Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/4cc2ff-2104-49df-9e0e-662c41673d69/1/ibv39Ay3PJbMdntufQht56n0Zbs.roa
File: ibv39Ay3PJbMdntufQht56n0Zbs.roa (raw, json)
Hash identifier: dro2yZ1kMlvQloAU22rhnene53Po07NmAGCSu5zovkk=
Subject key identifier: 89:BB:F7:F4:0C:B7:3C:96:CC:76:7B:6E:7D:08:6D:E7:A9:F4:65:BB
Certificate issuer: /CN=a312d1d87d7d48f0ef51fc912b9672c3f73ecbe7
Certificate serial: 018CC64AFAC28E2FC576B7561B26F96450E6
Authority key identifier: A3:12:D1:D8:7D:7D:48:F0:EF:51:FC:91:2B:96:72:C3:F7:3E:CB:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oxLR2H19SPDvUfyRK5Zyw_c-y-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/4cc2ff-2104-49df-9e0e-662c41673d69/1/ibv39Ay3PJbMdntufQht56n0Zbs.roa
Signing time: Mon 01 Jan 2024 18:30:51 +0000
ROA not before: Mon 01 Jan 2024 18:30:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50959
IP address blocks: 91.216.134.0/24 maxlen: 24
2a12:5740::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:fa:c2:8e:2f:c5:76:b7:56:1b:26:f9:64:50:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a312d1d87d7d48f0ef51fc912b9672c3f73ecbe7
Validity
Not Before: Jan 1 18:30:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89bbf7f40cb73c96cc767b6e7d086de7a9f465bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:9f:54:91:29:42:fb:e3:4c:3a:0a:b5:fa:cb:
0a:ad:e6:3f:44:e9:44:b0:28:35:eb:41:6d:b1:b8:
9f:6f:cb:e1:48:ac:3d:41:e8:aa:7c:1f:59:b3:06:
6e:06:99:42:d0:8b:fd:ce:23:39:ce:12:86:2a:0f:
29:69:69:76:ce:98:6e:3b:16:06:6b:9c:e9:45:d5:
e2:13:18:a5:d8:2a:8d:ea:d4:24:42:40:45:dd:5d:
2d:e4:57:5a:94:98:e7:02:3b:ed:36:39:18:39:f0:
cf:e8:a3:55:9c:65:e8:3b:ed:ae:f7:1c:ac:fc:f3:
1f:22:a8:7e:59:dd:85:1a:53:48:6e:33:a9:9f:44:
36:aa:a8:fc:fc:56:bc:ff:cc:e8:a6:d4:cc:ef:75:
f4:f9:43:30:11:81:e7:e7:a8:c4:92:05:34:b9:f8:
d3:51:10:a2:c3:41:e9:3d:bf:6a:e3:f1:b9:70:01:
2d:19:15:df:23:89:50:02:cc:c1:6b:df:76:ca:47:
d4:a8:3d:4f:17:f2:84:43:8c:5c:cb:2e:71:9c:7a:
59:8d:56:76:2b:d4:bd:cb:b8:77:1c:fc:c9:a3:06:
07:05:5d:80:c3:f1:8c:b3:a8:fb:18:0a:6d:32:c6:
f5:22:9e:65:1f:0b:ac:5e:93:ba:9e:be:e2:f5:db:
ec:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:BB:F7:F4:0C:B7:3C:96:CC:76:7B:6E:7D:08:6D:E7:A9:F4:65:BB
X509v3 Authority Key Identifier:
keyid:A3:12:D1:D8:7D:7D:48:F0:EF:51:FC:91:2B:96:72:C3:F7:3E:CB:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oxLR2H19SPDvUfyRK5Zyw_c-y-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/4cc2ff-2104-49df-9e0e-662c41673d69/1/ibv39Ay3PJbMdntufQht56n0Zbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/4cc2ff-2104-49df-9e0e-662c41673d69/1/oxLR2H19SPDvUfyRK5Zyw_c-y-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.134.0/24
IPv6:
2a12:5740::/29
Signature Algorithm: sha256WithRSAEncryption
6c:21:8a:d6:f2:df:f0:c6:a7:ea:57:8b:09:0f:bf:07:48:e8:
1c:97:76:11:77:59:05:e9:2b:dd:6e:cd:ab:36:96:5d:47:74:
b6:28:00:be:3f:fb:97:01:52:c8:35:96:bc:fa:d1:d3:c8:81:
f1:d0:81:cc:a7:ad:11:b5:05:48:08:6f:da:1f:f5:8b:ed:64:
12:63:ef:c5:92:ae:70:f3:5f:1e:a3:22:2f:c2:4c:ae:97:d2:
ba:78:e6:cb:61:6b:4c:1d:2b:ce:50:2d:2e:d1:50:59:18:1c:
2e:c8:2b:4a:d1:46:a7:eb:72:34:ec:5c:47:d3:3e:35:67:3f:
c2:43:b3:f0:28:10:5b:f3:b3:0a:64:38:1d:70:ba:7f:a1:f9:
60:30:f6:7b:87:05:e0:d6:f7:29:af:07:76:0f:45:db:11:bb:
a8:24:88:bf:3e:11:3a:6e:00:d0:5b:aa:4b:28:ff:9b:cc:16:
98:d1:f9:9c:e8:24:41:e7:ce:4c:eb:ab:52:56:59:3f:7b:d7:
67:45:78:5b:ab:46:11:81:21:3a:24:70:b9:d5:4b:6e:76:f7:
9b:b8:05:df:07:b4:36:fc:dd:67:bd:d0:94:2d:ab:dc:2e:60:
9c:cd:63:46:15:61:bf:6b:12:78:26:47:c1:9b:37:18:b6:13:
0f:96:61:8e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGSvrCji/FdrdWGyb5ZFDmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMTJkMWQ4N2Q3ZDQ4ZjBlZjUxZmM5MTJiOTY3MmMzZjcz
ZWNiZTcwHhcNMjQwMTAxMTgzMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWJiZjdmNDBjYjczYzk2Y2M3NjdiNmU3ZDA4NmRlN2E5ZjQ2NWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAop9UkSlC++NMOgq1+ssKreY/ROlE
sCg160Ftsbifb8vhSKw9QeiqfB9ZswZuBplC0Iv9ziM5zhKGKg8paWl2zphuOxYG
a5zpRdXiExil2CqN6tQkQkBF3V0t5FdalJjnAjvtNjkYOfDP6KNVnGXoO+2u9xys
/PMfIqh+Wd2FGlNIbjOpn0Q2qqj8/Fa8/8zoptTM73X0+UMwEYHn56jEkgU0ufjT
URCiw0HpPb9q4/G5cAEtGRXfI4lQAszBa992ykfUqD1PF/KEQ4xcyy5xnHpZjVZ2
K9S9y7h3HPzJowYHBV2Aw/GMs6j7GAptMsb1Ip5lHwusXpO6nr7i9dvs+wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIm79/QMtzyWzHZ7bn0Ibeep9GW7MB8GA1UdIwQY
MBaAFKMS0dh9fUjw71H8kSuWcsP3PsvnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3hMUjJIMTlTUER2VWZ5Uks1Wnl3X2MteS1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy80Y2MyZmYtMjEwNC00OWRmLTllMGUt
NjYyYzQxNjczZDY5LzEvaWJ2MzlBeTNQSmJNZG50dWZRaHQ1Nm4wWmJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy80Y2MyZmYtMjEwNC00OWRmLTllMGUtNjYyYzQxNjczZDY5
LzEvb3hMUjJIMTlTUER2VWZ5Uks1Wnl3X2MteS1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9iGMA0E
AgACMAcDBQMqEldAMA0GCSqGSIb3DQEBCwUAA4IBAQBsIYrW8t/wxqfqV4sJD78H
SOgcl3YRd1kF6Svdbs2rNpZdR3S2KAC+P/uXAVLINZa8+tHTyIHx0IHMp60RtQVI
CG/aH/WL7WQSY+/Fkq5w818eoyIvwkyul9K6eObLYWtMHSvOUC0u0VBZGBwuyCtK
0Uan63I07FxH0z41Zz/CQ7PwKBBb87MKZDgdcLp/oflgMPZ7hwXg1vcprwd2D0Xb
EbuoJIi/PhE6bgDQW6pLKP+bzBaY0fmc6CRB585M66tSVlk/e9dnRXhbq0YRgSE6
JHC51UtudvebuAXfB7Q2/N1nvdCULavcLmCczWNGFWG/axJ4JkfBmzcYthMPlmGO
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:12 2025 by rpki-client