Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/0hGuI9abbnH5IARURiUpnsE2cKk.roa
File: 0hGuI9abbnH5IARURiUpnsE2cKk.roa (raw, json)
Hash identifier: DuwUAcXW//1k2Md+MdRwDGn9pw5DCw3cr3zSvWu8/Sg=
Subject key identifier: D2:11:AE:23:D6:9B:6E:71:F9:20:04:54:46:25:29:9E:C1:36:70:A9
Certificate issuer: /CN=96199360259fa5b35b82953c5ed97999228341ac
Certificate serial: 0194206849B02788F5B66CD604D00CE6817D
Authority key identifier: 96:19:93:60:25:9F:A5:B3:5B:82:95:3C:5E:D9:79:99:22:83:41:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/0hGuI9abbnH5IARURiUpnsE2cKk.roa
Signing time: Wed 01 Jan 2025 05:48:13 +0000
ROA not before: Wed 01 Jan 2025 05:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212986
IP address blocks: 91.212.96.0/24 maxlen: 24
2a12:7cc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:49:b0:27:88:f5:b6:6c:d6:04:d0:0c:e6:81:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96199360259fa5b35b82953c5ed97999228341ac
Validity
Not Before: Jan 1 05:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d211ae23d69b6e71f92004544625299ec13670a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:6d:5b:e9:78:22:03:59:a1:77:89:e3:a2:3f:
93:8a:de:20:3a:ef:4f:9f:20:e8:5d:d3:da:f6:c4:
ea:79:4c:35:5d:6d:d9:9c:16:b5:fb:33:18:38:8e:
98:97:64:69:fe:06:c7:0b:33:b3:b1:5e:62:1e:ab:
79:61:bb:66:17:a2:0b:39:c3:ba:d1:86:27:06:76:
cc:66:13:0f:eb:dc:db:73:ad:f6:75:15:d8:e7:00:
8d:8f:29:61:db:32:e5:99:35:92:ac:54:2a:13:e4:
00:7b:2b:f9:0d:66:bb:7b:80:d4:2c:a0:2c:8b:25:
d2:97:7e:62:b3:13:b1:e3:f0:e5:45:69:22:f6:c9:
e7:e8:23:d8:8d:f9:cf:a6:82:31:01:8d:65:ff:c7:
54:5a:25:b0:bc:02:a4:d4:a7:e3:05:9f:99:b3:9c:
4a:d0:a4:0e:02:8b:97:0d:2d:5e:fa:0f:26:db:47:
fb:6e:e3:85:46:8b:f4:02:46:c9:c8:c9:da:75:da:
d7:07:56:cb:02:69:ab:44:6e:2c:0b:aa:26:6e:f2:
de:59:14:5c:dc:48:88:db:ec:34:28:2d:44:fc:98:
fe:0d:a9:c1:06:8a:12:9d:a9:61:1b:4a:2b:0d:11:
6c:da:c6:17:1b:c6:37:1e:ea:d0:ac:88:ec:8a:52:
85:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:11:AE:23:D6:9B:6E:71:F9:20:04:54:46:25:29:9E:C1:36:70:A9
X509v3 Authority Key Identifier:
keyid:96:19:93:60:25:9F:A5:B3:5B:82:95:3C:5E:D9:79:99:22:83:41:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/0hGuI9abbnH5IARURiUpnsE2cKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.96.0/24
IPv6:
2a12:7cc0::/29
Signature Algorithm: sha256WithRSAEncryption
23:61:4c:90:4a:df:bd:88:6e:e0:82:42:2e:d9:94:0c:33:38:
b9:bf:b1:0d:43:c8:d7:e2:70:e3:ec:52:eb:fa:9f:e7:80:e7:
85:92:1e:c4:c0:91:33:fa:47:4b:2d:f7:58:34:d5:f8:1d:67:
60:0f:d0:8b:58:d0:8d:16:65:67:3d:a8:50:ca:03:26:02:87:
e8:3a:88:7e:68:dd:d3:8e:98:69:66:e5:91:73:0f:a8:8e:f3:
a7:db:2f:7b:ed:22:4d:48:14:9d:13:48:68:5f:d5:da:4a:46:
51:c3:3e:77:4f:c4:6c:c9:fc:26:97:80:91:7a:0d:d5:df:e5:
a9:39:74:22:71:59:b7:1f:17:d9:2c:2b:87:8a:0e:03:a9:66:
a0:f6:dc:05:96:e4:4d:a4:0a:77:f6:fa:1c:1f:f2:e3:64:6e:
22:87:4a:ae:f3:49:87:4e:01:1f:fd:b6:8b:c6:d0:af:94:ae:
f0:84:68:d6:74:8a:ad:a7:41:e6:3d:70:81:17:dd:74:99:0f:
11:18:17:92:3d:50:25:98:9d:ce:47:da:2c:18:d6:40:be:67:
21:93:9a:8f:e8:00:36:b6:b2:2f:52:b9:81:a3:e6:13:40:35:
76:b9:df:3f:80:92:bb:71:c9:96:f1:6d:43:aa:db:b6:d1:67:
eb:6b:58:4e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQgaEmwJ4j1tmzWBNAM5oF9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MTk5MzYwMjU5ZmE1YjM1YjgyOTUzYzVlZDk3OTk5MjI4
MzQxYWMwHhcNMjUwMTAxMDU0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjExYWUyM2Q2OWI2ZTcxZjkyMDA0NTQ0NjI1Mjk5ZWMxMzY3MGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy21b6XgiA1mhd4njoj+Tit4gOu9P
nyDoXdPa9sTqeUw1XW3ZnBa1+zMYOI6Yl2Rp/gbHCzOzsV5iHqt5YbtmF6ILOcO6
0YYnBnbMZhMP69zbc632dRXY5wCNjylh2zLlmTWSrFQqE+QAeyv5DWa7e4DULKAs
iyXSl35isxOx4/DlRWki9snn6CPYjfnPpoIxAY1l/8dUWiWwvAKk1KfjBZ+Zs5xK
0KQOAouXDS1e+g8m20f7buOFRov0AkbJyMnaddrXB1bLAmmrRG4sC6ombvLeWRRc
3EiI2+w0KC1E/Jj+DanBBooSnalhG0orDRFs2sYXG8Y3HurQrIjsilKF7wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNIRriPWm25x+SAEVEYlKZ7BNnCpMB8GA1UdIwQY
MBaAFJYZk2Aln6WzW4KVPF7ZeZkig0GsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9iZjcwZDMtNzBmYS00YTMyLTgwOWYt
MmE1OTFjMTQ5ZDdhLzEvMGhHdUk5YWJibkg1SUFSVVJpVXBuc0UyY0trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9iZjcwZDMtNzBmYS00YTMyLTgwOWYtMmE1OTFjMTQ5ZDdh
LzEvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9RgMA0E
AgACMAcDBQMqEnzAMA0GCSqGSIb3DQEBCwUAA4IBAQAjYUyQSt+9iG7ggkIu2ZQM
Mzi5v7ENQ8jX4nDj7FLr+p/ngOeFkh7EwJEz+kdLLfdYNNX4HWdgD9CLWNCNFmVn
PahQygMmAofoOoh+aN3TjphpZuWRcw+ojvOn2y977SJNSBSdE0hoX9XaSkZRwz53
T8Rsyfwml4CReg3V3+WpOXQicVm3HxfZLCuHig4DqWag9twFluRNpAp39vocH/Lj
ZG4ih0qu80mHTgEf/baLxtCvlK7whGjWdIqtp0HmPXCBF910mQ8RGBeSPVAlmJ3O
R9osGNZAvmchk5qP6AA2trIvUrmBo+YTQDV2ud8/gJK7ccmW8W1Dqtu20Wfra1hO
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:13:16 2025 by rpki-client