Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f2b87b-95e9-4cf8-abeb-6dfbba4edd59/1/3p5nhLsOjt1h69C859DNKbB2MQU.roa
File: 3p5nhLsOjt1h69C859DNKbB2MQU.roa (raw, json)
Hash identifier: fomkhfBpGlBS0AfRGY4b/l04Zngyijm1T6FQ0+oESso=
Subject key identifier: DE:9E:67:84:BB:0E:8E:DD:61:EB:D0:BC:E7:D0:CD:29:B0:76:31:05
Certificate issuer: /CN=678cebf7eec3d5e0121e401170ce01ff3888d4ec
Certificate serial: 01941F8C10B8929304FDDF3B2B6A9EA2597C
Authority key identifier: 67:8C:EB:F7:EE:C3:D5:E0:12:1E:40:11:70:CE:01:FF:38:88:D4:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z4zr9-7D1eASHkARcM4B_ziI1Ow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/f2b87b-95e9-4cf8-abeb-6dfbba4edd59/1/3p5nhLsOjt1h69C859DNKbB2MQU.roa
Signing time: Wed 01 Jan 2025 01:47:40 +0000
ROA not before: Wed 01 Jan 2025 01:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4358
IP address blocks: 91.228.109.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:10:b8:92:93:04:fd:df:3b:2b:6a:9e:a2:59:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=678cebf7eec3d5e0121e401170ce01ff3888d4ec
Validity
Not Before: Jan 1 01:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de9e6784bb0e8edd61ebd0bce7d0cd29b0763105
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:da:3c:d5:71:72:4f:19:23:5f:a5:dd:20:be:
b7:c6:5b:ee:78:21:5a:dc:5e:78:9f:38:e9:a9:1f:
85:e5:0d:4d:b9:0c:3c:84:40:90:09:69:16:d7:53:
37:65:94:05:2a:0b:2c:c5:17:5c:91:3d:8f:f4:a2:
50:d5:03:41:c9:00:87:1e:21:81:b2:71:b6:45:c1:
c3:8f:83:ed:31:88:e3:df:cf:6f:5b:a0:84:76:7c:
d4:f4:96:6c:8d:90:de:56:7a:77:58:69:95:b7:82:
25:d2:bb:50:8e:a9:34:8e:8e:08:9f:de:11:23:bc:
67:52:fe:d1:17:7d:0c:2c:f7:83:fd:d7:df:f1:b4:
4e:e4:c5:c4:f4:74:35:32:b8:17:00:4a:b3:8f:66:
0c:ef:63:de:62:d9:8d:01:f1:04:f3:fd:10:5e:c3:
91:2f:05:73:1b:31:25:14:dd:ab:8c:4a:b4:d0:57:
31:c6:c9:64:11:88:e2:71:63:fc:ff:55:c2:63:51:
92:77:31:11:92:03:8d:91:0a:e1:3d:95:b5:69:40:
3d:a8:be:65:b7:5c:a8:01:f1:5d:99:17:f7:f5:12:
82:56:be:a8:f7:96:20:88:52:fc:3f:19:03:f6:04:
3b:db:d2:93:9d:fd:46:32:d7:17:c9:e6:bd:6b:93:
f7:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:9E:67:84:BB:0E:8E:DD:61:EB:D0:BC:E7:D0:CD:29:B0:76:31:05
X509v3 Authority Key Identifier:
keyid:67:8C:EB:F7:EE:C3:D5:E0:12:1E:40:11:70:CE:01:FF:38:88:D4:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z4zr9-7D1eASHkARcM4B_ziI1Ow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f2b87b-95e9-4cf8-abeb-6dfbba4edd59/1/3p5nhLsOjt1h69C859DNKbB2MQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f2b87b-95e9-4cf8-abeb-6dfbba4edd59/1/Z4zr9-7D1eASHkARcM4B_ziI1Ow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.109.0/24
Signature Algorithm: sha256WithRSAEncryption
42:33:19:7c:27:c3:f1:21:3e:db:91:62:97:e4:9c:fd:5e:cd:
b6:3c:2c:78:36:6e:6b:72:6c:24:32:2b:2a:d6:51:af:00:36:
cd:a1:e7:3b:4a:22:e6:5d:70:4a:54:40:49:54:0a:8c:d6:18:
be:dc:f9:14:88:f1:cb:47:43:2f:96:58:c5:41:85:e8:42:e2:
36:40:80:1d:56:53:85:8b:f0:4a:5a:7c:40:0f:d7:5a:20:8b:
82:4f:c0:e2:b5:fa:61:24:c7:2c:f7:54:8a:3d:3d:23:45:4c:
f1:9b:69:8a:fb:97:ef:1a:50:19:a1:96:47:61:7d:e3:b4:67:
ac:56:31:14:49:18:36:1d:98:94:d5:fb:45:7a:89:91:29:4a:
97:19:c6:42:c1:09:91:11:37:21:f4:e7:19:d3:d1:f0:ae:73:
6c:94:06:b5:a6:bd:1e:e4:6f:b9:41:db:89:c8:64:3f:44:1f:
7e:81:df:00:fc:3e:30:09:7c:63:e9:2f:b6:3c:00:73:d3:dd:
59:fe:9d:5d:02:08:2e:e1:c6:3c:41:13:a9:d6:cf:f5:67:fa:
ac:5f:54:d6:f6:5f:d4:17:17:be:02:88:24:b1:ac:52:c8:f9:
2a:39:c0:f8:05:ba:92:26:56:9d:0a:39:43:40:c3:fd:ce:8b:
71:0e:18:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjBC4kpME/d87K2qeoll8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OGNlYmY3ZWVjM2Q1ZTAxMjFlNDAxMTcwY2UwMWZmMzg4
OGQ0ZWMwHhcNMjUwMTAxMDE0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTllNjc4NGJiMGU4ZWRkNjFlYmQwYmNlN2QwY2QyOWIwNzYzMTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNo81XFyTxkjX6XdIL63xlvueCFa
3F54nzjpqR+F5Q1NuQw8hECQCWkW11M3ZZQFKgssxRdckT2P9KJQ1QNByQCHHiGB
snG2RcHDj4PtMYjj389vW6CEdnzU9JZsjZDeVnp3WGmVt4Il0rtQjqk0jo4In94R
I7xnUv7RF30MLPeD/dff8bRO5MXE9HQ1MrgXAEqzj2YM72PeYtmNAfEE8/0QXsOR
LwVzGzElFN2rjEq00FcxxslkEYjicWP8/1XCY1GSdzERkgONkQrhPZW1aUA9qL5l
t1yoAfFdmRf39RKCVr6o95YgiFL8PxkD9gQ729KTnf1GMtcXyea9a5P3aQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN6eZ4S7Do7dYevQvOfQzSmwdjEFMB8GA1UdIwQY
MBaAFGeM6/fuw9XgEh5AEXDOAf84iNTsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjR6cjktN0QxZUFTSGtBUmNNNEJfemlJMU93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mMmI4N2ItOTVlOS00Y2Y4LWFiZWIt
NmRmYmJhNGVkZDU5LzEvM3A1bmhMc09qdDFoNjlDODU5RE5LYkIyTVFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mMmI4N2ItOTVlOS00Y2Y4LWFiZWItNmRmYmJhNGVkZDU5
LzEvWjR6cjktN0QxZUFTSGtBUmNNNEJfemlJMU93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+RtMA0G
CSqGSIb3DQEBCwUAA4IBAQBCMxl8J8PxIT7bkWKX5Jz9Xs22PCx4Nm5rcmwkMisq
1lGvADbNoec7SiLmXXBKVEBJVAqM1hi+3PkUiPHLR0MvlljFQYXoQuI2QIAdVlOF
i/BKWnxAD9daIIuCT8DitfphJMcs91SKPT0jRUzxm2mK+5fvGlAZoZZHYX3jtGes
VjEUSRg2HZiU1ftFeomRKUqXGcZCwQmRETch9OcZ09HwrnNslAa1pr0e5G+5QduJ
yGQ/RB9+gd8A/D4wCXxj6S+2PABz091Z/p1dAggu4cY8QROp1s/1Z/qsX1TW9l/U
Fxe+AogksaxSyPkqOcD4BbqSJladCjlDQMP9zotxDhio
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:17:51 2025 by rpki-client