Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/ccaf34-3dee-4fe2-b2fc-8dd453ab423d/1/rgvtyID9p-DqMnjSKCFn-cGMrm8.roa
File: rgvtyID9p-DqMnjSKCFn-cGMrm8.roa (raw, json)
Hash identifier: KZX9vOyc4u5urfjnyI1iRG4cI0C7NijDH3Acv+79gvU=
Subject key identifier: AE:0B:ED:C8:80:FD:A7:E0:EA:32:78:D2:28:21:67:F9:C1:8C:AE:6F
Certificate issuer: /CN=b9a9088bb4201ce46d8eb83dc9f38c78b8f3be1b
Certificate serial: 019421440415C600734D22A47889ECAB7AAC
Authority key identifier: B9:A9:08:8B:B4:20:1C:E4:6D:8E:B8:3D:C9:F3:8C:78:B8:F3:BE:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uakIi7QgHORtjrg9yfOMeLjzvhs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/ccaf34-3dee-4fe2-b2fc-8dd453ab423d/1/rgvtyID9p-DqMnjSKCFn-cGMrm8.roa
Signing time: Wed 01 Jan 2025 09:48:13 +0000
ROA not before: Wed 01 Jan 2025 09:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51450
IP address blocks: 91.217.170.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:04:15:c6:00:73:4d:22:a4:78:89:ec:ab:7a:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9a9088bb4201ce46d8eb83dc9f38c78b8f3be1b
Validity
Not Before: Jan 1 09:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae0bedc880fda7e0ea3278d2282167f9c18cae6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:f8:22:b3:4c:ff:b4:d9:13:e9:c1:1c:4a:cb:
4e:0e:0c:b2:20:69:87:7e:4b:f7:12:61:0c:63:ae:
2b:9f:60:03:6c:7c:8b:4d:37:93:5d:b3:6b:7f:af:
f1:b9:fc:16:df:95:8c:a7:a6:fc:6d:78:c4:2c:79:
aa:1a:fd:ca:7c:0a:d0:bc:8d:be:9c:38:1d:a5:b5:
a1:53:e8:78:cd:d7:e4:c3:0f:12:31:08:63:73:f1:
3c:09:40:a4:97:b1:30:8c:f8:5c:9a:cf:f1:1d:ed:
8a:7c:95:07:7f:ad:f3:33:28:10:bb:16:33:eb:44:
ae:d4:00:ad:f5:9e:52:db:43:17:6f:1f:5d:fa:98:
e2:2a:f5:0f:b7:b2:b0:c8:75:b9:7d:29:dd:1b:26:
b7:96:18:c0:06:78:f1:4c:8e:88:b1:43:05:80:c4:
56:80:7e:7a:f3:6f:c3:dd:e5:6c:81:dc:2f:ad:a1:
64:19:da:c9:87:23:7e:cf:86:c1:02:cf:03:e9:21:
93:03:57:5b:a2:a0:72:70:b5:c5:77:1d:4f:4c:34:
5f:d5:ab:9b:03:ab:5b:56:e2:de:a4:3f:e4:f3:57:
7e:87:3b:0d:a2:a4:5b:cf:c1:0f:f8:16:4a:20:e1:
65:2f:14:2c:c8:18:1c:d9:e4:91:ca:54:58:ef:95:
f6:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:0B:ED:C8:80:FD:A7:E0:EA:32:78:D2:28:21:67:F9:C1:8C:AE:6F
X509v3 Authority Key Identifier:
keyid:B9:A9:08:8B:B4:20:1C:E4:6D:8E:B8:3D:C9:F3:8C:78:B8:F3:BE:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uakIi7QgHORtjrg9yfOMeLjzvhs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/ccaf34-3dee-4fe2-b2fc-8dd453ab423d/1/rgvtyID9p-DqMnjSKCFn-cGMrm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/ccaf34-3dee-4fe2-b2fc-8dd453ab423d/1/uakIi7QgHORtjrg9yfOMeLjzvhs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.170.0/24
Signature Algorithm: sha256WithRSAEncryption
69:90:f7:60:a5:00:1b:b2:7c:ba:56:f9:72:4f:39:7f:c9:4d:
58:42:90:d1:38:31:de:a8:62:65:e0:d8:69:98:71:b3:da:ce:
22:d8:da:26:d9:9b:a1:76:ea:9e:2c:9a:9f:9d:02:92:df:53:
c4:2e:82:7b:78:9a:ae:5d:6c:df:1c:21:ee:5a:b9:04:24:c2:
2d:1b:61:8d:42:1d:56:80:0d:3e:7d:b1:71:3e:67:6f:8d:50:
f2:b4:30:9c:77:f2:66:1e:f3:db:1a:6d:2b:07:6c:ab:26:60:
4b:e5:9d:41:91:6f:fb:fd:28:53:3d:ae:99:db:2b:ed:d0:bf:
a6:ae:73:e8:9f:75:e6:6a:c6:9e:71:fb:44:f2:25:96:35:c8:
15:0b:ee:5c:ae:a8:30:59:ed:c7:12:42:fa:c8:48:ee:4b:5c:
2a:f9:e9:ec:d7:2a:3b:2f:5a:7e:c8:33:d8:20:a6:72:52:18:
93:01:49:06:b4:35:7b:da:e0:5b:50:ac:b1:00:d2:b4:14:10:
9b:40:96:0c:a9:be:a1:60:77:e5:06:bb:38:ca:c9:f0:09:e2:
8e:b1:b3:8c:2a:af:68:4e:0a:41:ad:5c:ad:c7:9a:c1:e9:78:
99:98:9e:61:e3:f4:fa:04:ee:b7:80:38:13:0c:49:1a:ff:ef:
79:15:03:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRAQVxgBzTSKkeInsq3qsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YTkwODhiYjQyMDFjZTQ2ZDhlYjgzZGM5ZjM4Yzc4Yjhm
M2JlMWIwHhcNMjUwMTAxMDk0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTBiZWRjODgwZmRhN2UwZWEzMjc4ZDIyODIxNjdmOWMxOGNhZTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4/gis0z/tNkT6cEcSstODgyyIGmH
fkv3EmEMY64rn2ADbHyLTTeTXbNrf6/xufwW35WMp6b8bXjELHmqGv3KfArQvI2+
nDgdpbWhU+h4zdfkww8SMQhjc/E8CUCkl7EwjPhcms/xHe2KfJUHf63zMygQuxYz
60Su1ACt9Z5S20MXbx9d+pjiKvUPt7KwyHW5fSndGya3lhjABnjxTI6IsUMFgMRW
gH5682/D3eVsgdwvraFkGdrJhyN+z4bBAs8D6SGTA1dboqBycLXFdx1PTDRf1aub
A6tbVuLepD/k81d+hzsNoqRbz8EP+BZKIOFlLxQsyBgc2eSRylRY75X2qQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK4L7ciA/afg6jJ40ighZ/nBjK5vMB8GA1UdIwQY
MBaAFLmpCIu0IBzkbY64PcnzjHi4874bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWFrSWk3UWdIT1J0anJnOXlmT01lTGp6dmhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9jY2FmMzQtM2RlZS00ZmUyLWIyZmMt
OGRkNDUzYWI0MjNkLzEvcmd2dHlJRDlwLURxTW5qU0tDRm4tY0dNcm04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9jY2FmMzQtM2RlZS00ZmUyLWIyZmMtOGRkNDUzYWI0MjNk
LzEvdWFrSWk3UWdIT1J0anJnOXlmT01lTGp6dmhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9mqMA0G
CSqGSIb3DQEBCwUAA4IBAQBpkPdgpQAbsny6VvlyTzl/yU1YQpDRODHeqGJl4Nhp
mHGz2s4i2Nom2ZuhduqeLJqfnQKS31PELoJ7eJquXWzfHCHuWrkEJMItG2GNQh1W
gA0+fbFxPmdvjVDytDCcd/JmHvPbGm0rB2yrJmBL5Z1BkW/7/ShTPa6Z2yvt0L+m
rnPon3XmasaecftE8iWWNcgVC+5crqgwWe3HEkL6yEjuS1wq+ens1yo7L1p+yDPY
IKZyUhiTAUkGtDV72uBbUKyxANK0FBCbQJYMqb6hYHflBrs4ysnwCeKOsbOMKq9o
TgpBrVytx5rB6XiZmJ5h4/T6BO63gDgTDEka/+95FQPu
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:48 2025 by rpki-client