Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/O6W4As-N477ND6SyjJfJtZHrAGk.roa
File: O6W4As-N477ND6SyjJfJtZHrAGk.roa (raw, json)
Hash identifier: ZYesDpUcXjTb341yR64ZAnhfkuRxf3nceu4rx1oAvh8=
Subject key identifier: 3B:A5:B8:02:CF:8D:E3:BE:CD:0F:A4:B2:8C:97:C9:B5:91:EB:00:69
Certificate issuer: /CN=1b12120c351c14eec22109f603249fcdac1d3321
Certificate serial: 01957F69F079A5C5748581C3E708FF6A5CAE
Authority key identifier: 1B:12:12:0C:35:1C:14:EE:C2:21:09:F6:03:24:9F:CD:AC:1D:33:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GxISDDUcFO7CIQn2AySfzawdMyE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/O6W4As-N477ND6SyjJfJtZHrAGk.roa
Signing time: Mon 10 Mar 2025 09:36:44 +0000
ROA not before: Mon 10 Mar 2025 09:36:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209242
IP address blocks: 91.206.71.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7f:69:f0:79:a5:c5:74:85:81:c3:e7:08:ff:6a:5c:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b12120c351c14eec22109f603249fcdac1d3321
Validity
Not Before: Mar 10 09:36:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ba5b802cf8de3becd0fa4b28c97c9b591eb0069
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:76:62:2b:6b:bb:24:b3:1f:e5:f2:a3:ea:b6:
90:52:47:62:fa:70:68:67:78:68:09:52:d6:e9:3c:
44:bc:b6:b1:03:85:13:18:14:03:23:fe:b7:28:b6:
6a:66:51:5d:de:5b:72:6a:57:d5:98:d0:16:85:89:
26:dc:90:fa:af:a4:7e:5f:6b:5e:43:5f:92:3c:14:
d2:3d:4b:d4:59:3e:f9:c0:d2:35:56:de:4d:5f:e6:
94:fb:7c:8a:e0:ca:f9:c0:1d:ff:21:bc:f0:6e:96:
6f:70:02:a6:49:32:5c:9c:f9:76:a6:5c:eb:20:15:
df:0c:c0:a3:10:a4:77:cf:f1:c3:49:cb:ce:0a:ad:
b2:b2:7e:2e:94:ec:6f:07:d4:66:3a:61:8e:d5:cc:
c3:5f:98:17:af:e0:b0:e1:c5:a4:fa:c9:ad:0b:5c:
93:39:5f:8b:64:af:40:7e:dc:f3:0d:d8:da:6f:e0:
87:2e:20:ab:c3:cd:10:0b:44:bb:ad:ae:82:50:ff:
06:6d:a0:67:aa:03:8b:6f:af:32:24:02:b4:69:8d:
49:ec:55:34:71:25:b8:42:5b:17:0a:da:cf:9d:01:
17:01:48:84:b2:58:19:af:93:37:c1:a3:d4:d6:3c:
2d:62:1e:e0:4a:6d:5b:05:2e:f9:fc:da:ff:9d:6c:
85:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:A5:B8:02:CF:8D:E3:BE:CD:0F:A4:B2:8C:97:C9:B5:91:EB:00:69
X509v3 Authority Key Identifier:
keyid:1B:12:12:0C:35:1C:14:EE:C2:21:09:F6:03:24:9F:CD:AC:1D:33:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GxISDDUcFO7CIQn2AySfzawdMyE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/O6W4As-N477ND6SyjJfJtZHrAGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/GxISDDUcFO7CIQn2AySfzawdMyE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.71.0/24
Signature Algorithm: sha256WithRSAEncryption
61:af:e7:cb:69:83:d7:e9:94:69:4a:55:6a:77:29:8c:4b:88:
e3:4b:a6:b6:ac:38:ed:5d:76:b6:e9:e9:07:bc:64:b1:50:c7:
65:01:dd:02:d9:84:a5:b3:ab:b0:ca:08:0f:fc:83:86:54:10:
6c:f6:7d:6a:52:0e:ad:e1:1f:5a:3e:fb:f8:91:a4:cb:cd:d1:
85:60:d7:26:5a:91:99:9f:0f:b9:1c:5c:0e:71:aa:8a:0e:c7:
60:3d:c6:bf:eb:fa:3b:a1:55:45:9c:5c:ae:5e:c7:fe:5a:a9:
8f:db:da:1e:77:72:2d:2c:7c:9f:b6:a6:f3:dd:cf:49:a9:29:
1d:7f:8e:3c:29:23:f4:10:3d:fb:b1:6e:19:76:bb:5f:44:fb:
93:a2:83:27:a2:4f:3e:9b:ad:d0:35:3a:8d:ee:c3:27:23:d2:
3c:db:73:3f:67:85:ba:eb:0f:d8:97:01:03:a7:4e:78:d2:1c:
02:30:5b:e6:e4:12:5c:bb:5d:41:3f:d9:5d:86:c9:0b:b9:07:
73:e5:45:b3:01:21:d6:f8:3b:ce:99:24:2f:6a:5a:3f:f5:af:
13:10:d5:3b:35:1d:ae:26:83:af:60:6d:b7:3a:ae:84:93:5d:
b1:12:4f:d5:30:e7:88:8d:ba:84:6d:fe:6a:7c:9c:fa:ca:ea:
7d:2a:0c:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZV/afB5pcV0hYHD5wj/alyuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMTIxMjBjMzUxYzE0ZWVjMjIxMDlmNjAzMjQ5ZmNkYWMx
ZDMzMjEwHhcNMjUwMzEwMDkzNjQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmE1YjgwMmNmOGRlM2JlY2QwZmE0YjI4Yzk3YzliNTkxZWIwMDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3ZiK2u7JLMf5fKj6raQUkdi+nBo
Z3hoCVLW6TxEvLaxA4UTGBQDI/63KLZqZlFd3ltyalfVmNAWhYkm3JD6r6R+X2te
Q1+SPBTSPUvUWT75wNI1Vt5NX+aU+3yK4Mr5wB3/IbzwbpZvcAKmSTJcnPl2plzr
IBXfDMCjEKR3z/HDScvOCq2ysn4ulOxvB9RmOmGO1czDX5gXr+Cw4cWk+smtC1yT
OV+LZK9AftzzDdjab+CHLiCrw80QC0S7ra6CUP8GbaBnqgOLb68yJAK0aY1J7FU0
cSW4QlsXCtrPnQEXAUiEslgZr5M3waPU1jwtYh7gSm1bBS75/Nr/nWyFTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDuluALPjeO+zQ+ksoyXybWR6wBpMB8GA1UdIwQY
MBaAFBsSEgw1HBTuwiEJ9gMkn82sHTMhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3hJU0REVWNGTzdDSVFuMkF5U2Z6YXdkTXlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zZGFmN2YtMzAxZC00MjNlLTk0NmUt
NDNkZjQ3ZDVhMWU3LzEvTzZXNEFzLU40NzdORDZTeWpKZkp0WkhyQUdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zZGFmN2YtMzAxZC00MjNlLTk0NmUtNDNkZjQ3ZDVhMWU3
LzEvR3hJU0REVWNGTzdDSVFuMkF5U2Z6YXdkTXlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW85HMA0G
CSqGSIb3DQEBCwUAA4IBAQBhr+fLaYPX6ZRpSlVqdymMS4jjS6a2rDjtXXa26ekH
vGSxUMdlAd0C2YSls6uwyggP/IOGVBBs9n1qUg6t4R9aPvv4kaTLzdGFYNcmWpGZ
nw+5HFwOcaqKDsdgPca/6/o7oVVFnFyuXsf+WqmP29oed3ItLHyftqbz3c9JqSkd
f448KSP0ED37sW4ZdrtfRPuTooMnok8+m63QNTqN7sMnI9I823M/Z4W66w/YlwED
p0540hwCMFvm5BJcu11BP9ldhskLuQdz5UWzASHW+DvOmSQvalo/9a8TENU7NR2u
JoOvYG23Oq6Ek12xEk/VMOeIjbqEbf5qfJz6yup9KgwK
-----END CERTIFICATE-----
Generated at Wed Apr 9 22:22:10 2025 by rpki-client