Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/35b49b-03a3-4101-a3fe-1d8e19df4a62/1/SwDsrRhvfBw9F4XGJ9jQ9aLMXmM.roa
File: SwDsrRhvfBw9F4XGJ9jQ9aLMXmM.roa (raw, json)
Hash identifier: 3d2l7JTHz6vbNzzhkSjJTHAcnYSSZFmoaOBcI2qRo/o=
Subject key identifier: 4B:00:EC:AD:18:6F:7C:1C:3D:17:85:C6:27:D8:D0:F5:A2:CC:5E:63
Certificate issuer: /CN=32d395c57dfd30c0cd2c30f42338ae4c14a750a1
Certificate serial: 019425FCC4417039EB177FA3BC606B8BFDDE
Authority key identifier: 32:D3:95:C5:7D:FD:30:C0:CD:2C:30:F4:23:38:AE:4C:14:A7:50:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MtOVxX39MMDNLDD0IziuTBSnUKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/35b49b-03a3-4101-a3fe-1d8e19df4a62/1/SwDsrRhvfBw9F4XGJ9jQ9aLMXmM.roa
Signing time: Thu 02 Jan 2025 07:48:29 +0000
ROA not before: Thu 02 Jan 2025 07:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35236
IP address blocks: 91.241.8.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:c4:41:70:39:eb:17:7f:a3:bc:60:6b:8b:fd:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32d395c57dfd30c0cd2c30f42338ae4c14a750a1
Validity
Not Before: Jan 2 07:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b00ecad186f7c1c3d1785c627d8d0f5a2cc5e63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:82:41:ab:e6:6c:7d:9e:61:77:da:c4:6a:0a:
63:2d:c2:da:57:01:dd:3b:66:7e:d3:3a:0c:0c:1b:
31:3c:17:56:10:02:92:f1:c8:23:f3:7d:c7:42:77:
77:41:b9:f1:88:b2:98:83:c2:84:5b:d3:87:b7:01:
74:75:e9:7b:af:67:48:09:ab:0c:bf:2e:21:11:1a:
f8:11:a2:b4:07:7d:a0:e4:ee:92:83:de:94:bd:4b:
bf:a2:70:3b:69:aa:86:78:d6:c2:f0:40:b7:03:5e:
65:aa:16:7d:29:31:85:37:91:34:14:75:f5:59:bd:
d1:b0:13:35:e3:8e:3e:02:4f:a7:c8:12:92:86:e8:
35:9d:ed:2a:6a:88:29:ef:ae:06:b9:c7:b8:17:50:
84:99:35:d3:c1:65:fa:61:fa:69:ef:95:d8:54:7b:
66:32:b7:31:81:4a:ee:f6:3e:3b:98:65:b9:cf:3b:
aa:62:df:9e:71:fc:c1:c9:9e:ec:86:40:9b:4d:0a:
b7:9f:b4:09:2b:66:e0:07:7b:37:83:c5:03:90:d3:
6e:c9:de:8f:99:df:52:d5:6f:4f:e8:1e:f2:8e:f9:
20:66:f0:a0:4e:a2:43:07:a6:a0:df:e0:92:0f:ab:
25:32:ef:03:bd:f0:ae:93:c9:86:6c:66:33:24:59:
b9:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:00:EC:AD:18:6F:7C:1C:3D:17:85:C6:27:D8:D0:F5:A2:CC:5E:63
X509v3 Authority Key Identifier:
keyid:32:D3:95:C5:7D:FD:30:C0:CD:2C:30:F4:23:38:AE:4C:14:A7:50:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MtOVxX39MMDNLDD0IziuTBSnUKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/35b49b-03a3-4101-a3fe-1d8e19df4a62/1/SwDsrRhvfBw9F4XGJ9jQ9aLMXmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/35b49b-03a3-4101-a3fe-1d8e19df4a62/1/MtOVxX39MMDNLDD0IziuTBSnUKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.8.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:b8:ee:92:b6:a9:0a:cc:48:9d:a2:2e:88:7a:10:d3:9e:18:
3b:15:84:2e:a3:8e:46:db:ed:a7:a5:07:b3:77:94:ce:78:31:
ae:0b:43:ee:5d:b8:a9:99:57:c4:9c:33:37:fb:c1:14:a8:99:
62:1f:23:d1:49:2f:8e:3e:37:76:46:92:49:e0:f1:e1:86:c9:
0b:29:f2:cb:13:23:4a:d4:3d:6b:a3:58:54:3c:53:ba:10:0b:
a3:8f:64:a7:ef:f9:b0:b9:20:b6:30:6a:70:96:f7:db:03:d0:
8a:35:fc:96:90:4c:19:8e:6d:02:8d:20:9e:d9:d9:70:c4:5d:
1c:df:5a:52:7b:91:ff:ba:8d:ac:10:8d:57:82:81:3f:2f:93:
03:d6:43:d6:56:5b:65:6e:53:a0:41:1c:07:4e:c6:5d:aa:81:
00:1a:51:ba:cd:67:e4:8c:65:89:df:e9:fd:ec:a9:d9:38:05:
6a:7d:ac:76:c8:7b:2b:72:d9:0b:4f:7a:2e:72:05:6b:dd:39:
99:b6:a4:60:da:71:db:f7:1c:d3:9e:36:3d:f8:ad:3f:b6:d7:
3c:4e:18:a7:ce:6f:ee:d6:1a:9c:23:46:d4:79:da:4b:b9:22:
d5:d4:a6:6a:e7:99:61:cd:64:2f:06:5d:53:f4:d8:f9:06:e1:
15:3a:fc:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/MRBcDnrF3+jvGBri/3eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyZDM5NWM1N2RmZDMwYzBjZDJjMzBmNDIzMzhhZTRjMTRh
NzUwYTEwHhcNMjUwMTAyMDc0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjAwZWNhZDE4NmY3YzFjM2QxNzg1YzYyN2Q4ZDBmNWEyY2M1ZTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4YJBq+ZsfZ5hd9rEagpjLcLaVwHd
O2Z+0zoMDBsxPBdWEAKS8cgj833HQnd3QbnxiLKYg8KEW9OHtwF0del7r2dICasM
vy4hERr4EaK0B32g5O6Sg96UvUu/onA7aaqGeNbC8EC3A15lqhZ9KTGFN5E0FHX1
Wb3RsBM1444+Ak+nyBKShug1ne0qaogp764Guce4F1CEmTXTwWX6Yfpp75XYVHtm
MrcxgUru9j47mGW5zzuqYt+ecfzByZ7shkCbTQq3n7QJK2bgB3s3g8UDkNNuyd6P
md9S1W9P6B7yjvkgZvCgTqJDB6ag3+CSD6slMu8DvfCuk8mGbGYzJFm5HwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEsA7K0Yb3wcPReFxifY0PWizF5jMB8GA1UdIwQY
MBaAFDLTlcV9/TDAzSww9CM4rkwUp1ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXRPVnhYMzlNTUROTEREMEl6aXVUQlNuVUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8zNWI0OWItMDNhMy00MTAxLWEzZmUt
MWQ4ZTE5ZGY0YTYyLzEvU3dEc3JSaHZmQnc5RjRYR0o5alE5YUxNWG1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8zNWI0OWItMDNhMy00MTAxLWEzZmUtMWQ4ZTE5ZGY0YTYy
LzEvTXRPVnhYMzlNTUROTEREMEl6aXVUQlNuVUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW/EIMA0G
CSqGSIb3DQEBCwUAA4IBAQA6uO6StqkKzEidoi6IehDTnhg7FYQuo45G2+2npQez
d5TOeDGuC0PuXbipmVfEnDM3+8EUqJliHyPRSS+OPjd2RpJJ4PHhhskLKfLLEyNK
1D1ro1hUPFO6EAujj2Sn7/mwuSC2MGpwlvfbA9CKNfyWkEwZjm0CjSCe2dlwxF0c
31pSe5H/uo2sEI1XgoE/L5MD1kPWVltlblOgQRwHTsZdqoEAGlG6zWfkjGWJ3+n9
7KnZOAVqfax2yHsrctkLT3oucgVr3TmZtqRg2nHb9xzTnjY9+K0/ttc8Thinzm/u
1hqcI0bUedpLuSLV1KZq55lhzWQvBl1T9Nj5BuEVOvww
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:12 2025 by rpki-client