Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/768e6f-9444-4633-825d-6010261eee91/1/dregSeRH74s91Vr4NnXjtYIWnI0.roa
File: dregSeRH74s91Vr4NnXjtYIWnI0.roa (raw, json)
Hash identifier: jGB3Pq0VaIDyStw4crfdMVsBV6vhTnO/9ssyILnqFiI=
Subject key identifier: 76:B7:A0:49:E4:47:EF:8B:3D:D5:5A:F8:36:75:E3:B5:82:16:9C:8D
Certificate issuer: /CN=ba71f98150538eee69deed2d532312aa29d7c721
Certificate serial: 01856D8ABF80AA5F9EC537EE2E8135EB59B5
Authority key identifier: BA:71:F9:81:50:53:8E:EE:69:DE:ED:2D:53:23:12:AA:29:D7:C7:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/unH5gVBTju5p3u0tUyMSqinXxyE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/768e6f-9444-4633-825d-6010261eee91/1/dregSeRH74s91Vr4NnXjtYIWnI0.roa
Signing time: Sun 01 Jan 2023 13:34:47 +0000
ROA not before: Sun 01 Jan 2023 13:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48031
IP address blocks: 91.246.53.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:bf:80:aa:5f:9e:c5:37:ee:2e:81:35:eb:59:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba71f98150538eee69deed2d532312aa29d7c721
Validity
Not Before: Jan 1 13:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76b7a049e447ef8b3dd55af83675e3b582169c8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:62:3a:ae:79:68:e8:ec:99:ac:78:79:a1:98:
c3:98:81:3e:12:f0:62:48:a8:c1:bf:52:de:65:8f:
c4:f3:f2:48:19:9a:06:67:28:9d:a7:d7:0e:d1:84:
f0:05:f7:fb:fa:09:65:cf:b8:77:9d:dd:46:e8:d4:
3c:0f:91:82:83:70:92:66:b7:39:20:7e:1f:2d:54:
44:e7:af:84:f4:ea:19:c8:95:3d:0f:76:9d:83:1c:
f0:0e:3a:e2:ae:08:ba:99:ad:ba:7c:5b:94:1e:3e:
a1:ef:c1:d0:f4:75:e9:9c:52:00:04:ff:d0:a8:66:
c5:7c:fb:ef:35:5a:b0:b6:73:2e:dd:e0:6b:3f:98:
7c:26:7a:2b:49:22:30:e4:de:fd:5c:3b:45:35:74:
7c:29:5e:36:3c:f2:28:85:2d:1c:db:e2:74:4c:36:
43:10:89:fc:4a:26:b1:71:fa:de:77:a0:fe:9d:25:
f9:16:fb:0a:44:70:1d:b6:83:45:15:b0:a1:38:e5:
6a:04:b0:14:45:93:05:0a:73:a5:00:58:02:ac:12:
d7:00:3c:7a:93:5d:fb:47:53:50:18:e9:d4:73:8e:
bc:e6:cb:95:82:04:dc:40:d3:dd:16:8b:55:2b:a7:
9a:0f:7f:c5:40:21:15:90:2b:94:f7:55:2b:2a:00:
58:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:B7:A0:49:E4:47:EF:8B:3D:D5:5A:F8:36:75:E3:B5:82:16:9C:8D
X509v3 Authority Key Identifier:
keyid:BA:71:F9:81:50:53:8E:EE:69:DE:ED:2D:53:23:12:AA:29:D7:C7:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/unH5gVBTju5p3u0tUyMSqinXxyE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/768e6f-9444-4633-825d-6010261eee91/1/dregSeRH74s91Vr4NnXjtYIWnI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/768e6f-9444-4633-825d-6010261eee91/1/unH5gVBTju5p3u0tUyMSqinXxyE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.246.53.0/24
Signature Algorithm: sha256WithRSAEncryption
35:78:bd:29:54:3b:4d:bd:a0:c3:2d:45:cf:2c:d3:1c:0f:14:
f8:54:fd:32:dc:c7:7b:00:32:36:74:f1:97:9a:d6:00:ee:9b:
58:1b:b2:40:2a:1f:5b:25:be:9b:7c:5f:46:26:0e:14:c1:22:
d5:0b:1e:33:fd:d3:d9:a7:ee:5f:8e:73:2b:3b:2a:41:e0:57:
60:4d:21:ca:9b:49:32:b5:66:fe:71:36:57:1b:87:67:1d:77:
10:80:5d:c2:99:83:a5:c4:da:2a:bc:7b:3e:70:93:f3:22:77:
af:4b:f3:0e:e1:46:a2:ec:13:27:d4:d7:01:89:a9:c7:47:0c:
b7:09:76:ff:2b:dc:0a:d0:a4:64:87:e7:14:e6:18:06:04:45:
9e:3b:26:3e:cf:ce:7d:fa:3f:32:1b:7a:61:28:45:0b:18:17:
d5:10:1f:45:67:b6:d7:3d:90:17:00:3c:37:85:56:5d:e1:43:
e4:53:6d:8e:58:b0:76:79:51:c7:cf:a2:83:09:cf:c5:0d:16:
f0:e4:16:bc:3f:64:23:ee:ce:65:b0:02:87:a3:6e:70:0e:44:
52:8b:87:3c:8e:e4:63:33:99:ae:4b:d9:31:2c:bd:1a:94:fd:
99:3e:a5:62:95:42:7a:a1:a7:f3:8f:75:30:55:6a:91:76:b7:
8d:b3:bf:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtir+Aql+exTfuLoE161m1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNzFmOTgxNTA1MzhlZWU2OWRlZWQyZDUzMjMxMmFhMjlk
N2M3MjEwHhcNMjMwMTAxMTMzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmI3YTA0OWU0NDdlZjhiM2RkNTVhZjgzNjc1ZTNiNTgyMTY5YzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGI6rnlo6OyZrHh5oZjDmIE+EvBi
SKjBv1LeZY/E8/JIGZoGZyidp9cO0YTwBff7+gllz7h3nd1G6NQ8D5GCg3CSZrc5
IH4fLVRE56+E9OoZyJU9D3adgxzwDjrirgi6ma26fFuUHj6h78HQ9HXpnFIABP/Q
qGbFfPvvNVqwtnMu3eBrP5h8JnorSSIw5N79XDtFNXR8KV42PPIohS0c2+J0TDZD
EIn8Siaxcfred6D+nSX5FvsKRHAdtoNFFbChOOVqBLAURZMFCnOlAFgCrBLXADx6
k137R1NQGOnUc4685suVggTcQNPdFotVK6eaD3/FQCEVkCuU91UrKgBYPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHa3oEnkR++LPdVa+DZ147WCFpyNMB8GA1UdIwQY
MBaAFLpx+YFQU47uad7tLVMjEqop18chMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW5INWdWQlRqdTVwM3UwdFV5TVNxaW5YeHlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi83NjhlNmYtOTQ0NC00NjMzLTgyNWQt
NjAxMDI2MWVlZTkxLzEvZHJlZ1NlUkg3NHM5MVZyNE5uWGp0WUlXbkkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi83NjhlNmYtOTQ0NC00NjMzLTgyNWQtNjAxMDI2MWVlZTkx
LzEvdW5INWdWQlRqdTVwM3UwdFV5TVNxaW5YeHlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/Y1MA0G
CSqGSIb3DQEBCwUAA4IBAQA1eL0pVDtNvaDDLUXPLNMcDxT4VP0y3Md7ADI2dPGX
mtYA7ptYG7JAKh9bJb6bfF9GJg4UwSLVCx4z/dPZp+5fjnMrOypB4FdgTSHKm0ky
tWb+cTZXG4dnHXcQgF3CmYOlxNoqvHs+cJPzInevS/MO4Uai7BMn1NcBianHRwy3
CXb/K9wK0KRkh+cU5hgGBEWeOyY+z859+j8yG3phKEULGBfVEB9FZ7bXPZAXADw3
hVZd4UPkU22OWLB2eVHHz6KDCc/FDRbw5Ba8P2Qj7s5lsAKHo25wDkRSi4c8juRj
M5muS9kxLL0alP2ZPqVilUJ6oafzj3UwVWqRdreNs7+j
-----END CERTIFICATE-----
Generated at Thu Apr 17 00:28:41 2025 by rpki-client