Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/0NbnrQtMSKZCWORCucrOwBFEtOE.roa
File: 0NbnrQtMSKZCWORCucrOwBFEtOE.roa (raw, json)
Hash identifier: /E3cvHiK8rDghDMkNI22PB0s7MT7/Gbkx9VeULSzzTw=
Subject key identifier: D0:D6:E7:AD:0B:4C:48:A6:42:58:E4:42:B9:CA:CE:C0:11:44:B4:E1
Certificate issuer: /CN=852ece9c9a324d45c35f9559f329d8869dab53ba
Certificate serial: 018D82A82A97F5C10B5772D7681398AD5626
Authority key identifier: 85:2E:CE:9C:9A:32:4D:45:C3:5F:95:59:F3:29:D8:86:9D:AB:53:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hS7OnJoyTUXDX5VZ8ynYhp2rU7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/0NbnrQtMSKZCWORCucrOwBFEtOE.roa
Signing time: Wed 07 Feb 2024 08:21:15 +0000
ROA not before: Wed 07 Feb 2024 08:21:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57899
IP address blocks: 91.236.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:82:a8:2a:97:f5:c1:0b:57:72:d7:68:13:98:ad:56:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=852ece9c9a324d45c35f9559f329d8869dab53ba
Validity
Not Before: Feb 7 08:21:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0d6e7ad0b4c48a64258e442b9cacec01144b4e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f2:68:21:04:9b:ff:b5:98:cb:00:9d:40:96:
ee:14:63:b9:28:a2:88:a0:ff:c5:dd:48:4b:2a:86:
44:cc:40:a1:c6:a8:2f:07:10:5c:17:c6:58:ef:64:
e0:53:ec:92:11:a2:a0:b6:09:53:97:ff:8c:4f:b9:
16:4a:5c:b6:96:4d:f4:88:df:8b:60:fb:e1:99:a1:
80:48:3b:bd:fb:c2:e4:48:75:02:4c:d5:9f:f5:3c:
20:63:7f:ea:a4:68:2a:46:11:89:54:da:9d:26:1c:
11:72:51:f0:29:52:92:91:84:a1:b3:30:e8:b5:91:
f3:30:69:43:15:72:b3:a5:4c:3d:2e:8e:c1:0a:93:
01:f4:07:27:3a:2f:1e:25:54:33:3b:09:22:08:13:
cd:5e:05:ae:95:06:3e:0d:cb:30:f7:fc:67:01:b0:
f8:58:7f:a6:d8:0a:5e:04:91:d7:04:50:9d:d2:79:
e6:5a:1f:0c:99:6c:c5:5b:0c:bf:03:e1:6d:80:ee:
26:b6:83:d3:d9:70:ea:01:87:82:e2:85:83:03:32:
f0:01:08:41:c3:5a:09:92:5e:35:ee:6c:83:4c:a6:
2e:24:f3:b9:92:a3:9e:41:0d:51:e6:ac:4b:31:f8:
c7:cb:c3:84:2e:4b:a9:92:98:00:5f:15:84:e9:95:
86:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:D6:E7:AD:0B:4C:48:A6:42:58:E4:42:B9:CA:CE:C0:11:44:B4:E1
X509v3 Authority Key Identifier:
keyid:85:2E:CE:9C:9A:32:4D:45:C3:5F:95:59:F3:29:D8:86:9D:AB:53:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hS7OnJoyTUXDX5VZ8ynYhp2rU7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/0NbnrQtMSKZCWORCucrOwBFEtOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/hS7OnJoyTUXDX5VZ8ynYhp2rU7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.135.0/24
Signature Algorithm: sha256WithRSAEncryption
72:9d:03:e4:00:e6:0f:f8:ec:33:17:de:3d:e0:c1:01:f4:cf:
d1:a4:b0:09:37:ca:c7:8e:9b:10:81:d1:e7:52:ab:46:01:94:
5a:67:f0:5a:18:14:21:a4:eb:53:fa:41:1a:22:cc:32:4e:9e:
5f:c1:d9:d2:91:4c:5f:08:ae:21:af:84:8d:3f:22:9a:2d:e5:
df:75:8f:26:a9:2f:8c:9f:af:84:f3:05:28:61:b9:87:88:ed:
97:7b:12:17:75:09:8c:a7:f6:21:0a:01:45:aa:9f:e5:eb:44:
97:48:59:6b:06:0e:c1:a8:44:81:44:97:5d:25:63:67:df:8e:
f3:c2:08:e0:62:bd:63:87:91:8f:75:8f:5a:c6:f7:10:5d:91:
27:e8:ed:76:15:88:5a:9f:50:9d:9e:40:1a:f4:96:72:ec:33:
73:48:b0:30:fb:e7:5b:ff:0a:d5:04:e5:96:3d:51:bd:ab:64:
23:4d:84:20:fd:cc:12:c8:cd:8f:56:0b:41:d0:dd:b6:c7:93:
ff:0f:f8:b0:7e:ca:28:89:6d:c2:84:52:a7:e9:e8:eb:ac:01:
e3:95:05:e7:c9:1d:e4:2e:d9:5d:34:a8:85:ec:ff:c9:92:20:
5c:a6:e6:0c:dd:3d:92:58:6e:16:98:90:95:d7:c0:e9:e9:22:
4b:2e:4f:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2CqCqX9cELV3LXaBOYrVYmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MmVjZTljOWEzMjRkNDVjMzVmOTU1OWYzMjlkODg2OWRh
YjUzYmEwHhcNMjQwMjA3MDgyMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGQ2ZTdhZDBiNGM0OGE2NDI1OGU0NDJiOWNhY2VjMDExNDRiNGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPJoIQSb/7WYywCdQJbuFGO5KKKI
oP/F3UhLKoZEzEChxqgvBxBcF8ZY72TgU+ySEaKgtglTl/+MT7kWSly2lk30iN+L
YPvhmaGASDu9+8LkSHUCTNWf9TwgY3/qpGgqRhGJVNqdJhwRclHwKVKSkYShszDo
tZHzMGlDFXKzpUw9Lo7BCpMB9AcnOi8eJVQzOwkiCBPNXgWulQY+Dcsw9/xnAbD4
WH+m2ApeBJHXBFCd0nnmWh8MmWzFWwy/A+FtgO4mtoPT2XDqAYeC4oWDAzLwAQhB
w1oJkl417myDTKYuJPO5kqOeQQ1R5qxLMfjHy8OELkupkpgAXxWE6ZWG4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNDW560LTEimQljkQrnKzsARRLThMB8GA1UdIwQY
MBaAFIUuzpyaMk1Fw1+VWfMp2Iadq1O6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFM3T25Kb3lUVVhEWDVWWjh5bllocDJyVTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9kM2NjZTYtYjQ3Yi00ZDA2LWEzMGYt
ZWIyNDExZDIxMmFiLzEvME5ibnJRdE1TS1pDV09SQ3Vjck93QkZFdE9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9kM2NjZTYtYjQ3Yi00ZDA2LWEzMGYtZWIyNDExZDIxMmFi
LzEvaFM3T25Kb3lUVVhEWDVWWjh5bllocDJyVTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+yHMA0G
CSqGSIb3DQEBCwUAA4IBAQBynQPkAOYP+OwzF9494MEB9M/RpLAJN8rHjpsQgdHn
UqtGAZRaZ/BaGBQhpOtT+kEaIswyTp5fwdnSkUxfCK4hr4SNPyKaLeXfdY8mqS+M
n6+E8wUoYbmHiO2XexIXdQmMp/YhCgFFqp/l60SXSFlrBg7BqESBRJddJWNn347z
wgjgYr1jh5GPdY9axvcQXZEn6O12FYhan1CdnkAa9JZy7DNzSLAw++db/wrVBOWW
PVG9q2QjTYQg/cwSyM2PVgtB0N22x5P/D/iwfsooiW3ChFKn6ejrrAHjlQXnyR3k
LtldNKiF7P/JkiBcpuYM3T2SWG4WmJCV18Dp6SJLLk8s
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:12:49 2025 by rpki-client