Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/G79ZiP6DiuUmY7VmAtFD-2XkciI.roa
File: G79ZiP6DiuUmY7VmAtFD-2XkciI.roa (raw, json)
Hash identifier: QDU7EzIuPmX+SWvEl9yqhqLoetJzobkYRy/XDVVVI0Q=
Subject key identifier: 1B:BF:59:88:FE:83:8A:E5:26:63:B5:66:02:D1:43:FB:65:E4:72:22
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 019424B3A9E75A428990E021978D7654DE05
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/G79ZiP6DiuUmY7VmAtFD-2XkciI.roa
Signing time: Thu 02 Jan 2025 01:49:01 +0000
ROA not before: Thu 02 Jan 2025 01:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29390
IP address blocks: 91.198.133.0/24 maxlen: 24
94.131.0.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:a9:e7:5a:42:89:90:e0:21:97:8d:76:54:de:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 2 01:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1bbf5988fe838ae52663b56602d143fb65e47222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:eb:74:56:cc:8a:d1:bc:06:d1:4e:68:1c:f9:
d0:35:04:23:fe:5c:bd:67:44:66:46:35:07:9c:44:
3a:4c:19:62:a7:32:4b:b2:6d:0b:7b:61:5a:a5:ad:
45:6f:7b:30:0c:1d:be:7f:0b:d7:0b:ed:5a:d3:21:
c5:43:c3:c3:fd:5c:66:19:92:4a:f9:13:e1:ed:cb:
68:89:ea:0b:d7:45:a6:fa:bb:ef:40:92:93:69:43:
46:3d:2d:5d:44:6d:7d:cf:ec:f1:1c:09:f8:16:22:
0d:d6:b9:00:04:c5:ea:bd:9f:54:c1:32:69:ae:fc:
ea:95:dc:ed:85:31:44:69:b0:d7:e7:45:44:cf:d2:
73:40:67:65:0f:5f:5b:3f:ea:bb:04:aa:fb:26:68:
f1:f1:8e:65:e6:9a:7b:14:11:c9:55:ef:52:78:a5:
94:f2:65:d1:ff:dc:9d:33:d7:f1:29:e0:58:17:02:
36:fe:2f:e3:4b:2c:69:60:19:3c:4d:e2:45:df:55:
5c:0d:4a:51:f5:d6:b5:78:f1:b8:6f:69:e5:1b:71:
9f:86:50:26:6b:cd:cc:63:64:f8:68:8a:0a:4a:18:
f6:7d:af:a6:7d:de:b5:70:37:52:07:e6:43:56:27:
ec:3b:31:7c:99:8a:ce:ba:2b:7b:4f:01:64:d3:ce:
42:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:BF:59:88:FE:83:8A:E5:26:63:B5:66:02:D1:43:FB:65:E4:72:22
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/G79ZiP6DiuUmY7VmAtFD-2XkciI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.133.0/24
94.131.0.0/23
Signature Algorithm: sha256WithRSAEncryption
57:f0:0b:91:03:22:94:91:aa:f3:31:8f:e6:3e:9c:80:1c:05:
07:8d:3c:2c:d7:24:38:36:43:40:7a:e4:33:5b:19:47:36:12:
35:18:be:37:8e:bb:cc:66:08:c3:53:c4:a7:f2:1d:d0:0a:82:
4f:d9:4b:26:f4:f6:54:35:f3:4e:5a:11:dd:d0:bf:c2:82:4a:
c0:32:24:2e:b9:3f:ac:f1:96:da:22:77:6b:8a:a1:37:b5:ad:
ba:6d:f4:cf:48:f0:a2:09:2f:ab:8a:82:e0:85:b7:f0:b8:16:
b1:dc:31:7d:b4:6d:90:03:90:72:77:69:aa:e3:33:b6:46:b6:
c0:55:44:88:c3:81:15:c1:c0:0c:10:c9:23:24:cf:45:91:c0:
09:9b:bd:78:6e:b7:9d:d7:b3:72:39:93:45:41:02:38:f9:ef:
85:2f:6f:16:ce:87:84:cd:fc:6d:81:f1:39:63:3b:75:c7:36:
a0:e0:fc:db:c6:40:97:d8:d5:94:33:61:af:73:c5:02:5b:51:
1c:28:f7:d8:55:dd:94:4c:f8:e8:b5:70:5b:e9:09:bc:79:ba:
ba:cf:ba:50:8e:7e:90:27:61:86:f2:3d:1e:70:9f:0f:c3:c2:
45:a2:cc:d7:dd:15:f8:ac:17:ad:ed:c6:6e:15:cc:0e:a1:fb:
8a:b6:96:f4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQks6nnWkKJkOAhl412VN4FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjUwMTAyMDE0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmJmNTk4OGZlODM4YWU1MjY2M2I1NjYwMmQxNDNmYjY1ZTQ3MjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOt0VsyK0bwG0U5oHPnQNQQj/ly9
Z0RmRjUHnEQ6TBlipzJLsm0Le2Fapa1Fb3swDB2+fwvXC+1a0yHFQ8PD/VxmGZJK
+RPh7ctoieoL10Wm+rvvQJKTaUNGPS1dRG19z+zxHAn4FiIN1rkABMXqvZ9UwTJp
rvzqldzthTFEabDX50VEz9JzQGdlD19bP+q7BKr7Jmjx8Y5l5pp7FBHJVe9SeKWU
8mXR/9ydM9fxKeBYFwI2/i/jSyxpYBk8TeJF31VcDUpR9da1ePG4b2nlG3GfhlAm
a83MY2T4aIoKShj2fa+mfd61cDdSB+ZDVifsOzF8mYrOuit7TwFk085CbQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBu/WYj+g4rlJmO1ZgLRQ/tl5HIiMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvRzc5WmlQNkRpdVVtWTdWbUF0RkQtMlhrY2lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8aFAwQB
XoMAMA0GCSqGSIb3DQEBCwUAA4IBAQBX8AuRAyKUkarzMY/mPpyAHAUHjTws1yQ4
NkNAeuQzWxlHNhI1GL43jrvMZgjDU8Sn8h3QCoJP2Usm9PZUNfNOWhHd0L/CgkrA
MiQuuT+s8ZbaIndriqE3ta26bfTPSPCiCS+rioLghbfwuBax3DF9tG2QA5Byd2mq
4zO2RrbAVUSIw4EVwcAMEMkjJM9FkcAJm714bred17NyOZNFQQI4+e+FL28WzoeE
zfxtgfE5Yzt1xzag4PzbxkCX2NWUM2Gvc8UCW1EcKPfYVd2UTPjotXBb6Qm8ebq6
z7pQjn6QJ2GG8j0ecJ8Pw8JFoszX3RX4rBet7cZuFcwOofuKtpb0
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:29:04 2025 by rpki-client