Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/959e99-4f36-4476-84f5-46c8e228cbc8/1/nTdnmO2AUrgq7d72w7enH9FKJp8.roa
File: nTdnmO2AUrgq7d72w7enH9FKJp8.roa (raw, json)
Hash identifier: DQanAbtH9/HxMODatA1UXprocZfRDYqu+O0OHzf0YyA=
Subject key identifier: 9D:37:67:98:ED:80:52:B8:2A:ED:DE:F6:C3:B7:A7:1F:D1:4A:26:9F
Certificate issuer: /CN=b1b6f05a3201edffefdca4338d6ca5e5e47a23db
Certificate serial: 0185711529E13F95A3D3CA4FB99715443A74
Authority key identifier: B1:B6:F0:5A:32:01:ED:FF:EF:DC:A4:33:8D:6C:A5:E5:E4:7A:23:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sbbwWjIB7f_v3KQzjWyl5eR6I9s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/959e99-4f36-4476-84f5-46c8e228cbc8/1/nTdnmO2AUrgq7d72w7enH9FKJp8.roa
Signing time: Mon 02 Jan 2023 06:04:50 +0000
ROA not before: Mon 02 Jan 2023 06:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211415
IP address blocks: 91.246.33.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:29:e1:3f:95:a3:d3:ca:4f:b9:97:15:44:3a:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1b6f05a3201edffefdca4338d6ca5e5e47a23db
Validity
Not Before: Jan 2 06:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d376798ed8052b82aeddef6c3b7a71fd14a269f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a4:5b:0c:2e:b4:4e:1c:2e:75:34:55:29:d4:
eb:50:17:b0:94:92:2e:96:a7:87:b6:f4:bf:dc:88:
7c:ed:11:d2:07:87:10:16:13:25:ca:ed:8e:c9:7a:
5b:f6:3a:b0:e8:6f:3d:db:c2:c4:f2:4b:62:02:10:
48:b2:03:4a:e3:ab:3b:fe:fb:54:e0:2f:1a:a8:cb:
31:eb:9f:ad:04:07:16:de:c7:c5:41:46:f0:5f:b1:
da:dc:ea:c7:ce:db:7a:78:6c:ea:4e:86:ac:37:ff:
5d:d7:cc:26:12:10:bc:f8:7d:aa:96:57:b4:10:34:
dd:a5:b6:fc:3b:ab:f2:29:ec:bc:cd:ed:03:9e:db:
00:c8:e5:0a:43:51:12:af:41:32:bf:48:ca:ef:e1:
cc:41:6d:32:e7:97:86:8c:07:9b:89:2a:78:fe:17:
f4:fc:be:fc:fb:3d:54:5d:4b:52:60:47:ef:fe:0f:
db:2e:5f:c7:64:52:9f:c2:36:ed:46:76:82:e2:d0:
23:d2:7c:da:f9:36:a7:a7:fe:2a:ac:6c:6d:07:3b:
e8:c5:2c:a6:ea:76:db:f1:9a:ab:d4:41:6a:2e:a0:
2e:c6:0b:21:6a:e9:df:ff:fe:ba:c2:9f:b8:17:22:
57:7a:2d:85:6e:a5:88:c8:62:d5:36:60:e8:c8:a6:
70:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:37:67:98:ED:80:52:B8:2A:ED:DE:F6:C3:B7:A7:1F:D1:4A:26:9F
X509v3 Authority Key Identifier:
keyid:B1:B6:F0:5A:32:01:ED:FF:EF:DC:A4:33:8D:6C:A5:E5:E4:7A:23:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sbbwWjIB7f_v3KQzjWyl5eR6I9s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/959e99-4f36-4476-84f5-46c8e228cbc8/1/nTdnmO2AUrgq7d72w7enH9FKJp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/959e99-4f36-4476-84f5-46c8e228cbc8/1/sbbwWjIB7f_v3KQzjWyl5eR6I9s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.246.33.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:6c:f1:15:c1:93:19:a2:09:6d:7e:3e:e0:77:2e:e3:03:8a:
c8:87:c9:26:c7:84:94:43:1a:2c:9a:9a:99:c4:77:6b:1a:42:
e3:40:76:95:ad:e1:4c:e3:fe:db:de:a0:76:51:a2:bf:63:0a:
4f:d1:29:f1:1c:f4:36:36:c5:8f:59:77:49:b9:bd:0f:e6:d2:
c5:3d:fb:17:29:12:a4:68:41:0a:97:62:76:7a:e5:12:1a:21:
8e:35:df:ab:7a:71:f8:77:c1:98:6b:62:f1:a6:ca:ab:61:f8:
fa:75:f0:b3:72:da:d8:2f:b3:75:d9:39:79:cb:8c:59:93:74:
e6:a1:42:bc:ef:45:5e:1b:9f:e6:1e:49:69:eb:6b:1e:71:c2:
78:2f:fe:f3:cc:30:ab:12:14:a9:ec:e5:9d:9d:7e:a9:58:86:
24:b4:f7:32:81:f3:ca:1e:10:c2:56:58:7d:be:16:fd:bc:58:
41:b7:e4:ba:94:3a:bf:45:9c:06:7d:ad:a6:e8:ec:c6:91:c4:
5b:de:b2:2b:24:cf:f6:8a:64:f0:1c:05:8c:2d:77:5d:fd:11:
f0:d1:24:7c:09:a4:3d:8e:ae:0f:40:f0:47:2c:38:fd:a9:00:
9d:4e:3a:42:22:4b:cb:0f:1e:3a:cb:3f:87:78:3c:24:62:64:
a4:b0:bc:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxFSnhP5Wj08pPuZcVRDp0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYjZmMDVhMzIwMWVkZmZlZmRjYTQzMzhkNmNhNWU1ZTQ3
YTIzZGIwHhcNMjMwMTAyMDYwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDM3Njc5OGVkODA1MmI4MmFlZGRlZjZjM2I3YTcxZmQxNGEyNjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqRbDC60ThwudTRVKdTrUBewlJIu
lqeHtvS/3Ih87RHSB4cQFhMlyu2OyXpb9jqw6G8928LE8ktiAhBIsgNK46s7/vtU
4C8aqMsx65+tBAcW3sfFQUbwX7Ha3OrHztt6eGzqToasN/9d18wmEhC8+H2qlle0
EDTdpbb8O6vyKey8ze0DntsAyOUKQ1ESr0Eyv0jK7+HMQW0y55eGjAebiSp4/hf0
/L78+z1UXUtSYEfv/g/bLl/HZFKfwjbtRnaC4tAj0nza+Tanp/4qrGxtBzvoxSym
6nbb8Zqr1EFqLqAuxgshaunf//66wp+4FyJXei2FbqWIyGLVNmDoyKZwPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ03Z5jtgFK4Ku3e9sO3px/RSiafMB8GA1UdIwQY
MBaAFLG28FoyAe3/79ykM41speXkeiPbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2Jid1dqSUI3Zl92M0tRempXeWw1ZVI2STlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS85NTllOTktNGYzNi00NDc2LTg0ZjUt
NDZjOGUyMjhjYmM4LzEvblRkbm1PMkFVcmdxN2Q3Mnc3ZW5IOUZLSnA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS85NTllOTktNGYzNi00NDc2LTg0ZjUtNDZjOGUyMjhjYmM4
LzEvc2Jid1dqSUI3Zl92M0tRempXeWw1ZVI2STlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/YhMA0G
CSqGSIb3DQEBCwUAA4IBAQCKbPEVwZMZogltfj7gdy7jA4rIh8kmx4SUQxosmpqZ
xHdrGkLjQHaVreFM4/7b3qB2UaK/YwpP0SnxHPQ2NsWPWXdJub0P5tLFPfsXKRKk
aEEKl2J2euUSGiGONd+renH4d8GYa2LxpsqrYfj6dfCzctrYL7N12Tl5y4xZk3Tm
oUK870VeG5/mHklp62seccJ4L/7zzDCrEhSp7OWdnX6pWIYktPcygfPKHhDCVlh9
vhb9vFhBt+S6lDq/RZwGfa2m6OzGkcRb3rIrJM/2imTwHAWMLXdd/RHw0SR8CaQ9
jq4PQPBHLDj9qQCdTjpCIkvLDx46yz+HeDwkYmSksLzt
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:57:25 2025 by rpki-client