Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/kFUUDWHjgf6fzAp9W7A45RioR2c.roa
File: kFUUDWHjgf6fzAp9W7A45RioR2c.roa (raw, json)
Hash identifier: TvXDU89A3V0NhYk1kH4P0YNdt/AqoJlyFCtcuS7Cd4A=
Subject key identifier: 90:55:14:0D:61:E3:81:FE:9F:CC:0A:7D:5B:B0:38:E5:18:A8:47:67
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 019420D59837F2EAA7F562FD4DB2B7D10F11
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/kFUUDWHjgf6fzAp9W7A45RioR2c.roa
Signing time: Wed 01 Jan 2025 07:47:36 +0000
ROA not before: Wed 01 Jan 2025 07:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215
IP address blocks: 90.83.218.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:98:37:f2:ea:a7:f5:62:fd:4d:b2:b7:d1:0f:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 07:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9055140d61e381fe9fcc0a7d5bb038e518a84767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ae:36:1c:1c:97:b3:1b:f5:6a:c8:34:c1:a6:
4a:63:e7:01:cb:9a:5c:32:b3:36:0c:07:6c:5c:d8:
64:db:56:5c:00:35:b7:89:3a:39:0a:fd:12:2d:a0:
7c:f2:48:67:0f:6f:44:9a:f1:33:c9:68:7a:48:be:
14:40:1b:6c:77:4b:91:ed:d9:dd:fa:7c:36:a9:b4:
b0:78:a9:55:c4:92:09:9f:a9:f9:c0:1d:f7:70:a0:
cf:f5:16:80:1a:de:71:b9:95:92:76:42:9c:d5:71:
52:a7:6e:90:85:4f:26:b8:de:42:98:fa:a6:14:68:
84:fa:1b:8c:1f:89:91:04:62:ff:79:16:8d:19:ee:
c9:e5:8c:00:f0:66:f8:62:ae:88:fc:c9:84:d3:de:
68:d2:f7:85:61:b2:de:93:b4:37:45:2b:56:88:6e:
f9:3b:05:ba:36:df:d9:ee:69:c5:19:5e:d8:1e:75:
70:6a:eb:5d:bd:04:32:a8:d6:49:e4:9f:71:fc:41:
80:2a:69:68:22:63:31:86:b2:42:17:12:d6:af:8a:
51:70:4f:6d:62:51:3a:88:a7:5e:6d:fd:50:40:ae:
cb:4c:a7:f7:15:5c:00:c9:36:fb:c0:13:17:75:17:
15:1c:45:e7:74:42:62:4b:08:7c:0e:1f:19:82:ac:
47:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:55:14:0D:61:E3:81:FE:9F:CC:0A:7D:5B:B0:38:E5:18:A8:47:67
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/kFUUDWHjgf6fzAp9W7A45RioR2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.83.218.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:6e:aa:2b:a8:22:2d:2a:64:c9:a3:27:5e:2f:02:16:56:66:
28:c5:91:96:cf:1d:3c:86:0e:8c:c8:93:49:70:12:60:50:f9:
d1:01:ec:97:bd:ec:8f:bf:96:08:e0:1c:92:74:6b:da:a1:b2:
15:e6:37:1e:67:a4:2c:9b:96:6d:24:ff:71:44:1e:34:c1:27:
0b:7a:20:18:8d:e0:e7:e4:d7:4a:3c:50:95:41:21:49:6a:09:
31:19:bc:08:8d:f3:d5:ca:1d:8e:97:a8:b5:26:40:1a:68:07:
06:ce:45:e9:4d:fe:2c:32:8d:62:1e:23:19:18:8f:e6:78:af:
aa:e5:de:6b:97:97:1e:9a:5c:c5:c1:3a:91:3e:df:88:2d:b9:
57:c7:32:cb:7a:1b:fc:2a:06:b3:1b:90:2d:47:cf:c3:0c:bd:
bf:66:0b:0f:bd:f3:80:2f:ca:10:49:d4:04:ca:6c:02:4c:ad:
ee:e5:94:f5:96:8c:a9:91:94:d6:20:66:4b:a2:3a:b0:27:0c:
d8:73:dd:8f:3d:70:b1:32:c8:40:45:78:bc:08:05:27:7e:70:
1e:7f:12:55:98:86:6e:a0:da:01:39:80:37:e1:d3:a1:55:57:
64:48:11:d4:1c:9e:71:77:f6:59:aa:cd:ed:f3:60:38:34:8d:
38:a8:2f:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1Zg38uqn9WL9TbK30Q8RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjUwMTAxMDc0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDU1MTQwZDYxZTM4MWZlOWZjYzBhN2Q1YmIwMzhlNTE4YTg0NzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtq42HByXsxv1asg0waZKY+cBy5pc
MrM2DAdsXNhk21ZcADW3iTo5Cv0SLaB88khnD29EmvEzyWh6SL4UQBtsd0uR7dnd
+nw2qbSweKlVxJIJn6n5wB33cKDP9RaAGt5xuZWSdkKc1XFSp26QhU8muN5CmPqm
FGiE+huMH4mRBGL/eRaNGe7J5YwA8Gb4Yq6I/MmE095o0veFYbLek7Q3RStWiG75
OwW6Nt/Z7mnFGV7YHnVwautdvQQyqNZJ5J9x/EGAKmloImMxhrJCFxLWr4pRcE9t
YlE6iKdebf1QQK7LTKf3FVwAyTb7wBMXdRcVHEXndEJiSwh8Dh8ZgqxHCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJBVFA1h44H+n8wKfVuwOOUYqEdnMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEva0ZVVURXSGpnZjZmekFwOVc3QTQ1UmlvUjJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWlPaMA0G
CSqGSIb3DQEBCwUAA4IBAQCobqorqCItKmTJoydeLwIWVmYoxZGWzx08hg6MyJNJ
cBJgUPnRAeyXveyPv5YI4BySdGvaobIV5jceZ6Qsm5ZtJP9xRB40wScLeiAYjeDn
5NdKPFCVQSFJagkxGbwIjfPVyh2Ol6i1JkAaaAcGzkXpTf4sMo1iHiMZGI/meK+q
5d5rl5cemlzFwTqRPt+ILblXxzLLehv8KgazG5AtR8/DDL2/ZgsPvfOAL8oQSdQE
ymwCTK3u5ZT1loypkZTWIGZLojqwJwzYc92PPXCxMshARXi8CAUnfnAefxJVmIZu
oNoBOYA34dOhVVdkSBHUHJ5xd/ZZqs3t82A4NI04qC+O
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:12:49 2025 by rpki-client