Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/738edb-d9ff-4af5-8341-fc5cc64db749/1/dejiYWXpVyt-n4zSW5_bBe-6r0A.roa
File: dejiYWXpVyt-n4zSW5_bBe-6r0A.roa (raw, json)
Hash identifier: S+DqE/3RRz1xoArghf5VPCEdg1QAxwIn8VFz5upxaGc=
Subject key identifier: 75:E8:E2:61:65:E9:57:2B:7E:9F:8C:D2:5B:9F:DB:05:EF:BA:AF:40
Certificate issuer: /CN=71ee7ed4a6a91054e6bc2498693fe0c2f862101d
Certificate serial: 019424B3FE4730955ADC9925473121B2ACCC
Authority key identifier: 71:EE:7E:D4:A6:A9:10:54:E6:BC:24:98:69:3F:E0:C2:F8:62:10:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ce5-1KapEFTmvCSYaT_gwvhiEB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/738edb-d9ff-4af5-8341-fc5cc64db749/1/dejiYWXpVyt-n4zSW5_bBe-6r0A.roa
Signing time: Thu 02 Jan 2025 01:49:23 +0000
ROA not before: Thu 02 Jan 2025 01:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 196721
IP address blocks: 91.212.81.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:fe:47:30:95:5a:dc:99:25:47:31:21:b2:ac:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71ee7ed4a6a91054e6bc2498693fe0c2f862101d
Validity
Not Before: Jan 2 01:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75e8e26165e9572b7e9f8cd25b9fdb05efbaaf40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d3:cd:c1:71:ea:0a:af:d3:c7:72:0a:65:d8:
3a:bb:7b:01:df:eb:37:29:df:ad:da:f1:94:33:f7:
ac:6c:5a:11:80:89:28:df:1d:31:58:02:c1:b9:ff:
42:ab:a7:7c:5c:69:a6:21:c7:7d:ff:e6:71:9d:48:
b4:99:54:78:75:5e:d5:d9:21:6e:f5:1c:fa:70:66:
bb:26:71:74:ce:e9:76:49:3e:ee:8e:7f:22:81:a0:
4d:62:ec:bf:01:bf:16:1d:9c:8c:7c:fd:95:6b:79:
77:43:32:ec:53:53:e7:19:ac:97:1a:f4:e8:e4:ad:
27:c5:51:a2:93:5f:c1:86:a6:2f:4d:77:6b:16:bf:
27:7d:5c:69:c2:48:58:99:fb:0b:80:2c:4a:bb:e6:
e4:7f:3b:e7:68:74:37:43:b9:c8:39:fc:6e:b6:70:
cc:71:fc:2e:ec:7a:7a:c3:27:f1:7e:f5:40:6e:5e:
4c:2b:ff:6f:67:c4:35:f0:d5:7f:5e:d4:73:7b:e2:
8e:e9:e3:1a:18:3e:a7:0a:f0:5c:48:1b:eb:6a:5d:
68:1f:c2:9a:f8:03:4e:03:37:3f:f0:f8:6f:a2:4b:
84:33:91:be:db:ad:a3:af:58:0a:34:eb:e7:6d:20:
b7:b1:65:9c:8e:63:bd:e4:af:58:ae:f6:36:70:71:
13:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:E8:E2:61:65:E9:57:2B:7E:9F:8C:D2:5B:9F:DB:05:EF:BA:AF:40
X509v3 Authority Key Identifier:
keyid:71:EE:7E:D4:A6:A9:10:54:E6:BC:24:98:69:3F:E0:C2:F8:62:10:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce5-1KapEFTmvCSYaT_gwvhiEB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/738edb-d9ff-4af5-8341-fc5cc64db749/1/dejiYWXpVyt-n4zSW5_bBe-6r0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/738edb-d9ff-4af5-8341-fc5cc64db749/1/ce5-1KapEFTmvCSYaT_gwvhiEB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.81.0/24
Signature Algorithm: sha256WithRSAEncryption
19:91:d3:a1:2c:be:48:cf:43:c7:3f:23:a1:01:87:40:eb:35:
47:2e:06:a8:41:94:02:6c:c3:68:a8:26:92:86:2c:ee:f8:dd:
76:fa:34:53:af:e6:2c:39:1e:db:f8:46:cd:70:0e:d2:ae:c9:
63:3a:3f:db:75:56:6d:66:ec:b9:08:8e:64:57:dd:6e:82:e4:
96:9e:3e:ee:93:75:df:76:ea:e9:89:8f:6e:33:fa:86:a5:ae:
c6:8a:57:e5:f9:3a:5e:66:fc:72:71:e7:1d:01:98:c1:65:90:
a5:8e:a2:7b:b4:7e:fc:c6:b9:01:bc:23:41:85:06:d7:af:7b:
0e:c2:d9:d9:c1:60:dc:0b:d0:3a:6d:21:1c:f9:42:ff:3c:54:
65:f4:1a:d2:29:e2:9c:86:16:29:b4:76:c6:9b:20:c0:a7:e1:
e6:8d:32:8f:c4:6b:54:c1:f6:9f:52:35:1a:d0:69:cc:0c:dd:
e5:18:f5:7d:27:fe:11:b1:b0:34:c6:fb:e1:a0:70:45:da:fa:
64:0d:6d:28:0d:a2:78:d6:12:4c:da:31:e8:7d:e8:39:7a:92:
da:d4:94:a3:cf:65:a9:22:a1:53:a1:cb:52:bc:f2:65:ba:60:
29:8d:10:54:41:9d:87:f1:59:dd:24:fb:48:70:9a:06:fb:a5:
cd:40:56:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks/5HMJVa3JklRzEhsqzMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxZWU3ZWQ0YTZhOTEwNTRlNmJjMjQ5ODY5M2ZlMGMyZjg2
MjEwMWQwHhcNMjUwMTAyMDE0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWU4ZTI2MTY1ZTk1NzJiN2U5ZjhjZDI1YjlmZGIwNWVmYmFhZjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdPNwXHqCq/Tx3IKZdg6u3sB3+s3
Kd+t2vGUM/esbFoRgIko3x0xWALBuf9Cq6d8XGmmIcd9/+ZxnUi0mVR4dV7V2SFu
9Rz6cGa7JnF0zul2ST7ujn8igaBNYuy/Ab8WHZyMfP2Va3l3QzLsU1PnGayXGvTo
5K0nxVGik1/BhqYvTXdrFr8nfVxpwkhYmfsLgCxKu+bkfzvnaHQ3Q7nIOfxutnDM
cfwu7Hp6wyfxfvVAbl5MK/9vZ8Q18NV/XtRze+KO6eMaGD6nCvBcSBvral1oH8Ka
+ANOAzc/8PhvokuEM5G+262jr1gKNOvnbSC3sWWcjmO95K9YrvY2cHETCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHXo4mFl6Vcrfp+M0luf2wXvuq9AMB8GA1UdIwQY
MBaAFHHuftSmqRBU5rwkmGk/4ML4YhAdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2U1LTFLYXBFRlRtdkNTWWFUX2d3dmhpRUIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83MzhlZGItZDlmZi00YWY1LTgzNDEt
ZmM1Y2M2NGRiNzQ5LzEvZGVqaVlXWHBWeXQtbjR6U1c1X2JCZS02cjBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83MzhlZGItZDlmZi00YWY1LTgzNDEtZmM1Y2M2NGRiNzQ5
LzEvY2U1LTFLYXBFRlRtdkNTWWFUX2d3dmhpRUIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9RRMA0G
CSqGSIb3DQEBCwUAA4IBAQAZkdOhLL5Iz0PHPyOhAYdA6zVHLgaoQZQCbMNoqCaS
hizu+N12+jRTr+YsOR7b+EbNcA7SrsljOj/bdVZtZuy5CI5kV91uguSWnj7uk3Xf
durpiY9uM/qGpa7Gilfl+TpeZvxycecdAZjBZZCljqJ7tH78xrkBvCNBhQbXr3sO
wtnZwWDcC9A6bSEc+UL/PFRl9BrSKeKchhYptHbGmyDAp+HmjTKPxGtUwfafUjUa
0GnMDN3lGPV9J/4RsbA0xvvhoHBF2vpkDW0oDaJ41hJM2jHofeg5epLa1JSjz2Wp
IqFToctSvPJlumApjRBUQZ2H8VndJPtIcJoG+6XNQFYI
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:13:12 2025 by rpki-client