Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/7bc5f0-e21b-423e-be1c-2d460e0726fa/1/C3CtZTgV6FhDx8jPsObo2L6FO8k.roa
File: C3CtZTgV6FhDx8jPsObo2L6FO8k.roa (raw, json)
Hash identifier: NvkBnoMHiuCQDQqP9VPXNRtC0nvpW5lhq9MDa3+jS9A=
Subject key identifier: 0B:70:AD:65:38:15:E8:58:43:C7:C8:CF:B0:E6:E8:D8:BE:85:3B:C9
Certificate issuer: /CN=f8d40a2a1389f54c23e7871b5ae87f653f659008
Certificate serial: 0194258F46457AB88C3987E0E17D097A9FF4
Authority key identifier: F8:D4:0A:2A:13:89:F5:4C:23:E7:87:1B:5A:E8:7F:65:3F:65:90:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-NQKKhOJ9Uwj54cbWuh_ZT9lkAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/7bc5f0-e21b-423e-be1c-2d460e0726fa/1/C3CtZTgV6FhDx8jPsObo2L6FO8k.roa
Signing time: Thu 02 Jan 2025 05:48:54 +0000
ROA not before: Thu 02 Jan 2025 05:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49788
IP address blocks: 91.232.32.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:46:45:7a:b8:8c:39:87:e0:e1:7d:09:7a:9f:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8d40a2a1389f54c23e7871b5ae87f653f659008
Validity
Not Before: Jan 2 05:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b70ad653815e85843c7c8cfb0e6e8d8be853bc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:44:ad:58:0f:3f:a6:41:de:b9:5a:3e:f5:d5:
f0:58:a9:98:b1:d9:d4:27:c6:fd:ac:9f:0f:8e:af:
e8:07:3f:21:5c:44:33:5d:92:23:47:48:22:7f:25:
79:37:e5:62:9f:03:2a:1e:4f:ff:32:bc:ea:06:ec:
2b:48:4f:22:15:ea:d8:e6:23:7a:99:52:d5:21:53:
4b:f3:6d:c6:39:6d:a7:00:d7:14:e5:22:ab:15:71:
c8:da:30:b9:93:7f:51:88:b6:05:54:30:dc:9d:f7:
20:95:24:cc:e7:54:29:bb:0f:b9:5a:ba:ab:47:cd:
bf:3d:91:46:ed:5b:6f:a8:55:b3:0e:0e:47:40:ab:
66:99:fc:57:c4:fc:ff:7a:cf:f5:2c:78:a0:f0:7b:
14:3d:52:73:03:d0:14:9d:d0:8d:af:96:45:82:99:
d4:2d:d5:5d:dc:41:fc:fb:77:90:b8:b9:f6:f1:a8:
54:0d:00:76:95:44:d4:dc:a4:04:c8:db:4d:e1:39:
fe:91:fa:cc:80:25:70:51:56:69:b5:e3:a3:e8:92:
1d:54:c4:dd:fb:6c:0f:e9:f8:60:18:c3:2b:a9:0b:
76:84:b4:4c:a1:75:ee:44:d5:e2:ba:1d:9a:6f:cd:
91:40:54:07:86:13:52:34:d1:4c:49:3a:1a:68:18:
7d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:70:AD:65:38:15:E8:58:43:C7:C8:CF:B0:E6:E8:D8:BE:85:3B:C9
X509v3 Authority Key Identifier:
keyid:F8:D4:0A:2A:13:89:F5:4C:23:E7:87:1B:5A:E8:7F:65:3F:65:90:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-NQKKhOJ9Uwj54cbWuh_ZT9lkAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7bc5f0-e21b-423e-be1c-2d460e0726fa/1/C3CtZTgV6FhDx8jPsObo2L6FO8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7bc5f0-e21b-423e-be1c-2d460e0726fa/1/1-NQKKhOJ9Uwj54cbWuh_ZT9lkAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.32.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:af:9f:54:33:e3:d1:bf:0c:ca:75:d5:df:26:49:f9:7d:ee:
03:14:fe:28:04:03:a8:2e:bc:ea:f4:40:6d:51:1d:32:06:cd:
de:6b:10:3c:cf:60:f9:5d:46:7a:38:dd:1a:4b:a9:f5:ad:25:
bb:73:c7:bd:52:1c:da:85:3c:cf:eb:22:a5:39:a5:ab:05:c5:
ca:0f:d4:3d:66:31:2b:cb:64:54:57:d6:43:21:4a:71:32:ff:
1a:6f:91:dd:3b:7e:5f:50:46:5d:85:4c:cd:30:6e:e2:8a:40:
3d:f9:18:29:43:af:9a:d0:53:d5:6e:03:37:86:48:44:84:6e:
a8:aa:9a:2b:73:96:aa:e4:eb:7b:15:4e:ab:27:8e:03:c9:e3:
07:44:7b:5d:60:0c:4c:2e:34:7b:8d:6e:28:7e:94:4a:fe:49:
29:1d:c6:61:e3:00:f6:27:b3:4d:db:33:cf:73:1b:a6:5a:22:
b5:31:d0:36:37:8c:6c:23:a4:dc:7d:0c:ca:0b:e7:d3:2b:40:
79:39:f4:7d:d8:44:ae:d3:3e:17:61:b2:e8:04:2e:9d:75:d4:
90:e0:97:bd:1d:12:0a:e2:7a:cb:47:41:f5:56:04:23:5b:9d:
35:33:d0:9f:b2:13:8a:ca:f2:78:3a:57:d3:29:47:0f:44:07:
f7:44:f8:5a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQlj0ZFeriMOYfg4X0Jep/0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZDQwYTJhMTM4OWY1NGMyM2U3ODcxYjVhZTg3ZjY1M2Y2
NTkwMDgwHhcNMjUwMTAyMDU0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjcwYWQ2NTM4MTVlODU4NDNjN2M4Y2ZiMGU2ZThkOGJlODUzYmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkStWA8/pkHeuVo+9dXwWKmYsdnU
J8b9rJ8Pjq/oBz8hXEQzXZIjR0gifyV5N+VinwMqHk//MrzqBuwrSE8iFerY5iN6
mVLVIVNL823GOW2nANcU5SKrFXHI2jC5k39RiLYFVDDcnfcglSTM51Qpuw+5Wrqr
R82/PZFG7VtvqFWzDg5HQKtmmfxXxPz/es/1LHig8HsUPVJzA9AUndCNr5ZFgpnU
LdVd3EH8+3eQuLn28ahUDQB2lUTU3KQEyNtN4Tn+kfrMgCVwUVZpteOj6JIdVMTd
+2wP6fhgGMMrqQt2hLRMoXXuRNXiuh2ab82RQFQHhhNSNNFMSToaaBh92wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFAtwrWU4FehYQ8fIz7Dm6Ni+hTvJMB8GA1UdIwQY
MBaAFPjUCioTifVMI+eHG1rof2U/ZZAIMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1OUUtLaE9KOVV3ajU0Y2JXdWhfWlQ5bGtBZy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDQvN2JjNWYwLWUyMWItNDIzZS1iZTFj
LTJkNDYwZTA3MjZmYS8xL0MzQ3RaVGdWNkZoRHg4alBzT2JvMkw2Rk84ay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDQvN2JjNWYwLWUyMWItNDIzZS1iZTFjLTJkNDYwZTA3MjZm
YS8xLzEtTlFLS2hPSjlVd2o1NGNiV3VoX1pUOWxrQWcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFb6CAw
DQYJKoZIhvcNAQELBQADggEBAD2vn1Qz49G/DMp11d8mSfl97gMU/igEA6guvOr0
QG1RHTIGzd5rEDzPYPldRno43RpLqfWtJbtzx71SHNqFPM/rIqU5pasFxcoP1D1m
MSvLZFRX1kMhSnEy/xpvkd07fl9QRl2FTM0wbuKKQD35GClDr5rQU9VuAzeGSESE
bqiqmitzlqrk63sVTqsnjgPJ4wdEe11gDEwuNHuNbih+lEr+SSkdxmHjAPYns03b
M89zG6ZaIrUx0DY3jGwjpNx9DMoL59MrQHk59H3YRK7TPhdhsugELp111JDgl70d
EgriestHQfVWBCNbnTUz0J+yE4rK8ng6V9MpRw9EB/dE+Fo=
-----END CERTIFICATE-----
Generated at Sun Apr 6 23:32:33 2025 by rpki-client