Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/Ur9khRK7hCXitL3VAcUAYAEvce8.roa
File: Ur9khRK7hCXitL3VAcUAYAEvce8.roa (raw, json)
Hash identifier: 9hx/PwnKPtBM0vXR/kqUYRApb3bCcTtpcvT1ZKRuh8g=
Subject key identifier: 52:BF:64:85:12:BB:84:25:E2:B4:BD:D5:01:C5:00:60:01:2F:71:EF
Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial: 0194266B824288A5E387FF8C9123822F3799
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/Ur9khRK7hCXitL3VAcUAYAEvce8.roa
Signing time: Thu 02 Jan 2025 09:49:27 +0000
ROA not before: Thu 02 Jan 2025 09:49:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206541
IP address blocks: 91.90.233.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:82:42:88:a5:e3:87:ff:8c:91:23:82:2f:37:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Validity
Not Before: Jan 2 09:49:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52bf648512bb8425e2b4bdd501c50060012f71ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a3:0a:a1:76:39:4d:4f:70:f0:22:13:46:68:
74:cc:3d:e3:6f:2b:f8:3d:d7:70:5c:0c:42:73:4c:
cc:14:e1:9e:f1:85:d5:5f:8e:84:5b:c2:c9:73:84:
9c:41:dd:41:17:31:8a:ec:86:f8:0a:eb:ea:a2:11:
7d:2d:12:62:2f:b3:ad:48:8d:7d:37:67:24:5d:92:
89:60:fb:b0:a7:88:dc:ae:b1:ac:8d:7c:90:a5:8e:
73:73:bb:b7:ac:bc:12:cc:9a:93:ea:20:d6:ad:1c:
ad:b7:03:ce:25:65:32:28:ea:78:9f:5c:ac:12:cb:
e7:0f:7f:96:06:8b:3d:b9:31:37:3a:61:c4:75:91:
cb:ff:29:91:18:31:36:aa:47:de:1a:80:01:aa:cd:
05:bd:c3:14:b0:3f:c4:a2:35:44:6e:35:87:5e:ff:
f3:06:88:9a:ab:88:46:09:8d:c6:4e:e5:06:69:fd:
70:1f:b8:cf:28:c1:04:c3:24:24:c6:30:ba:15:97:
b9:27:34:3c:56:08:5d:16:22:39:82:c6:a1:1f:ea:
b6:e3:9b:1b:87:a5:c6:e0:a6:ae:8b:31:8f:0b:39:
39:f3:bc:b7:1f:63:a0:96:3f:18:16:e9:a3:ca:7a:
8f:aa:ca:8f:50:e5:b2:66:f6:fc:67:7b:69:af:88:
99:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:BF:64:85:12:BB:84:25:E2:B4:BD:D5:01:C5:00:60:01:2F:71:EF
X509v3 Authority Key Identifier:
keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/Ur9khRK7hCXitL3VAcUAYAEvce8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.90.233.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:b2:19:22:d8:3c:4b:3e:c5:ea:38:07:00:52:45:d3:bb:b4:
df:f2:43:ad:fc:f6:b2:68:4b:07:b3:4f:f8:ec:51:e6:33:a2:
b8:06:12:4c:ab:e7:92:9e:43:91:22:f3:54:96:aa:b3:f1:ea:
b5:a6:41:11:ee:a1:61:82:05:1b:7d:5b:ad:2e:77:bd:9e:50:
a2:7b:97:97:bc:28:04:0b:64:b5:7b:b7:b0:80:d7:96:b4:70:
dc:11:06:ec:82:f7:cb:09:cb:a3:67:d4:2f:14:dd:9c:6e:10:
66:e5:82:c6:f3:9e:46:38:68:8e:8b:ce:22:60:b7:3f:65:50:
4d:4f:cd:41:45:a9:1d:e5:e2:09:97:88:0b:cf:a4:13:f2:60:
e4:b1:24:f7:7e:4a:7d:f4:0c:78:16:a1:bc:a4:78:9d:77:3b:
a0:a6:5a:6e:a3:14:fd:04:99:62:8f:42:b3:40:20:3d:6a:18:
8a:4f:c4:fb:d8:fc:0f:cb:4c:cb:4e:73:da:62:61:78:e9:b1:
e1:2b:98:d6:ce:73:bb:9e:ce:d3:63:01:6e:85:1c:be:51:75:
da:0a:d7:4f:be:86:25:62:ec:c2:1c:40:4d:58:43:66:db:60:
59:9a:b3:15:57:45:0d:3c:af:c9:9f:54:65:d7:16:40:c8:e1:
2d:4a:64:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma4JCiKXjh/+MkSOCLzeZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YWRkOWI2NzFmN2EzNmViMjM2N2UzNGZlZTRiY2IxM2I4
ZjY2Y2MwHhcNMjUwMTAyMDk0OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmJmNjQ4NTEyYmI4NDI1ZTJiNGJkZDUwMWM1MDA2MDAxMmY3MWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqMKoXY5TU9w8CITRmh0zD3jbyv4
PddwXAxCc0zMFOGe8YXVX46EW8LJc4ScQd1BFzGK7Ib4CuvqohF9LRJiL7OtSI19
N2ckXZKJYPuwp4jcrrGsjXyQpY5zc7u3rLwSzJqT6iDWrRyttwPOJWUyKOp4n1ys
EsvnD3+WBos9uTE3OmHEdZHL/ymRGDE2qkfeGoABqs0FvcMUsD/EojVEbjWHXv/z
Boiaq4hGCY3GTuUGaf1wH7jPKMEEwyQkxjC6FZe5JzQ8VghdFiI5gsahH+q245sb
h6XG4KauizGPCzk587y3H2Oglj8YFumjynqPqsqPUOWyZvb8Z3tpr4iZ3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFK/ZIUSu4Ql4rS91QHFAGABL3HvMB8GA1UdIwQY
MBaAFIit2bZx96NusjZ+NP7kvLE7j2bMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEt
YTFiOTZiOWI3MGY4LzEvVXI5a2hSSzdoQ1hpdEwzVkFjVUFZQUV2Y2U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEtYTFiOTZiOWI3MGY4
LzEvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW1rpMA0G
CSqGSIb3DQEBCwUAA4IBAQB7shki2DxLPsXqOAcAUkXTu7Tf8kOt/PayaEsHs0/4
7FHmM6K4BhJMq+eSnkORIvNUlqqz8eq1pkER7qFhggUbfVutLne9nlCie5eXvCgE
C2S1e7ewgNeWtHDcEQbsgvfLCcujZ9QvFN2cbhBm5YLG855GOGiOi84iYLc/ZVBN
T81BRakd5eIJl4gLz6QT8mDksST3fkp99Ax4FqG8pHiddzugplpuoxT9BJlij0Kz
QCA9ahiKT8T72PwPy0zLTnPaYmF46bHhK5jWznO7ns7TYwFuhRy+UXXaCtdPvoYl
YuzCHEBNWENm22BZmrMVV0UNPK/Jn1Rl1xZAyOEtSmSn
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:01:07 2025 by rpki-client