Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/PRhohmSPpTdafiCYHQlb6tS5RSA.roa
File: PRhohmSPpTdafiCYHQlb6tS5RSA.roa (raw, json)
Hash identifier: rmrtG9C35CBJyHZUuhN45njc7Z7w311hCWAJB2ctSsg=
Subject key identifier: 3D:18:68:86:64:8F:A5:37:5A:7E:20:98:1D:09:5B:EA:D4:B9:45:20
Certificate issuer: /CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Certificate serial: 01942368D0762B71E1E10C3F053AD6F631EA
Authority key identifier: 37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/PRhohmSPpTdafiCYHQlb6tS5RSA.roa
Signing time: Wed 01 Jan 2025 19:47:39 +0000
ROA not before: Wed 01 Jan 2025 19:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30781
IP address blocks: 91.209.107.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:d0:76:2b:71:e1:e1:0c:3f:05:3a:d6:f6:31:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Validity
Not Before: Jan 1 19:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d186886648fa5375a7e20981d095bead4b94520
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:8e:4b:dc:a5:c3:38:2a:1d:e4:36:1b:57:ea:
49:78:eb:6d:ab:40:b3:7d:22:02:84:a0:45:6f:7e:
d3:6f:0c:14:5c:67:17:75:85:10:a6:ae:8c:93:af:
a5:8d:dc:37:49:03:d6:3a:58:10:4e:c2:bd:ae:7f:
67:7b:8d:27:a9:4b:d2:0b:e5:24:d5:6e:00:8e:40:
38:60:81:24:ef:e2:ba:2d:05:87:a4:bb:0f:96:0c:
79:27:0e:4f:4c:40:d9:1f:2b:23:79:95:44:57:d9:
be:aa:f5:dc:a3:29:8a:19:32:06:92:cb:36:a0:6c:
5e:1c:f5:5f:0b:07:da:3b:e2:5e:af:63:8f:bd:5a:
3c:59:3f:cf:77:cd:3a:c8:87:b8:e6:4c:1c:43:b4:
0b:9e:1e:99:a5:6e:f3:b5:7d:c4:0a:09:f5:d9:55:
27:76:6c:70:e5:7a:47:ef:dc:02:53:a2:6c:70:2a:
95:49:7b:ad:71:c0:26:a9:94:fd:56:76:fa:24:aa:
ac:d5:34:f7:d9:e6:6f:eb:d3:9e:e2:a1:d7:4d:10:
56:83:5f:06:d1:0e:50:d1:7d:db:7e:d6:1b:73:ad:
04:f9:f2:7e:bf:e0:05:81:81:4d:86:db:4e:4b:8c:
3e:2b:a6:e2:ce:fa:7b:6f:02:fb:c9:de:5f:1d:17:
98:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:18:68:86:64:8F:A5:37:5A:7E:20:98:1D:09:5B:EA:D4:B9:45:20
X509v3 Authority Key Identifier:
keyid:37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/PRhohmSPpTdafiCYHQlb6tS5RSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.107.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:3b:0a:db:46:76:83:86:24:9e:65:bc:ef:12:a8:d5:84:74:
7d:76:c0:8b:dd:54:33:7f:9d:08:56:07:46:5e:04:22:d6:a8:
c2:10:93:7a:b0:27:13:26:02:d8:b8:25:f0:60:be:7a:f1:85:
15:b1:0a:98:32:bd:e9:82:86:71:3c:19:17:e1:7e:ca:92:f2:
9f:d0:17:37:19:7d:2a:75:5c:62:6c:59:d5:3b:06:58:0c:d6:
6b:bf:43:3d:a3:69:27:f7:d6:33:55:cc:ca:7a:cb:3c:98:83:
a7:29:83:bb:04:86:66:02:e9:af:65:ff:aa:84:ae:ac:84:9a:
bc:fc:c0:4b:a6:39:00:db:de:f4:69:9c:16:ae:a8:6c:50:05:
3d:79:93:5c:59:ef:1b:43:19:97:be:a5:38:a7:82:29:85:9a:
d7:7a:bf:64:a5:82:3a:fc:24:86:61:c6:e6:fe:c7:77:e6:03:
3c:bc:1a:ed:7c:e4:ec:fa:12:b2:3f:fe:6b:42:5f:fa:97:6b:
87:42:53:b5:20:60:d3:02:a3:07:6b:f6:ba:44:bb:09:bb:1e:
d5:87:81:0b:d6:b0:a9:7c:a6:63:43:0d:59:9d:ad:fc:61:bb:
dd:1a:1b:8e:2e:77:8e:a1:53:90:99:0d:eb:24:82:b6:ee:d1:
70:be:8a:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaNB2K3Hh4Qw/BTrW9jHqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3OTQ5YWM4NGQwYjg2OTEwZjRmZDNjZjU5NjI5MjdkODM0
NTBhZWIwHhcNMjUwMTAxMTk0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDE4Njg4NjY0OGZhNTM3NWE3ZTIwOTgxZDA5NWJlYWQ0Yjk0NTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmo5L3KXDOCod5DYbV+pJeOttq0Cz
fSIChKBFb37TbwwUXGcXdYUQpq6Mk6+ljdw3SQPWOlgQTsK9rn9ne40nqUvSC+Uk
1W4AjkA4YIEk7+K6LQWHpLsPlgx5Jw5PTEDZHysjeZVEV9m+qvXcoymKGTIGkss2
oGxeHPVfCwfaO+Jer2OPvVo8WT/Pd806yIe45kwcQ7QLnh6ZpW7ztX3ECgn12VUn
dmxw5XpH79wCU6JscCqVSXutccAmqZT9Vnb6JKqs1TT32eZv69Oe4qHXTRBWg18G
0Q5Q0X3bftYbc60E+fJ+v+AFgYFNhttOS4w+K6bizvp7bwL7yd5fHReYWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD0YaIZkj6U3Wn4gmB0JW+rUuUUgMB8GA1UdIwQY
MBaAFDeUmshNC4aRD0/Tz1likn2DRQrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgt
YTRkYjM5NmM4OTg3LzEvUFJob2htU1BwVGRhZmlDWUhRbGI2dFM1UlNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgtYTRkYjM5NmM4OTg3
LzEvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9FrMA0G
CSqGSIb3DQEBCwUAA4IBAQC2OwrbRnaDhiSeZbzvEqjVhHR9dsCL3VQzf50IVgdG
XgQi1qjCEJN6sCcTJgLYuCXwYL568YUVsQqYMr3pgoZxPBkX4X7KkvKf0Bc3GX0q
dVxibFnVOwZYDNZrv0M9o2kn99YzVczKess8mIOnKYO7BIZmAumvZf+qhK6shJq8
/MBLpjkA2970aZwWrqhsUAU9eZNcWe8bQxmXvqU4p4IphZrXer9kpYI6/CSGYcbm
/sd35gM8vBrtfOTs+hKyP/5rQl/6l2uHQlO1IGDTAqMHa/a6RLsJux7Vh4EL1rCp
fKZjQw1Zna38YbvdGhuOLneOoVOQmQ3rJIK27tFwvorL
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:17:07 2025 by rpki-client