Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/fe22c5-d8e3-41f1-9094-f6e8bbdbd33b/1/GFp4I3LPH9Bw9YNNwWHq6X0Ax-w.roa
File: GFp4I3LPH9Bw9YNNwWHq6X0Ax-w.roa (raw, json)
Hash identifier: h4/2+JBtszFNERDw2wk+3LUP56k2mKHWWkwlM0aD/BM=
Subject key identifier: 18:5A:78:23:72:CF:1F:D0:70:F5:83:4D:C1:61:EA:E9:7D:00:C7:EC
Certificate issuer: /CN=78ac31635d091be6155743311fe1db7c7af3477b
Certificate serial: 019427B5A85EC002870337A26524ADA6B496
Authority key identifier: 78:AC:31:63:5D:09:1B:E6:15:57:43:31:1F:E1:DB:7C:7A:F3:47:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eKwxY10JG-YVV0MxH-HbfHrzR3s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/fe22c5-d8e3-41f1-9094-f6e8bbdbd33b/1/GFp4I3LPH9Bw9YNNwWHq6X0Ax-w.roa
Signing time: Thu 02 Jan 2025 15:50:03 +0000
ROA not before: Thu 02 Jan 2025 15:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47952
IP address blocks: 91.198.64.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:a8:5e:c0:02:87:03:37:a2:65:24:ad:a6:b4:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78ac31635d091be6155743311fe1db7c7af3477b
Validity
Not Before: Jan 2 15:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=185a782372cf1fd070f5834dc161eae97d00c7ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b3:2e:44:39:b4:cc:38:a2:d7:4d:db:63:c4:
95:e4:d1:57:a1:a1:bf:fa:7a:9c:93:29:7d:53:12:
aa:67:e7:08:4c:5b:ad:96:ba:30:7b:ec:da:a4:a0:
fd:65:8e:2d:e3:f1:44:56:64:ad:db:d1:17:5b:b9:
72:62:2c:09:4b:82:63:4c:9b:42:ef:af:f5:0e:55:
20:e1:41:60:ba:15:fc:72:e8:87:e5:86:3a:8d:18:
75:15:c3:a1:de:6a:39:ff:c7:2b:8c:90:e7:15:13:
00:ad:04:5b:67:d3:58:66:8b:ab:5c:a6:71:d7:c0:
a9:49:da:8f:34:d4:d2:91:4c:27:33:e9:00:97:b3:
9f:41:9d:c3:29:fe:d0:a5:89:47:54:b1:06:5d:9c:
e4:5c:4b:27:2d:79:d4:e2:a6:90:f3:e9:d0:85:6c:
db:f6:10:d3:a2:ca:29:36:e3:1f:fc:28:17:84:86:
ba:ff:9c:b1:09:41:d3:07:a4:54:94:1a:48:10:42:
87:27:6b:b9:d6:b1:4b:83:a2:4c:0e:02:5a:72:e1:
85:33:e9:c9:e8:72:ba:a6:a3:03:4f:b9:95:a5:70:
62:2a:36:32:9e:36:17:86:04:64:90:92:f3:f3:c0:
a9:65:17:80:9b:d8:1d:67:b9:c1:72:ae:8c:88:3f:
f9:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:5A:78:23:72:CF:1F:D0:70:F5:83:4D:C1:61:EA:E9:7D:00:C7:EC
X509v3 Authority Key Identifier:
keyid:78:AC:31:63:5D:09:1B:E6:15:57:43:31:1F:E1:DB:7C:7A:F3:47:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eKwxY10JG-YVV0MxH-HbfHrzR3s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/fe22c5-d8e3-41f1-9094-f6e8bbdbd33b/1/GFp4I3LPH9Bw9YNNwWHq6X0Ax-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/fe22c5-d8e3-41f1-9094-f6e8bbdbd33b/1/eKwxY10JG-YVV0MxH-HbfHrzR3s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.64.0/24
Signature Algorithm: sha256WithRSAEncryption
03:b3:bc:3d:4a:fd:9e:df:a4:e6:db:04:02:12:22:30:36:80:
19:0a:72:f0:46:f4:0d:90:1e:90:08:91:e4:68:81:09:10:a5:
42:23:24:6f:9d:21:39:f5:68:0f:30:e1:2e:9b:44:ca:f3:80:
1e:23:bd:63:b3:8a:9c:9c:ee:4e:bd:2a:fd:dc:d1:83:7a:f6:
91:e6:87:31:a2:e8:04:dc:06:80:28:7e:14:29:a1:03:09:e1:
cd:bc:f5:38:93:db:f5:84:98:01:85:5c:6b:3d:b8:f4:ab:d3:
66:35:ab:f8:97:6c:dc:b7:c4:87:11:33:79:b3:de:23:ba:03:
2d:f7:5f:64:57:f6:aa:45:1c:d7:10:c5:12:44:dc:43:90:58:
f2:b6:23:03:5a:83:78:53:91:b6:2c:91:d6:12:ea:a1:e0:ed:
92:a6:d9:b9:8e:11:75:b1:bc:6d:79:14:cf:6b:f1:40:b8:f0:
c3:7d:ca:84:66:ba:1c:51:fc:63:48:72:ff:40:4c:c2:8c:61:
ea:f0:78:a8:1f:8c:f9:60:05:6d:e1:00:52:56:72:19:8a:06:
e8:99:c5:91:e0:89:0d:f9:d5:f8:ac:76:6c:9e:55:c1:0d:23:
ee:d8:f5:b5:b5:ee:f0:fb:d2:c2:d4:8d:dc:3c:57:84:9e:59:
11:34:3c:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntahewAKHAzeiZSStprSWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4YWMzMTYzNWQwOTFiZTYxNTU3NDMzMTFmZTFkYjdjN2Fm
MzQ3N2IwHhcNMjUwMTAyMTU1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODVhNzgyMzcyY2YxZmQwNzBmNTgzNGRjMTYxZWFlOTdkMDBjN2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7MuRDm0zDii103bY8SV5NFXoaG/
+nqckyl9UxKqZ+cITFutlrowe+zapKD9ZY4t4/FEVmSt29EXW7lyYiwJS4JjTJtC
76/1DlUg4UFguhX8cuiH5YY6jRh1FcOh3mo5/8crjJDnFRMArQRbZ9NYZourXKZx
18CpSdqPNNTSkUwnM+kAl7OfQZ3DKf7QpYlHVLEGXZzkXEsnLXnU4qaQ8+nQhWzb
9hDTosopNuMf/CgXhIa6/5yxCUHTB6RUlBpIEEKHJ2u51rFLg6JMDgJacuGFM+nJ
6HK6pqMDT7mVpXBiKjYynjYXhgRkkJLz88CpZReAm9gdZ7nBcq6MiD/5nQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBhaeCNyzx/QcPWDTcFh6ul9AMfsMB8GA1UdIwQY
MBaAFHisMWNdCRvmFVdDMR/h23x680d7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUt3eFkxMEpHLVlWVjBNeEgtSGJmSHJ6UjNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9mZTIyYzUtZDhlMy00MWYxLTkwOTQt
ZjZlOGJiZGJkMzNiLzEvR0ZwNEkzTFBIOUJ3OVlOTndXSHE2WDBBeC13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9mZTIyYzUtZDhlMy00MWYxLTkwOTQtZjZlOGJiZGJkMzNi
LzEvZUt3eFkxMEpHLVlWVjBNeEgtSGJmSHJ6UjNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8ZAMA0G
CSqGSIb3DQEBCwUAA4IBAQADs7w9Sv2e36Tm2wQCEiIwNoAZCnLwRvQNkB6QCJHk
aIEJEKVCIyRvnSE59WgPMOEum0TK84AeI71js4qcnO5OvSr93NGDevaR5ocxougE
3AaAKH4UKaEDCeHNvPU4k9v1hJgBhVxrPbj0q9NmNav4l2zct8SHETN5s94jugMt
919kV/aqRRzXEMUSRNxDkFjytiMDWoN4U5G2LJHWEuqh4O2Sptm5jhF1sbxteRTP
a/FAuPDDfcqEZrocUfxjSHL/QEzCjGHq8HioH4z5YAVt4QBSVnIZigbomcWR4IkN
+dX4rHZsnlXBDSPu2PW1te7w+9LC1I3cPFeEnlkRNDyW
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:42:11 2025 by rpki-client