Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/t3oRNw9z0TZMDcZd86eB8WeU3pk.roa
File: t3oRNw9z0TZMDcZd86eB8WeU3pk.roa (raw, json)
Hash identifier: cfqL4Tt3ObE7og1JVAgulYjUksDcXQj1IhJQAJGFd9k=
Subject key identifier: B7:7A:11:37:0F:73:D1:36:4C:0D:C6:5D:F3:A7:81:F1:67:94:DE:99
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019503B9CC3C98216D966256EA8ACEDD15C3
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/t3oRNw9z0TZMDcZd86eB8WeU3pk.roa
Signing time: Fri 14 Feb 2025 09:11:02 +0000
ROA not before: Fri 14 Feb 2025 09:11:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 91.208.61.0/24 maxlen: 24
193.124.36.0/24 maxlen: 24
212.192.16.0/23 maxlen: 23
212.192.18.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:03:b9:cc:3c:98:21:6d:96:62:56:ea:8a:ce:dd:15:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Feb 14 09:11:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b77a11370f73d1364c0dc65df3a781f16794de99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:68:39:d9:ba:b6:37:d2:4d:53:46:51:eb:c1:
34:cd:c1:23:9e:94:e0:16:2f:d0:22:e3:b8:3c:64:
fb:2f:f6:e7:00:d7:63:ad:96:44:1b:f8:7a:a8:b5:
28:fa:1f:b2:c1:6e:80:85:e3:8e:06:f2:1a:d8:01:
55:f1:50:02:a3:8c:41:b0:fb:56:fa:ea:c8:87:47:
21:50:29:92:7b:4a:72:a9:22:55:1e:25:fa:e3:b2:
11:2b:d0:4b:96:1e:e6:9d:f3:06:15:aa:48:58:b9:
86:86:53:1c:a8:44:26:44:a8:a5:a0:db:ee:e4:1c:
f8:1c:35:68:4e:75:f5:2f:14:f1:f0:10:10:71:2b:
99:f4:10:8d:ba:1a:87:12:0f:a7:26:36:54:32:ca:
1c:13:18:e2:c2:c0:db:5f:41:07:f5:4a:d9:d7:7a:
a1:3d:fd:46:42:14:58:0c:96:c6:2f:62:01:40:03:
b6:74:df:6d:d7:fc:dc:34:2c:6c:96:e8:15:7f:18:
7c:7e:5e:38:2b:0a:97:81:d6:a6:e2:ad:2a:a2:56:
55:98:08:fb:f9:bb:90:74:b1:99:b6:47:cc:a8:27:
11:a7:bd:76:48:e1:51:23:ac:77:71:62:31:87:35:
a9:8a:71:b9:98:7e:46:ca:50:a5:db:c4:0e:dc:c2:
94:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:7A:11:37:0F:73:D1:36:4C:0D:C6:5D:F3:A7:81:F1:67:94:DE:99
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/t3oRNw9z0TZMDcZd86eB8WeU3pk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.61.0/24
193.124.36.0/24
212.192.16.0/22
Signature Algorithm: sha256WithRSAEncryption
12:e6:48:55:8a:10:c3:be:b9:f1:bd:20:24:d0:a8:4e:dd:d2:
20:a8:1a:f7:95:8e:b0:ee:c7:24:bb:cf:3c:17:d1:5b:17:1d:
31:83:b8:75:45:0f:4e:08:53:14:54:36:4a:91:16:4a:f4:a5:
03:45:12:56:e0:bb:4c:5e:19:7d:2e:c0:0b:e0:3e:1e:67:9a:
9a:22:6d:0c:53:49:bd:fe:8f:45:36:a3:a6:1d:4e:a5:67:0c:
10:c8:a4:d9:ec:2d:f9:85:30:db:ea:82:ea:e3:45:9f:85:f1:
12:bd:b8:8e:2f:51:8c:f5:41:24:31:6b:c6:47:c7:e2:4e:7f:
ed:78:9c:95:26:9e:be:97:65:33:c8:4c:1e:21:e5:8a:f9:2a:
85:c3:8e:46:cb:f3:1e:81:8b:a9:82:e6:30:82:bb:2d:6d:d9:
25:b4:14:f3:c1:50:cf:45:3d:81:13:08:68:ff:8d:9b:f0:34:
63:9c:0b:d3:12:5a:a3:f2:29:6d:46:87:8f:8a:26:00:d7:8f:
1f:28:5a:9a:9a:5e:5b:1f:3c:6d:f2:fc:ab:e4:55:d6:08:08:
cc:cf:20:30:f4:87:bf:ac:4f:b2:b8:fb:59:3f:10:ad:a9:a1:
b5:9f:d9:70:1a:a0:f5:8f:3b:69:80:62:50:d4:4f:29:03:43:
51:e2:d2:e1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZUDucw8mCFtlmJW6orO3RXDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMjE0MDkxMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzdhMTEzNzBmNzNkMTM2NGMwZGM2NWRmM2E3ODFmMTY3OTRkZTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGg52bq2N9JNU0ZR68E0zcEjnpTg
Fi/QIuO4PGT7L/bnANdjrZZEG/h6qLUo+h+ywW6AheOOBvIa2AFV8VACo4xBsPtW
+urIh0chUCmSe0pyqSJVHiX647IRK9BLlh7mnfMGFapIWLmGhlMcqEQmRKiloNvu
5Bz4HDVoTnX1LxTx8BAQcSuZ9BCNuhqHEg+nJjZUMsocExjiwsDbX0EH9UrZ13qh
Pf1GQhRYDJbGL2IBQAO2dN9t1/zcNCxslugVfxh8fl44KwqXgdam4q0qolZVmAj7
+buQdLGZtkfMqCcRp712SOFRI6x3cWIxhzWpinG5mH5GylCl28QO3MKUkwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLd6ETcPc9E2TA3GXfOngfFnlN6ZMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvdDNvUk53OXowVFpNRGNaZDg2ZUI4V2VVM3BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9A9AwQA
wXwkAwQC1MAQMA0GCSqGSIb3DQEBCwUAA4IBAQAS5khVihDDvrnxvSAk0KhO3dIg
qBr3lY6w7scku888F9FbFx0xg7h1RQ9OCFMUVDZKkRZK9KUDRRJW4LtMXhl9LsAL
4D4eZ5qaIm0MU0m9/o9FNqOmHU6lZwwQyKTZ7C35hTDb6oLq40WfhfESvbiOL1GM
9UEkMWvGR8fiTn/teJyVJp6+l2UzyEweIeWK+SqFw45Gy/MegYupguYwgrstbdkl
tBTzwVDPRT2BEwho/42b8DRjnAvTElqj8iltRoePiiYA148fKFqaml5bHzxt8vyr
5FXWCAjMzyAw9Ie/rE+yuPtZPxCtqaG1n9lwGqD1jztpgGJQ1E8pA0NR4tLh
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:29:33 2025 by rpki-client