Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/6cbf70-fe8f-48c9-9de5-52cfe6cc91e3/1/G2f4CqCIPzvHM2D-nOyqsiq937U.roa
File: G2f4CqCIPzvHM2D-nOyqsiq937U.roa (raw, json)
Hash identifier: V3gXMHQ+s5QfkbINKX1K3jPIckZsWQXdKW/G0Ho8nhc=
Subject key identifier: 1B:67:F8:0A:A0:88:3F:3B:C7:33:60:FE:9C:EC:AA:B2:2A:BD:DF:B5
Certificate issuer: /CN=bd611e1cabe0db5643a5d2945160f45ed84a807a
Certificate serial: 01942068161C5209F38E5BFDD87819059164
Authority key identifier: BD:61:1E:1C:AB:E0:DB:56:43:A5:D2:94:51:60:F4:5E:D8:4A:80:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vWEeHKvg21ZDpdKUUWD0XthKgHo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/6cbf70-fe8f-48c9-9de5-52cfe6cc91e3/1/G2f4CqCIPzvHM2D-nOyqsiq937U.roa
Signing time: Wed 01 Jan 2025 05:47:59 +0000
ROA not before: Wed 01 Jan 2025 05:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210648
IP address blocks: 91.223.231.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:16:1c:52:09:f3:8e:5b:fd:d8:78:19:05:91:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd611e1cabe0db5643a5d2945160f45ed84a807a
Validity
Not Before: Jan 1 05:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b67f80aa0883f3bc73360fe9cecaab22abddfb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:5c:56:02:b6:23:75:0a:da:ae:92:22:31:c6:
c6:69:cf:77:0d:27:ce:b2:38:ab:45:f6:ef:3a:6b:
0d:dd:bc:a1:96:c8:09:76:2f:37:f5:15:f5:c9:7b:
f8:97:d5:4a:1c:56:e1:3b:ce:72:ce:02:7e:27:32:
28:a4:71:71:e6:21:be:cf:02:29:9a:01:08:3e:c5:
39:91:c7:12:ba:15:46:60:87:89:13:08:d3:33:e4:
d3:34:cf:10:b2:c6:c4:51:ce:47:18:6b:0d:be:1a:
ba:75:30:ef:e5:68:83:51:df:43:21:07:c5:c5:d9:
36:09:94:41:69:4e:c6:7c:ea:9f:c9:ce:59:b5:62:
4d:54:a4:b2:3f:3e:77:15:80:df:de:66:e5:b9:1d:
43:4c:61:89:95:42:84:0c:61:b3:5c:6f:3f:7f:d5:
f6:23:ee:a2:74:0d:6a:7b:87:87:ce:0f:69:4e:4f:
37:c3:5e:75:29:5f:fe:14:e1:2a:46:2a:9a:f6:db:
df:4b:f8:4d:32:5b:c9:3b:00:e7:af:78:e5:4e:a9:
c2:07:8e:74:cc:56:1d:ca:c6:3c:d4:a2:46:72:46:
e1:2d:e3:f5:f6:5f:00:b1:d1:54:17:9e:47:d8:13:
e4:3a:68:d0:18:b2:9b:ce:5d:ed:eb:d8:69:99:c5:
82:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:67:F8:0A:A0:88:3F:3B:C7:33:60:FE:9C:EC:AA:B2:2A:BD:DF:B5
X509v3 Authority Key Identifier:
keyid:BD:61:1E:1C:AB:E0:DB:56:43:A5:D2:94:51:60:F4:5E:D8:4A:80:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vWEeHKvg21ZDpdKUUWD0XthKgHo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/6cbf70-fe8f-48c9-9de5-52cfe6cc91e3/1/G2f4CqCIPzvHM2D-nOyqsiq937U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/6cbf70-fe8f-48c9-9de5-52cfe6cc91e3/1/vWEeHKvg21ZDpdKUUWD0XthKgHo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.231.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:20:e3:4f:e6:9b:da:30:97:ba:67:11:db:39:b7:03:24:9b:
ec:e8:02:34:68:1d:93:00:c1:01:af:e7:12:0f:ee:f1:5d:9b:
00:61:4a:8f:69:73:59:0e:bc:45:c1:a6:ff:b1:1e:64:5b:1b:
da:b9:ad:35:e7:12:61:e2:f0:34:60:81:2b:7c:8c:e7:88:86:
ae:a5:04:d1:e2:f8:aa:7e:a8:f3:2c:30:21:40:0c:dd:ac:a7:
18:1c:bc:91:91:b6:4e:08:3f:0f:bb:6f:7a:6d:f9:80:40:57:
a2:71:5d:f4:1c:c4:d8:bf:60:46:5a:24:d4:02:f8:1a:35:0a:
70:36:d8:9c:36:68:74:c7:eb:1f:c5:9f:39:95:7e:89:7d:f9:
21:40:9e:4e:7b:fb:e0:03:c1:ea:d2:c7:8c:8f:fe:58:a9:b6:
aa:6f:df:52:86:fe:6b:6c:01:e0:9b:85:80:10:2a:c5:7f:c0:
a6:67:b8:20:aa:66:54:98:e6:8e:17:2b:05:13:63:f4:ab:0c:
e1:88:ac:ab:a5:60:09:7e:bd:ca:2c:38:67:c2:d8:88:51:b4:
b5:6f:cf:b5:1f:a7:4b:3b:6b:ce:bd:b3:2c:c0:56:b3:98:5a:
c0:c3:3f:bf:1c:26:cf:7d:ee:e2:99:20:45:54:3a:b3:a8:90:
45:65:1f:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaBYcUgnzjlv92HgZBZFkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNjExZTFjYWJlMGRiNTY0M2E1ZDI5NDUxNjBmNDVlZDg0
YTgwN2EwHhcNMjUwMTAxMDU0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjY3ZjgwYWEwODgzZjNiYzczMzYwZmU5Y2VjYWFiMjJhYmRkZmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFxWArYjdQrarpIiMcbGac93DSfO
sjirRfbvOmsN3byhlsgJdi839RX1yXv4l9VKHFbhO85yzgJ+JzIopHFx5iG+zwIp
mgEIPsU5kccSuhVGYIeJEwjTM+TTNM8QssbEUc5HGGsNvhq6dTDv5WiDUd9DIQfF
xdk2CZRBaU7GfOqfyc5ZtWJNVKSyPz53FYDf3mbluR1DTGGJlUKEDGGzXG8/f9X2
I+6idA1qe4eHzg9pTk83w151KV/+FOEqRiqa9tvfS/hNMlvJOwDnr3jlTqnCB450
zFYdysY81KJGckbhLeP19l8AsdFUF55H2BPkOmjQGLKbzl3t69hpmcWCvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBtn+AqgiD87xzNg/pzsqrIqvd+1MB8GA1UdIwQY
MBaAFL1hHhyr4NtWQ6XSlFFg9F7YSoB6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdldFZUhLdmcyMVpEcGRLVVVXRDBYdGhLZ0hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC82Y2JmNzAtZmU4Zi00OGM5LTlkZTUt
NTJjZmU2Y2M5MWUzLzEvRzJmNENxQ0lQenZITTJELW5PeXFzaXE5MzdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC82Y2JmNzAtZmU4Zi00OGM5LTlkZTUtNTJjZmU2Y2M5MWUz
LzEvdldFZUhLdmcyMVpEcGRLVVVXRDBYdGhLZ0hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9/nMA0G
CSqGSIb3DQEBCwUAA4IBAQBsIONP5pvaMJe6ZxHbObcDJJvs6AI0aB2TAMEBr+cS
D+7xXZsAYUqPaXNZDrxFwab/sR5kWxvaua015xJh4vA0YIErfIzniIaupQTR4viq
fqjzLDAhQAzdrKcYHLyRkbZOCD8Pu296bfmAQFeicV30HMTYv2BGWiTUAvgaNQpw
NticNmh0x+sfxZ85lX6JffkhQJ5Oe/vgA8Hq0seMj/5Yqbaqb99Shv5rbAHgm4WA
ECrFf8CmZ7ggqmZUmOaOFysFE2P0qwzhiKyrpWAJfr3KLDhnwtiIUbS1b8+1H6dL
O2vOvbMswFazmFrAwz+/HCbPfe7imSBFVDqzqJBFZR+g
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:36:37 2025 by rpki-client