Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/4ef496-45e5-4397-a914-5989a4902d1a/1/aJypmqoFfKbNLA7QelNPg-kxzbw.roa
File: aJypmqoFfKbNLA7QelNPg-kxzbw.roa (raw, json)
Hash identifier: AlnIanfnH1GwrGuXXqK+U4eJyego+t2Sw5napesUvxE=
Subject key identifier: 68:9C:A9:9A:AA:05:7C:A6:CD:2C:0E:D0:7A:53:4F:83:E9:31:CD:BC
Certificate issuer: /CN=14fc1211ee3af657fc94f92fa0309de6c6c9406e
Certificate serial: 01942748034E2F701597B2E6F5DA5673E9DF
Authority key identifier: 14:FC:12:11:EE:3A:F6:57:FC:94:F9:2F:A0:30:9D:E6:C6:C9:40:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FPwSEe469lf8lPkvoDCd5sbJQG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/4ef496-45e5-4397-a914-5989a4902d1a/1/aJypmqoFfKbNLA7QelNPg-kxzbw.roa
Signing time: Thu 02 Jan 2025 13:50:18 +0000
ROA not before: Thu 02 Jan 2025 13:50:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50783
IP address blocks: 91.214.20.0/22 maxlen: 24
193.3.49.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:03:4e:2f:70:15:97:b2:e6:f5:da:56:73:e9:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14fc1211ee3af657fc94f92fa0309de6c6c9406e
Validity
Not Before: Jan 2 13:50:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=689ca99aaa057ca6cd2c0ed07a534f83e931cdbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:df:07:b8:e2:c1:00:52:70:dc:11:f0:16:33:
82:18:50:07:bf:da:05:ec:64:8e:fa:ff:10:43:16:
8f:0a:15:e3:fd:bc:40:97:a4:35:17:16:30:b9:da:
d3:03:e4:21:0b:08:be:87:6a:a4:c6:4a:8e:0c:b1:
f9:d1:23:67:f7:09:f6:4a:42:67:f2:81:7b:7f:36:
f1:59:75:c8:aa:b3:e0:51:87:c8:0e:89:45:ea:4f:
84:e4:04:10:2d:d3:91:c1:a8:00:a5:05:41:7a:8d:
88:e6:07:df:68:65:ed:69:39:c6:71:e3:b0:94:2d:
2c:c3:95:c4:5c:f6:b9:ef:58:c1:5b:57:c4:ac:24:
a6:c3:f9:eb:f7:5b:4c:f9:71:50:d9:c9:39:50:36:
e8:f8:d8:31:86:ed:7d:0b:e8:40:42:4b:83:c8:f1:
c6:28:f3:4d:38:7d:ab:b7:e8:8c:b2:7a:b3:89:1d:
73:a8:b0:21:de:58:77:bd:d5:4a:80:de:32:75:7a:
88:dc:85:a8:f1:b8:62:f2:f4:f5:d8:7c:4d:dc:2d:
93:28:c4:8f:a8:79:6a:0b:11:f6:be:ba:b3:1c:ca:
3f:3b:f1:bc:91:ec:d1:0b:db:18:60:28:10:75:d1:
7c:e7:e0:59:9b:34:56:6d:91:3c:eb:dc:1f:12:89:
16:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:9C:A9:9A:AA:05:7C:A6:CD:2C:0E:D0:7A:53:4F:83:E9:31:CD:BC
X509v3 Authority Key Identifier:
keyid:14:FC:12:11:EE:3A:F6:57:FC:94:F9:2F:A0:30:9D:E6:C6:C9:40:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FPwSEe469lf8lPkvoDCd5sbJQG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/4ef496-45e5-4397-a914-5989a4902d1a/1/aJypmqoFfKbNLA7QelNPg-kxzbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/4ef496-45e5-4397-a914-5989a4902d1a/1/FPwSEe469lf8lPkvoDCd5sbJQG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.214.20.0/22
193.3.49.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:15:2c:b5:58:6f:98:ba:07:55:8d:9c:63:b0:8c:d8:c4:92:
b9:e9:12:9f:c1:49:40:be:55:e6:e8:7a:db:b7:32:93:ae:d3:
17:83:a6:5f:14:2c:fa:fc:f3:74:74:3e:88:f4:1e:0c:dc:87:
00:0a:e2:5f:06:1a:b8:62:1d:00:06:f6:0d:aa:d7:6c:60:a7:
64:3b:b3:81:a7:4a:94:ea:69:df:1c:8b:32:65:ee:a7:9f:55:
c8:a7:2b:67:7d:43:3f:e0:75:3a:4a:39:b1:83:33:1b:a5:2f:
17:1a:fc:3b:7e:b4:4b:87:a2:06:7b:23:f4:88:c0:7e:12:bc:
59:d0:4b:15:c7:8c:26:ec:a5:75:36:a6:fe:41:20:4f:a9:94:
89:bb:07:aa:aa:ba:77:33:64:4c:52:f3:3f:c7:d5:31:24:eb:
a9:fa:4f:86:9b:b3:f0:7f:8a:9c:47:a1:fd:d8:24:82:76:b0:
10:6d:e1:ad:cb:8f:ba:6b:31:44:20:61:dc:ea:36:f0:10:08:
da:b8:52:89:88:8d:2f:31:bb:86:63:69:c6:91:eb:9e:5b:ed:
a6:11:21:55:b0:3a:c0:6e:4c:d9:28:a7:69:e9:15:0c:41:07:
4e:20:6b:2e:61:e2:ac:6d:b4:66:9f:03:a7:e1:c4:5c:67:97:
ec:32:b7:17
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnSANOL3AVl7Lm9dpWc+nfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0ZmMxMjExZWUzYWY2NTdmYzk0ZjkyZmEwMzA5ZGU2YzZj
OTQwNmUwHhcNMjUwMTAyMTM1MDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODljYTk5YWFhMDU3Y2E2Y2QyYzBlZDA3YTUzNGY4M2U5MzFjZGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsd8HuOLBAFJw3BHwFjOCGFAHv9oF
7GSO+v8QQxaPChXj/bxAl6Q1FxYwudrTA+QhCwi+h2qkxkqODLH50SNn9wn2SkJn
8oF7fzbxWXXIqrPgUYfIDolF6k+E5AQQLdORwagApQVBeo2I5gffaGXtaTnGceOw
lC0sw5XEXPa571jBW1fErCSmw/nr91tM+XFQ2ck5UDbo+Ngxhu19C+hAQkuDyPHG
KPNNOH2rt+iMsnqziR1zqLAh3lh3vdVKgN4ydXqI3IWo8bhi8vT12HxN3C2TKMSP
qHlqCxH2vrqzHMo/O/G8kezRC9sYYCgQddF85+BZmzRWbZE869wfEokWbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGicqZqqBXymzSwO0HpTT4PpMc28MB8GA1UdIwQY
MBaAFBT8EhHuOvZX/JT5L6AwnebGyUBuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlB3U0VlNDY5bGY4bFBrdm9EQ2Q1c2JKUUc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy80ZWY0OTYtNDVlNS00Mzk3LWE5MTQt
NTk4OWE0OTAyZDFhLzEvYUp5cG1xb0ZmS2JOTEE3UWVsTlBnLWt4emJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy80ZWY0OTYtNDVlNS00Mzk3LWE5MTQtNTk4OWE0OTAyZDFh
LzEvRlB3U0VlNDY5bGY4bFBrdm9EQ2Q1c2JKUUc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW9YUAwQA
wQMxMA0GCSqGSIb3DQEBCwUAA4IBAQCeFSy1WG+YugdVjZxjsIzYxJK56RKfwUlA
vlXm6HrbtzKTrtMXg6ZfFCz6/PN0dD6I9B4M3IcACuJfBhq4Yh0ABvYNqtdsYKdk
O7OBp0qU6mnfHIsyZe6nn1XIpytnfUM/4HU6SjmxgzMbpS8XGvw7frRLh6IGeyP0
iMB+ErxZ0EsVx4wm7KV1Nqb+QSBPqZSJuweqqrp3M2RMUvM/x9UxJOup+k+Gm7Pw
f4qcR6H92CSCdrAQbeGty4+6azFEIGHc6jbwEAjauFKJiI0vMbuGY2nGkeueW+2m
ESFVsDrAbkzZKKdp6RUMQQdOIGsuYeKsbbRmnwOn4cRcZ5fsMrcX
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:32:23 2025 by rpki-client