Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/Ai91bWXDGxCWqjp1fmGBqGgWl7g.roa
File: Ai91bWXDGxCWqjp1fmGBqGgWl7g.roa (raw, json)
Hash identifier: OnAlAh95R1o/zmJB9UOdIECRaTpSHirOUSgzepM/oAc=
Subject key identifier: 02:2F:75:6D:65:C3:1B:10:96:AA:3A:75:7E:61:81:A8:68:16:97:B8
Certificate issuer: /CN=be8c0a74f47312df298a46095e47525d515854a1
Certificate serial: F54670
Authority key identifier: BE:8C:0A:74:F4:73:12:DF:29:8A:46:09:5E:47:52:5D:51:58:54:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vowKdPRzEt8pikYJXkdSXVFYVKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/Ai91bWXDGxCWqjp1fmGBqGgWl7g.roa
Signing time: Fri 08 Apr 2022 07:42:38 +0000
ROA not before: Fri 08 Apr 2022 07:42:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43658
IP address blocks: 94.232.208.0/21 maxlen: 21
176.97.0.0/21 maxlen: 21
91.197.168.0/22 maxlen: 22
91.218.72.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16074352 (0xf54670)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be8c0a74f47312df298a46095e47525d515854a1
Validity
Not Before: Apr 8 07:42:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=022f756d65c31b1096aa3a757e6181a8681697b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f1:79:7a:64:30:d0:d2:a3:82:ce:48:8d:d8:
b2:44:22:eb:c9:ae:e1:b0:25:1d:b4:98:12:6c:9a:
fe:9e:4a:bb:57:3a:0b:b8:15:87:af:cd:5b:bd:1c:
cc:74:95:f6:b3:c8:6b:2d:a0:af:97:8f:ea:7b:c1:
b0:f4:55:a1:81:d8:4e:89:93:19:57:ec:38:de:4b:
87:55:0d:f9:15:da:16:06:d9:e2:cd:9b:85:30:7f:
00:1b:5b:47:67:6a:55:84:3f:c5:d5:31:c2:d5:2a:
e2:6e:ac:01:86:a9:22:19:fe:51:9e:86:53:42:05:
d9:00:e9:ab:75:2d:58:0c:40:86:ea:9a:d2:e1:aa:
6e:fe:b4:e2:9f:85:68:d4:2d:6c:02:ce:db:42:28:
ad:47:b5:bc:bc:0c:0b:96:54:48:bf:71:4b:a8:a5:
18:6d:f3:fb:41:d5:67:23:7c:38:ff:52:34:da:97:
92:a7:a3:1e:40:35:89:86:7a:46:c0:23:83:7b:02:
8b:d5:86:7d:e8:02:e6:ef:09:6a:a5:0a:0d:30:16:
99:7c:bb:04:9f:41:d1:f7:99:61:92:fc:92:6a:c5:
82:7c:28:84:c1:1c:73:34:89:50:8f:c3:bc:78:e7:
ae:c4:91:4e:71:d4:aa:a3:e2:74:fa:6c:c0:2f:d5:
c7:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:2F:75:6D:65:C3:1B:10:96:AA:3A:75:7E:61:81:A8:68:16:97:B8
X509v3 Authority Key Identifier:
keyid:BE:8C:0A:74:F4:73:12:DF:29:8A:46:09:5E:47:52:5D:51:58:54:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vowKdPRzEt8pikYJXkdSXVFYVKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/Ai91bWXDGxCWqjp1fmGBqGgWl7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/vowKdPRzEt8pikYJXkdSXVFYVKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.168.0/22
91.218.72.0/22
94.232.208.0/21
176.97.0.0/21
Signature Algorithm: sha256WithRSAEncryption
09:c0:e1:a8:af:c6:5d:d9:d6:0b:07:37:28:e7:b0:62:54:86:
9f:0a:97:ae:c1:26:73:a0:77:1c:df:5f:73:ca:51:8e:38:c8:
87:c8:97:96:63:a5:68:0b:e4:08:72:c1:22:20:19:41:10:7c:
e8:84:10:32:9b:29:e7:6f:bc:0e:da:ff:09:62:e5:14:60:b5:
0f:f2:a4:0d:33:9d:5e:e2:70:59:50:ae:83:e2:f7:78:9f:12:
01:7e:23:42:d3:8c:95:90:f9:7c:19:c5:d5:20:13:98:05:91:
a8:3e:7e:23:b4:a7:8f:7e:a0:e1:dc:ad:38:82:01:4c:f9:ba:
9f:3f:75:db:0d:b5:08:52:e5:f7:09:a0:8d:ae:0e:71:e5:33:
13:70:87:90:dc:85:75:d2:b9:1a:b3:f7:51:af:33:84:18:db:
44:f3:2d:a0:69:10:3d:9d:b8:a2:68:fc:56:e5:1f:5c:3b:9b:
28:91:5f:04:75:97:4c:1b:b4:04:df:e4:31:31:3e:09:fa:fb:
af:04:02:3d:a7:06:49:b5:5a:58:43:3c:f7:7d:64:4d:9f:b1:
cd:f4:d2:0b:d4:20:7b:f9:49:1e:0e:f1:a6:40:84:6b:e2:c0:
5c:8a:27:29:cc:27:1b:39:42:6d:a4:ca:b0:2e:af:39:3c:6b:
e2:62:95:5c
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEAPVGcDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZThjMGE3NGY0NzMxMmRmMjk4YTQ2MDk1ZTQ3NTI1ZDUxNTg1NGExMB4XDTIyMDQw
ODA3NDIzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDIyZjc1NmQ2NWMz
MWIxMDk2YWEzYTc1N2U2MTgxYTg2ODE2OTdiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALrxeXpkMNDSo4LOSI3YskQi68mu4bAlHbSYEmya/p5Ku1c6
C7gVh6/NW70czHSV9rPIay2gr5eP6nvBsPRVoYHYTomTGVfsON5Lh1UN+RXaFgbZ
4s2bhTB/ABtbR2dqVYQ/xdUxwtUq4m6sAYapIhn+UZ6GU0IF2QDpq3UtWAxAhuqa
0uGqbv604p+FaNQtbALO20IorUe1vLwMC5ZUSL9xS6ilGG3z+0HVZyN8OP9SNNqX
kqejHkA1iYZ6RsAjg3sCi9WGfegC5u8JaqUKDTAWmXy7BJ9B0feZYZL8kmrFgnwo
hMEcczSJUI/DvHjnrsSRTnHUqqPidPpswC/Vx70CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQCL3VtZcMbEJaqOnV+YYGoaBaXuDAfBgNVHSMEGDAWgBS+jAp09HMS3ymK
RgleR1JdUVhUoTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Zvd0tkUFJ6RXQ4cGlrWUpYa2RTWFZGWVZLRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvZmM4MGYwLTVjMjctNDg5OC04NGFjLTI4ZTQxNmNmMTFjZi8x
L0FpOTFiV1hER3hDV3FqcDFmbUdCcUdnV2w3Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ZmM4MGYwLTVjMjctNDg5OC04NGFjLTI4ZTQxNmNmMTFjZi8xL3Zvd0tkUFJ6RXQ4
cGlrWUpYa2RTWFZGWVZLRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAlvFqAMEAlvaSAMEA17o0AMEA7Bh
ADANBgkqhkiG9w0BAQsFAAOCAQEACcDhqK/GXdnWCwc3KOewYlSGnwqXrsEmc6B3
HN9fc8pRjjjIh8iXlmOlaAvkCHLBIiAZQRB86IQQMpsp52+8Dtr/CWLlFGC1D/Kk
DTOdXuJwWVCug+L3eJ8SAX4jQtOMlZD5fBnF1SATmAWRqD5+I7Snj36g4dytOIIB
TPm6nz912w21CFLl9wmgja4OceUzE3CHkNyFddK5GrP3Ua8zhBjbRPMtoGkQPZ24
omj8VuUfXDubKJFfBHWXTBu0BN/kMTE+Cfr7rwQCPacGSbVaWEM8931kTZ+xzfTS
C9Qge/lJHg7xpkCEa+LAXIonKcwnGzlCbaTKsC6vOTxr4mKVXA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:58 2025 by rpki-client