Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/292a74-95a0-4279-a4b1-0ba7de7b945e/1/0hCaJvCnwoeI6Din8XBHL-PxzHo.roa
File: 0hCaJvCnwoeI6Din8XBHL-PxzHo.roa (raw, json)
Hash identifier: jdZ7uHDedqbGCEN3fMsAAzydAhLwp0yVHb28jrwLk2M=
Subject key identifier: D2:10:9A:26:F0:A7:C2:87:88:E8:38:A7:F1:70:47:2F:E3:F1:CC:7A
Certificate issuer: /CN=22fa1c7ae2e69de5769c3969b0b0f8f525b5ab05
Certificate serial: 018964C2567A6F843988F27A31040299B43E
Authority key identifier: 22:FA:1C:7A:E2:E6:9D:E5:76:9C:39:69:B0:B0:F8:F5:25:B5:AB:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvoceuLmneV2nDlpsLD49SW1qwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/292a74-95a0-4279-a4b1-0ba7de7b945e/1/0hCaJvCnwoeI6Din8XBHL-PxzHo.roa
Signing time: Mon 17 Jul 2023 16:50:04 +0000
ROA not before: Mon 17 Jul 2023 16:50:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 91.239.212.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:64:c2:56:7a:6f:84:39:88:f2:7a:31:04:02:99:b4:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22fa1c7ae2e69de5769c3969b0b0f8f525b5ab05
Validity
Not Before: Jul 17 16:50:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2109a26f0a7c28788e838a7f170472fe3f1cc7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:71:53:0a:db:29:0c:ec:96:2e:0c:a3:9f:2a:
a3:ac:c9:c5:66:5a:dc:f1:51:32:8e:2c:9e:f8:8f:
02:3e:77:56:68:74:30:f8:07:b0:89:73:c0:83:b4:
c5:2c:de:f6:79:bf:cd:e8:9d:79:94:05:5b:c0:59:
8b:c4:d3:9a:d5:8a:07:25:7d:a6:9f:96:2e:82:38:
77:fc:ce:56:35:af:ed:c4:c0:56:75:af:db:ed:93:
05:f6:3c:1c:84:e7:ae:ea:db:a2:69:f1:7b:69:b5:
cb:3d:29:3d:06:db:52:3d:c9:62:a9:d7:ca:82:cd:
31:11:98:b9:21:4c:52:d2:30:16:eb:98:b3:21:ff:
fb:9e:2e:78:4b:64:13:51:33:52:cb:e5:e9:1a:5b:
56:2d:65:5e:b4:ee:00:08:cf:69:d1:2f:4c:9c:b6:
16:46:0a:3d:12:39:2a:89:ec:52:dc:77:cf:a0:7e:
ad:9e:0c:d2:e7:e0:f8:ee:3e:2f:c2:9d:55:3d:a6:
63:b8:19:d4:8a:59:5c:09:73:65:f6:e9:1a:c1:47:
76:f5:9c:5a:a0:9e:cc:52:b9:94:c0:49:64:ec:fa:
f6:11:27:32:35:21:5d:13:94:a3:a7:fe:57:b0:18:
9c:74:c9:bc:6d:8f:0b:13:71:17:ea:5a:bb:d1:33:
a3:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:10:9A:26:F0:A7:C2:87:88:E8:38:A7:F1:70:47:2F:E3:F1:CC:7A
X509v3 Authority Key Identifier:
keyid:22:FA:1C:7A:E2:E6:9D:E5:76:9C:39:69:B0:B0:F8:F5:25:B5:AB:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvoceuLmneV2nDlpsLD49SW1qwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/292a74-95a0-4279-a4b1-0ba7de7b945e/1/0hCaJvCnwoeI6Din8XBHL-PxzHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/292a74-95a0-4279-a4b1-0ba7de7b945e/1/IvoceuLmneV2nDlpsLD49SW1qwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.212.0/24
Signature Algorithm: sha256WithRSAEncryption
09:59:ce:c6:54:f9:f2:fd:b4:19:8c:e1:bb:e3:4f:73:da:25:
f0:95:20:22:7b:84:30:51:1d:d3:20:db:16:0f:51:3e:ae:dd:
8d:a5:d7:65:3a:a8:37:fc:fd:62:2b:5a:b5:a0:c6:08:82:0c:
d4:95:49:58:8d:28:dc:0b:f8:79:98:7a:a8:98:b8:57:98:ae:
cd:79:f4:1c:a3:b4:ee:97:6c:3f:20:71:b6:d7:cc:63:cc:7f:
15:62:e0:09:45:a2:0f:67:4d:3d:ff:6f:1c:83:c9:92:40:37:
3b:42:56:9e:8d:f1:9f:5d:64:a0:86:10:6d:4d:c7:dd:3f:10:
89:f3:a6:fa:7e:dd:fe:5f:58:48:fa:7c:24:73:f6:e0:8b:d0:
72:27:20:26:df:de:3f:63:e5:3a:5c:19:ab:3c:86:ec:9d:69:
f6:45:99:7b:d3:49:ba:ff:cb:20:6d:93:9f:5f:c8:7f:67:da:
a1:fa:16:9f:46:3b:6b:eb:33:41:f4:5a:d7:dc:db:33:2d:e6:
0b:bb:2c:e5:6b:c2:a0:74:ff:55:a8:ab:9d:3b:f5:ae:0c:85:
05:4d:25:18:2e:91:3e:47:04:e3:83:01:22:a4:a8:97:bd:58:
a2:b5:2c:21:e4:de:d2:cc:59:1b:8f:e5:dc:77:67:79:b7:62:
5e:e2:14:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlkwlZ6b4Q5iPJ6MQQCmbQ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZmExYzdhZTJlNjlkZTU3NjljMzk2OWIwYjBmOGY1MjVi
NWFiMDUwHhcNMjMwNzE3MTY1MDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjEwOWEyNmYwYTdjMjg3ODhlODM4YTdmMTcwNDcyZmUzZjFjYzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnFTCtspDOyWLgyjnyqjrMnFZlrc
8VEyjiye+I8CPndWaHQw+AewiXPAg7TFLN72eb/N6J15lAVbwFmLxNOa1YoHJX2m
n5Yugjh3/M5WNa/txMBWda/b7ZMF9jwchOeu6tuiafF7abXLPSk9BttSPcliqdfK
gs0xEZi5IUxS0jAW65izIf/7ni54S2QTUTNSy+XpGltWLWVetO4ACM9p0S9MnLYW
Rgo9EjkqiexS3HfPoH6tngzS5+D47j4vwp1VPaZjuBnUillcCXNl9ukawUd29Zxa
oJ7MUrmUwElk7Pr2EScyNSFdE5Sjp/5XsBicdMm8bY8LE3EX6lq70TOjyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNIQmibwp8KHiOg4p/FwRy/j8cx6MB8GA1UdIwQY
MBaAFCL6HHri5p3ldpw5abCw+PUltasFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZvY2V1TG1uZVYybkRscHNMRDQ5U1cxcXdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8yOTJhNzQtOTVhMC00Mjc5LWE0YjEt
MGJhN2RlN2I5NDVlLzEvMGhDYUp2Q253b2VJNkRpbjhYQkhMLVB4ekhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS8yOTJhNzQtOTVhMC00Mjc5LWE0YjEtMGJhN2RlN2I5NDVl
LzEvSXZvY2V1TG1uZVYybkRscHNMRDQ5U1cxcXdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+/UMA0G
CSqGSIb3DQEBCwUAA4IBAQAJWc7GVPny/bQZjOG7409z2iXwlSAie4QwUR3TINsW
D1E+rt2NpddlOqg3/P1iK1q1oMYIggzUlUlYjSjcC/h5mHqomLhXmK7NefQco7Tu
l2w/IHG218xjzH8VYuAJRaIPZ009/28cg8mSQDc7QlaejfGfXWSghhBtTcfdPxCJ
86b6ft3+X1hI+nwkc/bgi9ByJyAm394/Y+U6XBmrPIbsnWn2RZl700m6/8sgbZOf
X8h/Z9qh+hafRjtr6zNB9FrX3NszLeYLuyzla8KgdP9VqKudO/WuDIUFTSUYLpE+
RwTjgwEipKiXvViitSwh5N7SzFkbj+Xcd2d5t2Je4hR3
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:03 2025 by rpki-client