Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/e9203d-cdcf-4f23-a3bf-f449bad29855/1/do1YRGxwXBzhu7NScxWRh1sCTkI.roa
File: do1YRGxwXBzhu7NScxWRh1sCTkI.roa (raw, json)
Hash identifier: tvb6mnRRTkKS3vhIPuaGGEBZgzp8Y6OmqBEm+R+Kc5s=
Subject key identifier: 76:8D:58:44:6C:70:5C:1C:E1:BB:B3:52:73:15:91:87:5B:02:4E:42
Certificate issuer: /CN=d70af942465ff265b896f0d1b762490f27dc322c
Certificate serial: 0194228D55FF9043065C4CAA819C03C9F822
Authority key identifier: D7:0A:F9:42:46:5F:F2:65:B8:96:F0:D1:B7:62:49:0F:27:DC:32:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1wr5QkZf8mW4lvDRt2JJDyfcMiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/e9203d-cdcf-4f23-a3bf-f449bad29855/1/do1YRGxwXBzhu7NScxWRh1sCTkI.roa
Signing time: Wed 01 Jan 2025 15:47:55 +0000
ROA not before: Wed 01 Jan 2025 15:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30417
IP address blocks: 91.208.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:55:ff:90:43:06:5c:4c:aa:81:9c:03:c9:f8:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d70af942465ff265b896f0d1b762490f27dc322c
Validity
Not Before: Jan 1 15:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=768d58446c705c1ce1bbb352731591875b024e42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d9:06:fe:30:02:bc:19:61:0f:57:92:08:6f:
ff:9c:21:36:65:ce:52:8b:84:4e:5e:c2:9d:6a:32:
b1:df:0b:22:17:ce:22:b9:c9:5c:00:6d:0c:26:1f:
4b:3d:db:6e:76:7b:33:13:b8:e4:d1:7a:df:eb:7a:
a4:b2:77:53:02:d0:9f:13:87:8a:d6:27:98:eb:c2:
22:26:95:74:93:a0:75:e7:cd:08:2e:2c:6e:02:49:
21:a6:bf:05:18:dc:2a:9c:6c:fa:c4:66:54:1f:fa:
80:ec:be:af:c1:e1:1f:dc:9d:75:a1:0d:21:43:5e:
fd:74:7e:74:54:4b:8b:24:61:fc:f9:4b:b5:bd:66:
29:20:5f:3a:53:ee:70:cb:71:71:8b:6a:22:b4:90:
ba:2e:9e:2a:1c:ad:a4:33:f4:bb:48:b5:f3:05:c2:
ad:b3:42:87:5a:6e:e9:d8:8b:5f:a5:29:d3:41:ba:
c1:19:77:3f:65:57:47:da:25:df:bb:c9:55:cb:e8:
46:e4:14:4e:91:7c:72:8c:17:f9:9a:c4:d3:69:0e:
70:fa:2a:6d:11:cf:ab:89:5b:dc:5a:70:b0:50:12:
d8:f8:86:7b:61:16:09:9f:13:ed:b5:3f:5a:e3:bf:
bf:a5:85:8d:e6:46:e8:a2:62:62:cd:46:94:04:7e:
38:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:8D:58:44:6C:70:5C:1C:E1:BB:B3:52:73:15:91:87:5B:02:4E:42
X509v3 Authority Key Identifier:
keyid:D7:0A:F9:42:46:5F:F2:65:B8:96:F0:D1:B7:62:49:0F:27:DC:32:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1wr5QkZf8mW4lvDRt2JJDyfcMiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/e9203d-cdcf-4f23-a3bf-f449bad29855/1/do1YRGxwXBzhu7NScxWRh1sCTkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/e9203d-cdcf-4f23-a3bf-f449bad29855/1/1wr5QkZf8mW4lvDRt2JJDyfcMiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.252.0/24
Signature Algorithm: sha256WithRSAEncryption
74:cf:44:07:1b:69:5a:12:dd:99:1f:2b:06:ee:89:3c:cb:50:
dd:63:8e:bd:d2:0c:6d:ec:d3:85:fc:39:4b:cf:26:75:7f:e6:
ed:ab:a4:84:8c:6f:c2:3e:6a:08:6b:40:e2:78:de:ad:46:50:
48:60:5a:8d:71:02:5c:8a:3e:18:93:4e:af:2e:6c:de:13:d0:
9a:20:24:b2:db:51:bc:cf:56:53:16:b7:b2:fc:22:bd:82:6a:
c5:8a:9e:08:67:80:f3:67:df:b4:32:d7:b8:e0:86:47:dc:f1:
69:76:49:29:ec:f8:23:db:54:73:93:57:91:eb:d5:18:35:29:
3c:d6:52:9a:e8:f9:5b:93:ac:e5:ab:2d:b6:78:6b:c7:4a:71:
6f:6c:49:3b:d9:9b:e5:cc:db:36:83:14:bb:d0:90:59:40:69:
a5:a9:54:73:c0:22:ab:47:9b:83:b3:aa:5b:b5:13:9b:32:64:
a9:2c:c5:ac:02:34:c4:4e:08:15:47:ce:6c:26:d6:f0:fd:3e:
d7:02:38:41:8b:0a:d0:df:2e:d4:e1:5f:8d:ff:d5:df:57:ef:
d5:dd:6a:69:6c:8e:00:62:68:9c:3c:be:fa:21:a9:e7:44:fe:
1b:83:f0:96:8b:de:c8:bd:8f:ad:ec:01:b7:07:39:0d:42:7d:
ab:99:12:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijVX/kEMGXEyqgZwDyfgiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MGFmOTQyNDY1ZmYyNjViODk2ZjBkMWI3NjI0OTBmMjdk
YzMyMmMwHhcNMjUwMTAxMTU0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjhkNTg0NDZjNzA1YzFjZTFiYmIzNTI3MzE1OTE4NzViMDI0ZTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNkG/jACvBlhD1eSCG//nCE2Zc5S
i4ROXsKdajKx3wsiF84iuclcAG0MJh9LPdtudnszE7jk0Xrf63qksndTAtCfE4eK
1ieY68IiJpV0k6B1580ILixuAkkhpr8FGNwqnGz6xGZUH/qA7L6vweEf3J11oQ0h
Q179dH50VEuLJGH8+Uu1vWYpIF86U+5wy3Fxi2oitJC6Lp4qHK2kM/S7SLXzBcKt
s0KHWm7p2ItfpSnTQbrBGXc/ZVdH2iXfu8lVy+hG5BROkXxyjBf5msTTaQ5w+ipt
Ec+riVvcWnCwUBLY+IZ7YRYJnxPttT9a47+/pYWN5kboomJizUaUBH440wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHaNWERscFwc4buzUnMVkYdbAk5CMB8GA1UdIwQY
MBaAFNcK+UJGX/JluJbw0bdiSQ8n3DIsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXdyNVFrWmY4bVc0bHZEUnQySkpEeWZjTWl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9lOTIwM2QtY2RjZi00ZjIzLWEzYmYt
ZjQ0OWJhZDI5ODU1LzEvZG8xWVJHeHdYQnpodTdOU2N4V1JoMXNDVGtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9lOTIwM2QtY2RjZi00ZjIzLWEzYmYtZjQ0OWJhZDI5ODU1
LzEvMXdyNVFrWmY4bVc0bHZEUnQySkpEeWZjTWl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9D8MA0G
CSqGSIb3DQEBCwUAA4IBAQB0z0QHG2laEt2ZHysG7ok8y1DdY4690gxt7NOF/DlL
zyZ1f+btq6SEjG/CPmoIa0DieN6tRlBIYFqNcQJcij4Yk06vLmzeE9CaICSy21G8
z1ZTFrey/CK9gmrFip4IZ4DzZ9+0Mte44IZH3PFpdkkp7Pgj21Rzk1eR69UYNSk8
1lKa6Plbk6zlqy22eGvHSnFvbEk72ZvlzNs2gxS70JBZQGmlqVRzwCKrR5uDs6pb
tRObMmSpLMWsAjTETggVR85sJtbw/T7XAjhBiwrQ3y7U4V+N/9XfV+/V3WppbI4A
YmicPL76IannRP4bg/CWi97IvY+t7AG3BzkNQn2rmRJ8
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:57:12 2025 by rpki-client