Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/nyvqaUD_bRXDtH3c7OYTpjxlOys.roa
File: nyvqaUD_bRXDtH3c7OYTpjxlOys.roa (raw, json)
Hash identifier: k9drrNKH0GhQKJ9+kAcGLCk8vj6djrK//GR8rC7ngYk=
Subject key identifier: 9F:2B:EA:69:40:FF:6D:15:C3:B4:7D:DC:EC:E6:13:A6:3C:65:3B:2B
Certificate issuer: /CN=27c8b427c313598a92e8d8ec60e2950da39fc2c9
Certificate serial: 0195AA02DFB9E91F236CE56DDAA875028782
Authority key identifier: 27:C8:B4:27:C3:13:59:8A:92:E8:D8:EC:60:E2:95:0D:A3:9F:C2:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J8i0J8MTWYqS6NjsYOKVDaOfwsk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/nyvqaUD_bRXDtH3c7OYTpjxlOys.roa
Signing time: Tue 18 Mar 2025 16:07:49 +0000
ROA not before: Tue 18 Mar 2025 16:07:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 91.102.164.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:aa:02:df:b9:e9:1f:23:6c:e5:6d:da:a8:75:02:87:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27c8b427c313598a92e8d8ec60e2950da39fc2c9
Validity
Not Before: Mar 18 16:07:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f2bea6940ff6d15c3b47ddcece613a63c653b2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:53:32:91:70:04:31:09:3a:be:63:a3:02:29:
93:1d:93:c7:9d:3e:e3:af:4f:0a:e4:2f:74:fe:c7:
70:b0:5a:3d:b8:a1:72:77:b1:1e:30:6d:76:d7:5a:
3b:51:c6:e7:26:32:cc:67:f6:fa:52:0e:1f:83:54:
25:55:62:d2:8a:15:41:ce:7e:69:fd:f8:2e:38:13:
1b:4b:b7:eb:e3:de:cd:2d:b5:86:24:fe:29:5b:7b:
db:ff:64:0f:ad:65:4a:a8:20:dd:9c:59:d9:44:ff:
0a:88:8c:02:61:4a:e4:04:62:92:8f:3a:45:46:f9:
86:e1:76:50:8e:75:f9:63:f0:4e:f4:a8:4e:32:29:
c4:db:b9:24:51:73:88:0e:56:4f:5c:4a:dc:1c:dc:
ee:30:79:78:3e:38:9f:6b:7a:41:9b:c9:85:70:0e:
09:13:ba:0b:42:2b:fd:81:5d:0c:c4:f6:c4:df:f6:
c3:05:fc:b1:f3:6d:e7:16:7f:db:90:1d:6d:73:d3:
20:38:58:6e:bd:5c:b5:9f:b9:e2:1e:a8:ff:67:6a:
a6:cd:7d:9a:4b:16:ff:7f:5f:50:7e:9c:21:19:99:
56:e3:8b:ce:d9:a2:e7:2f:5e:ed:19:ab:5b:31:16:
2a:ad:ad:39:ee:a4:bb:fa:78:b1:76:09:f9:f7:dd:
d8:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:2B:EA:69:40:FF:6D:15:C3:B4:7D:DC:EC:E6:13:A6:3C:65:3B:2B
X509v3 Authority Key Identifier:
keyid:27:C8:B4:27:C3:13:59:8A:92:E8:D8:EC:60:E2:95:0D:A3:9F:C2:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J8i0J8MTWYqS6NjsYOKVDaOfwsk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/nyvqaUD_bRXDtH3c7OYTpjxlOys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/J8i0J8MTWYqS6NjsYOKVDaOfwsk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.164.0/24
Signature Algorithm: sha256WithRSAEncryption
73:09:ce:95:cb:d4:b7:d1:93:c3:7d:8b:1a:77:79:0e:ea:f6:
61:ce:c7:da:ce:e5:8b:37:1a:eb:77:07:f9:e9:7b:7a:dc:5a:
99:0b:ce:e5:fd:a5:f1:dd:4a:22:4a:ae:57:f0:db:43:a4:7f:
b1:bf:b0:61:c2:75:f6:92:91:57:08:45:8f:57:27:c4:20:99:
9c:38:9d:68:c1:e9:d4:3b:5b:10:06:99:82:63:1a:30:30:92:
80:30:3e:01:e3:28:53:92:10:54:ba:bf:0f:58:ad:2d:ac:33:
d2:af:ae:ae:3d:67:de:0f:f5:7e:54:30:c0:00:72:3c:e7:ed:
81:4a:e5:b1:eb:dd:ef:98:e0:44:bf:3b:93:26:36:bb:ed:19:
c8:c9:d1:75:e6:45:6a:88:d6:0f:3e:c8:61:30:29:17:c9:21:
17:ac:00:e7:8d:b9:27:e8:d6:2c:81:3e:31:fc:f0:a1:98:b1:
3a:a9:04:3b:cb:a8:bc:67:f3:15:6a:24:f7:c5:52:80:bd:ba:
b2:cf:ac:b1:f4:0c:9e:77:3e:5e:57:09:bd:e4:f5:20:6d:60:
e5:8d:ad:12:13:b4:59:43:99:bc:56:e2:dc:43:df:17:a8:83:
71:86:3c:d8:e9:98:82:0b:9e:1f:1e:b1:c6:91:21:e0:ff:12:
9a:93:c1:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWqAt+56R8jbOVt2qh1AoeCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YzhiNDI3YzMxMzU5OGE5MmU4ZDhlYzYwZTI5NTBkYTM5
ZmMyYzkwHhcNMjUwMzE4MTYwNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjJiZWE2OTQwZmY2ZDE1YzNiNDdkZGNlY2U2MTNhNjNjNjUzYjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVMykXAEMQk6vmOjAimTHZPHnT7j
r08K5C90/sdwsFo9uKFyd7EeMG1211o7UcbnJjLMZ/b6Ug4fg1QlVWLSihVBzn5p
/fguOBMbS7fr497NLbWGJP4pW3vb/2QPrWVKqCDdnFnZRP8KiIwCYUrkBGKSjzpF
RvmG4XZQjnX5Y/BO9KhOMinE27kkUXOIDlZPXErcHNzuMHl4Pjifa3pBm8mFcA4J
E7oLQiv9gV0MxPbE3/bDBfyx823nFn/bkB1tc9MgOFhuvVy1n7niHqj/Z2qmzX2a
Sxb/f19QfpwhGZlW44vO2aLnL17tGatbMRYqra057qS7+nixdgn5993Y8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ8r6mlA/20Vw7R93OzmE6Y8ZTsrMB8GA1UdIwQY
MBaAFCfItCfDE1mKkujY7GDilQ2jn8LJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjhpMEo4TVRXWXFTNk5qc1lPS1ZEYU9md3NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9hN2NkYmYtZGE4ZS00ZDQzLWJkYzct
MWM2ZWU0NGUxMWFkLzEvbnl2cWFVRF9iUlhEdEgzYzdPWVRwanhsT3lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9hN2NkYmYtZGE4ZS00ZDQzLWJkYzctMWM2ZWU0NGUxMWFk
LzEvSjhpMEo4TVRXWXFTNk5qc1lPS1ZEYU9md3NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW2akMA0G
CSqGSIb3DQEBCwUAA4IBAQBzCc6Vy9S30ZPDfYsad3kO6vZhzsfazuWLNxrrdwf5
6Xt63FqZC87l/aXx3UoiSq5X8NtDpH+xv7BhwnX2kpFXCEWPVyfEIJmcOJ1owenU
O1sQBpmCYxowMJKAMD4B4yhTkhBUur8PWK0trDPSr66uPWfeD/V+VDDAAHI85+2B
SuWx693vmOBEvzuTJja77RnIydF15kVqiNYPPshhMCkXySEXrADnjbkn6NYsgT4x
/PChmLE6qQQ7y6i8Z/MVaiT3xVKAvbqyz6yx9Ayedz5eVwm95PUgbWDlja0SE7RZ
Q5m8VuLcQ98XqINxhjzY6ZiCC54fHrHGkSHg/xKak8Hd
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:45:39 2025 by rpki-client