Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/136faf-cf20-4265-98a3-d9b82d9ecc45/1/o7v2ihQZngiNboLPlznFQHbVVog.roa
File: o7v2ihQZngiNboLPlznFQHbVVog.roa (raw, json)
Hash identifier: twBuq4hJwFozjQzNXD6DkR3/XLNImqCcOIvvxAULQBw=
Subject key identifier: A3:BB:F6:8A:14:19:9E:08:8D:6E:82:CF:97:39:C5:40:76:D5:56:88
Certificate issuer: /CN=aef20efc0ae4013e6f4867c15f2377b235095b86
Certificate serial: 019426D9C20F0038D9E51C29FCFEC653E77F
Authority key identifier: AE:F2:0E:FC:0A:E4:01:3E:6F:48:67:C1:5F:23:77:B2:35:09:5B:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rvIO_ArkAT5vSGfBXyN3sjUJW4Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/136faf-cf20-4265-98a3-d9b82d9ecc45/1/o7v2ihQZngiNboLPlznFQHbVVog.roa
Signing time: Thu 02 Jan 2025 11:49:52 +0000
ROA not before: Thu 02 Jan 2025 11:49:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48102
IP address blocks: 91.210.4.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:c2:0f:00:38:d9:e5:1c:29:fc:fe:c6:53:e7:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aef20efc0ae4013e6f4867c15f2377b235095b86
Validity
Not Before: Jan 2 11:49:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3bbf68a14199e088d6e82cf9739c54076d55688
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c2:fc:1b:df:99:44:f5:db:1e:3a:c4:f0:0b:
6c:03:b7:c0:32:63:98:11:d7:b8:a9:76:e8:91:ed:
fd:ac:88:3f:fb:6e:ee:20:48:67:4f:54:33:cc:21:
46:3f:85:e2:2f:bd:c6:8d:17:be:d1:d4:17:8b:50:
25:fe:f1:32:9d:01:4a:32:ae:aa:22:98:4b:54:3a:
12:94:f1:97:98:28:15:72:74:fb:f1:f7:ab:f8:a3:
79:90:68:d8:48:63:67:cb:f1:d3:7d:cb:44:61:d8:
77:e8:23:49:25:81:68:b7:47:59:e8:a1:d5:66:74:
d6:62:e2:56:bc:9b:17:eb:3e:f2:c4:e7:b3:f5:23:
55:9b:84:45:2f:c7:1b:d8:a3:45:4e:4d:25:e7:e1:
b6:d0:37:28:cb:03:56:fb:16:75:2f:5b:2a:37:b6:
f6:fe:ae:c5:14:10:29:eb:7d:7e:4e:ad:9c:a8:57:
a6:7b:5f:37:af:6c:77:dd:67:29:52:23:8e:df:75:
3c:19:08:7f:e4:b7:1f:ac:9b:3a:d7:58:bb:db:0a:
1b:05:2d:19:8c:f5:18:47:8e:f6:53:83:65:27:fb:
dd:35:58:4f:15:fe:86:c2:06:99:6f:09:dd:e2:4e:
7f:32:fa:31:69:31:7c:64:a3:fe:55:be:77:8f:7a:
19:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:BB:F6:8A:14:19:9E:08:8D:6E:82:CF:97:39:C5:40:76:D5:56:88
X509v3 Authority Key Identifier:
keyid:AE:F2:0E:FC:0A:E4:01:3E:6F:48:67:C1:5F:23:77:B2:35:09:5B:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rvIO_ArkAT5vSGfBXyN3sjUJW4Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/136faf-cf20-4265-98a3-d9b82d9ecc45/1/o7v2ihQZngiNboLPlznFQHbVVog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/136faf-cf20-4265-98a3-d9b82d9ecc45/1/rvIO_ArkAT5vSGfBXyN3sjUJW4Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.4.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:87:fc:22:d9:e1:fb:7f:e7:5f:db:a6:13:2d:53:36:20:6e:
1a:16:e5:a5:5b:f9:8e:88:b5:5b:18:f1:4b:4a:9a:c6:32:ca:
31:06:f8:38:e9:9f:eb:59:ae:d2:cb:ba:42:61:cd:ad:a9:51:
9f:a0:87:ad:90:c5:b2:a3:82:37:59:5c:e6:50:b8:ab:9d:be:
9b:63:91:df:64:e8:7f:f7:7f:04:55:45:a1:b1:2c:4a:cf:19:
e6:5b:33:fd:80:eb:b1:3a:71:69:3b:76:83:eb:68:fd:d8:54:
12:db:58:ec:1c:86:a7:cc:2e:88:d3:9c:42:22:c9:b6:8b:86:
b7:50:52:88:c9:f1:65:3b:ed:7a:f9:48:6b:64:54:d7:0a:ff:
e3:5a:4b:80:79:66:c3:45:48:77:6b:1c:c2:32:62:b5:34:7d:
3b:e5:ca:3a:fc:38:bb:84:ab:02:66:a1:9c:e7:b7:70:00:b2:
25:52:1c:b6:bc:4f:63:03:29:53:07:d2:b5:56:3c:84:07:2b:
0d:4e:40:d9:66:8a:cd:e5:c1:73:dc:c7:b7:8c:2b:e3:73:be:
50:50:8f:a4:5d:15:bc:e0:83:cc:c2:e4:32:be:3f:e1:39:f3:
62:d2:2f:c6:b5:73:90:50:28:20:36:7a:73:99:0e:52:3c:37:
ea:8f:20:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2cIPADjZ5Rwp/P7GU+d/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZjIwZWZjMGFlNDAxM2U2ZjQ4NjdjMTVmMjM3N2IyMzUw
OTViODYwHhcNMjUwMTAyMTE0OTUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2JiZjY4YTE0MTk5ZTA4OGQ2ZTgyY2Y5NzM5YzU0MDc2ZDU1Njg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8L8G9+ZRPXbHjrE8AtsA7fAMmOY
Ede4qXboke39rIg/+27uIEhnT1QzzCFGP4XiL73GjRe+0dQXi1Al/vEynQFKMq6q
IphLVDoSlPGXmCgVcnT78fer+KN5kGjYSGNny/HTfctEYdh36CNJJYFot0dZ6KHV
ZnTWYuJWvJsX6z7yxOez9SNVm4RFL8cb2KNFTk0l5+G20DcoywNW+xZ1L1sqN7b2
/q7FFBAp631+Tq2cqFeme183r2x33WcpUiOO33U8GQh/5LcfrJs611i72wobBS0Z
jPUYR472U4NlJ/vdNVhPFf6GwgaZbwnd4k5/MvoxaTF8ZKP+Vb53j3oZXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKO79ooUGZ4IjW6Cz5c5xUB21VaIMB8GA1UdIwQY
MBaAFK7yDvwK5AE+b0hnwV8jd7I1CVuGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnZJT19BcmtBVDV2U0dmQlh5TjNzalVKVzRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xMzZmYWYtY2YyMC00MjY1LTk4YTMt
ZDliODJkOWVjYzQ1LzEvbzd2MmloUVpuZ2lOYm9MUGx6bkZRSGJWVm9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xMzZmYWYtY2YyMC00MjY1LTk4YTMtZDliODJkOWVjYzQ1
LzEvcnZJT19BcmtBVDV2U0dmQlh5TjNzalVKVzRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW9IEMA0G
CSqGSIb3DQEBCwUAA4IBAQBuh/wi2eH7f+df26YTLVM2IG4aFuWlW/mOiLVbGPFL
SprGMsoxBvg46Z/rWa7Sy7pCYc2tqVGfoIetkMWyo4I3WVzmULirnb6bY5HfZOh/
938EVUWhsSxKzxnmWzP9gOuxOnFpO3aD62j92FQS21jsHIanzC6I05xCIsm2i4a3
UFKIyfFlO+16+UhrZFTXCv/jWkuAeWbDRUh3axzCMmK1NH075co6/Di7hKsCZqGc
57dwALIlUhy2vE9jAylTB9K1VjyEBysNTkDZZorN5cFz3Me3jCvjc75QUI+kXRW8
4IPMwuQyvj/hOfNi0i/GtXOQUCggNnpzmQ5SPDfqjyCR
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:16:48 2025 by rpki-client