Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/dd9ed1-02cd-4b35-a3b4-e9f79dfbd2e6/1/GquCgX6jSJPo3Vqu9Ymk9aNpBeA.roa
File: GquCgX6jSJPo3Vqu9Ymk9aNpBeA.roa (raw, json)
Hash identifier: f2YEE5vWVwjofE0V+bfVEQ6T+JdGgUxwGYwJ6muLPCc=
Subject key identifier: 1A:AB:82:81:7E:A3:48:93:E8:DD:5A:AE:F5:89:A4:F5:A3:69:05:E0
Certificate issuer: /CN=3ebcb79ef58a1c98e151f60c51426f74eb1c3938
Certificate serial: 018543D9706BFF2C5537E6C3B60D0B0923E7
Authority key identifier: 3E:BC:B7:9E:F5:8A:1C:98:E1:51:F6:0C:51:42:6F:74:EB:1C:39:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pry3nvWKHJjhUfYMUUJvdOscOTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/dd9ed1-02cd-4b35-a3b4-e9f79dfbd2e6/1/GquCgX6jSJPo3Vqu9Ymk9aNpBeA.roa
Signing time: Sat 24 Dec 2022 11:16:41 +0000
ROA not before: Sat 24 Dec 2022 11:16:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211703
IP address blocks: 91.217.219.0/24 maxlen: 24
2a12:62c0::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:43:d9:70:6b:ff:2c:55:37:e6:c3:b6:0d:0b:09:23:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ebcb79ef58a1c98e151f60c51426f74eb1c3938
Validity
Not Before: Dec 24 11:16:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1aab82817ea34893e8dd5aaef589a4f5a36905e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:1e:17:eb:0e:10:99:65:b6:1f:ce:9b:2b:99:
80:28:9f:9f:10:16:7d:40:ba:26:a9:8e:24:70:2f:
be:b6:d2:c4:1f:06:ce:b2:af:cf:fe:85:44:2a:fc:
0d:00:aa:06:71:84:86:5f:1e:e9:77:f0:5d:a8:d3:
d5:c5:39:b0:3b:6e:99:28:34:25:b3:d9:37:10:43:
5b:42:55:69:b0:be:16:89:e7:2f:a0:51:bc:d1:67:
ff:50:39:ee:bb:f4:be:f9:4d:7a:9e:21:f2:fe:92:
9f:1b:b2:7e:c5:d3:80:a7:48:f1:e5:63:23:85:72:
a5:0b:8f:54:a3:b6:10:9f:49:07:8d:59:03:9d:d7:
00:64:f0:7d:c0:01:1a:4b:90:13:64:d1:44:90:28:
1b:54:b2:63:c8:95:7b:89:e4:e6:a6:02:18:e2:29:
74:61:8d:5a:7e:d6:36:b7:50:92:e9:e9:d6:5b:60:
81:9d:31:da:90:61:07:e2:fd:e4:b6:94:6f:a1:9e:
0c:ca:d5:91:b7:12:22:73:82:1f:ba:e9:ea:92:ff:
8c:b8:02:1e:84:a1:13:08:db:c6:d0:29:40:d3:60:
c0:69:26:04:36:1e:b1:95:44:7c:fd:82:ab:9f:93:
8d:48:81:0c:ec:71:c4:e9:f1:8e:13:f0:89:3a:68:
fa:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:AB:82:81:7E:A3:48:93:E8:DD:5A:AE:F5:89:A4:F5:A3:69:05:E0
X509v3 Authority Key Identifier:
keyid:3E:BC:B7:9E:F5:8A:1C:98:E1:51:F6:0C:51:42:6F:74:EB:1C:39:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pry3nvWKHJjhUfYMUUJvdOscOTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/dd9ed1-02cd-4b35-a3b4-e9f79dfbd2e6/1/GquCgX6jSJPo3Vqu9Ymk9aNpBeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/dd9ed1-02cd-4b35-a3b4-e9f79dfbd2e6/1/Pry3nvWKHJjhUfYMUUJvdOscOTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.219.0/24
IPv6:
2a12:62c0::/29
Signature Algorithm: sha256WithRSAEncryption
9f:45:80:2d:31:6a:36:d8:20:61:0b:3d:c0:98:59:b0:8a:ae:
2b:3d:73:27:47:2f:41:ce:70:46:23:cc:d0:d7:0d:82:da:65:
37:c0:ea:87:fb:35:c0:04:5b:0c:58:4f:6e:48:97:e5:97:bf:
09:33:cc:d9:1b:78:f5:09:a4:5c:cd:2e:c1:8a:eb:d2:61:ca:
18:1d:89:13:80:9d:69:3d:6a:54:46:c2:55:03:03:fe:f6:77:
48:8e:2c:b3:7b:8c:90:d8:f7:08:c1:6a:cc:85:31:88:10:99:
d0:87:6d:00:92:1a:5a:32:d5:a6:63:a4:7f:58:37:c9:c1:bb:
5c:a2:74:87:5e:fc:0c:6f:36:ef:ff:38:c4:e0:86:46:f9:e7:
64:11:c4:96:06:84:e7:58:d5:53:5d:37:c9:d1:41:36:67:88:
39:59:0e:30:39:21:b2:4d:3b:72:07:2e:4c:13:7c:d6:4f:30:
02:e6:dd:0a:6d:ee:22:83:45:09:65:6a:4f:9b:d4:ad:3a:43:
7b:a7:f8:d5:10:69:e8:cb:93:70:e2:75:7d:95:78:7d:ed:b0:
ec:53:dc:ae:16:ee:a3:29:a8:91:8d:9a:87:02:9b:d5:50:1e:
89:3d:1e:2c:50:f7:6b:4b:d5:84:42:6a:d8:54:fb:8b:93:8b:
56:06:6f:6d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVD2XBr/yxVN+bDtg0LCSPnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYmNiNzllZjU4YTFjOThlMTUxZjYwYzUxNDI2Zjc0ZWIx
YzM5MzgwHhcNMjIxMjI0MTExNjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWFiODI4MTdlYTM0ODkzZThkZDVhYWVmNTg5YTRmNWEzNjkwNWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjh4X6w4QmWW2H86bK5mAKJ+fEBZ9
QLomqY4kcC++ttLEHwbOsq/P/oVEKvwNAKoGcYSGXx7pd/BdqNPVxTmwO26ZKDQl
s9k3EENbQlVpsL4WiecvoFG80Wf/UDnuu/S++U16niHy/pKfG7J+xdOAp0jx5WMj
hXKlC49Uo7YQn0kHjVkDndcAZPB9wAEaS5ATZNFEkCgbVLJjyJV7ieTmpgIY4il0
YY1aftY2t1CS6enWW2CBnTHakGEH4v3ktpRvoZ4MytWRtxIic4Ifuunqkv+MuAIe
hKETCNvG0ClA02DAaSYENh6xlUR8/YKrn5ONSIEM7HHE6fGOE/CJOmj62wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBqrgoF+o0iT6N1arvWJpPWjaQXgMB8GA1UdIwQY
MBaAFD68t571ihyY4VH2DFFCb3TrHDk4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHJ5M252V0tISmpoVWZZTVVVSnZkT3NjT1RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9kZDllZDEtMDJjZC00YjM1LWEzYjQt
ZTlmNzlkZmJkMmU2LzEvR3F1Q2dYNmpTSlBvM1ZxdTlZbWs5YU5wQmVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9kZDllZDEtMDJjZC00YjM1LWEzYjQtZTlmNzlkZmJkMmU2
LzEvUHJ5M252V0tISmpoVWZZTVVVSnZkT3NjT1RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9nbMA0E
AgACMAcDBQMqEmLAMA0GCSqGSIb3DQEBCwUAA4IBAQCfRYAtMWo22CBhCz3AmFmw
iq4rPXMnRy9BznBGI8zQ1w2C2mU3wOqH+zXABFsMWE9uSJfll78JM8zZG3j1CaRc
zS7BiuvSYcoYHYkTgJ1pPWpURsJVAwP+9ndIjiyze4yQ2PcIwWrMhTGIEJnQh20A
khpaMtWmY6R/WDfJwbtconSHXvwMbzbv/zjE4IZG+edkEcSWBoTnWNVTXTfJ0UE2
Z4g5WQ4wOSGyTTtyBy5ME3zWTzAC5t0Kbe4ig0UJZWpPm9StOkN7p/jVEGnoy5Nw
4nV9lXh97bDsU9yuFu6jKaiRjZqHApvVUB6JPR4sUPdrS9WEQmrYVPuLk4tWBm9t
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:28 2025 by rpki-client