Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/99a2b1-1144-4f9c-8fdf-43e4d56d4043/1/1tRI1NAS620irGWcDu4y9Qfw5Oc.roa
File: 1tRI1NAS620irGWcDu4y9Qfw5Oc.roa (raw, json)
Hash identifier: cB16kbTr6A/atusEQcb+v3J61xx/lkSsq3ehr1/v5HA=
Subject key identifier: D6:D4:48:D4:D0:12:EB:6D:22:AC:65:9C:0E:EE:32:F5:07:F0:E4:E7
Certificate issuer: /CN=0f90b80b3d4893c9c1ec7d01c29bf3b450bb851d
Certificate serial: 0194258F3FB6C0F6E0AD76D5C54DF4AB3E6E
Authority key identifier: 0F:90:B8:0B:3D:48:93:C9:C1:EC:7D:01:C2:9B:F3:B4:50:BB:85:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5C4Cz1Ik8nB7H0BwpvztFC7hR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/99a2b1-1144-4f9c-8fdf-43e4d56d4043/1/1tRI1NAS620irGWcDu4y9Qfw5Oc.roa
Signing time: Thu 02 Jan 2025 05:48:52 +0000
ROA not before: Thu 02 Jan 2025 05:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213157
IP address blocks: 91.218.21.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:3f:b6:c0:f6:e0:ad:76:d5:c5:4d:f4:ab:3e:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f90b80b3d4893c9c1ec7d01c29bf3b450bb851d
Validity
Not Before: Jan 2 05:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6d448d4d012eb6d22ac659c0eee32f507f0e4e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e0:0c:78:6f:2b:00:09:f5:27:d6:c1:dd:0b:
ad:fe:c5:aa:b9:50:60:81:c0:52:b5:d4:6b:3e:77:
6a:4a:9d:22:10:2d:bf:ee:6a:8c:83:17:2f:1e:ad:
9d:6d:cc:2b:39:76:8f:da:98:f2:b1:61:f0:09:df:
f1:d4:8b:1b:85:42:63:08:b3:cd:66:a2:9e:47:6a:
bf:1f:df:db:0e:e9:65:f9:6c:40:b2:6d:c5:ed:16:
da:81:75:a9:ae:3f:fe:33:09:ab:e6:75:14:c1:fb:
63:35:c4:00:5c:06:9c:0d:13:11:ef:d3:77:6c:3f:
92:8b:9f:4e:f8:68:ac:07:83:a3:2a:b6:13:2f:60:
bd:51:85:3d:d4:27:2d:f8:35:17:6e:fe:9b:da:93:
9f:eb:ba:c0:dd:6f:9b:ce:7a:87:39:8d:27:c3:23:
44:f5:01:5d:5c:2e:fb:c0:19:3f:61:a1:19:37:6d:
f9:aa:a0:25:a4:66:19:46:9e:72:77:d3:f6:b3:32:
aa:b9:3f:e8:3b:67:77:c9:fd:bd:29:a4:27:b5:c0:
a9:69:d4:a4:2b:86:11:9b:ad:a5:1d:5b:77:7a:d7:
44:12:fb:32:f0:31:c2:39:6c:86:82:78:32:02:5b:
4d:2b:8f:c2:20:c8:c2:88:d6:b0:21:f5:7b:ed:1c:
cf:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:D4:48:D4:D0:12:EB:6D:22:AC:65:9C:0E:EE:32:F5:07:F0:E4:E7
X509v3 Authority Key Identifier:
keyid:0F:90:B8:0B:3D:48:93:C9:C1:EC:7D:01:C2:9B:F3:B4:50:BB:85:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5C4Cz1Ik8nB7H0BwpvztFC7hR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/99a2b1-1144-4f9c-8fdf-43e4d56d4043/1/1tRI1NAS620irGWcDu4y9Qfw5Oc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/99a2b1-1144-4f9c-8fdf-43e4d56d4043/1/D5C4Cz1Ik8nB7H0BwpvztFC7hR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.21.0/24
Signature Algorithm: sha256WithRSAEncryption
21:73:37:a0:38:df:1b:67:d0:9d:fb:1a:30:14:fd:91:7d:3e:
1d:34:37:49:9e:9f:30:00:10:73:f6:65:ed:22:0b:76:2a:ff:
b0:1f:01:5f:71:63:2d:85:3f:7f:a9:15:7b:21:4f:d5:3d:4b:
72:1d:af:33:62:25:ca:8c:9c:21:08:da:30:5b:ea:0a:28:a8:
bd:62:c2:96:55:6f:4a:94:71:d7:86:29:8c:4f:98:ea:fc:86:
12:8a:34:2c:e9:6e:c0:49:10:a3:e6:90:b3:73:fb:3d:06:40:
d7:35:a6:f7:da:36:78:33:cd:7f:9d:6e:7c:a1:16:75:65:d7:
00:6a:41:92:3d:c8:d4:fa:af:09:ae:8e:51:0d:c4:9c:55:fb:
b0:cd:1e:74:2f:87:52:82:fb:95:5f:e6:aa:5a:40:93:83:63:
cc:f8:22:8b:ae:4c:05:95:ab:17:2f:7b:9f:75:8f:9c:dd:81:
d8:b2:5b:5c:62:0e:1a:70:eb:e7:e2:49:56:9d:75:f6:12:9e:
74:8e:49:8b:e5:6c:17:15:a9:d7:14:57:45:f0:c2:96:6e:6a:
e5:b8:62:56:ad:54:37:c8:1a:45:9b:c8:09:34:e6:bd:5b:12:
48:df:0c:28:0e:ea:0a:8b:f0:2f:7f:60:7c:a6:f3:16:27:26:
51:ce:2c:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQljz+2wPbgrXbVxU30qz5uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmOTBiODBiM2Q0ODkzYzljMWVjN2QwMWMyOWJmM2I0NTBi
Yjg1MWQwHhcNMjUwMTAyMDU0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmQ0NDhkNGQwMTJlYjZkMjJhYzY1OWMwZWVlMzJmNTA3ZjBlNGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOAMeG8rAAn1J9bB3Qut/sWquVBg
gcBStdRrPndqSp0iEC2/7mqMgxcvHq2dbcwrOXaP2pjysWHwCd/x1IsbhUJjCLPN
ZqKeR2q/H9/bDull+WxAsm3F7RbagXWprj/+Mwmr5nUUwftjNcQAXAacDRMR79N3
bD+Si59O+GisB4OjKrYTL2C9UYU91Cct+DUXbv6b2pOf67rA3W+bznqHOY0nwyNE
9QFdXC77wBk/YaEZN235qqAlpGYZRp5yd9P2szKquT/oO2d3yf29KaQntcCpadSk
K4YRm62lHVt3etdEEvsy8DHCOWyGgngyAltNK4/CIMjCiNawIfV77RzPvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNbUSNTQEuttIqxlnA7uMvUH8OTnMB8GA1UdIwQY
MBaAFA+QuAs9SJPJwex9AcKb87RQu4UdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDVDNEN6MUlrOG5CN0gwQndwdnp0RkM3aFIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy85OWEyYjEtMTE0NC00ZjljLThmZGYt
NDNlNGQ1NmQ0MDQzLzEvMXRSSTFOQVM2MjBpckdXY0R1NHk5UWZ3NU9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy85OWEyYjEtMTE0NC00ZjljLThmZGYtNDNlNGQ1NmQ0MDQz
LzEvRDVDNEN6MUlrOG5CN0gwQndwdnp0RkM3aFIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9oVMA0G
CSqGSIb3DQEBCwUAA4IBAQAhczegON8bZ9Cd+xowFP2RfT4dNDdJnp8wABBz9mXt
Igt2Kv+wHwFfcWMthT9/qRV7IU/VPUtyHa8zYiXKjJwhCNowW+oKKKi9YsKWVW9K
lHHXhimMT5jq/IYSijQs6W7ASRCj5pCzc/s9BkDXNab32jZ4M81/nW58oRZ1ZdcA
akGSPcjU+q8Jro5RDcScVfuwzR50L4dSgvuVX+aqWkCTg2PM+CKLrkwFlasXL3uf
dY+c3YHYsltcYg4acOvn4klWnXX2Ep50jkmL5WwXFanXFFdF8MKWbmrluGJWrVQ3
yBpFm8gJNOa9WxJI3wwoDuoKi/Avf2B8pvMWJyZRzixt
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:36:20 2025 by rpki-client