Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/063658-8262-4965-9661-0542427b02b9/1/1-tC0rjZV1jihIqCSqr691PhK46c.roa
File: 1-tC0rjZV1jihIqCSqr691PhK46c.roa (raw, json)
Hash identifier: OZRRaNXEuVkMUwrYkvaXW28rMwl6+wF4euV4WCbSFTw=
Subject key identifier: FA:D0:B4:AE:36:55:D6:38:A1:22:A0:92:AA:BE:BD:D4:F8:4A:E3:A7
Certificate issuer: /CN=94b1cbff4bd970fa27fdefd4bf68b02d68d2b9dd
Certificate serial: 0194266BA488A9971B80B4113ED3834B9115
Authority key identifier: 94:B1:CB:FF:4B:D9:70:FA:27:FD:EF:D4:BF:68:B0:2D:68:D2:B9:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lLHL_0vZcPon_e_Uv2iwLWjSud0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/063658-8262-4965-9661-0542427b02b9/1/1-tC0rjZV1jihIqCSqr691PhK46c.roa
Signing time: Thu 02 Jan 2025 09:49:36 +0000
ROA not before: Thu 02 Jan 2025 09:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43394
IP address blocks: 91.194.242.0/23 maxlen: 23
91.194.242.0/24 maxlen: 24
91.194.243.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:a4:88:a9:97:1b:80:b4:11:3e:d3:83:4b:91:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94b1cbff4bd970fa27fdefd4bf68b02d68d2b9dd
Validity
Not Before: Jan 2 09:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fad0b4ae3655d638a122a092aabebdd4f84ae3a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f4:df:f8:4f:ea:86:85:03:b9:cc:a5:20:7d:
03:b4:c4:a6:8b:71:1e:f5:4a:31:da:ae:11:b5:43:
f2:26:d3:f4:b1:eb:e2:ba:99:6c:81:0a:bf:c3:07:
10:6f:9a:ed:4e:2c:6d:ed:1f:70:ff:36:7b:69:7c:
98:79:11:d5:18:26:f7:09:27:f1:be:67:63:6f:85:
87:8b:29:79:7c:f1:9a:84:ef:2d:b9:4b:7c:52:fa:
15:fa:18:27:ad:64:a2:2a:dd:da:76:d1:42:24:50:
fd:fa:10:df:e0:f7:f4:aa:03:a0:5f:0b:6b:61:12:
70:22:f0:d0:18:aa:de:69:4d:ea:07:23:ca:78:8c:
5c:d7:d8:01:b6:e5:e2:4b:fe:25:b2:ef:02:05:3c:
c0:ad:17:f3:45:d0:01:de:e8:8f:58:f6:49:bb:78:
c0:f3:88:40:86:a4:44:b9:95:42:49:de:88:51:83:
9f:45:12:46:a9:22:67:97:75:33:3e:4e:83:27:81:
10:e3:21:12:f5:df:85:08:e8:b4:05:1c:32:72:85:
e6:e4:d8:4a:e3:95:64:bb:8b:6f:16:32:5c:54:b9:
1a:72:d8:c8:12:9a:18:91:a9:6f:d2:fb:c0:a2:0a:
96:76:b1:e9:12:73:e7:a8:54:d2:52:c2:42:00:e4:
0a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:D0:B4:AE:36:55:D6:38:A1:22:A0:92:AA:BE:BD:D4:F8:4A:E3:A7
X509v3 Authority Key Identifier:
keyid:94:B1:CB:FF:4B:D9:70:FA:27:FD:EF:D4:BF:68:B0:2D:68:D2:B9:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lLHL_0vZcPon_e_Uv2iwLWjSud0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/063658-8262-4965-9661-0542427b02b9/1/1-tC0rjZV1jihIqCSqr691PhK46c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/063658-8262-4965-9661-0542427b02b9/1/lLHL_0vZcPon_e_Uv2iwLWjSud0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.242.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:1e:c3:ec:d5:14:b3:ed:c1:44:4e:ec:fa:5a:23:bf:9b:10:
65:7e:cb:a1:7d:85:93:bd:55:35:bf:39:1e:d4:24:3f:1b:92:
d5:51:2a:4b:c4:55:44:12:6f:a1:5a:b6:a7:74:0f:4f:3c:91:
22:83:26:62:59:d4:80:c6:f3:48:55:62:c1:c9:c6:25:ec:11:
cc:e4:a1:9d:80:64:5e:28:0a:eb:ed:fe:7a:44:06:7e:16:68:
43:46:04:0d:fe:bb:91:0a:d7:b5:b5:16:19:ee:2c:1e:0d:72:
54:8b:a0:2a:76:99:d4:a1:1f:69:40:0e:ea:23:cf:ce:e6:58:
20:88:d6:b0:f8:8d:59:bb:e7:cf:07:6d:97:c4:12:77:87:3f:
05:75:20:66:5f:fa:c4:d3:9e:43:60:60:b9:6a:6c:74:43:d2:
87:46:d9:8f:1f:92:3d:6f:7e:03:f9:67:5b:0a:5e:ef:c3:be:
69:46:40:96:d6:74:20:5c:6a:33:97:a8:a7:61:b1:8b:13:ca:
4e:f5:6a:87:f4:c7:fa:23:2f:e6:23:36:3f:87:46:7a:a7:de:
90:f7:ec:47:78:2f:0b:ab:73:fe:73:8d:ac:97:6f:ce:40:40:
0f:46:f1:e9:26:b0:d4:5f:5f:57:c5:0c:5d:f9:98:41:79:4e:
e9:3a:7b:96
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQma6SIqZcbgLQRPtODS5EVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0YjFjYmZmNGJkOTcwZmEyN2ZkZWZkNGJmNjhiMDJkNjhk
MmI5ZGQwHhcNMjUwMTAyMDk0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWQwYjRhZTM2NTVkNjM4YTEyMmEwOTJhYWJlYmRkNGY4NGFlM2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/Tf+E/qhoUDucylIH0DtMSmi3Ee
9Uox2q4RtUPyJtP0seviuplsgQq/wwcQb5rtTixt7R9w/zZ7aXyYeRHVGCb3CSfx
vmdjb4WHiyl5fPGahO8tuUt8UvoV+hgnrWSiKt3adtFCJFD9+hDf4Pf0qgOgXwtr
YRJwIvDQGKreaU3qByPKeIxc19gBtuXiS/4lsu8CBTzArRfzRdAB3uiPWPZJu3jA
84hAhqREuZVCSd6IUYOfRRJGqSJnl3UzPk6DJ4EQ4yES9d+FCOi0BRwycoXm5NhK
45Vku4tvFjJcVLkactjIEpoYkalv0vvAogqWdrHpEnPnqFTSUsJCAOQKQQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPrQtK42VdY4oSKgkqq+vdT4SuOnMB8GA1UdIwQY
MBaAFJSxy/9L2XD6J/3v1L9osC1o0rndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbExITF8wdlpjUG9uX2VfVXYyaXdMV2pTdWQwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8wNjM2NTgtODI2Mi00OTY1LTk2NjEt
MDU0MjQyN2IwMmI5LzEvMS10QzByalpWMWppaElxQ1NxcjY5MVBoSzQ2Yy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjcvMDYzNjU4LTgyNjItNDk2NS05NjYxLTA1NDI0MjdiMDJi
OS8xL2xMSExfMHZaY1Bvbl9lX1V2Mml3TFdqU3VkMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVvC8jAN
BgkqhkiG9w0BAQsFAAOCAQEAXB7D7NUUs+3BRE7s+lojv5sQZX7LoX2Fk71VNb85
HtQkPxuS1VEqS8RVRBJvoVq2p3QPTzyRIoMmYlnUgMbzSFViwcnGJewRzOShnYBk
XigK6+3+ekQGfhZoQ0YEDf67kQrXtbUWGe4sHg1yVIugKnaZ1KEfaUAO6iPPzuZY
IIjWsPiNWbvnzwdtl8QSd4c/BXUgZl/6xNOeQ2BguWpsdEPSh0bZjx+SPW9+A/ln
Wwpe78O+aUZAltZ0IFxqM5eop2GxixPKTvVqh/TH+iMv5iM2P4dGeqfekPfsR3gv
C6tz/nONrJdvzkBAD0bx6Saw1F9fV8UMXfmYQXlO6Tp7lg==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:31:05 2025 by rpki-client