Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/a2f74e-e909-4971-9341-cbc2566ae74d/1/apIsLp9gB3-ePn23Iz1gSnuClOo.roa
File: apIsLp9gB3-ePn23Iz1gSnuClOo.roa (raw, json)
Hash identifier: yycnskyjdQEROhP+q+hpdC1HnM4vZCKFBWTq7y4iPPs=
Subject key identifier: 6A:92:2C:2E:9F:60:07:7F:9E:3E:7D:B7:23:3D:60:4A:7B:82:94:EA
Certificate issuer: /CN=787f62191f191314bd6bddb096b4cd4ddb33f45c
Certificate serial: 018CC2DAFF0912734FE4DE439165F899361F
Authority key identifier: 78:7F:62:19:1F:19:13:14:BD:6B:DD:B0:96:B4:CD:4D:DB:33:F4:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eH9iGR8ZExS9a92wlrTNTdsz9Fw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/a2f74e-e909-4971-9341-cbc2566ae74d/1/apIsLp9gB3-ePn23Iz1gSnuClOo.roa
Signing time: Mon 01 Jan 2024 02:29:41 +0000
ROA not before: Mon 01 Jan 2024 02:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197042
IP address blocks: 91.216.148.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:ff:09:12:73:4f:e4:de:43:91:65:f8:99:36:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=787f62191f191314bd6bddb096b4cd4ddb33f45c
Validity
Not Before: Jan 1 02:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a922c2e9f60077f9e3e7db7233d604a7b8294ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:a9:54:73:66:40:de:a5:54:4b:bf:ee:2b:c7:
6e:b3:75:d9:41:b7:ee:d5:6e:22:c1:07:c9:3d:8d:
ee:60:2c:9e:b0:bf:ae:6a:76:90:62:35:60:70:75:
1b:d6:22:c7:c4:4c:93:f6:8b:2e:04:a0:4a:07:ea:
20:87:12:ed:38:b5:58:c7:d7:59:9c:61:2c:5b:19:
4c:0e:f1:da:6a:74:98:5e:aa:31:e9:73:6e:92:6d:
0b:b8:fa:3c:b4:00:c3:f0:06:26:48:f4:de:61:05:
e0:85:f3:d3:cf:be:ad:16:78:3b:ee:f2:c3:22:a8:
14:ab:95:49:20:75:7f:11:82:b2:5b:b1:46:b9:a1:
01:4d:17:dc:6e:0f:e8:81:92:31:5d:ca:0a:b1:51:
fe:e1:d5:9c:e6:82:34:07:84:93:dd:61:93:a0:0f:
47:d7:5c:4f:c3:f9:03:51:ec:bd:56:21:76:1f:19:
d1:96:31:a1:26:ea:51:e0:99:2e:20:f5:a7:e4:2e:
be:4b:0f:71:91:5d:4a:26:56:23:47:e5:06:80:29:
09:f0:c0:d2:60:b3:49:61:49:db:df:14:77:45:3f:
47:c1:ee:f6:a7:fb:97:2e:af:45:6e:af:4a:c0:45:
96:2f:c5:a4:b9:fc:ea:de:38:d8:fc:03:94:69:27:
b8:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:92:2C:2E:9F:60:07:7F:9E:3E:7D:B7:23:3D:60:4A:7B:82:94:EA
X509v3 Authority Key Identifier:
keyid:78:7F:62:19:1F:19:13:14:BD:6B:DD:B0:96:B4:CD:4D:DB:33:F4:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eH9iGR8ZExS9a92wlrTNTdsz9Fw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a2f74e-e909-4971-9341-cbc2566ae74d/1/apIsLp9gB3-ePn23Iz1gSnuClOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a2f74e-e909-4971-9341-cbc2566ae74d/1/eH9iGR8ZExS9a92wlrTNTdsz9Fw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.148.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:5d:8f:6b:9b:11:14:17:7c:10:12:87:73:d8:ed:7d:7c:cc:
ac:cf:bb:16:d3:e8:75:8f:b4:13:18:3a:d9:05:74:8b:c6:36:
3c:81:df:37:eb:6b:4e:99:3a:76:88:ac:cb:d9:dc:67:2a:73:
94:35:75:eb:a9:33:c5:86:13:87:d2:a7:1c:a8:e9:17:c2:94:
32:7f:75:e8:e8:26:c5:63:ab:46:a0:97:4d:31:c4:c0:a3:41:
f8:02:af:6b:55:a9:fe:56:4f:12:5a:82:cf:cc:b6:3e:9d:3e:
08:7b:e3:4f:b0:bc:21:cc:d2:2b:53:66:f5:9e:38:f1:94:67:
7e:1d:64:01:d9:b4:ab:39:87:d0:cb:08:e1:39:8d:67:8e:77:
78:0d:bb:a5:29:ba:3b:eb:4d:ae:37:15:86:4d:be:2c:10:54:
d4:37:46:43:00:df:52:4c:ad:6d:4d:1a:7a:dc:04:8e:a1:b4:
b8:22:81:97:84:b8:48:1a:24:28:7d:33:30:6c:03:8e:ad:92:
69:61:21:6b:b4:07:05:5a:7e:9e:9d:98:55:02:9d:1e:d8:3a:
f3:7a:30:50:e4:f1:60:b3:de:e5:79:44:09:20:35:c2:4c:e2:
2c:b5:4f:d6:95:e9:ee:fa:14:da:65:e3:7d:be:a2:af:5b:f0:
f1:13:38:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2v8JEnNP5N5DkWX4mTYfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4N2Y2MjE5MWYxOTEzMTRiZDZiZGRiMDk2YjRjZDRkZGIz
M2Y0NWMwHhcNMjQwMTAxMDIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTkyMmMyZTlmNjAwNzdmOWUzZTdkYjcyMzNkNjA0YTdiODI5NGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6alUc2ZA3qVUS7/uK8dus3XZQbfu
1W4iwQfJPY3uYCyesL+uanaQYjVgcHUb1iLHxEyT9osuBKBKB+oghxLtOLVYx9dZ
nGEsWxlMDvHaanSYXqox6XNukm0LuPo8tADD8AYmSPTeYQXghfPTz76tFng77vLD
IqgUq5VJIHV/EYKyW7FGuaEBTRfcbg/ogZIxXcoKsVH+4dWc5oI0B4ST3WGToA9H
11xPw/kDUey9ViF2HxnRljGhJupR4JkuIPWn5C6+Sw9xkV1KJlYjR+UGgCkJ8MDS
YLNJYUnb3xR3RT9Hwe72p/uXLq9Fbq9KwEWWL8Wkufzq3jjY/AOUaSe4SQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGqSLC6fYAd/nj59tyM9YEp7gpTqMB8GA1UdIwQY
MBaAFHh/YhkfGRMUvWvdsJa0zU3bM/RcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUg5aUdSOFpFeFM5YTkyd2xyVE5UZHN6OUZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9hMmY3NGUtZTkwOS00OTcxLTkzNDEt
Y2JjMjU2NmFlNzRkLzEvYXBJc0xwOWdCMy1lUG4yM0l6MWdTbnVDbE9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9hMmY3NGUtZTkwOS00OTcxLTkzNDEtY2JjMjU2NmFlNzRk
LzEvZUg5aUdSOFpFeFM5YTkyd2xyVE5UZHN6OUZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9iUMA0G
CSqGSIb3DQEBCwUAA4IBAQCmXY9rmxEUF3wQEodz2O19fMysz7sW0+h1j7QTGDrZ
BXSLxjY8gd8362tOmTp2iKzL2dxnKnOUNXXrqTPFhhOH0qccqOkXwpQyf3Xo6CbF
Y6tGoJdNMcTAo0H4Aq9rVan+Vk8SWoLPzLY+nT4Ie+NPsLwhzNIrU2b1njjxlGd+
HWQB2bSrOYfQywjhOY1njnd4DbulKbo7602uNxWGTb4sEFTUN0ZDAN9STK1tTRp6
3ASOobS4IoGXhLhIGiQofTMwbAOOrZJpYSFrtAcFWn6enZhVAp0e2DrzejBQ5PFg
s97leUQJIDXCTOIstU/Wlenu+hTaZeN9vqKvW/DxEzjS
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:42 2025 by rpki-client