Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/868e9b-e143-4e57-867a-43ee37032079/1/fYiL-gcJYS3DvoXlbk8npEzex9s.roa
File: fYiL-gcJYS3DvoXlbk8npEzex9s.roa (raw, json)
Hash identifier: 9Q8MjsVPLUrU7yHevN8gaqVNPjLnBSbpSJ0GOIYxwtQ=
Subject key identifier: 7D:88:8B:FA:07:09:61:2D:C3:BE:85:E5:6E:4F:27:A4:4C:DE:C7:DB
Certificate issuer: /CN=52227117bea639cbc897fc31e764a3495fb401c2
Certificate serial: 018CC8013D986727370C84F234C17C210AAD
Authority key identifier: 52:22:71:17:BE:A6:39:CB:C8:97:FC:31:E7:64:A3:49:5F:B4:01:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UiJxF76mOcvIl_wx52SjSV-0AcI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/868e9b-e143-4e57-867a-43ee37032079/1/fYiL-gcJYS3DvoXlbk8npEzex9s.roa
Signing time: Tue 02 Jan 2024 02:29:33 +0000
ROA not before: Tue 02 Jan 2024 02:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39855
IP address blocks: 91.221.81.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:3d:98:67:27:37:0c:84:f2:34:c1:7c:21:0a:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52227117bea639cbc897fc31e764a3495fb401c2
Validity
Not Before: Jan 2 02:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d888bfa0709612dc3be85e56e4f27a44cdec7db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3a:49:29:b7:38:f9:ba:23:7b:5d:b8:a5:67:
c3:a7:cd:e0:43:e7:f2:33:6e:11:37:60:a1:0a:3e:
e6:0f:01:c6:57:82:d8:8b:da:c8:1c:81:e0:ec:cc:
99:a0:b0:bb:4f:d8:9c:96:c5:e0:99:0c:3e:15:cb:
dc:75:58:1b:67:13:72:ad:23:46:4d:4b:ed:c0:4f:
8a:c9:74:2f:e7:1d:d4:07:50:c8:0d:4b:bc:96:ed:
8e:17:e5:a4:20:01:3c:42:52:24:dd:4b:fd:d5:66:
dc:fe:bc:12:4d:cf:5f:ff:85:96:87:e7:74:7b:6f:
86:3e:b5:01:50:2a:d9:a1:29:2d:ee:5a:a4:78:df:
3f:ad:b8:14:8c:5c:83:85:fb:85:7a:52:fc:f4:7c:
c1:0e:92:1c:f0:8b:59:d4:19:f5:4f:da:50:81:c1:
36:d5:ea:0e:6f:3e:d9:2d:82:48:32:99:f7:49:c7:
96:da:e9:c0:ea:ef:9f:ee:2f:98:7f:5a:96:61:5d:
8a:a4:de:7a:87:a8:0f:20:cc:41:40:e2:3f:9d:24:
04:7b:a9:f9:0e:1c:7f:f4:85:c6:aa:02:a6:9d:69:
72:1f:49:40:a9:bc:b3:51:2a:55:b6:f2:ec:42:27:
e6:10:68:22:35:9e:0b:32:ae:d1:f4:1b:57:5b:73:
03:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:88:8B:FA:07:09:61:2D:C3:BE:85:E5:6E:4F:27:A4:4C:DE:C7:DB
X509v3 Authority Key Identifier:
keyid:52:22:71:17:BE:A6:39:CB:C8:97:FC:31:E7:64:A3:49:5F:B4:01:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UiJxF76mOcvIl_wx52SjSV-0AcI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/868e9b-e143-4e57-867a-43ee37032079/1/fYiL-gcJYS3DvoXlbk8npEzex9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/868e9b-e143-4e57-867a-43ee37032079/1/UiJxF76mOcvIl_wx52SjSV-0AcI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.81.0/24
Signature Algorithm: sha256WithRSAEncryption
31:07:f9:d8:aa:ef:e1:df:92:1f:14:33:85:9b:5c:ef:58:d6:
d1:35:49:95:a3:5d:67:24:37:c8:1a:1e:d9:c1:ea:ff:ff:63:
d2:76:79:23:9e:6d:bb:a7:87:b7:a5:c5:21:63:60:88:a3:2d:
b5:32:3b:40:86:d9:2b:29:7a:85:f1:a6:47:64:e0:81:61:50:
ef:ae:2c:8c:82:e2:65:1d:aa:65:57:f7:25:a6:fb:6d:3d:c6:
0a:53:82:7f:b9:e6:a9:ba:58:41:6b:ad:58:eb:cf:85:7b:af:
8b:15:34:a1:60:59:41:7e:e7:60:f4:23:ff:78:99:4d:cf:27:
60:fa:87:17:b5:8e:8f:68:31:82:8d:cb:7e:b6:d7:66:17:33:
f5:49:48:cb:f0:c1:46:ce:42:0d:bb:df:20:f5:b2:ed:21:a2:
bb:f7:8f:bc:76:a8:90:79:a7:47:da:a7:de:d3:00:28:42:5c:
0c:08:03:db:90:d5:57:01:2c:7e:01:52:56:9c:41:b5:8a:b7:
ae:28:0c:eb:dd:6d:92:ff:04:ce:c4:18:8b:bf:43:9d:d1:d2:
9e:76:84:9e:a6:34:3d:d4:24:76:c2:a5:a0:97:71:f6:73:be:
ee:05:08:13:75:b2:d2:71:88:56:89:b7:b4:fb:ad:07:b9:1b:
6c:79:e2:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAT2YZyc3DITyNMF8IQqtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMjI3MTE3YmVhNjM5Y2JjODk3ZmMzMWU3NjRhMzQ5NWZi
NDAxYzIwHhcNMjQwMTAyMDIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDg4OGJmYTA3MDk2MTJkYzNiZTg1ZTU2ZTRmMjdhNDRjZGVjN2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzpJKbc4+boje124pWfDp83gQ+fy
M24RN2ChCj7mDwHGV4LYi9rIHIHg7MyZoLC7T9iclsXgmQw+FcvcdVgbZxNyrSNG
TUvtwE+KyXQv5x3UB1DIDUu8lu2OF+WkIAE8QlIk3Uv91Wbc/rwSTc9f/4WWh+d0
e2+GPrUBUCrZoSkt7lqkeN8/rbgUjFyDhfuFelL89HzBDpIc8ItZ1Bn1T9pQgcE2
1eoObz7ZLYJIMpn3SceW2unA6u+f7i+Yf1qWYV2KpN56h6gPIMxBQOI/nSQEe6n5
Dhx/9IXGqgKmnWlyH0lAqbyzUSpVtvLsQifmEGgiNZ4LMq7R9BtXW3MDFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH2Ii/oHCWEtw76F5W5PJ6RM3sfbMB8GA1UdIwQY
MBaAFFIicRe+pjnLyJf8Medko0lftAHCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWlKeEY3Nm1PY3ZJbF93eDUyU2pTVi0wQWNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84NjhlOWItZTE0My00ZTU3LTg2N2Et
NDNlZTM3MDMyMDc5LzEvZllpTC1nY0pZUzNEdm9YbGJrOG5wRXpleDlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84NjhlOWItZTE0My00ZTU3LTg2N2EtNDNlZTM3MDMyMDc5
LzEvVWlKeEY3Nm1PY3ZJbF93eDUyU2pTVi0wQWNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW91RMA0G
CSqGSIb3DQEBCwUAA4IBAQAxB/nYqu/h35IfFDOFm1zvWNbRNUmVo11nJDfIGh7Z
wer//2PSdnkjnm27p4e3pcUhY2CIoy21MjtAhtkrKXqF8aZHZOCBYVDvriyMguJl
HaplV/clpvttPcYKU4J/ueapulhBa61Y68+Fe6+LFTShYFlBfudg9CP/eJlNzydg
+ocXtY6PaDGCjct+ttdmFzP1SUjL8MFGzkINu98g9bLtIaK794+8dqiQeadH2qfe
0wAoQlwMCAPbkNVXASx+AVJWnEG1ireuKAzr3W2S/wTOxBiLv0Od0dKedoSepjQ9
1CR2wqWgl3H2c77uBQgTdbLScYhWibe0+60HuRtseeKO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:52 2024 by rpki-client on console-fra.rpki-client.org