Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/X0Ais9RrdaKbv0FRwvzQAMyADQ8.roa
File: X0Ais9RrdaKbv0FRwvzQAMyADQ8.roa (raw, json)
Hash identifier: d2lh48CNq7KoW39+4n/PH1+D7/unmRkV3dTz89LgZ9o=
Subject key identifier: 5F:40:22:B3:D4:6B:75:A2:9B:BF:41:51:C2:FC:D0:00:CC:80:0D:0F
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 019422FC16426237148D2E7CC01357EB8F5C
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/X0Ais9RrdaKbv0FRwvzQAMyADQ8.roa
Signing time: Wed 01 Jan 2025 17:48:53 +0000
ROA not before: Wed 01 Jan 2025 17:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202943
IP address blocks: 91.242.82.0/23 maxlen: 23
91.242.82.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:16:42:62:37:14:8d:2e:7c:c0:13:57:eb:8f:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 17:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f4022b3d46b75a29bbf4151c2fcd000cc800d0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8c:0a:2a:34:7b:d2:31:83:54:7e:a3:ec:07:
b9:77:70:57:ee:49:54:d7:1f:d0:3a:c7:61:ea:ce:
12:ee:11:3f:13:7f:e1:45:6e:3b:1d:43:62:11:1a:
7a:2b:53:71:bc:51:3e:26:7f:c3:4e:25:68:83:d9:
c6:2f:6e:c2:a4:58:9f:27:7a:e5:e7:e3:66:dd:e4:
94:6a:62:e4:67:aa:0b:71:a7:67:1f:e9:47:d5:c4:
c3:2d:19:27:cf:54:a1:12:d3:a9:10:06:ed:7d:ec:
36:12:3f:3a:db:b7:3c:fd:5e:32:f1:19:ec:7b:d8:
45:8f:59:b3:c0:b2:cb:46:6d:e9:06:f6:08:b0:95:
1e:79:1a:cc:8e:91:3c:cf:54:d1:33:13:71:53:1e:
32:51:8f:3f:18:d4:b4:66:26:65:e9:9c:5b:d0:ea:
4f:8f:a3:d4:27:23:54:ef:ba:cb:12:50:4a:d8:c5:
e9:00:d0:bc:0b:5e:16:92:0e:fb:17:06:2f:08:ca:
93:6d:42:d3:d2:2b:e0:f2:9e:f0:64:a3:d3:f7:51:
8d:28:eb:a1:d3:4f:78:6b:95:6f:69:ee:b7:5b:53:
86:ee:7d:3a:94:b9:86:92:79:87:fa:9a:d2:88:18:
31:01:36:44:e7:46:78:7d:db:c8:af:6f:10:ce:e4:
30:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:40:22:B3:D4:6B:75:A2:9B:BF:41:51:C2:FC:D0:00:CC:80:0D:0F
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/X0Ais9RrdaKbv0FRwvzQAMyADQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.82.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:a0:1e:a5:29:22:5e:7e:f1:3d:0d:90:44:64:4d:7c:11:03:
6e:07:5c:af:a4:28:15:99:e2:76:e5:c9:e4:98:79:d4:6e:81:
1d:d2:91:63:82:4e:04:b4:74:9d:3c:eb:34:93:1b:4d:26:42:
c3:f6:9a:ce:40:72:25:9c:63:43:03:9a:fb:94:d5:b4:46:85:
3b:89:38:62:92:76:2b:a0:b8:1b:4b:c8:64:fb:f7:8d:7e:32:
32:82:57:3f:83:91:da:e9:6f:46:5c:15:ef:f3:58:12:60:49:
72:5b:d1:b6:fb:17:03:b6:53:8e:63:ec:cd:c3:50:43:43:ef:
3d:ce:f5:78:29:da:89:55:be:37:0c:36:e7:96:91:83:6f:3a:
49:b6:a4:3e:cc:f4:16:9e:88:69:e0:cd:d5:8c:09:09:24:6e:
0d:9a:2c:49:cb:06:d5:42:ca:87:2a:88:cc:6e:43:67:58:26:
6d:cb:46:36:32:08:7b:05:c9:fd:4a:5e:4b:9e:b1:dc:ca:86:
84:ab:62:56:bb:a1:76:8b:3d:f1:fa:fd:87:e7:2f:bb:c1:1a:
4a:ad:9d:37:da:7a:b2:91:8c:de:97:4c:f8:a3:de:8d:8f:f1:
04:2f:56:02:05:83:8f:68:47:b8:44:eb:57:53:c3:a9:7f:9b:
82:93:76:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/BZCYjcUjS58wBNX649cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjUwMTAxMTc0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjQwMjJiM2Q0NmI3NWEyOWJiZjQxNTFjMmZjZDAwMGNjODAwZDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYwKKjR70jGDVH6j7Ae5d3BX7klU
1x/QOsdh6s4S7hE/E3/hRW47HUNiERp6K1NxvFE+Jn/DTiVog9nGL27CpFifJ3rl
5+Nm3eSUamLkZ6oLcadnH+lH1cTDLRknz1ShEtOpEAbtfew2Ej8627c8/V4y8Rns
e9hFj1mzwLLLRm3pBvYIsJUeeRrMjpE8z1TRMxNxUx4yUY8/GNS0ZiZl6Zxb0OpP
j6PUJyNU77rLElBK2MXpANC8C14Wkg77FwYvCMqTbULT0ivg8p7wZKPT91GNKOuh
0094a5Vvae63W1OG7n06lLmGknmH+prSiBgxATZE50Z4fdvIr28QzuQwAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF9AIrPUa3Wim79BUcL80ADMgA0PMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvWDBBaXM5UnJkYUtidjBGUnd2elFBTXlBRFE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW/JSMA0G
CSqGSIb3DQEBCwUAA4IBAQBMoB6lKSJefvE9DZBEZE18EQNuB1yvpCgVmeJ25cnk
mHnUboEd0pFjgk4EtHSdPOs0kxtNJkLD9prOQHIlnGNDA5r7lNW0RoU7iThiknYr
oLgbS8hk+/eNfjIyglc/g5Ha6W9GXBXv81gSYElyW9G2+xcDtlOOY+zNw1BDQ+89
zvV4KdqJVb43DDbnlpGDbzpJtqQ+zPQWnohp4M3VjAkJJG4NmixJywbVQsqHKojM
bkNnWCZty0Y2Mgh7Bcn9Sl5LnrHcyoaEq2JWu6F2iz3x+v2H5y+7wRpKrZ032nqy
kYzel0z4o96Nj/EEL1YCBYOPaEe4ROtXU8Opf5uCk3Z3
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:39:40 2025 by rpki-client