Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/e02a6c-ac2e-47c7-8b82-de2f6ea020ba/1/dIVATvBSzX3-SNfEUJlU8mxDvDM.roa
File: dIVATvBSzX3-SNfEUJlU8mxDvDM.roa (raw, json)
Hash identifier: /zYG/pdQ9E5dfKf9N6xTzPoRPhdVlqRDaAGUUjW4u0g=
Subject key identifier: 74:85:40:4E:F0:52:CD:7D:FE:48:D7:C4:50:99:54:F2:6C:43:BC:33
Certificate issuer: /CN=108af9e9c5652b35844b2e5d4b537e9fcd4452f3
Certificate serial: 019425FDCF393D5F6C3C155B8C17A830A590
Authority key identifier: 10:8A:F9:E9:C5:65:2B:35:84:4B:2E:5D:4B:53:7E:9F:CD:44:52:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EIr56cVlKzWESy5dS1N-n81EUvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/e02a6c-ac2e-47c7-8b82-de2f6ea020ba/1/dIVATvBSzX3-SNfEUJlU8mxDvDM.roa
Signing time: Thu 02 Jan 2025 07:49:38 +0000
ROA not before: Thu 02 Jan 2025 07:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211790
IP address blocks: 91.201.200.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:cf:39:3d:5f:6c:3c:15:5b:8c:17:a8:30:a5:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=108af9e9c5652b35844b2e5d4b537e9fcd4452f3
Validity
Not Before: Jan 2 07:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7485404ef052cd7dfe48d7c4509954f26c43bc33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:70:29:3b:5b:f6:bb:89:39:d3:b3:15:97:5e:
04:85:35:96:1c:38:33:18:79:1e:65:21:3e:bc:e9:
cc:1f:a6:31:0f:96:55:d1:00:d1:ae:91:e4:de:ab:
ed:53:14:24:65:75:3c:c0:5f:b8:fe:15:df:d2:ea:
da:01:3d:42:92:b2:7d:5a:8e:7e:3a:2b:25:79:48:
61:b2:a1:83:0f:b9:ad:85:2e:ea:17:de:26:7b:b9:
98:33:12:d1:2e:c2:fc:ba:bc:2e:4c:a1:3f:0e:9d:
21:7a:fb:bd:40:99:58:ea:36:20:97:e1:fd:73:c9:
77:4b:77:1a:4e:5f:54:53:b2:88:c3:51:5d:35:6b:
5c:2c:63:b7:72:0e:74:4c:df:20:8e:58:86:6b:af:
a3:83:d8:be:88:4d:d5:99:7c:a2:36:55:5c:1f:5e:
0d:16:e2:1e:7f:65:74:c0:80:1b:96:e5:03:05:8c:
4b:95:a4:ed:8a:b5:06:7d:a2:c0:df:d5:25:e4:5f:
09:61:53:dd:6d:ae:2e:2d:33:a2:6a:71:74:87:69:
f8:cd:a6:d1:d5:87:40:18:91:bf:79:78:6c:16:36:
46:ba:ef:6f:bb:66:ba:28:7f:ec:15:5e:a4:42:21:
85:9f:67:de:00:5a:66:04:f6:66:13:01:1d:bf:9f:
62:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:85:40:4E:F0:52:CD:7D:FE:48:D7:C4:50:99:54:F2:6C:43:BC:33
X509v3 Authority Key Identifier:
keyid:10:8A:F9:E9:C5:65:2B:35:84:4B:2E:5D:4B:53:7E:9F:CD:44:52:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EIr56cVlKzWESy5dS1N-n81EUvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/e02a6c-ac2e-47c7-8b82-de2f6ea020ba/1/dIVATvBSzX3-SNfEUJlU8mxDvDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/e02a6c-ac2e-47c7-8b82-de2f6ea020ba/1/EIr56cVlKzWESy5dS1N-n81EUvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.200.0/24
Signature Algorithm: sha256WithRSAEncryption
86:44:00:13:1d:be:33:68:51:15:87:f0:29:49:a7:9d:db:c2:
1a:27:78:2a:f2:74:8f:65:21:db:6d:ff:52:58:e5:38:0d:f7:
63:a5:58:48:cd:03:2b:e2:bb:26:3e:71:57:63:04:43:25:a1:
aa:90:6a:9c:a8:80:a1:4f:db:95:96:d3:8c:c0:b4:09:72:8a:
71:ee:04:81:46:c0:d0:8c:03:6a:c4:c8:61:9b:21:c0:e7:4a:
df:0a:1b:30:f0:09:e7:31:34:1e:82:b5:96:72:9e:ae:44:5f:
00:64:2e:56:52:ec:19:dd:a3:14:33:0f:04:c0:04:07:a8:fa:
f7:8f:3e:3e:bf:75:9c:8a:62:9c:4c:b0:c3:dc:1d:4c:ce:fd:
c4:7a:f9:20:cd:5d:84:c6:c2:d2:b6:e9:72:6b:01:a2:6f:4f:
41:bb:5b:9e:34:65:ce:6d:b5:fa:1d:58:e4:b8:9f:cd:02:74:
99:b8:76:2d:c2:df:33:41:70:4c:91:bb:92:6a:d4:85:c3:ca:
31:c0:0b:b7:44:95:8a:5d:53:fe:0b:3f:fa:63:db:ec:28:a4:
63:ea:ea:5a:eb:cc:ab:62:1c:8a:57:fd:67:7d:67:01:59:24:
16:42:c6:ef:e7:0a:d5:12:6b:54:6e:01:c8:37:47:80:9a:8b:
58:35:b4:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/c85PV9sPBVbjBeoMKWQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwOGFmOWU5YzU2NTJiMzU4NDRiMmU1ZDRiNTM3ZTlmY2Q0
NDUyZjMwHhcNMjUwMTAyMDc0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDg1NDA0ZWYwNTJjZDdkZmU0OGQ3YzQ1MDk5NTRmMjZjNDNiYzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnApO1v2u4k507MVl14EhTWWHDgz
GHkeZSE+vOnMH6YxD5ZV0QDRrpHk3qvtUxQkZXU8wF+4/hXf0uraAT1CkrJ9Wo5+
OisleUhhsqGDD7mthS7qF94me7mYMxLRLsL8urwuTKE/Dp0hevu9QJlY6jYgl+H9
c8l3S3caTl9UU7KIw1FdNWtcLGO3cg50TN8gjliGa6+jg9i+iE3VmXyiNlVcH14N
FuIef2V0wIAbluUDBYxLlaTtirUGfaLA39Ul5F8JYVPdba4uLTOianF0h2n4zabR
1YdAGJG/eXhsFjZGuu9vu2a6KH/sFV6kQiGFn2feAFpmBPZmEwEdv59iswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHSFQE7wUs19/kjXxFCZVPJsQ7wzMB8GA1UdIwQY
MBaAFBCK+enFZSs1hEsuXUtTfp/NRFLzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUlyNTZjVmxLeldFU3k1ZFMxTi1uODFFVXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9lMDJhNmMtYWMyZS00N2M3LThiODIt
ZGUyZjZlYTAyMGJhLzEvZElWQVR2QlN6WDMtU05mRVVKbFU4bXhEdkRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9lMDJhNmMtYWMyZS00N2M3LThiODItZGUyZjZlYTAyMGJh
LzEvRUlyNTZjVmxLeldFU3k1ZFMxTi1uODFFVXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8nIMA0G
CSqGSIb3DQEBCwUAA4IBAQCGRAATHb4zaFEVh/ApSaed28IaJ3gq8nSPZSHbbf9S
WOU4DfdjpVhIzQMr4rsmPnFXYwRDJaGqkGqcqIChT9uVltOMwLQJcopx7gSBRsDQ
jANqxMhhmyHA50rfChsw8AnnMTQegrWWcp6uRF8AZC5WUuwZ3aMUMw8EwAQHqPr3
jz4+v3WcimKcTLDD3B1Mzv3EevkgzV2ExsLStulyawGib09Bu1ueNGXObbX6HVjk
uJ/NAnSZuHYtwt8zQXBMkbuSatSFw8oxwAu3RJWKXVP+Cz/6Y9vsKKRj6upa68yr
YhyKV/1nfWcBWSQWQsbv5wrVEmtUbgHIN0eAmotYNbQN
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:33 2025 by rpki-client