Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ab3e73-d13d-4ec2-bf3f-177b5ba32327/1/Iq-f1EnfL9Yhl-QlX-qFh7tpN7I.roa
File: Iq-f1EnfL9Yhl-QlX-qFh7tpN7I.roa (raw, json)
Hash identifier: WJuJSZpxmjSdIh4Z1HVT6GKRflZm//sdti8VMNi88hk=
Subject key identifier: 22:AF:9F:D4:49:DF:2F:D6:21:97:E4:25:5F:EA:85:87:BB:69:37:B2
Certificate issuer: /CN=dd4dcb56f79f4a1ded8d95482333961d0264faa5
Certificate serial: 019425FDACD6FF9F8F6A53C76E4F26A66A68
Authority key identifier: DD:4D:CB:56:F7:9F:4A:1D:ED:8D:95:48:23:33:96:1D:02:64:FA:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3U3LVvefSh3tjZVIIzOWHQJk-qU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ab3e73-d13d-4ec2-bf3f-177b5ba32327/1/Iq-f1EnfL9Yhl-QlX-qFh7tpN7I.roa
Signing time: Thu 02 Jan 2025 07:49:29 +0000
ROA not before: Thu 02 Jan 2025 07:49:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200303
IP address blocks: 91.246.47.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:ac:d6:ff:9f:8f:6a:53:c7:6e:4f:26:a6:6a:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd4dcb56f79f4a1ded8d95482333961d0264faa5
Validity
Not Before: Jan 2 07:49:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22af9fd449df2fd62197e4255fea8587bb6937b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e8:92:c1:11:30:0b:62:76:d4:d9:ad:9e:ff:
f5:42:d7:cd:ec:c8:34:19:05:aa:6e:4b:af:5f:01:
7c:84:33:62:c6:cf:eb:46:00:f0:fa:9d:0a:44:82:
66:22:2a:fa:a0:fa:25:b2:be:c4:3b:bf:95:7b:3e:
7f:b3:76:2b:dd:73:ba:b9:b7:8a:57:8f:b5:77:3d:
ee:25:0d:7f:f5:6c:17:c5:12:ec:c0:b3:3d:01:ec:
9c:af:47:f6:1a:5b:b2:71:5e:a4:71:af:8f:19:cc:
37:ff:05:00:4e:f0:75:2f:76:db:5a:ce:1c:ea:61:
c7:ab:b6:1f:3e:53:89:2c:cb:8e:a7:6e:51:55:3e:
7b:e5:1c:15:96:51:b9:38:91:e8:15:c0:75:11:8b:
3e:6c:cc:7a:ac:c0:c4:b2:39:10:82:00:bf:9d:32:
33:a9:7d:42:7b:68:87:d3:ac:36:74:9e:c4:56:fd:
5a:19:67:a0:09:f3:76:c8:28:ef:f2:4f:f4:1b:ac:
0f:78:41:49:5d:08:3c:a5:ae:da:a3:cc:55:6f:08:
d1:3e:ba:48:23:2e:fe:78:99:9d:ad:9b:7e:73:cc:
59:fe:3f:c6:a3:06:fa:3b:14:65:35:b0:56:7f:1e:
10:df:be:f9:6a:bf:58:e1:71:44:0e:e3:00:da:b3:
d2:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:AF:9F:D4:49:DF:2F:D6:21:97:E4:25:5F:EA:85:87:BB:69:37:B2
X509v3 Authority Key Identifier:
keyid:DD:4D:CB:56:F7:9F:4A:1D:ED:8D:95:48:23:33:96:1D:02:64:FA:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3U3LVvefSh3tjZVIIzOWHQJk-qU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ab3e73-d13d-4ec2-bf3f-177b5ba32327/1/Iq-f1EnfL9Yhl-QlX-qFh7tpN7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ab3e73-d13d-4ec2-bf3f-177b5ba32327/1/3U3LVvefSh3tjZVIIzOWHQJk-qU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.246.47.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:00:be:1e:5c:3b:48:ab:9e:63:4c:37:3d:59:b0:a8:69:d4:
f1:49:1a:84:d1:db:97:cd:bc:d5:a7:e5:4f:a9:1a:9f:fb:f6:
37:b3:b6:10:df:c1:4a:c1:8f:3d:72:5d:84:65:53:f7:e6:5a:
da:6f:aa:37:61:0f:b9:a7:2e:68:70:9e:36:24:3f:2e:f0:c7:
99:67:dc:1f:50:26:e6:46:2c:d1:b0:98:51:75:f7:38:9e:cd:
a2:ab:a2:19:0e:12:e7:87:90:b8:ea:aa:1a:de:1d:80:01:5b:
47:a1:8d:a4:81:c4:4d:be:7d:10:27:2e:2e:c5:05:03:91:ab:
bc:2c:0f:d8:3c:3b:54:c1:18:a5:38:09:07:72:b7:d2:a6:90:
49:33:82:c2:81:4f:83:38:47:8c:be:7c:3a:00:1c:7b:86:5c:
1b:9e:bc:bb:6e:11:65:52:b9:de:8d:2f:7f:d3:c9:ea:2a:b0:
4a:62:4f:32:44:02:49:c6:3d:12:80:bb:ef:8d:e6:d1:21:c1:
6a:e7:cc:b8:23:99:4b:3b:f9:51:af:4b:b5:10:6a:98:09:a6:
73:13:ce:14:29:01:a4:85:1c:54:23:aa:3f:79:df:44:4b:98:
1d:0e:b4:7f:3a:20:81:16:e4:b4:75:08:a1:86:d9:0d:89:11:
ca:67:23:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/azW/5+PalPHbk8mpmpoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNGRjYjU2Zjc5ZjRhMWRlZDhkOTU0ODIzMzM5NjFkMDI2
NGZhYTUwHhcNMjUwMTAyMDc0OTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmFmOWZkNDQ5ZGYyZmQ2MjE5N2U0MjU1ZmVhODU4N2JiNjkzN2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+iSwREwC2J21Nmtnv/1QtfN7Mg0
GQWqbkuvXwF8hDNixs/rRgDw+p0KRIJmIir6oPolsr7EO7+Vez5/s3Yr3XO6ubeK
V4+1dz3uJQ1/9WwXxRLswLM9Aeycr0f2GluycV6kca+PGcw3/wUATvB1L3bbWs4c
6mHHq7YfPlOJLMuOp25RVT575RwVllG5OJHoFcB1EYs+bMx6rMDEsjkQggC/nTIz
qX1Ce2iH06w2dJ7EVv1aGWegCfN2yCjv8k/0G6wPeEFJXQg8pa7ao8xVbwjRPrpI
Iy7+eJmdrZt+c8xZ/j/Gowb6OxRlNbBWfx4Q3775ar9Y4XFEDuMA2rPSzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCKvn9RJ3y/WIZfkJV/qhYe7aTeyMB8GA1UdIwQY
MBaAFN1Ny1b3n0od7Y2VSCMzlh0CZPqlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1UzTFZ2ZWZTaDN0alpWSUl6T1dIUUprLXFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9hYjNlNzMtZDEzZC00ZWMyLWJmM2Yt
MTc3YjViYTMyMzI3LzEvSXEtZjFFbmZMOVlobC1RbFgtcUZoN3RwTjdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9hYjNlNzMtZDEzZC00ZWMyLWJmM2YtMTc3YjViYTMyMzI3
LzEvM1UzTFZ2ZWZTaDN0alpWSUl6T1dIUUprLXFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/YvMA0G
CSqGSIb3DQEBCwUAA4IBAQBfAL4eXDtIq55jTDc9WbCoadTxSRqE0duXzbzVp+VP
qRqf+/Y3s7YQ38FKwY89cl2EZVP35lrab6o3YQ+5py5ocJ42JD8u8MeZZ9wfUCbm
RizRsJhRdfc4ns2iq6IZDhLnh5C46qoa3h2AAVtHoY2kgcRNvn0QJy4uxQUDkau8
LA/YPDtUwRilOAkHcrfSppBJM4LCgU+DOEeMvnw6ABx7hlwbnry7bhFlUrnejS9/
08nqKrBKYk8yRAJJxj0SgLvvjebRIcFq58y4I5lLO/lRr0u1EGqYCaZzE84UKQGk
hRxUI6o/ed9ES5gdDrR/OiCBFuS0dQihhtkNiRHKZyNX
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:29:36 2025 by rpki-client