Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/dd9ed1-02cd-4b35-a3b4-e9f79dfbd2e6/1/4Yr8jz9l8QMcUwEdABmV5T500zg.roa
File: 4Yr8jz9l8QMcUwEdABmV5T500zg.roa (raw, json)
Hash identifier: ewEPneOIa9Bl1bKOPKT8brXHc8+SdGTqfXaxagwPHAM=
Subject key identifier: E1:8A:FC:8F:3F:65:F1:03:1C:53:01:1D:00:19:95:E5:3E:74:D3:38
Certificate issuer: /CN=3ebcb79ef58a1c98e151f60c51426f74eb1c3938
Certificate serial: 0185D827603EE7C4DC022C88C295B4089F75
Authority key identifier: 3E:BC:B7:9E:F5:8A:1C:98:E1:51:F6:0C:51:42:6F:74:EB:1C:39:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pry3nvWKHJjhUfYMUUJvdOscOTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/dd9ed1-02cd-4b35-a3b4-e9f79dfbd2e6/1/4Yr8jz9l8QMcUwEdABmV5T500zg.roa
Signing time: Sun 22 Jan 2023 06:25:37 +0000
ROA not before: Sun 22 Jan 2023 06:25:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51741
IP address blocks: 91.217.219.0/24 maxlen: 24
2a12:62c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:d8:27:60:3e:e7:c4:dc:02:2c:88:c2:95:b4:08:9f:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ebcb79ef58a1c98e151f60c51426f74eb1c3938
Validity
Not Before: Jan 22 06:25:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e18afc8f3f65f1031c53011d001995e53e74d338
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:67:93:0b:f4:f5:35:8a:11:11:13:2f:21:4d:
fc:50:3a:ce:d6:5e:15:ff:a0:48:fa:c4:25:af:4d:
a7:d7:41:e1:39:c4:67:ee:64:6c:2a:7b:e1:81:ca:
ef:79:e4:d1:5e:1a:cb:09:2f:f7:2d:90:14:63:39:
53:08:2a:de:92:ea:b3:d6:1b:d7:e0:89:7a:f7:30:
8e:6e:d0:8f:f6:ca:09:b1:66:c0:1b:a5:3f:f9:05:
6a:0e:b4:f0:49:b6:63:56:7b:22:21:cd:ac:83:13:
6a:6a:b6:10:01:d5:27:cf:29:13:c8:2c:d1:02:c7:
a7:02:b2:cb:62:4e:ef:76:f3:cb:ba:84:f2:7c:26:
f4:18:3d:36:05:97:4a:7f:3e:bc:97:5e:b1:09:66:
9f:17:cc:3b:8d:71:43:1d:d5:ac:7f:0a:69:32:25:
4a:da:a3:cf:00:16:a7:fe:c9:6f:fd:c8:3a:e9:65:
c5:d0:46:c1:2e:1e:61:cd:42:47:47:24:fa:bc:5c:
f8:5f:bd:92:f3:54:16:c8:bf:58:70:7e:dd:23:57:
43:e4:c0:44:82:73:e9:fc:2c:23:d9:72:e7:bc:f7:
be:e6:63:c4:77:a5:b4:5e:22:bb:95:b0:a9:7d:73:
c4:cb:4f:37:24:0c:fd:df:f2:67:91:73:2a:cf:c4:
d7:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:8A:FC:8F:3F:65:F1:03:1C:53:01:1D:00:19:95:E5:3E:74:D3:38
X509v3 Authority Key Identifier:
keyid:3E:BC:B7:9E:F5:8A:1C:98:E1:51:F6:0C:51:42:6F:74:EB:1C:39:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pry3nvWKHJjhUfYMUUJvdOscOTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/dd9ed1-02cd-4b35-a3b4-e9f79dfbd2e6/1/4Yr8jz9l8QMcUwEdABmV5T500zg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/dd9ed1-02cd-4b35-a3b4-e9f79dfbd2e6/1/Pry3nvWKHJjhUfYMUUJvdOscOTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.219.0/24
IPv6:
2a12:62c0::/29
Signature Algorithm: sha256WithRSAEncryption
0a:30:9e:26:79:42:77:f4:de:1a:6a:a8:1a:05:f0:27:fc:30:
b9:7f:b1:e4:7f:c0:34:94:3d:05:ed:22:4b:4f:03:f1:b0:0a:
34:2a:df:07:11:ac:c7:fc:b1:26:89:41:cc:88:4c:45:54:11:
01:25:e8:87:5b:1c:b6:9d:69:a8:d2:da:0c:fd:a2:d8:d2:2a:
f3:f3:f3:4c:92:60:3c:31:5d:89:25:57:93:c1:70:97:c5:01:
fa:09:9e:cd:83:c6:af:81:24:ea:b7:70:a7:31:b7:13:84:5c:
62:80:32:78:0d:5c:4c:f3:09:2a:45:45:fa:a5:9a:fe:3d:48:
34:58:73:64:ad:0b:3e:61:69:ef:cf:21:a1:55:c6:ad:19:38:
54:eb:b9:ae:e0:ab:8a:2d:9b:2d:42:fb:38:7e:db:61:40:39:
fd:9a:d8:d3:73:14:32:e0:27:96:f0:2d:6e:91:b0:56:f7:bb:
44:85:59:7c:7a:1b:f5:b1:c9:c6:42:8e:35:21:06:d6:b5:45:
d0:a5:79:18:e9:d1:bd:78:d8:39:3d:42:4e:22:7e:76:b0:be:
0f:7a:b8:56:b2:0b:1f:68:f6:3b:19:dd:1b:ad:27:73:3a:51:
d4:86:38:60:30:50:2a:a0:7d:5d:05:6b:6f:25:bd:1d:45:a2:
cc:b4:85:65
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYXYJ2A+58TcAiyIwpW0CJ91MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYmNiNzllZjU4YTFjOThlMTUxZjYwYzUxNDI2Zjc0ZWIx
YzM5MzgwHhcNMjMwMTIyMDYyNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMThhZmM4ZjNmNjVmMTAzMWM1MzAxMWQwMDE5OTVlNTNlNzRkMzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmeTC/T1NYoRERMvIU38UDrO1l4V
/6BI+sQlr02n10HhOcRn7mRsKnvhgcrveeTRXhrLCS/3LZAUYzlTCCrekuqz1hvX
4Il69zCObtCP9soJsWbAG6U/+QVqDrTwSbZjVnsiIc2sgxNqarYQAdUnzykTyCzR
AsenArLLYk7vdvPLuoTyfCb0GD02BZdKfz68l16xCWafF8w7jXFDHdWsfwppMiVK
2qPPABan/slv/cg66WXF0EbBLh5hzUJHRyT6vFz4X72S81QWyL9YcH7dI1dD5MBE
gnPp/Cwj2XLnvPe+5mPEd6W0XiK7lbCpfXPEy083JAz93/JnkXMqz8TXVQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOGK/I8/ZfEDHFMBHQAZleU+dNM4MB8GA1UdIwQY
MBaAFD68t571ihyY4VH2DFFCb3TrHDk4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHJ5M252V0tISmpoVWZZTVVVSnZkT3NjT1RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9kZDllZDEtMDJjZC00YjM1LWEzYjQt
ZTlmNzlkZmJkMmU2LzEvNFlyOGp6OWw4UU1jVXdFZEFCbVY1VDUwMHpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9kZDllZDEtMDJjZC00YjM1LWEzYjQtZTlmNzlkZmJkMmU2
LzEvUHJ5M252V0tISmpoVWZZTVVVSnZkT3NjT1RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9nbMA0E
AgACMAcDBQMqEmLAMA0GCSqGSIb3DQEBCwUAA4IBAQAKMJ4meUJ39N4aaqgaBfAn
/DC5f7Hkf8A0lD0F7SJLTwPxsAo0Kt8HEazH/LEmiUHMiExFVBEBJeiHWxy2nWmo
0toM/aLY0irz8/NMkmA8MV2JJVeTwXCXxQH6CZ7Ng8avgSTqt3CnMbcThFxigDJ4
DVxM8wkqRUX6pZr+PUg0WHNkrQs+YWnvzyGhVcatGThU67mu4KuKLZstQvs4ftth
QDn9mtjTcxQy4CeW8C1ukbBW97tEhVl8ehv1scnGQo41IQbWtUXQpXkY6dG9eNg5
PUJOIn52sL4PerhWsgsfaPY7Gd0brSdzOlHUhjhgMFAqoH1dBWtvJb0dRaLMtIVl
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:53 2025 by rpki-client