Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/W7jW7elq9s7zjaK4-5hCDYgKdmU.roa
File: W7jW7elq9s7zjaK4-5hCDYgKdmU.roa (raw, json)
Hash identifier: UW7ec4el5UceSQtRwMeWy6VKhs0qbAN3t6WafoxmZFI=
Subject key identifier: 5B:B8:D6:ED:E9:6A:F6:CE:F3:8D:A2:B8:FB:98:42:0D:88:0A:76:65
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 0194228D94ED3E5BFA5A8584024BABC52F4A
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/W7jW7elq9s7zjaK4-5hCDYgKdmU.roa
Signing time: Wed 01 Jan 2025 15:48:11 +0000
ROA not before: Wed 01 Jan 2025 15:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1885
IP address blocks: 91.93.185.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:94:ed:3e:5b:fa:5a:85:84:02:4b:ab:c5:2f:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 15:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5bb8d6ede96af6cef38da2b8fb98420d880a7665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:21:31:91:b5:b6:bb:1c:07:20:48:4b:71:71:
1d:ef:14:55:38:65:b6:9a:52:de:01:43:3b:ef:ec:
6d:65:cb:ef:92:f1:62:0b:11:1a:22:b9:00:4f:3c:
2b:c6:54:94:e3:2e:c5:60:30:81:f3:00:05:1e:7f:
d0:9f:75:8d:48:fc:cd:ae:d7:41:d4:af:ce:70:96:
cd:d1:47:71:70:8a:d4:dc:30:00:4a:ba:51:83:6c:
2c:c5:b9:08:9e:c3:00:d6:fc:13:2c:9c:92:3d:19:
0e:4c:90:09:57:d0:41:8d:32:e7:fc:eb:18:61:39:
28:42:87:68:01:0d:9f:6a:5e:60:56:31:77:16:f0:
84:3a:c4:a9:fd:88:12:01:2d:c0:3f:ab:23:b1:9c:
a3:bd:27:b9:a9:cc:a2:71:8d:c1:f0:18:a6:2d:a9:
9c:cf:2e:34:ee:0f:1f:8d:33:63:99:ee:6a:bf:ce:
6b:a8:6c:56:2b:63:d0:bf:b8:bc:e2:80:f7:17:4e:
1c:a0:ba:a5:0d:0b:0f:f2:93:24:9d:79:7e:de:f4:
ba:a3:2b:a4:91:11:f8:cd:3e:69:ce:b1:30:c7:00:
d5:16:92:a7:af:5e:f2:bc:aa:63:bc:f9:31:14:e5:
30:a3:22:df:b0:8b:ac:f3:6f:8d:d1:9f:23:bb:f2:
72:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:B8:D6:ED:E9:6A:F6:CE:F3:8D:A2:B8:FB:98:42:0D:88:0A:76:65
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/W7jW7elq9s7zjaK4-5hCDYgKdmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.93.185.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:cd:b7:4a:88:66:a1:cd:b3:09:a7:58:54:74:5f:5c:9c:5f:
7c:3a:c0:b3:16:60:b7:fb:ca:83:21:01:e3:c0:61:1f:7a:5a:
b2:e3:73:1f:df:2e:f3:e6:bf:83:2a:d5:bf:df:a3:01:8c:8e:
63:17:73:b8:9a:38:39:b2:49:b7:d1:72:2c:9d:70:c1:df:00:
5a:9e:5b:1a:33:63:bd:e9:31:6d:2f:12:97:1b:a7:c6:46:89:
c9:47:e4:51:de:cd:b2:6b:38:26:bc:c8:e9:8b:e4:f5:66:b2:
0e:eb:be:79:7e:33:9e:2e:ac:9d:fa:1d:bb:39:e4:de:2e:e0:
e5:f3:f4:10:1f:82:90:58:27:f6:72:d6:71:96:a0:58:1c:b7:
99:63:5d:87:5c:64:26:2a:75:14:03:23:31:93:a8:1f:18:9e:
90:06:36:7a:04:3b:fc:a3:cd:77:0f:d4:d7:fd:0f:fc:1b:f3:
f5:bd:72:a7:36:38:e8:d2:d9:37:3c:ca:90:8a:1d:aa:7e:21:
94:ea:78:3e:42:c8:db:f5:d0:17:7b:3d:dd:f3:41:ee:e0:7c:
0f:3a:39:97:d3:10:16:f4:73:73:52:23:7b:64:bb:33:a2:a7:
e8:42:99:ab:d1:0d:75:0a:8c:d8:97:d2:f6:b7:e5:4c:eb:6b:
c2:84:cd:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijZTtPlv6WoWEAkurxS9KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjUwMTAxMTU0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmI4ZDZlZGU5NmFmNmNlZjM4ZGEyYjhmYjk4NDIwZDg4MGE3NjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryExkbW2uxwHIEhLcXEd7xRVOGW2
mlLeAUM77+xtZcvvkvFiCxEaIrkATzwrxlSU4y7FYDCB8wAFHn/Qn3WNSPzNrtdB
1K/OcJbN0UdxcIrU3DAASrpRg2wsxbkInsMA1vwTLJySPRkOTJAJV9BBjTLn/OsY
YTkoQodoAQ2fal5gVjF3FvCEOsSp/YgSAS3AP6sjsZyjvSe5qcyicY3B8BimLamc
zy407g8fjTNjme5qv85rqGxWK2PQv7i84oD3F04coLqlDQsP8pMknXl+3vS6oyuk
kRH4zT5pzrEwxwDVFpKnr17yvKpjvPkxFOUwoyLfsIus82+N0Z8ju/JyxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFu41u3pavbO842iuPuYQg2ICnZlMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvVzdqVzdlbHE5czd6amFLNC01aENEWWdLZG1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW125MA0G
CSqGSIb3DQEBCwUAA4IBAQAPzbdKiGahzbMJp1hUdF9cnF98OsCzFmC3+8qDIQHj
wGEfelqy43Mf3y7z5r+DKtW/36MBjI5jF3O4mjg5skm30XIsnXDB3wBanlsaM2O9
6TFtLxKXG6fGRonJR+RR3s2yazgmvMjpi+T1ZrIO6755fjOeLqyd+h27OeTeLuDl
8/QQH4KQWCf2ctZxlqBYHLeZY12HXGQmKnUUAyMxk6gfGJ6QBjZ6BDv8o813D9TX
/Q/8G/P1vXKnNjjo0tk3PMqQih2qfiGU6ng+Qsjb9dAXez3d80Hu4HwPOjmX0xAW
9HNzUiN7ZLszoqfoQpmr0Q11CozYl9L2t+VM62vChM3T
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:39:11 2025 by rpki-client