Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/c0a971-d96f-43d4-a8bc-30625317430d/1/3_lvOlC8Q73awEsCGt68pft-scE.roa
File: 3_lvOlC8Q73awEsCGt68pft-scE.roa (raw, json)
Hash identifier: kkfK8/3sSi/mI91PBNQyjxR7j14LRCGJu3KC5n63R3k=
Subject key identifier: DF:F9:6F:3A:50:BC:43:BD:DA:C0:4B:02:1A:DE:BC:A5:FB:7E:B1:C1
Certificate issuer: /CN=d7622be88a5ceaef8c330d7e96fff435e82053b4
Certificate serial: 01942444A982C028E7A27AB996835EF8C93E
Authority key identifier: D7:62:2B:E8:8A:5C:EA:EF:8C:33:0D:7E:96:FF:F4:35:E8:20:53:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12Ir6Ipc6u-MMw1-lv_0NeggU7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/c0a971-d96f-43d4-a8bc-30625317430d/1/3_lvOlC8Q73awEsCGt68pft-scE.roa
Signing time: Wed 01 Jan 2025 23:47:46 +0000
ROA not before: Wed 01 Jan 2025 23:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 91.234.239.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:a9:82:c0:28:e7:a2:7a:b9:96:83:5e:f8:c9:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7622be88a5ceaef8c330d7e96fff435e82053b4
Validity
Not Before: Jan 1 23:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dff96f3a50bc43bddac04b021adebca5fb7eb1c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:23:bc:8c:6b:42:a0:52:a3:ed:e0:13:c7:6e:
b3:43:2d:4f:0a:d7:e5:11:67:5e:79:83:b3:25:72:
9e:86:f2:82:1b:c4:05:cf:7f:84:87:aa:c4:d7:f8:
0e:c8:66:d4:85:a6:17:43:98:8a:83:a0:42:45:04:
51:a7:24:0a:77:15:a6:3a:86:90:ea:6d:45:cb:c4:
4c:ab:08:74:88:3b:91:9c:6d:b5:0a:8e:6d:4a:ed:
a4:4c:96:24:34:dd:f4:9d:d7:34:14:5b:a7:8e:e0:
e7:4d:a2:2c:69:6e:3a:91:e2:43:b5:4e:03:6e:de:
d7:05:7c:47:c8:a5:96:23:47:ed:95:10:36:2e:35:
62:a1:fa:cc:7b:a2:b7:85:63:6a:da:c2:dc:05:70:
e7:3b:aa:74:2f:0a:62:12:02:96:77:41:05:d9:3b:
93:73:44:d9:4c:fd:1c:0e:13:e9:31:9c:09:d6:e1:
05:e7:64:94:4e:95:89:64:88:d0:87:87:c2:92:04:
cb:08:b2:35:71:31:f7:8c:77:3f:81:63:3c:f4:1a:
86:f3:43:9c:ef:38:8e:97:71:ca:df:52:70:43:34:
b0:13:5b:7a:1c:14:4e:2b:1d:e8:d3:fc:0d:a4:75:
0a:28:80:6c:98:bd:ee:46:6a:60:5e:72:62:7a:8c:
c3:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:F9:6F:3A:50:BC:43:BD:DA:C0:4B:02:1A:DE:BC:A5:FB:7E:B1:C1
X509v3 Authority Key Identifier:
keyid:D7:62:2B:E8:8A:5C:EA:EF:8C:33:0D:7E:96:FF:F4:35:E8:20:53:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12Ir6Ipc6u-MMw1-lv_0NeggU7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/c0a971-d96f-43d4-a8bc-30625317430d/1/3_lvOlC8Q73awEsCGt68pft-scE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/c0a971-d96f-43d4-a8bc-30625317430d/1/12Ir6Ipc6u-MMw1-lv_0NeggU7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.239.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:b1:af:0b:06:35:93:bc:0c:d0:59:0a:48:3e:95:0b:39:5a:
d7:fb:b7:d9:c4:4d:99:3e:54:ea:99:39:08:51:d5:d0:a6:d9:
7f:37:e3:47:30:86:49:11:b9:e2:c3:f9:9d:6f:17:47:ef:91:
71:44:cd:2b:00:43:d3:d1:4e:e1:2d:75:df:9b:32:f7:83:8e:
e3:a4:b5:55:3c:78:ce:9d:30:47:3c:ec:1a:cf:cf:07:4b:46:
5e:07:ac:15:d0:ad:5d:af:88:ea:07:44:55:d3:3c:fe:91:da:
40:b3:d8:1e:7e:00:4f:ad:c9:99:03:12:36:1d:9f:02:68:cb:
96:f4:bd:3d:ed:0d:d1:22:25:69:cf:00:bb:10:b3:fb:81:2b:
2e:40:9f:f8:b8:4e:9a:e6:f1:ed:2e:ab:13:1e:91:38:de:13:
d8:7a:40:e0:c6:1f:28:6a:2d:bc:f2:71:ad:56:1a:0a:65:ef:
17:9b:d4:e0:64:90:83:bd:1b:76:40:c1:58:93:b0:97:09:17:
9b:0b:b3:29:98:e0:c4:1b:b3:9f:26:f7:bb:db:fa:10:8e:f8:
9f:04:98:96:ba:a3:b3:6e:8f:76:df:2e:54:21:a0:5d:bf:fc:
b5:d4:16:37:0f:38:e6:57:be:43:6c:9b:dc:41:29:1a:bc:f3:
04:ee:32:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRKmCwCjnonq5loNe+Mk+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NjIyYmU4OGE1Y2VhZWY4YzMzMGQ3ZTk2ZmZmNDM1ZTgy
MDUzYjQwHhcNMjUwMTAxMjM0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmY5NmYzYTUwYmM0M2JkZGFjMDRiMDIxYWRlYmNhNWZiN2ViMWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyO8jGtCoFKj7eATx26zQy1PCtfl
EWdeeYOzJXKehvKCG8QFz3+Eh6rE1/gOyGbUhaYXQ5iKg6BCRQRRpyQKdxWmOoaQ
6m1Fy8RMqwh0iDuRnG21Co5tSu2kTJYkNN30ndc0FFunjuDnTaIsaW46keJDtU4D
bt7XBXxHyKWWI0ftlRA2LjViofrMe6K3hWNq2sLcBXDnO6p0LwpiEgKWd0EF2TuT
c0TZTP0cDhPpMZwJ1uEF52SUTpWJZIjQh4fCkgTLCLI1cTH3jHc/gWM89BqG80Oc
7ziOl3HK31JwQzSwE1t6HBROKx3o0/wNpHUKKIBsmL3uRmpgXnJieozD1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN/5bzpQvEO92sBLAhrevKX7frHBMB8GA1UdIwQY
MBaAFNdiK+iKXOrvjDMNfpb/9DXoIFO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJJcjZJcGM2dS1NTXcxLWx2XzBOZWdnVTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jMGE5NzEtZDk2Zi00M2Q0LWE4YmMt
MzA2MjUzMTc0MzBkLzEvM19sdk9sQzhRNzNhd0VzQ0d0NjhwZnQtc2NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9jMGE5NzEtZDk2Zi00M2Q0LWE4YmMtMzA2MjUzMTc0MzBk
LzEvMTJJcjZJcGM2dS1NTXcxLWx2XzBOZWdnVTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+rvMA0G
CSqGSIb3DQEBCwUAA4IBAQCssa8LBjWTvAzQWQpIPpULOVrX+7fZxE2ZPlTqmTkI
UdXQptl/N+NHMIZJEbniw/mdbxdH75FxRM0rAEPT0U7hLXXfmzL3g47jpLVVPHjO
nTBHPOwaz88HS0ZeB6wV0K1dr4jqB0RV0zz+kdpAs9gefgBPrcmZAxI2HZ8CaMuW
9L097Q3RIiVpzwC7ELP7gSsuQJ/4uE6a5vHtLqsTHpE43hPYekDgxh8oai288nGt
VhoKZe8Xm9TgZJCDvRt2QMFYk7CXCRebC7MpmODEG7OfJve72/oQjvifBJiWuqOz
bo923y5UIaBdv/y11BY3DzjmV75DbJvcQSkavPME7jKI
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:19:06 2025 by rpki-client