Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/f8fb71-a7c7-4f92-8743-9c708dac1d92/1/rwRRPql1rIQzsq_i06yzoO2wgHQ.roa
File: rwRRPql1rIQzsq_i06yzoO2wgHQ.roa (raw, json)
Hash identifier: 0FdnTsSRRUfY+3q4ZnKlxf+D+uYOXphiuhAQtxiPw20=
Subject key identifier: AF:04:51:3E:A9:75:AC:84:33:B2:AF:E2:D3:AC:B3:A0:ED:B0:80:74
Certificate issuer: /CN=59007408bbf8ad9044de68046587c7589b72ebef
Certificate serial: 01941FFA88661C8F5D6A42321EBDE01925E8
Authority key identifier: 59:00:74:08:BB:F8:AD:90:44:DE:68:04:65:87:C7:58:9B:72:EB:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WQB0CLv4rZBE3mgEZYfHWJty6-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/f8fb71-a7c7-4f92-8743-9c708dac1d92/1/rwRRPql1rIQzsq_i06yzoO2wgHQ.roa
Signing time: Wed 01 Jan 2025 03:48:20 +0000
ROA not before: Wed 01 Jan 2025 03:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35407
IP address blocks: 91.213.105.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:88:66:1c:8f:5d:6a:42:32:1e:bd:e0:19:25:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59007408bbf8ad9044de68046587c7589b72ebef
Validity
Not Before: Jan 1 03:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af04513ea975ac8433b2afe2d3acb3a0edb08074
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:64:5b:eb:e4:cd:20:26:f4:78:2f:cd:a7:32:
64:c7:ca:d2:7f:a2:16:f0:9e:cf:6c:18:ba:b1:67:
9f:7a:f1:80:67:ed:5c:58:ab:8c:10:1b:21:7b:fc:
79:ff:d7:10:51:a2:70:f6:ce:c6:cf:d9:03:2a:2e:
dd:cc:37:3b:6b:87:4f:d0:78:d2:cf:81:e6:c1:e3:
65:be:2f:3f:99:d4:59:41:cd:f1:95:2f:20:d0:e7:
83:45:68:0b:21:9b:c3:aa:45:a4:47:2d:8f:3f:97:
38:89:b3:19:a8:5d:c3:6f:ea:75:2f:46:0d:6a:02:
b2:b5:25:66:a2:df:4a:c5:7e:7d:f3:59:58:c0:ae:
6e:99:f8:9a:25:96:50:44:73:c2:c7:7e:13:0f:05:
33:ce:e9:2f:70:7e:8d:c2:48:5a:99:e4:68:87:ff:
9f:5b:04:2c:c1:a7:e6:77:54:c2:ea:2f:f6:de:f1:
82:9f:69:9c:4d:be:dc:e4:21:df:3a:09:b2:55:2a:
07:d9:be:03:0c:0d:a3:76:2f:2f:d9:61:b5:5d:2f:
1b:da:8f:2f:db:9c:fb:f4:42:48:44:51:ec:40:f0:
5d:be:72:ce:3b:4d:81:44:86:36:fb:ac:0c:d9:bb:
fd:ca:9e:da:e7:de:1d:b4:6a:54:eb:2a:86:97:8f:
55:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:04:51:3E:A9:75:AC:84:33:B2:AF:E2:D3:AC:B3:A0:ED:B0:80:74
X509v3 Authority Key Identifier:
keyid:59:00:74:08:BB:F8:AD:90:44:DE:68:04:65:87:C7:58:9B:72:EB:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WQB0CLv4rZBE3mgEZYfHWJty6-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f8fb71-a7c7-4f92-8743-9c708dac1d92/1/rwRRPql1rIQzsq_i06yzoO2wgHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f8fb71-a7c7-4f92-8743-9c708dac1d92/1/WQB0CLv4rZBE3mgEZYfHWJty6-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.105.0/24
Signature Algorithm: sha256WithRSAEncryption
45:f0:0c:15:87:1c:5e:e3:cb:59:9e:fc:95:de:74:b8:18:85:
9b:1a:1f:4a:78:ee:11:e5:be:90:8b:1b:94:0e:18:fb:a7:76:
32:d0:75:33:d8:c4:69:0f:9b:93:18:25:62:12:97:d6:55:4e:
2b:35:84:7e:a7:b6:8c:b8:d5:56:82:89:9d:f7:0c:83:5b:5a:
9d:72:cc:23:a2:08:d5:aa:d4:3e:31:5f:83:38:77:82:83:c3:
1a:76:99:5e:60:2b:a1:a1:c6:17:d1:31:cc:b4:cd:0b:0f:66:
83:8b:67:a0:5c:91:92:40:b1:81:3d:12:ae:c0:4d:48:cc:3a:
78:dc:c3:09:d1:cb:4d:1f:6e:6c:1a:2e:dd:1f:3d:d7:59:06:
dc:ca:21:6b:04:e5:c9:b4:f1:b9:bc:97:8b:56:7d:24:98:b3:
f7:75:9e:1a:d6:22:3a:99:0f:96:50:af:eb:10:b9:7a:f0:95:
2a:44:82:83:c6:a7:95:68:96:c2:f5:25:8b:45:d4:6f:16:3d:
fb:6d:b7:94:84:34:e5:93:f0:3e:17:29:2d:87:04:aa:c9:8b:
e6:bb:35:33:45:31:07:cd:92:98:85:ba:05:07:17:9a:4a:f2:
a6:bf:f3:6f:67:17:16:e0:97:8b:d7:d8:f0:07:e9:f8:b3:e8:
bc:0d:55:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+ohmHI9dakIyHr3gGSXoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5MDA3NDA4YmJmOGFkOTA0NGRlNjgwNDY1ODdjNzU4OWI3
MmViZWYwHhcNMjUwMTAxMDM0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjA0NTEzZWE5NzVhYzg0MzNiMmFmZTJkM2FjYjNhMGVkYjA4MDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmRb6+TNICb0eC/NpzJkx8rSf6IW
8J7PbBi6sWefevGAZ+1cWKuMEBshe/x5/9cQUaJw9s7Gz9kDKi7dzDc7a4dP0HjS
z4HmweNlvi8/mdRZQc3xlS8g0OeDRWgLIZvDqkWkRy2PP5c4ibMZqF3Db+p1L0YN
agKytSVmot9KxX5981lYwK5umfiaJZZQRHPCx34TDwUzzukvcH6NwkhameRoh/+f
WwQswafmd1TC6i/23vGCn2mcTb7c5CHfOgmyVSoH2b4DDA2jdi8v2WG1XS8b2o8v
25z79EJIRFHsQPBdvnLOO02BRIY2+6wM2bv9yp7a594dtGpU6yqGl49VFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK8EUT6pdayEM7Kv4tOss6DtsIB0MB8GA1UdIwQY
MBaAFFkAdAi7+K2QRN5oBGWHx1ibcuvvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1FCMENMdjRyWkJFM21nRVpZZkhXSnR5Ni04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9mOGZiNzEtYTdjNy00ZjkyLTg3NDMt
OWM3MDhkYWMxZDkyLzEvcndSUlBxbDFySVF6c3FfaTA2eXpvTzJ3Z0hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9mOGZiNzEtYTdjNy00ZjkyLTg3NDMtOWM3MDhkYWMxZDky
LzEvV1FCMENMdjRyWkJFM21nRVpZZkhXSnR5Ni04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9VpMA0G
CSqGSIb3DQEBCwUAA4IBAQBF8AwVhxxe48tZnvyV3nS4GIWbGh9KeO4R5b6QixuU
Dhj7p3Yy0HUz2MRpD5uTGCViEpfWVU4rNYR+p7aMuNVWgomd9wyDW1qdcswjogjV
qtQ+MV+DOHeCg8MadpleYCuhocYX0THMtM0LD2aDi2egXJGSQLGBPRKuwE1IzDp4
3MMJ0ctNH25sGi7dHz3XWQbcyiFrBOXJtPG5vJeLVn0kmLP3dZ4a1iI6mQ+WUK/r
ELl68JUqRIKDxqeVaJbC9SWLRdRvFj37bbeUhDTlk/A+FykthwSqyYvmuzUzRTEH
zZKYhboFBxeaSvKmv/NvZxcW4JeL19jwB+n4s+i8DVXs
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:40 2025 by rpki-client