Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c1ce51-19eb-4096-bdb9-1bffa74a3b1d/1/z65Pgg3-mHgWxIUs5H5zHthBm3s.roa
File: z65Pgg3-mHgWxIUs5H5zHthBm3s.roa (raw, json)
Hash identifier: QVV/BCcTbAUEfdjr0oSP3uKG2Z/8whlTp1U1EHJWjDo=
Subject key identifier: CF:AE:4F:82:0D:FE:98:78:16:C4:85:2C:E4:7E:73:1E:D8:41:9B:7B
Certificate issuer: /CN=3830792b5e3bbac9f370d4cae7aba2a5cdba7a0a
Certificate serial: 01856C6F0177FD67226571F355B6D32A4CD7
Authority key identifier: 38:30:79:2B:5E:3B:BA:C9:F3:70:D4:CA:E7:AB:A2:A5:CD:BA:7A:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ODB5K147usnzcNTK56uipc26ego.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/c1ce51-19eb-4096-bdb9-1bffa74a3b1d/1/z65Pgg3-mHgWxIUs5H5zHthBm3s.roa
Signing time: Sun 01 Jan 2023 08:24:52 +0000
ROA not before: Sun 01 Jan 2023 08:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43187
IP address blocks: 91.198.7.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6f:01:77:fd:67:22:65:71:f3:55:b6:d3:2a:4c:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3830792b5e3bbac9f370d4cae7aba2a5cdba7a0a
Validity
Not Before: Jan 1 08:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cfae4f820dfe987816c4852ce47e731ed8419b7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:41:02:25:77:ad:f1:71:6f:41:46:15:07:ab:
37:bb:9d:eb:2d:d2:bc:db:6b:8f:e2:a1:dc:dc:3f:
19:37:6f:d3:b4:de:8d:5c:68:e5:29:47:1c:40:89:
75:87:d4:9f:a0:1b:5c:01:09:7f:58:52:6a:7b:fa:
f7:50:82:6b:f0:e6:73:b9:15:84:42:ca:a2:e4:ea:
c2:67:4e:53:77:e9:37:f2:df:56:30:db:80:e6:67:
5d:dc:5c:c1:97:3a:cf:4c:2d:64:b2:5f:df:48:77:
0e:85:00:45:21:3d:09:8c:fa:ab:ea:ca:39:67:85:
5d:1e:e2:b8:16:aa:aa:4f:80:29:17:e9:84:9e:a7:
42:7f:b5:58:b9:09:98:dc:35:73:2b:d9:5c:8d:f7:
fd:4b:c1:94:b0:59:02:e9:17:7f:1a:c3:76:f6:34:
82:c7:b6:33:5f:3f:8b:3d:db:04:f2:63:50:35:11:
2c:ee:ad:26:0c:ea:69:c3:ad:63:40:28:80:76:e6:
ab:d0:75:cf:16:85:66:70:4b:ab:f0:8c:88:79:ea:
93:df:c9:7d:d5:a9:61:4f:f7:7f:c4:99:2b:44:9c:
ae:38:e7:3e:e7:c4:1b:e3:f8:d4:5c:c5:3d:a9:72:
d3:60:10:f6:16:8b:02:8a:a1:e5:f8:fe:e7:58:39:
26:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:AE:4F:82:0D:FE:98:78:16:C4:85:2C:E4:7E:73:1E:D8:41:9B:7B
X509v3 Authority Key Identifier:
keyid:38:30:79:2B:5E:3B:BA:C9:F3:70:D4:CA:E7:AB:A2:A5:CD:BA:7A:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ODB5K147usnzcNTK56uipc26ego.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c1ce51-19eb-4096-bdb9-1bffa74a3b1d/1/z65Pgg3-mHgWxIUs5H5zHthBm3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c1ce51-19eb-4096-bdb9-1bffa74a3b1d/1/ODB5K147usnzcNTK56uipc26ego.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.7.0/24
Signature Algorithm: sha256WithRSAEncryption
45:fc:d1:82:99:04:f9:9a:ee:46:e1:34:00:ae:39:8f:e2:38:
8f:58:00:fa:04:e8:c4:8e:95:55:dc:a6:71:23:f4:95:eb:68:
5c:f7:aa:64:87:72:0a:32:78:e2:2c:bc:3d:2a:ba:5a:f9:47:
48:54:74:d8:35:bd:fc:14:d2:7b:b5:26:bf:3c:bf:24:c2:dd:
80:9e:69:bc:2b:6a:41:02:10:48:3d:f2:b1:5c:b6:a2:f6:c6:
7e:92:be:e4:f7:66:15:57:75:e6:08:b8:e9:9b:9e:2f:c8:2b:
17:a0:91:dd:fd:c5:b2:55:1f:77:43:60:f0:ed:0f:44:d4:49:
8f:93:1c:9a:61:3a:65:22:78:50:20:17:07:32:a4:b8:77:e3:
6e:58:a4:55:22:ac:16:45:e6:f5:c4:f8:22:06:f7:82:2d:f9:
a4:aa:99:5c:dc:15:bf:3b:ed:a2:4e:8b:dc:cb:53:f0:63:4b:
95:ce:87:61:98:ab:4b:cf:cb:42:6e:4f:4e:69:e0:66:11:b8:
37:0d:58:1f:1d:68:bc:f2:65:74:b8:2b:68:54:fd:79:f2:7c:
a2:13:79:d0:40:dc:a0:34:bf:e8:28:26:9b:ee:9b:14:5d:fe:
2c:d4:b9:89:1b:83:56:5b:02:43:81:3b:ca:f9:60:fa:d9:51:
3a:fc:d2:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsbwF3/WciZXHzVbbTKkzXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MzA3OTJiNWUzYmJhYzlmMzcwZDRjYWU3YWJhMmE1Y2Ri
YTdhMGEwHhcNMjMwMTAxMDgyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmFlNGY4MjBkZmU5ODc4MTZjNDg1MmNlNDdlNzMxZWQ4NDE5YjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEECJXet8XFvQUYVB6s3u53rLdK8
22uP4qHc3D8ZN2/TtN6NXGjlKUccQIl1h9SfoBtcAQl/WFJqe/r3UIJr8OZzuRWE
Qsqi5OrCZ05Td+k38t9WMNuA5mdd3FzBlzrPTC1ksl/fSHcOhQBFIT0JjPqr6so5
Z4VdHuK4FqqqT4ApF+mEnqdCf7VYuQmY3DVzK9lcjff9S8GUsFkC6Rd/GsN29jSC
x7YzXz+LPdsE8mNQNREs7q0mDOppw61jQCiAduar0HXPFoVmcEur8IyIeeqT38l9
1alhT/d/xJkrRJyuOOc+58Qb4/jUXMU9qXLTYBD2FosCiqHl+P7nWDkmRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM+uT4IN/ph4FsSFLOR+cx7YQZt7MB8GA1UdIwQY
MBaAFDgweSteO7rJ83DUyueroqXNunoKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0RCNUsxNDd1c256Y05USzU2dWlwYzI2ZWdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jMWNlNTEtMTllYi00MDk2LWJkYjkt
MWJmZmE3NGEzYjFkLzEvejY1UGdnMy1tSGdXeElVczVINXpIdGhCbTNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9jMWNlNTEtMTllYi00MDk2LWJkYjktMWJmZmE3NGEzYjFk
LzEvT0RCNUsxNDd1c256Y05USzU2dWlwYzI2ZWdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8YHMA0G
CSqGSIb3DQEBCwUAA4IBAQBF/NGCmQT5mu5G4TQArjmP4jiPWAD6BOjEjpVV3KZx
I/SV62hc96pkh3IKMnjiLLw9Krpa+UdIVHTYNb38FNJ7tSa/PL8kwt2Anmm8K2pB
AhBIPfKxXLai9sZ+kr7k92YVV3XmCLjpm54vyCsXoJHd/cWyVR93Q2Dw7Q9E1EmP
kxyaYTplInhQIBcHMqS4d+NuWKRVIqwWReb1xPgiBveCLfmkqplc3BW/O+2iTovc
y1PwY0uVzodhmKtLz8tCbk9OaeBmEbg3DVgfHWi88mV0uCtoVP158nyiE3nQQNyg
NL/oKCab7psUXf4s1LmJG4NWWwJDgTvK+WD62VE6/NKa
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:03:47 2025 by rpki-client