72:ac:60:8b:dd:d8:86:da:df:ff:c7:7c:2a:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07d75335f77bf4240976277b1dd0e19bb23a8e1d
Validity
Not Before: Jan 1 23:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85f627962ce0dccc11e6a42e83c39a1856147ed0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:78:61:4c:56:a6:86:0e:8b:ac:ad:6d:0f:9a:
d1:60:68:f2:08:24:fc:73:98:15:60:6b:c8:da:d9:
d2:e7:82:55:af:98:9e:41:83:8c:c2:c9:6e:b7:3f:
05:51:5b:13:d5:d4:5a:9c:26:8a:27:ef:ca:01:99:
52:e5:2c:4a:66:06:79:f6:81:1e:64:3e:6f:74:d9:
9c:e1:96:e1:fa:3d:7d:22:f4:ea:da:db:c4:e3:eb:
9f:b3:d7:d9:51:6a:e6:e9:85:31:d5:4c:c3:1d:08:
47:d1:71:13:1c:8c:d6:c8:24:b2:9d:25:d1:fe:e6:
6d:f1:d4:23:5e:52:84:50:d3:d8:e1:90:78:f1:0c:
07:46:59:83:3a:34:a3:d0:32:c5:db:41:e5:47:a3:
30:71:24:0e:22:c9:bb:6a:a9:31:a6:eb:bb:5a:3e:
75:b0:1d:6f:b0:c1:02:37:40:a6:0e:bd:50:e1:18:
5e:e0:88:f5:41:07:3e:67:a2:06:ea:de:55:3e:2f:
2a:a9:ff:a1:4f:19:48:b4:f5:b2:82:87:e6:e9:c2:
9a:c3:7f:90:f0:44:85:0e:ef:f6:7b:69:7f:f4:21:
19:40:a8:35:7f:68:4f:29:10:06:36:f6:37:ae:a7:
e1:fc:9a:5f:cc:30:2b:87:5b:5e:9a:57:c8:70:d3:
11:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:F6:27:96:2C:E0:DC:CC:11:E6:A4:2E:83:C3:9A:18:56:14:7E:D0
X509v3 Authority Key Identifier:
keyid:07:D7:53:35:F7:7B:F4:24:09:76:27:7B:1D:D0:E1:9B:B2:3A:8E:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B9dTNfd79CQJdid7HdDhm7I6jh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ce3fa7-fc88-4f48-a5ce-a45bbcb34de5/1/hfYnlizg3MwR5qQug8OaGFYUftA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ce3fa7-fc88-4f48-a5ce-a45bbcb34de5/1/B9dTNfd79CQJdid7HdDhm7I6jh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.82.0/24
Signature Algorithm: sha256WithRSAEncryption
43:9d:45:74:f9:6e:24:6b:d5:9d:e0:18:da:a7:7a:df:47:1d:
bc:71:b3:dd:e8:5a:c0:bf:7d:44:cf:f4:0d:db:a3:51:2f:bb:
79:fb:83:90:17:5b:15:60:c3:91:c8:4d:46:6e:27:47:0c:0a:
ca:75:2d:61:44:df:3f:ef:3d:74:6f:d7:0d:26:26:d9:d0:4c:
71:75:8c:c5:79:2e:90:b6:f9:22:de:d8:a0:ec:06:5f:72:13:
1b:42:26:7c:80:61:f1:db:1e:e6:c6:b8:1b:b1:5a:f1:31:f7:
df:5d:4c:36:a3:44:63:bf:d7:7b:65:46:e1:e9:8a:3e:6b:22:
80:ee:45:c2:02:7d:88:e0:93:d2:23:28:b2:da:4c:f4:ba:f3:
55:ce:92:10:27:a8:35:a3:7a:38:eb:54:b0:8f:07:2d:96:d8:
a4:da:48:9c:e6:d6:a2:b3:48:83:2f:10:ff:98:37:01:a8:eb:
26:20:18:e8:05:7b:c6:d5:b1:1a:23:1a:24:eb:9b:c2:7b:44:
7f:0a:a0:c0:ac:c5:9d:e1:f9:e5:3f:b4:9c:8b:18:a7:a1:6d:
92:55:9b:85:d2:0e:01:f1:e1:0f:eb:88:ff:fb:65:50:cc:ca:
02:5e:0d:7f:8c:2a:27:d3:4f:65:c2:14:1f:9a:6f:3a:8c:16:
e2:18:d3:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRXKsYIvd2Iba3//HfCoYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZDc1MzM1Zjc3YmY0MjQwOTc2Mjc3YjFkZDBlMTliYjIz
YThlMWQwHhcNMjUwMTAxMjM0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWY2Mjc5NjJjZTBkY2NjMTFlNmE0MmU4M2MzOWExODU2MTQ3ZWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XhhTFamhg6LrK1tD5rRYGjyCCT8
c5gVYGvI2tnS54JVr5ieQYOMwslutz8FUVsT1dRanCaKJ+/KAZlS5SxKZgZ59oEe
ZD5vdNmc4Zbh+j19IvTq2tvE4+ufs9fZUWrm6YUx1UzDHQhH0XETHIzWyCSynSXR
/uZt8dQjXlKEUNPY4ZB48QwHRlmDOjSj0DLF20HlR6MwcSQOIsm7aqkxpuu7Wj51
sB1vsMECN0CmDr1Q4Rhe4Ij1QQc+Z6IG6t5VPi8qqf+hTxlItPWygofm6cKaw3+Q
8ESFDu/2e2l/9CEZQKg1f2hPKRAGNvY3rqfh/JpfzDArh1temlfIcNMR3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIX2J5Ys4NzMEeakLoPDmhhWFH7QMB8GA1UdIwQY
MBaAFAfXUzX3e/QkCXYnex3Q4ZuyOo4dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjlkVE5mZDc5Q1FKZGlkN0hkRGhtN0k2amgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jZTNmYTctZmM4OC00ZjQ4LWE1Y2Ut
YTQ1YmJjYjM0ZGU1LzEvaGZZbmxpemczTXdSNXFRdWc4T2FHRllVZnRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jZTNmYTctZmM4OC00ZjQ4LWE1Y2UtYTQ1YmJjYjM0ZGU1
LzEvQjlkVE5mZDc5Q1FKZGlkN0hkRGhtN0k2amgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW2dSMA0G
CSqGSIb3DQEBCwUAA4IBAQBDnUV0+W4ka9Wd4Bjap3rfRx28cbPd6FrAv31Ez/QN
26NRL7t5+4OQF1sVYMORyE1GbidHDArKdS1hRN8/7z10b9cNJibZ0ExxdYzFeS6Q
tvki3tig7AZfchMbQiZ8gGHx2x7mxrgbsVrxMfffXUw2o0Rjv9d7ZUbh6Yo+ayKA
7kXCAn2I4JPSIyiy2kz0uvNVzpIQJ6g1o3o461Swjwctltik2kic5tais0iDLxD/
mDcBqOsmIBjoBXvG1bEaIxok65vCe0R/CqDArMWd4fnlP7ScixinoW2SVZuF0g4B
8eEP64j/+2VQzMoCXg1/jCon009lwhQfmm86jBbiGNNh
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:52:33 2025 by rpki-client