Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/0RQ-WrGaW_a3SUMuIWvBi3re8Us.roa
File: 0RQ-WrGaW_a3SUMuIWvBi3re8Us.roa (raw, json)
Hash identifier: Vm0Yp0DBpXgsUlIoix2wYlP8daTTxgpllg8xunuDANo=
Subject key identifier: D1:14:3E:5A:B1:9A:5B:F6:B7:49:43:2E:21:6B:C1:8B:7A:DE:F1:4B
Certificate issuer: /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial: 019427B57C2CA86034B66BE5AF47AE46D9CE
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/0RQ-WrGaW_a3SUMuIWvBi3re8Us.roa
Signing time: Thu 02 Jan 2025 15:49:52 +0000
ROA not before: Thu 02 Jan 2025 15:49:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28753
IP address blocks: 91.201.140.0/23 maxlen: 23
91.201.140.0/24 maxlen: 24
91.201.141.0/24 maxlen: 24
92.119.182.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:7c:2c:a8:60:34:b6:6b:e5:af:47:ae:46:d9:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Validity
Not Before: Jan 2 15:49:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1143e5ab19a5bf6b749432e216bc18b7adef14b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:dd:e1:ce:3c:2d:c6:2d:84:35:30:39:f8:f6:
6b:5b:a0:96:90:72:be:ce:b8:41:fb:a1:95:62:0a:
a6:ea:0c:5b:8e:66:a6:eb:ef:3c:4e:03:17:b4:38:
57:18:db:fc:6a:1b:df:e6:d7:75:b2:22:34:89:4e:
6f:c0:d1:06:b7:09:8f:d7:fd:0b:58:19:4b:cf:81:
91:a4:18:bd:7a:1b:f6:fc:6e:09:53:b5:f5:01:29:
fd:ef:64:6f:5c:21:87:57:d9:d7:50:29:25:3b:cd:
42:40:e7:65:e8:98:cf:66:a7:38:b1:7f:d7:22:9e:
1c:39:e7:23:60:b4:49:32:43:b5:55:3f:7c:2a:60:
12:54:c5:c2:04:0a:cf:be:33:df:1e:80:cb:e3:6c:
60:ff:cc:8b:f2:3b:c4:99:1a:d2:c3:83:9b:5e:69:
74:aa:59:bd:18:bb:61:3f:7e:c3:07:8c:61:a2:be:
57:f4:68:0e:74:0f:96:ea:6f:bf:ce:94:b3:83:45:
97:e4:1b:b3:27:a8:cc:0b:96:2d:e0:84:36:0c:03:
2b:86:e3:88:c3:50:17:2c:5d:1c:50:e4:3f:e4:b2:
58:c0:ad:6f:95:87:82:4f:7d:a9:cd:d5:c4:69:6e:
1d:00:cd:fa:5d:84:93:75:21:13:18:7e:df:84:36:
66:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:14:3E:5A:B1:9A:5B:F6:B7:49:43:2E:21:6B:C1:8B:7A:DE:F1:4B
X509v3 Authority Key Identifier:
keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/0RQ-WrGaW_a3SUMuIWvBi3re8Us.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.140.0/23
92.119.182.0/24
Signature Algorithm: sha256WithRSAEncryption
05:1d:c5:64:12:da:27:54:44:cc:9a:9b:70:5d:b2:1a:62:4d:
0c:49:49:a2:7f:89:95:c6:81:86:27:93:17:bf:2b:40:d7:b2:
f3:31:4a:fa:f4:13:ab:8a:81:58:70:e8:c0:c0:16:b0:7f:cc:
b2:e2:78:cb:1d:eb:31:3b:00:22:45:67:34:9a:63:c2:d2:18:
89:a9:2d:83:05:40:c2:95:77:07:4d:ea:ca:66:37:55:42:c9:
d7:98:cc:27:2f:50:e9:ca:bc:ec:a3:07:7e:58:78:59:6c:24:
c4:6d:62:3a:c5:55:c1:dc:cd:65:c8:c1:24:d3:6e:94:43:3a:
22:bc:cc:4e:9e:68:2b:26:ca:ae:1c:dc:a0:95:8f:22:64:a4:
b9:73:7d:73:a8:71:54:7a:7c:56:9b:de:08:07:73:0f:44:4b:
85:70:e1:24:96:78:9e:5b:ae:f5:6b:db:ed:6a:6b:cc:14:82:
44:a8:5c:ad:b5:53:49:36:32:07:aa:1c:9e:4a:85:de:3e:75:
7b:35:9f:53:99:97:02:47:1d:aa:1d:ba:c6:cc:9a:5f:c9:13:
37:17:16:54:e7:9e:04:a6:35:8b:01:17:ea:35:b6:ca:ad:74:
b7:85:86:66:42:8f:4d:bb:53:4c:22:aa:b6:83:3d:7b:47:af:
38:5e:a2:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQntXwsqGA0tmvlr0euRtnOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjUwMTAyMTU0OTUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTE0M2U1YWIxOWE1YmY2Yjc0OTQzMmUyMTZiYzE4YjdhZGVmMTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm93hzjwtxi2ENTA5+PZrW6CWkHK+
zrhB+6GVYgqm6gxbjmam6+88TgMXtDhXGNv8ahvf5td1siI0iU5vwNEGtwmP1/0L
WBlLz4GRpBi9ehv2/G4JU7X1ASn972RvXCGHV9nXUCklO81CQOdl6JjPZqc4sX/X
Ip4cOecjYLRJMkO1VT98KmASVMXCBArPvjPfHoDL42xg/8yL8jvEmRrSw4ObXml0
qlm9GLthP37DB4xhor5X9GgOdA+W6m+/zpSzg0WX5BuzJ6jMC5Yt4IQ2DAMrhuOI
w1AXLF0cUOQ/5LJYwK1vlYeCT32pzdXEaW4dAM36XYSTdSETGH7fhDZmNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNEUPlqxmlv2t0lDLiFrwYt63vFLMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvMFJRLVdyR2FXX2EzU1VNdUlXdkJpM3JlOFVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW8mMAwQA
XHe2MA0GCSqGSIb3DQEBCwUAA4IBAQAFHcVkEtonVETMmptwXbIaYk0MSUmif4mV
xoGGJ5MXvytA17LzMUr69BOrioFYcOjAwBawf8yy4njLHesxOwAiRWc0mmPC0hiJ
qS2DBUDClXcHTerKZjdVQsnXmMwnL1Dpyrzsowd+WHhZbCTEbWI6xVXB3M1lyMEk
026UQzoivMxOnmgrJsquHNyglY8iZKS5c31zqHFUenxWm94IB3MPREuFcOEklnie
W671a9vtamvMFIJEqFyttVNJNjIHqhyeSoXePnV7NZ9TmZcCRx2qHbrGzJpfyRM3
FxZU554EpjWLARfqNbbKrXS3hYZmQo9Nu1NMIqq2gz17R684XqIp
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:35:17 2025 by rpki-client