Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/f0ba90-2ce1-4d04-a92a-1130b7798ff4/1/0KYw6bVzP1gl5DjY2Ge2rNJ9BnQ.roa
File: 0KYw6bVzP1gl5DjY2Ge2rNJ9BnQ.roa (raw, json)
Hash identifier: RXoYONNpUh7MoAGOC+vSKnG9yIxI24ZYh26VTGAT3/M=
Subject key identifier: D0:A6:30:E9:B5:73:3F:58:25:E4:38:D8:D8:67:B6:AC:D2:7D:06:74
Certificate issuer: /CN=839c206ef5dcc43770983a48e049aaec3f0b4fec
Certificate serial: 0187524482A16DF99468BBD7C47B46423AF3
Authority key identifier: 83:9C:20:6E:F5:DC:C4:37:70:98:3A:48:E0:49:AA:EC:3F:0B:4F:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g5wgbvXcxDdwmDpI4Emq7D8LT-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/f0ba90-2ce1-4d04-a92a-1130b7798ff4/1/0KYw6bVzP1gl5DjY2Ge2rNJ9BnQ.roa
Signing time: Wed 05 Apr 2023 16:33:54 +0000
ROA not before: Wed 05 Apr 2023 16:33:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.217.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:52:44:82:a1:6d:f9:94:68:bb:d7:c4:7b:46:42:3a:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=839c206ef5dcc43770983a48e049aaec3f0b4fec
Validity
Not Before: Apr 5 16:33:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0a630e9b5733f5825e438d8d867b6acd27d0674
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:69:a0:4c:3e:f5:3f:ae:0f:5c:ed:de:92:b1:
21:2c:91:21:d5:2b:ec:a3:77:6d:cc:7e:dd:6c:ce:
5a:41:ba:88:ed:d2:14:64:7b:b3:82:7a:7f:d5:2d:
be:a5:e3:9b:ee:3d:4b:68:6d:3c:2f:2a:22:1c:44:
66:d8:3a:71:27:89:a0:ea:d4:c5:26:8a:da:bf:76:
47:98:27:99:98:ed:53:cf:0a:7f:a5:87:33:86:fc:
74:dd:fa:3b:13:0d:fb:9a:09:0e:29:36:df:9c:57:
66:2b:d2:57:50:37:34:8a:a3:97:a9:e7:64:d5:18:
0d:d3:8d:72:a1:c7:4b:07:cb:f7:99:b4:f6:89:91:
5c:65:be:8f:95:da:59:0a:b7:8c:f8:75:3e:a4:7c:
97:0a:63:90:b4:58:ff:f0:d8:c2:6a:c9:b3:86:2f:
04:31:e8:b6:15:b8:b7:06:ba:29:37:33:02:8b:ed:
65:f6:ad:c3:30:71:02:d5:c4:f1:8d:f8:07:bb:9a:
1e:c5:58:88:85:a9:71:d0:da:12:84:b5:49:56:f4:
12:49:da:63:e1:76:3e:ff:ef:03:2a:81:7a:7a:e3:
e0:29:a7:23:31:09:24:bd:a2:27:2d:77:18:63:e5:
be:56:85:41:83:9b:98:e7:e6:c4:48:9e:b7:08:bb:
13:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:A6:30:E9:B5:73:3F:58:25:E4:38:D8:D8:67:B6:AC:D2:7D:06:74
X509v3 Authority Key Identifier:
keyid:83:9C:20:6E:F5:DC:C4:37:70:98:3A:48:E0:49:AA:EC:3F:0B:4F:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g5wgbvXcxDdwmDpI4Emq7D8LT-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/f0ba90-2ce1-4d04-a92a-1130b7798ff4/1/0KYw6bVzP1gl5DjY2Ge2rNJ9BnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/f0ba90-2ce1-4d04-a92a-1130b7798ff4/1/g5wgbvXcxDdwmDpI4Emq7D8LT-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.223.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:cb:3b:32:0b:c0:67:f1:01:c5:e2:00:ce:a3:88:f4:f6:ce:
1a:36:e5:e4:95:90:2f:8e:52:6b:3f:1f:5d:a8:1c:b0:c4:eb:
3c:1c:0a:d3:26:b9:bd:a9:bb:81:76:19:d6:35:ec:70:d5:2e:
18:a2:d2:89:e2:2e:26:d7:f2:70:c0:ef:e9:a5:26:0d:86:48:
f3:5b:ef:75:fe:f2:d7:e8:27:f8:9e:d8:47:8e:74:d9:ce:cf:
98:1c:84:1f:cf:e3:7e:71:e5:5d:49:d0:4b:70:7a:fd:4b:4e:
66:68:8d:30:18:dc:2e:a6:a9:07:c8:cf:4f:f5:e2:82:01:77:
67:fb:e1:b1:75:cf:32:ce:e9:46:78:14:41:a0:83:50:1a:12:
10:13:b6:88:c5:07:c3:a6:0b:63:e1:8d:f3:ee:2e:96:c0:46:
70:ea:24:f1:4b:42:ef:8a:3d:ca:60:19:0e:1d:30:01:7e:1f:
2b:cd:d9:60:23:57:ef:2e:e6:57:05:e1:d1:9c:51:2a:60:3d:
8f:26:f7:e1:78:c7:0a:25:b7:63:67:31:17:df:e4:62:61:a0:
9e:5a:2a:ff:05:58:2b:bd:a3:c9:d2:91:79:bd:ec:36:01:93:
58:b5:68:fa:56:0d:87:16:41:4a:fb:b6:2d:c9:8d:ca:bd:6b:
8c:2e:38:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdSRIKhbfmUaLvXxHtGQjrzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzOWMyMDZlZjVkY2M0Mzc3MDk4M2E0OGUwNDlhYWVjM2Yw
YjRmZWMwHhcNMjMwNDA1MTYzMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGE2MzBlOWI1NzMzZjU4MjVlNDM4ZDhkODY3YjZhY2QyN2QwNjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGmgTD71P64PXO3ekrEhLJEh1Svs
o3dtzH7dbM5aQbqI7dIUZHuzgnp/1S2+peOb7j1LaG08LyoiHERm2DpxJ4mg6tTF
Jorav3ZHmCeZmO1Tzwp/pYczhvx03fo7Ew37mgkOKTbfnFdmK9JXUDc0iqOXqedk
1RgN041yocdLB8v3mbT2iZFcZb6PldpZCreM+HU+pHyXCmOQtFj/8NjCasmzhi8E
Mei2Fbi3BropNzMCi+1l9q3DMHEC1cTxjfgHu5oexViIhalx0NoShLVJVvQSSdpj
4XY+/+8DKoF6euPgKacjMQkkvaInLXcYY+W+VoVBg5uY5+bESJ63CLsT8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNCmMOm1cz9YJeQ42NhntqzSfQZ0MB8GA1UdIwQY
MBaAFIOcIG713MQ3cJg6SOBJquw/C0/sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzV3Z2J2WGN4RGR3bURwSTRFbXE3RDhMVC13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9mMGJhOTAtMmNlMS00ZDA0LWE5MmEt
MTEzMGI3Nzk4ZmY0LzEvMEtZdzZiVnpQMWdsNURqWTJHZTJyTko5Qm5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9mMGJhOTAtMmNlMS00ZDA0LWE5MmEtMTEzMGI3Nzk4ZmY0
LzEvZzV3Z2J2WGN4RGR3bURwSTRFbXE3RDhMVC13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9nfMA0G
CSqGSIb3DQEBCwUAA4IBAQAKyzsyC8Bn8QHF4gDOo4j09s4aNuXklZAvjlJrPx9d
qBywxOs8HArTJrm9qbuBdhnWNexw1S4YotKJ4i4m1/JwwO/ppSYNhkjzW+91/vLX
6Cf4nthHjnTZzs+YHIQfz+N+ceVdSdBLcHr9S05maI0wGNwupqkHyM9P9eKCAXdn
++Gxdc8yzulGeBRBoINQGhIQE7aIxQfDpgtj4Y3z7i6WwEZw6iTxS0Lvij3KYBkO
HTABfh8rzdlgI1fvLuZXBeHRnFEqYD2PJvfheMcKJbdjZzEX3+RiYaCeWir/BVgr
vaPJ0pF5vew2AZNYtWj6Vg2HFkFK+7YtyY3KvWuMLjjV
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:30 2025 by rpki-client