Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/034b47-9f88-4b1a-839a-f758129b8e73/1/d2n2nah4IaT6Sves5H1A8ZUMADo.roa
File: d2n2nah4IaT6Sves5H1A8ZUMADo.roa (raw, json)
Hash identifier: BoEXpsGwQ7nNhDTnHBuH1FVlmd0hOzPc7oKZEMs00Kw=
Subject key identifier: 77:69:F6:9D:A8:78:21:A4:FA:4A:F7:AC:E4:7D:40:F1:95:0C:00:3A
Certificate issuer: /CN=d2e35af3deb53a317fb0e7365a5a4ffe2fad9635
Certificate serial: 010968C5
Authority key identifier: D2:E3:5A:F3:DE:B5:3A:31:7F:B0:E7:36:5A:5A:4F:FE:2F:AD:96:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0uNa8961OjF_sOc2WlpP_i-tljU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/034b47-9f88-4b1a-839a-f758129b8e73/1/d2n2nah4IaT6Sves5H1A8ZUMADo.roa
Signing time: Sat 01 Jan 2022 13:00:19 +0000
ROA not before: Sat 01 Jan 2022 13:00:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 91.224.141.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17393861 (0x10968c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2e35af3deb53a317fb0e7365a5a4ffe2fad9635
Validity
Not Before: Jan 1 13:00:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7769f69da87821a4fa4af7ace47d40f1950c003a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1f:8b:06:15:0f:80:b0:86:dd:44:ca:b6:6a:
8e:1a:d3:e0:15:8d:96:61:81:1f:2a:97:85:4b:da:
86:09:a8:bb:dc:43:57:e5:ee:10:fe:95:a8:14:d9:
4d:51:04:e8:fe:b6:17:d5:09:92:03:59:ef:aa:6e:
01:f6:b6:66:7c:f1:1b:be:12:78:3b:b2:d4:32:ea:
94:6f:14:7c:99:ca:a3:0b:c3:26:1a:0e:5a:5d:72:
40:c9:27:21:b3:82:6b:2a:e6:16:80:9e:ba:43:f1:
65:9d:d0:62:14:7f:c4:33:52:bc:93:42:a7:85:7b:
a7:fb:ba:a0:52:69:61:e7:f9:7d:91:e6:fd:5c:ea:
85:18:fe:4c:1a:69:6d:e9:95:a1:fd:bc:c7:f5:ba:
99:1d:0a:15:1a:f2:ce:b4:9d:30:ae:9f:db:7b:51:
0a:80:5b:62:0f:6e:8f:93:73:f3:dd:62:d5:86:9e:
cf:1f:b2:2d:c5:57:92:97:16:c6:b6:3f:b3:04:59:
98:ea:6d:d5:5c:1b:be:ba:f2:0e:24:24:7d:be:51:
29:c3:69:db:52:87:09:6f:d1:1d:73:cf:83:fe:86:
5e:50:77:4f:d5:37:66:07:7e:58:c9:43:9a:07:1f:
8d:c8:8d:2c:61:47:ef:c3:ab:68:e8:60:55:8c:79:
ee:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:69:F6:9D:A8:78:21:A4:FA:4A:F7:AC:E4:7D:40:F1:95:0C:00:3A
X509v3 Authority Key Identifier:
keyid:D2:E3:5A:F3:DE:B5:3A:31:7F:B0:E7:36:5A:5A:4F:FE:2F:AD:96:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0uNa8961OjF_sOc2WlpP_i-tljU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/034b47-9f88-4b1a-839a-f758129b8e73/1/d2n2nah4IaT6Sves5H1A8ZUMADo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/034b47-9f88-4b1a-839a-f758129b8e73/1/0uNa8961OjF_sOc2WlpP_i-tljU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.141.0/24
Signature Algorithm: sha256WithRSAEncryption
dd:bf:a1:9e:f2:bf:6b:16:0d:f3:b5:9d:21:dc:e3:d7:10:ff:
5f:4e:23:e4:be:07:d5:08:bf:92:7c:c6:0e:0e:6f:29:8f:ee:
01:d5:ef:e5:e5:91:25:83:f7:67:6d:00:65:ea:33:52:7d:19:
f7:bb:42:f1:ab:ab:fe:4a:6e:6e:3a:87:e6:b4:fd:4d:2e:2a:
b1:c7:30:fa:5d:cd:b3:9c:b3:b5:f4:2c:b5:63:c2:01:dc:1d:
fa:b8:29:af:dd:5d:10:79:0d:a3:81:7b:20:00:b2:c6:ec:fd:
23:10:4c:4a:5a:92:b4:bd:c0:30:ee:c7:87:0f:12:6a:dd:8c:
95:60:bc:55:c9:6f:d0:f4:fe:f7:ec:ca:0a:21:94:f4:4c:59:
35:80:f6:d5:a5:ac:10:64:94:7e:37:ee:0c:8c:42:18:84:08:
f6:2f:9a:8a:12:07:b8:38:d6:b7:aa:f5:e1:44:22:73:df:99:
00:a0:d6:9a:66:74:b6:c6:7a:77:30:59:94:78:e1:cd:c6:0d:
bf:b0:98:6c:d8:34:e8:cf:71:e8:75:5b:68:26:6f:a3:e1:eb:
bc:c4:1a:b2:3a:1e:d6:fe:3f:20:68:a0:c5:65:af:bd:95:35:
9b:7f:69:65:ce:37:06:43:a8:41:21:cc:02:cc:9f:32:4b:90:
4b:4b:eb:e9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAQloxTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MmUzNWFmM2RlYjUzYTMxN2ZiMGU3MzY1YTVhNGZmZTJmYWQ5NjM1MB4XDTIyMDEw
MTEzMDAxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzc2OWY2OWRhODc4
MjFhNGZhNGFmN2FjZTQ3ZDQwZjE5NTBjMDAzYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKUfiwYVD4Cwht1EyrZqjhrT4BWNlmGBHyqXhUvahgmou9xD
V+XuEP6VqBTZTVEE6P62F9UJkgNZ76puAfa2ZnzxG74SeDuy1DLqlG8UfJnKowvD
JhoOWl1yQMknIbOCayrmFoCeukPxZZ3QYhR/xDNSvJNCp4V7p/u6oFJpYef5fZHm
/VzqhRj+TBppbemVof28x/W6mR0KFRryzrSdMK6f23tRCoBbYg9uj5Nz891i1Yae
zx+yLcVXkpcWxrY/swRZmOpt1VwbvrryDiQkfb5RKcNp21KHCW/RHXPPg/6GXlB3
T9U3Zgd+WMlDmgcfjciNLGFH78OraOhgVYx57iUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR3afadqHghpPpK96zkfUDxlQwAOjAfBgNVHSMEGDAWgBTS41rz3rU6MX+w
5zZaWk/+L62WNTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzB1TmE4OTYxT2pGX3NPYzJXbHBQX2ktdGxqVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDEvMDM0YjQ3LTlmODgtNGIxYS04MzlhLWY3NTgxMjliOGU3My8x
L2QybjJuYWg0SWFUNlN2ZXM1SDFBOFpVTUFEby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDEv
MDM0YjQ3LTlmODgtNGIxYS04MzlhLWY3NTgxMjliOGU3My8xLzB1TmE4OTYxT2pG
X3NPYzJXbHBQX2ktdGxqVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvgjTANBgkqhkiG9w0BAQsFAAOC
AQEA3b+hnvK/axYN87WdIdzj1xD/X04j5L4H1Qi/knzGDg5vKY/uAdXv5eWRJYP3
Z20AZeozUn0Z97tC8aur/kpubjqH5rT9TS4qsccw+l3Ns5yztfQstWPCAdwd+rgp
r91dEHkNo4F7IACyxuz9IxBMSlqStL3AMO7Hhw8Sat2MlWC8Vclv0PT+9+zKCiGU
9ExZNYD21aWsEGSUfjfuDIxCGIQI9i+aihIHuDjWt6r14UQic9+ZAKDWmmZ0tsZ6
dzBZlHjhzcYNv7CYbNg06M9x6HVbaCZvo+HrvMQasjoe1v4/IGigxWWvvZU1m39p
Zc43BkOoQSHMAsyfMkuQS0vr6Q==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:40:19 2025 by rpki-client