Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/g7CQjOrXAZDWN-UCXNhfBqU8GtM.roa
File: g7CQjOrXAZDWN-UCXNhfBqU8GtM.roa (raw, json)
Hash identifier: TsfqchRGcZNHpPlXb+jTlHuU31TnVWJ3XGIt3131e90=
Subject key identifier: 83:B0:90:8C:EA:D7:01:90:D6:37:E5:02:5C:D8:5F:06:A5:3C:1A:D3
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01943310B00D08B8F55475A9ECEFA2689D58
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/g7CQjOrXAZDWN-UCXNhfBqU8GtM.roa
Signing time: Sat 04 Jan 2025 20:45:19 +0000
ROA not before: Sat 04 Jan 2025 20:45:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 91.210.144.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:33:10:b0:0d:08:b8:f5:54:75:a9:ec:ef:a2:68:9d:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jan 4 20:45:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83b0908cead70190d637e5025cd85f06a53c1ad3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:6d:a5:f0:0b:19:44:e0:af:2d:11:e4:4f:55:
3c:51:71:73:67:e6:c2:af:f6:65:ce:9f:7e:74:f2:
c3:35:8b:f1:22:80:09:33:39:96:b3:03:fe:f7:9a:
e9:9c:6f:56:48:c6:d3:4e:c0:ab:72:97:c0:f6:8c:
78:62:38:04:a4:25:fc:f5:7b:55:f5:e8:b7:62:60:
0c:21:94:4e:0c:8a:c9:87:d1:1c:28:3e:2c:16:59:
34:8d:76:85:c0:ac:1f:01:d2:4e:e7:fe:54:d4:cd:
d5:26:ec:07:ac:a5:6c:09:7d:56:3c:18:71:33:a1:
95:89:ef:a1:49:e1:46:d5:3b:90:9d:02:e1:b9:72:
25:4d:6b:0f:e3:c6:1a:ce:92:74:70:17:42:01:36:
15:06:07:ed:89:07:1b:8c:2d:ed:05:5f:15:a6:d9:
d0:8b:74:59:28:9f:a4:35:3e:ad:bf:19:34:95:02:
12:6c:34:0e:61:75:41:cd:75:4a:7e:f3:38:97:22:
83:20:3e:09:37:be:65:e1:17:cb:08:7f:91:de:47:
19:dc:a7:e8:1b:91:ef:f0:d6:12:5d:29:3b:29:e9:
69:af:3f:15:05:4f:4e:bd:af:7c:89:39:96:2f:27:
ea:7b:58:90:3e:c1:a0:30:72:1c:f1:5d:ef:47:66:
b1:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:B0:90:8C:EA:D7:01:90:D6:37:E5:02:5C:D8:5F:06:A5:3C:1A:D3
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/g7CQjOrXAZDWN-UCXNhfBqU8GtM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.144.0/24
Signature Algorithm: sha256WithRSAEncryption
80:84:68:b2:6c:23:aa:fa:bb:b4:b5:54:6e:e0:21:2d:91:0b:
a6:f3:2d:24:4d:47:81:8f:e1:e6:9e:d9:54:9e:fa:f7:fc:91:
90:6b:13:1b:31:43:d5:a5:fc:f0:51:cf:18:54:7f:7c:12:34:
ed:44:f4:54:6b:5b:37:9f:2b:90:d4:63:92:f5:cf:7c:c0:6e:
22:8b:09:dc:d2:e1:08:40:bc:3a:cc:a3:e5:2f:e3:46:23:aa:
f5:db:4b:6e:b5:aa:04:cf:b6:8b:25:16:03:cd:94:94:f2:24:
ef:34:fe:7b:1e:52:aa:3e:15:aa:7f:28:d6:c1:0d:ee:6a:63:
c4:5c:97:ef:fb:5d:fa:85:9b:6e:ba:08:1e:52:09:c6:0f:49:
63:fd:ff:38:3a:db:ee:16:95:ef:57:f5:6e:10:19:91:25:ad:
87:79:e8:b9:ef:53:0b:6c:a5:87:e6:28:d3:07:b0:c2:3f:a0:
5c:85:a1:2f:f2:9e:91:0d:c4:cb:44:d8:fc:f7:f1:3b:71:77:
e2:4c:00:82:89:2a:10:2b:f5:72:18:56:17:6e:b4:e9:8b:13:
3e:85:53:5a:3f:95:6a:a6:dc:3c:b9:14:ff:43:d2:20:85:8d:
cf:2f:d7:40:25:f9:c9:be:c6:f6:8e:41:26:6a:f3:b9:dc:1b:
91:60:0c:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQzELANCLj1VHWp7O+iaJ1YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjUwMTA0MjA0NTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2IwOTA4Y2VhZDcwMTkwZDYzN2U1MDI1Y2Q4NWYwNmE1M2MxYWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiW2l8AsZROCvLRHkT1U8UXFzZ+bC
r/Zlzp9+dPLDNYvxIoAJMzmWswP+95rpnG9WSMbTTsCrcpfA9ox4YjgEpCX89XtV
9ei3YmAMIZRODIrJh9EcKD4sFlk0jXaFwKwfAdJO5/5U1M3VJuwHrKVsCX1WPBhx
M6GVie+hSeFG1TuQnQLhuXIlTWsP48YazpJ0cBdCATYVBgftiQcbjC3tBV8VptnQ
i3RZKJ+kNT6tvxk0lQISbDQOYXVBzXVKfvM4lyKDID4JN75l4RfLCH+R3kcZ3Kfo
G5Hv8NYSXSk7Kelprz8VBU9Ova98iTmWLyfqe1iQPsGgMHIc8V3vR2axdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIOwkIzq1wGQ1jflAlzYXwalPBrTMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvZzdDUWpPclhBWkRXTi1VQ1hOaGZCcVU4R3RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9KQMA0G
CSqGSIb3DQEBCwUAA4IBAQCAhGiybCOq+ru0tVRu4CEtkQum8y0kTUeBj+HmntlU
nvr3/JGQaxMbMUPVpfzwUc8YVH98EjTtRPRUa1s3nyuQ1GOS9c98wG4iiwnc0uEI
QLw6zKPlL+NGI6r120tutaoEz7aLJRYDzZSU8iTvNP57HlKqPhWqfyjWwQ3uamPE
XJfv+136hZtuuggeUgnGD0lj/f84OtvuFpXvV/VuEBmRJa2Heei571MLbKWH5ijT
B7DCP6BchaEv8p6RDcTLRNj89/E7cXfiTACCiSoQK/VyGFYXbrTpixM+hVNaP5Vq
ptw8uRT/Q9IghY3PL9dAJfnJvsb2jkEmavO53BuRYAxy
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:46:29 2025 by rpki-client