Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/1-ANTwxkMiMKQB8xGwWXlceOK28w.roa
File: 1-ANTwxkMiMKQB8xGwWXlceOK28w.roa (raw, json)
Hash identifier: CGGHdGVU7wSNMOEYT0PFZuvvNwO+aPmiIHIahEg7OsM=
Subject key identifier: F8:03:53:C3:19:0C:88:C2:90:07:CC:46:C1:65:E5:71:E3:8A:DB:CC
Certificate issuer: /CN=dafb645f134f4fdada45e70bcfcd93b897dbd725
Certificate serial: 0194266C2019DF0A244F8F06EBBE008E3AED
Authority key identifier: DA:FB:64:5F:13:4F:4F:DA:DA:45:E7:0B:CF:CD:93:B8:97:DB:D7:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2vtkXxNPT9raRecLz82TuJfb1yU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/1-ANTwxkMiMKQB8xGwWXlceOK28w.roa
Signing time: Thu 02 Jan 2025 09:50:07 +0000
ROA not before: Thu 02 Jan 2025 09:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59442
IP address blocks: 91.241.20.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:20:19:df:0a:24:4f:8f:06:eb:be:00:8e:3a:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dafb645f134f4fdada45e70bcfcd93b897dbd725
Validity
Not Before: Jan 2 09:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f80353c3190c88c29007cc46c165e571e38adbcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:63:69:9f:d0:79:34:50:95:8e:e5:16:65:e2:
70:51:55:87:70:14:2e:5e:44:09:65:7c:0f:4f:c0:
4f:e8:f3:87:65:ae:22:db:fd:2e:0b:16:ba:c5:07:
a7:92:25:07:09:ce:41:f0:99:e8:2d:29:5e:1f:73:
c8:e8:49:c6:59:fe:c5:78:7a:2c:3c:3e:8e:d2:94:
ac:4e:11:da:ae:8d:17:af:bb:39:f7:04:38:aa:84:
ce:cc:1f:9f:cd:e5:ab:3c:89:11:b3:37:12:b5:44:
42:93:b1:5b:ce:a2:0f:6e:fb:c4:62:0d:c1:2e:9b:
e4:65:4d:a2:b0:d4:0e:92:84:46:98:58:9c:8b:fa:
cf:c0:39:36:78:fc:6d:79:cb:53:d7:7d:62:35:b6:
04:18:0c:4a:2e:62:f9:ae:c6:c7:9b:3c:42:36:0a:
b9:e8:42:cf:ce:3a:dd:62:28:e1:e2:8f:82:26:ae:
2c:94:97:11:34:29:03:d9:11:e3:4e:df:2a:3f:9f:
e3:47:36:fd:69:01:fb:37:60:9c:6d:21:71:4d:6b:
de:f4:af:71:d1:e6:1c:32:29:a1:f1:23:09:2b:30:
9e:f2:d3:d3:02:88:05:ce:7c:ab:31:a8:b0:43:6b:
10:05:b4:f1:0a:ed:0c:10:22:65:8c:5c:03:55:e9:
8f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:03:53:C3:19:0C:88:C2:90:07:CC:46:C1:65:E5:71:E3:8A:DB:CC
X509v3 Authority Key Identifier:
keyid:DA:FB:64:5F:13:4F:4F:DA:DA:45:E7:0B:CF:CD:93:B8:97:DB:D7:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2vtkXxNPT9raRecLz82TuJfb1yU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/1-ANTwxkMiMKQB8xGwWXlceOK28w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/2vtkXxNPT9raRecLz82TuJfb1yU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.20.0/23
Signature Algorithm: sha256WithRSAEncryption
51:ce:51:9b:01:89:c5:fc:71:b3:18:2a:f5:14:e4:f2:fa:51:
11:c0:a6:5e:04:4c:f1:24:a0:da:bf:42:2f:73:98:67:3b:c2:
8c:9f:56:f7:a6:8f:86:02:27:9d:9a:41:f6:cb:4a:bc:04:23:
45:0c:d7:5c:7e:f6:ff:9e:6a:b0:94:ec:1b:38:29:58:c6:c5:
e7:4b:45:be:e2:d3:99:14:df:d1:3e:8e:75:4e:85:d8:5e:9a:
53:39:44:6b:31:81:e4:cd:3e:e3:95:70:97:90:59:3c:dd:bb:
ba:fc:d0:9c:0c:b1:9a:93:61:52:7d:92:35:13:10:62:c9:37:
8d:c7:30:94:51:a3:e3:63:cc:bc:30:2c:8e:df:60:34:3b:00:
d5:e6:7a:80:8f:31:ca:a6:72:ad:7c:05:7a:fe:e6:8b:1c:2f:
35:17:7d:a5:22:ac:3c:a8:33:7e:8c:ee:ad:3d:2c:1f:7c:85:
b3:c0:6f:44:f8:b6:af:61:8d:d2:02:a7:05:0a:bd:29:37:69:
97:03:1f:6f:c2:3e:62:7c:a0:a1:54:5b:46:a7:18:64:e0:93:
73:7d:52:8a:73:40:68:17:26:aa:4e:71:1f:ae:22:4d:52:b0:
b5:4e:8d:d1:2b:41:56:99:16:de:e4:df:2b:c5:f8:2f:a0:a3:
ea:ee:83:d3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQmbCAZ3wokT48G674AjjrtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZmI2NDVmMTM0ZjRmZGFkYTQ1ZTcwYmNmY2Q5M2I4OTdk
YmQ3MjUwHhcNMjUwMTAyMDk1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODAzNTNjMzE5MGM4OGMyOTAwN2NjNDZjMTY1ZTU3MWUzOGFkYmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mNpn9B5NFCVjuUWZeJwUVWHcBQu
XkQJZXwPT8BP6POHZa4i2/0uCxa6xQenkiUHCc5B8JnoLSleH3PI6EnGWf7FeHos
PD6O0pSsThHaro0Xr7s59wQ4qoTOzB+fzeWrPIkRszcStURCk7FbzqIPbvvEYg3B
LpvkZU2isNQOkoRGmFici/rPwDk2ePxtectT131iNbYEGAxKLmL5rsbHmzxCNgq5
6ELPzjrdYijh4o+CJq4slJcRNCkD2RHjTt8qP5/jRzb9aQH7N2CcbSFxTWve9K9x
0eYcMimh8SMJKzCe8tPTAogFznyrMaiwQ2sQBbTxCu0MECJljFwDVemPuQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPgDU8MZDIjCkAfMRsFl5XHjitvMMB8GA1UdIwQY
MBaAFNr7ZF8TT0/a2kXnC8/Nk7iX29clMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnZ0a1h4TlBUOXJhUmVjTHo4MlR1SmZiMXlVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi83YTQ4ZjUtYmQyNC00ZGM0LThjY2Et
NmJhMGEwY2UwMWVkLzEvMS1BTlR3eGtNaU1LUUI4eEd3V1hsY2VPSzI4dy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTIvN2E0OGY1LWJkMjQtNGRjNC04Y2NhLTZiYTBhMGNlMDFl
ZC8xLzJ2dGtYeE5QVDlyYVJlY0x6ODJUdUpmYjF5VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVvxFDAN
BgkqhkiG9w0BAQsFAAOCAQEAUc5RmwGJxfxxsxgq9RTk8vpREcCmXgRM8SSg2r9C
L3OYZzvCjJ9W96aPhgInnZpB9stKvAQjRQzXXH72/55qsJTsGzgpWMbF50tFvuLT
mRTf0T6OdU6F2F6aUzlEazGB5M0+45Vwl5BZPN27uvzQnAyxmpNhUn2SNRMQYsk3
jccwlFGj42PMvDAsjt9gNDsA1eZ6gI8xyqZyrXwFev7mixwvNRd9pSKsPKgzfozu
rT0sH3yFs8BvRPi2r2GN0gKnBQq9KTdplwMfb8I+YnygoVRbRqcYZOCTc31SinNA
aBcmqk5xH64iTVKwtU6N0StBVpkW3uTfK8X4L6Cj6u6D0w==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:00 2025 by rpki-client