Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/4ce012-33ea-4b6e-9065-a2c4c231ddf7/1/ri0q77CsDD0bTPaXxk_jRAdQRhY.roa
File: ri0q77CsDD0bTPaXxk_jRAdQRhY.roa (raw, json)
Hash identifier: 4DUjc0lydMIPXrmRym+WpRLgbblgRfFg3jdmltIqOW8=
Subject key identifier: AE:2D:2A:EF:B0:AC:0C:3D:1B:4C:F6:97:C6:4F:E3:44:07:50:46:16
Certificate issuer: /CN=7e750d6fcb8a40cd661cf73d1acabd8305e877fd
Certificate serial: 01941FFA3BD0592F7D688A07B9BC8AA34E8F
Authority key identifier: 7E:75:0D:6F:CB:8A:40:CD:66:1C:F7:3D:1A:CA:BD:83:05:E8:77:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fnUNb8uKQM1mHPc9Gsq9gwXod_0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/4ce012-33ea-4b6e-9065-a2c4c231ddf7/1/ri0q77CsDD0bTPaXxk_jRAdQRhY.roa
Signing time: Wed 01 Jan 2025 03:48:00 +0000
ROA not before: Wed 01 Jan 2025 03:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31027
IP address blocks: 91.230.68.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:3b:d0:59:2f:7d:68:8a:07:b9:bc:8a:a3:4e:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e750d6fcb8a40cd661cf73d1acabd8305e877fd
Validity
Not Before: Jan 1 03:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae2d2aefb0ac0c3d1b4cf697c64fe34407504616
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9d:cd:b3:50:cb:b4:74:89:9e:ce:0a:63:b6:
df:97:87:1b:4b:a6:18:f4:c7:4b:73:d3:d8:4d:bd:
50:bf:38:77:30:53:55:fd:7a:19:cd:f4:e6:3a:90:
63:65:cc:5b:7f:09:17:54:0e:28:9e:eb:5a:74:34:
a8:26:00:ca:c0:70:60:68:d5:52:88:d4:28:3b:12:
e4:32:04:e0:2e:1b:61:5e:cb:82:72:c4:d3:7a:f6:
0a:49:a9:ca:b3:1f:58:47:c8:de:b3:90:31:3e:aa:
26:4d:a3:7b:e7:3e:86:42:cb:70:dc:80:94:cf:dd:
3a:8b:a3:3b:00:7d:5a:d5:82:84:3f:c0:ff:57:6a:
1d:70:69:6c:22:56:79:89:60:73:ba:d7:d2:2e:dd:
cd:d1:47:50:8b:0c:d0:e7:8a:2c:f9:fe:9d:76:1f:
d4:f1:95:b4:6a:07:b9:01:8f:fb:e9:79:74:b0:5d:
cc:6c:9e:c1:76:23:d6:57:3f:c3:ba:d5:43:9e:6c:
98:a9:f0:87:25:10:5f:e8:ce:31:72:72:0d:b8:8c:
1e:91:de:c9:4b:51:64:49:54:a7:a9:fd:62:55:2e:
ab:b5:b0:3b:a7:6b:09:a4:b3:df:69:5e:da:5e:78:
fc:80:45:a2:4c:22:a1:74:f2:7c:9b:9d:bf:55:55:
af:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:2D:2A:EF:B0:AC:0C:3D:1B:4C:F6:97:C6:4F:E3:44:07:50:46:16
X509v3 Authority Key Identifier:
keyid:7E:75:0D:6F:CB:8A:40:CD:66:1C:F7:3D:1A:CA:BD:83:05:E8:77:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fnUNb8uKQM1mHPc9Gsq9gwXod_0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/4ce012-33ea-4b6e-9065-a2c4c231ddf7/1/ri0q77CsDD0bTPaXxk_jRAdQRhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/4ce012-33ea-4b6e-9065-a2c4c231ddf7/1/fnUNb8uKQM1mHPc9Gsq9gwXod_0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.68.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:ef:65:89:25:3e:04:51:3b:83:e3:c6:c9:08:b4:55:93:a6:
a9:8e:ee:4b:6b:83:1f:4d:ee:e9:22:fe:3d:f8:7f:49:23:e3:
de:9f:5b:0f:f5:7d:db:82:09:5d:01:8b:12:11:e5:19:ca:d8:
85:38:a2:26:a7:d7:a6:6e:2e:5d:d5:a0:f5:0d:37:d3:c0:5d:
a0:d4:79:85:37:d4:08:fb:6f:8f:60:5c:17:e4:f7:6c:36:06:
0b:33:79:fb:08:b1:d9:25:b4:b6:74:f6:35:e2:f3:24:42:ef:
fd:4f:96:04:10:2d:9f:30:26:2e:07:0f:1b:0a:9e:83:5e:ac:
ee:9a:55:28:1b:80:57:58:2b:16:fd:36:bd:05:14:a0:79:e7:
2d:66:ae:69:38:91:c8:b2:18:de:e2:47:e6:7b:95:e8:8e:c0:
9b:77:5b:9e:21:75:21:01:ed:dd:0b:1e:c5:30:4b:d4:54:7d:
47:c2:d3:83:4a:78:92:a7:f0:cb:dc:67:2e:1f:8a:7d:2b:e0:
45:11:64:ff:fa:c1:53:54:b4:29:60:8f:af:8c:e4:9f:84:6c:
9f:db:f2:d7:ca:56:cf:ce:89:03:f3:50:0d:51:35:91:ee:5b:
26:34:3b:87:1a:d6:ea:83:c6:e6:ad:fb:a4:3d:7b:28:5a:51:
97:95:ee:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+jvQWS99aIoHubyKo06PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlNzUwZDZmY2I4YTQwY2Q2NjFjZjczZDFhY2FiZDgzMDVl
ODc3ZmQwHhcNMjUwMTAxMDM0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTJkMmFlZmIwYWMwYzNkMWI0Y2Y2OTdjNjRmZTM0NDA3NTA0NjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs53Ns1DLtHSJns4KY7bfl4cbS6YY
9MdLc9PYTb1Qvzh3MFNV/XoZzfTmOpBjZcxbfwkXVA4onutadDSoJgDKwHBgaNVS
iNQoOxLkMgTgLhthXsuCcsTTevYKSanKsx9YR8jes5AxPqomTaN75z6GQstw3ICU
z906i6M7AH1a1YKEP8D/V2odcGlsIlZ5iWBzutfSLt3N0UdQiwzQ54os+f6ddh/U
8ZW0age5AY/76Xl0sF3MbJ7BdiPWVz/DutVDnmyYqfCHJRBf6M4xcnINuIwekd7J
S1FkSVSnqf1iVS6rtbA7p2sJpLPfaV7aXnj8gEWiTCKhdPJ8m52/VVWvfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK4tKu+wrAw9G0z2l8ZP40QHUEYWMB8GA1UdIwQY
MBaAFH51DW/LikDNZhz3PRrKvYMF6Hf9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZm5VTmI4dUtRTTFtSFBjOUdzcTlnd1hvZF8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80Y2UwMTItMzNlYS00YjZlLTkwNjUt
YTJjNGMyMzFkZGY3LzEvcmkwcTc3Q3NERDBiVFBhWHhrX2pSQWRRUmhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80Y2UwMTItMzNlYS00YjZlLTkwNjUtYTJjNGMyMzFkZGY3
LzEvZm5VTmI4dUtRTTFtSFBjOUdzcTlnd1hvZF8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+ZEMA0G
CSqGSIb3DQEBCwUAA4IBAQBP72WJJT4EUTuD48bJCLRVk6apju5La4MfTe7pIv49
+H9JI+Pen1sP9X3bggldAYsSEeUZytiFOKImp9embi5d1aD1DTfTwF2g1HmFN9QI
+2+PYFwX5PdsNgYLM3n7CLHZJbS2dPY14vMkQu/9T5YEEC2fMCYuBw8bCp6DXqzu
mlUoG4BXWCsW/Ta9BRSgeectZq5pOJHIshje4kfme5XojsCbd1ueIXUhAe3dCx7F
MEvUVH1HwtODSniSp/DL3GcuH4p9K+BFEWT/+sFTVLQpYI+vjOSfhGyf2/LXylbP
zokD81ANUTWR7lsmNDuHGtbqg8bmrfukPXsoWlGXle6K
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:08:45 2025 by rpki-client