Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/748359-eb6d-45f7-b5cb-4fd381b07f7d/1/HbDoRXzwt6W77p6TI5G6a8_dRzo.roa
File: HbDoRXzwt6W77p6TI5G6a8_dRzo.roa (raw, json)
Hash identifier: gT+YmZgOVAGlAw7Oo0iFjvULURFANy7XEH3tES+UKSw=
Subject key identifier: 1D:B0:E8:45:7C:F0:B7:A5:BB:EE:9E:93:23:91:BA:6B:CF:DD:47:3A
Certificate issuer: /CN=9d6cf689d49af30a17b810e7f275872fd916d858
Certificate serial: 03DF1845
Authority key identifier: 9D:6C:F6:89:D4:9A:F3:0A:17:B8:10:E7:F2:75:87:2F:D9:16:D8:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nWz2idSa8woXuBDn8nWHL9kW2Fg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/748359-eb6d-45f7-b5cb-4fd381b07f7d/1/HbDoRXzwt6W77p6TI5G6a8_dRzo.roa
Signing time: Sat 01 Jan 2022 13:59:38 +0000
ROA not before: Sat 01 Jan 2022 13:59:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196682
IP address blocks: 91.219.31.0/24 maxlen: 24
91.219.28.0/24 maxlen: 24
91.219.29.0/24 maxlen: 24
91.219.30.0/24 maxlen: 24
2001:678:108::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64952389 (0x3df1845)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d6cf689d49af30a17b810e7f275872fd916d858
Validity
Not Before: Jan 1 13:59:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1db0e8457cf0b7a5bbee9e932391ba6bcfdd473a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a5:fc:03:df:69:b2:c2:33:a2:df:ca:72:b1:
83:12:10:e2:74:6b:2d:1b:94:2e:9c:ed:5b:cc:71:
e9:f2:e9:59:07:a5:3d:bb:8a:37:d9:b2:68:86:52:
0d:f6:b7:f0:01:e7:a4:d5:bd:6e:b3:0e:97:43:ac:
1d:62:a4:a0:8c:42:d5:5b:f9:c4:49:fd:b8:18:47:
81:f8:99:ae:ab:a6:88:af:77:13:f5:bf:a9:d8:45:
af:8d:a7:91:50:40:31:a1:9d:9b:19:6d:1b:62:11:
d7:07:60:1c:29:8e:c9:68:6b:80:b2:ea:19:98:83:
a7:85:b7:bc:a2:8c:be:2a:61:03:98:75:5e:a5:f6:
5f:22:9d:b4:d7:c0:77:55:4e:e6:1b:6b:7c:cb:5a:
f4:3e:35:a6:bb:12:ec:df:39:7f:b7:99:f2:cf:3e:
26:b8:3c:a1:c6:8c:02:d4:52:77:c4:d6:ed:54:a9:
d0:71:a1:d9:82:cf:92:35:3f:33:08:54:a3:dc:f6:
50:e8:89:73:69:34:4e:fd:e1:e4:3f:75:ca:93:f4:
5e:ef:a9:35:b4:6f:ab:c9:40:de:ce:1a:e2:41:83:
37:03:ca:14:c0:ae:6b:30:a9:98:b6:92:84:9b:6b:
80:3c:1c:df:96:26:a5:8a:75:44:22:a0:9c:2d:50:
36:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:B0:E8:45:7C:F0:B7:A5:BB:EE:9E:93:23:91:BA:6B:CF:DD:47:3A
X509v3 Authority Key Identifier:
keyid:9D:6C:F6:89:D4:9A:F3:0A:17:B8:10:E7:F2:75:87:2F:D9:16:D8:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nWz2idSa8woXuBDn8nWHL9kW2Fg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/748359-eb6d-45f7-b5cb-4fd381b07f7d/1/HbDoRXzwt6W77p6TI5G6a8_dRzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/748359-eb6d-45f7-b5cb-4fd381b07f7d/1/nWz2idSa8woXuBDn8nWHL9kW2Fg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.28.0/22
IPv6:
2001:678:108::/48
Signature Algorithm: sha256WithRSAEncryption
b8:d5:f6:b3:45:f9:50:62:a5:74:95:e3:9b:44:87:6e:41:0a:
d7:89:a9:33:37:fe:10:38:d0:b5:b1:ad:13:b7:95:7f:04:97:
d9:38:aa:6c:ce:65:ed:de:94:7e:95:92:55:ea:51:91:78:bd:
d6:4e:ab:21:d4:67:8e:61:f4:79:8e:dc:09:a8:4a:a2:ce:89:
bd:83:f6:2d:36:81:5b:5c:63:e4:72:15:62:f1:2f:09:d2:ab:
ab:95:b1:af:a6:f5:aa:87:a0:da:2f:20:1b:c2:42:3d:ef:8d:
18:e8:03:69:67:02:47:32:6f:d1:de:a0:5e:76:26:f8:7e:66:
a7:67:8c:68:2d:cb:07:c5:38:5b:c9:59:45:c6:36:12:49:af:
5c:cf:b3:95:3e:1a:e0:d1:e4:42:d8:d5:c5:e4:95:37:6a:a2:
de:ec:5b:4b:27:7b:02:d5:34:ca:fa:ea:97:a1:d5:71:c8:f5:
cf:82:cc:c5:2c:b1:0d:75:20:3e:42:59:17:d3:88:5d:34:33:
61:64:8c:8f:bb:77:de:49:f4:da:a9:e5:46:c4:4a:47:95:27:
94:77:97:09:67:2b:cd:da:26:b8:45:70:b8:b2:f4:7c:2c:9f:
d1:83:84:a2:0c:1e:9a:96:c3:f8:47:e1:cd:f6:eb:0f:e5:b9:
43:07:7e:0d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEA98YRTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDZjZjY4OWQ0OWFmMzBhMTdiODEwZTdmMjc1ODcyZmQ5MTZkODU4MB4XDTIyMDEw
MTEzNTkzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWRiMGU4NDU3Y2Yw
YjdhNWJiZWU5ZTkzMjM5MWJhNmJjZmRkNDczYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMel/APfabLCM6LfynKxgxIQ4nRrLRuULpztW8xx6fLpWQel
PbuKN9myaIZSDfa38AHnpNW9brMOl0OsHWKkoIxC1Vv5xEn9uBhHgfiZrqumiK93
E/W/qdhFr42nkVBAMaGdmxltG2IR1wdgHCmOyWhrgLLqGZiDp4W3vKKMviphA5h1
XqX2XyKdtNfAd1VO5htrfMta9D41prsS7N85f7eZ8s8+Jrg8ocaMAtRSd8TW7VSp
0HGh2YLPkjU/MwhUo9z2UOiJc2k0Tv3h5D91ypP0Xu+pNbRvq8lA3s4a4kGDNwPK
FMCuazCpmLaShJtrgDwc35YmpYp1RCKgnC1QNrMCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQdsOhFfPC3pbvunpMjkbprz91HOjAfBgNVHSMEGDAWgBSdbPaJ1JrzChe4
EOfydYcv2RbYWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25XejJpZFNhOHdvWHVCRG44bldITDlrVzJGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvNzQ4MzU5LWViNmQtNDVmNy1iNWNiLTRmZDM4MWIwN2Y3ZC8x
L0hiRG9SWHp3dDZXNzdwNlRJNUc2YThfZFJ6by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
NzQ4MzU5LWViNmQtNDVmNy1iNWNiLTRmZDM4MWIwN2Y3ZC8xL25XejJpZFNhOHdv
WHVCRG44bldITDlrVzJGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAlvbHDAPBAIAAjAJAwcAIAEGeAEI
MA0GCSqGSIb3DQEBCwUAA4IBAQC41fazRflQYqV0leObRIduQQrXiakzN/4QONC1
sa0Tt5V/BJfZOKpszmXt3pR+lZJV6lGReL3WTqsh1GeOYfR5jtwJqEqizom9g/Yt
NoFbXGPkchVi8S8J0qurlbGvpvWqh6DaLyAbwkI9740Y6ANpZwJHMm/R3qBedib4
fmanZ4xoLcsHxThbyVlFxjYSSa9cz7OVPhrg0eRC2NXF5JU3aqLe7FtLJ3sC1TTK
+uqXodVxyPXPgszFLLENdSA+QlkX04hdNDNhZIyPu3feSfTaqeVGxEpHlSeUd5cJ
ZyvN2ia4RXC4svR8LJ/Rg4SiDB6alsP4R+HN9usP5blDB34N
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:44:26 2025 by rpki-client