Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/9c928d-8326-42c5-8a71-73a3a40bdc30/1/mvSuRnlUGIQwSNRheNVeNZDvF6w.roa
File: mvSuRnlUGIQwSNRheNVeNZDvF6w.roa (raw, json)
Hash identifier: 4e9WL3x4GPpPNgODsDJEgT7/9wVK9UmRqC0HQvIpImM=
Subject key identifier: 9A:F4:AE:46:79:54:18:84:30:48:D4:61:78:D5:5E:35:90:EF:17:AC
Certificate issuer: /CN=7fe33668972dffb7ec8628ae8c3c26bede1cab9a
Certificate serial: 019417C7A9FD49F7FE80F104850F09B7E57F
Authority key identifier: 7F:E3:36:68:97:2D:FF:B7:EC:86:28:AE:8C:3C:26:BE:DE:1C:AB:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f-M2aJct_7fshiiujDwmvt4cq5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/9c928d-8326-42c5-8a71-73a3a40bdc30/1/mvSuRnlUGIQwSNRheNVeNZDvF6w.roa
Signing time: Mon 30 Dec 2024 13:35:48 +0000
ROA not before: Mon 30 Dec 2024 13:35:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59460
IP address blocks: 91.241.32.0/22 maxlen: 22
91.241.32.0/24 maxlen: 24
91.241.33.0/24 maxlen: 24
91.241.34.0/24 maxlen: 24
91.241.35.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:17:c7:a9:fd:49:f7:fe:80:f1:04:85:0f:09:b7:e5:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fe33668972dffb7ec8628ae8c3c26bede1cab9a
Validity
Not Before: Dec 30 13:35:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9af4ae46795418843048d46178d55e3590ef17ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:33:06:a4:1c:ac:26:1a:16:a1:ef:d2:86:88:
7f:e4:8d:c7:ae:1a:f1:6f:b4:a6:50:c8:84:df:f0:
ac:2b:3b:08:ba:7e:79:85:10:ca:db:e0:07:54:63:
ab:6f:d1:63:8d:fc:cb:37:0e:bf:16:bc:03:e6:6e:
2d:a7:72:b1:8d:f0:b8:ef:43:1a:43:c2:f6:d5:b1:
66:09:e1:ce:0b:bd:77:62:08:f4:17:f6:70:6f:06:
7b:6d:00:b0:16:82:a6:0e:7c:86:bf:a6:87:fd:c1:
3f:f8:45:7b:61:2f:a2:6a:3e:c8:e6:9a:03:3c:7b:
12:43:5a:d1:fc:7a:44:91:3d:cc:d6:21:bd:8d:ee:
09:38:3f:88:9d:a7:6d:35:cb:22:f0:10:46:1a:ce:
37:85:54:d5:83:9b:c8:5e:b1:b8:25:90:7a:f5:ba:
1a:3e:e7:58:28:5b:ae:16:9c:93:0a:e3:c1:73:87:
01:3c:d5:ba:b0:a5:1a:b9:90:e8:56:d3:04:dd:b1:
52:86:56:4c:fa:d9:c0:b7:4c:27:8f:97:22:0c:20:
0e:0b:30:0e:2c:e8:a0:c7:c2:cb:db:bf:85:44:ca:
49:fa:b9:82:a5:46:7e:2c:d1:63:72:a5:a5:e8:eb:
0f:e1:3c:0d:ec:bf:e5:7d:67:e4:87:f7:2d:bf:28:
56:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:F4:AE:46:79:54:18:84:30:48:D4:61:78:D5:5E:35:90:EF:17:AC
X509v3 Authority Key Identifier:
keyid:7F:E3:36:68:97:2D:FF:B7:EC:86:28:AE:8C:3C:26:BE:DE:1C:AB:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f-M2aJct_7fshiiujDwmvt4cq5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/9c928d-8326-42c5-8a71-73a3a40bdc30/1/mvSuRnlUGIQwSNRheNVeNZDvF6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/9c928d-8326-42c5-8a71-73a3a40bdc30/1/f-M2aJct_7fshiiujDwmvt4cq5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.32.0/22
Signature Algorithm: sha256WithRSAEncryption
b3:ca:2e:4b:fd:9b:b2:8a:03:05:f3:f8:12:62:51:d0:8b:cc:
95:95:75:ce:0f:95:b2:eb:52:4a:10:0c:f7:ed:58:57:6a:a6:
d6:2b:92:38:f4:68:9d:d7:2e:bb:90:53:96:4b:75:c5:9d:8a:
91:93:c0:02:00:7b:d3:e7:5b:7d:6a:2a:1e:c0:cd:37:28:c2:
e2:9a:c9:47:6d:27:c8:6c:0a:4d:0b:5d:63:76:2c:5d:38:bf:
e8:4f:9c:18:be:54:d1:5a:41:2f:e5:a4:f4:62:f3:7b:7c:40:
7c:e1:7e:8f:4c:94:f6:b1:a2:42:b2:e0:ff:7c:d5:1a:77:bc:
4d:59:eb:df:b6:03:60:dc:2a:da:94:df:6e:e1:cf:60:3c:4b:
36:a5:32:5e:48:6e:99:db:f6:89:88:2c:28:25:5b:06:d2:97:
13:24:1b:c9:05:35:95:4f:31:39:fe:15:83:a1:03:6d:43:4a:
e8:c9:9c:46:a0:0a:80:5d:59:49:b9:a2:b6:bc:02:9d:ae:3b:
9f:5f:e3:88:78:17:65:28:6c:de:7b:ae:41:46:20:41:ad:96:
7c:4e:1e:6b:d5:92:36:5d:06:3a:b4:f4:5b:94:6c:a2:f6:5d:
e7:27:0c:f0:bb:a0:fe:d5:df:f9:b5:21:93:c4:c0:50:be:70:
8c:33:d9:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQXx6n9Sff+gPEEhQ8Jt+V/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmZTMzNjY4OTcyZGZmYjdlYzg2MjhhZThjM2MyNmJlZGUx
Y2FiOWEwHhcNMjQxMjMwMTMzNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWY0YWU0Njc5NTQxODg0MzA0OGQ0NjE3OGQ1NWUzNTkwZWYxN2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DMGpBysJhoWoe/Shoh/5I3Hrhrx
b7SmUMiE3/CsKzsIun55hRDK2+AHVGOrb9FjjfzLNw6/FrwD5m4tp3KxjfC470Ma
Q8L21bFmCeHOC713Ygj0F/ZwbwZ7bQCwFoKmDnyGv6aH/cE/+EV7YS+iaj7I5poD
PHsSQ1rR/HpEkT3M1iG9je4JOD+InadtNcsi8BBGGs43hVTVg5vIXrG4JZB69boa
PudYKFuuFpyTCuPBc4cBPNW6sKUauZDoVtME3bFShlZM+tnAt0wnj5ciDCAOCzAO
LOigx8LL27+FRMpJ+rmCpUZ+LNFjcqWl6OsP4TwN7L/lfWfkh/ctvyhWswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJr0rkZ5VBiEMEjUYXjVXjWQ7xesMB8GA1UdIwQY
MBaAFH/jNmiXLf+37IYorow8Jr7eHKuaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZi1NMmFKY3RfN2ZzaGlpdWpEd212dDRjcTVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85YzkyOGQtODMyNi00MmM1LThhNzEt
NzNhM2E0MGJkYzMwLzEvbXZTdVJubFVHSVF3U05SaGVOVmVOWkR2RjZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85YzkyOGQtODMyNi00MmM1LThhNzEtNzNhM2E0MGJkYzMw
LzEvZi1NMmFKY3RfN2ZzaGlpdWpEd212dDRjcTVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW/EgMA0G
CSqGSIb3DQEBCwUAA4IBAQCzyi5L/ZuyigMF8/gSYlHQi8yVlXXOD5Wy61JKEAz3
7VhXaqbWK5I49Gid1y67kFOWS3XFnYqRk8ACAHvT51t9aioewM03KMLimslHbSfI
bApNC11jdixdOL/oT5wYvlTRWkEv5aT0YvN7fEB84X6PTJT2saJCsuD/fNUad7xN
WevftgNg3CralN9u4c9gPEs2pTJeSG6Z2/aJiCwoJVsG0pcTJBvJBTWVTzE5/hWD
oQNtQ0royZxGoAqAXVlJuaK2vAKdrjufX+OIeBdlKGzee65BRiBBrZZ8Th5r1ZI2
XQY6tPRblGyi9l3nJwzwu6D+1d/5tSGTxMBQvnCMM9mn
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:16 2025 by rpki-client