Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/iAW71320U_vPk7QkauwKnaTJrZg.roa
File: iAW71320U_vPk7QkauwKnaTJrZg.roa (raw, json)
Hash identifier: PIj0on8PBb3cOwXQFYJbjI5wKesUUOxJj5S/T6LTd78=
Subject key identifier: 88:05:BB:D7:7D:B4:53:FB:CF:93:B4:24:6A:EC:0A:9D:A4:C9:AD:98
Certificate issuer: /CN=3cdcc8bcdb6c744acdf43dd72d68d20451a179f6
Certificate serial: 01828E833D6B0D414D0E3EEFA6FCCE14A0B4
Authority key identifier: 3C:DC:C8:BC:DB:6C:74:4A:CD:F4:3D:D7:2D:68:D2:04:51:A1:79:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PNzIvNtsdErN9D3XLWjSBFGhefY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/iAW71320U_vPk7QkauwKnaTJrZg.roa
Signing time: Thu 11 Aug 2022 20:05:41 +0000
ROA not before: Thu 11 Aug 2022 20:05:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 91.220.249.0/24 maxlen: 24
152.89.194.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8e:83:3d:6b:0d:41:4d:0e:3e:ef:a6:fc:ce:14:a0:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cdcc8bcdb6c744acdf43dd72d68d20451a179f6
Validity
Not Before: Aug 11 20:05:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8805bbd77db453fbcf93b4246aec0a9da4c9ad98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:fa:03:62:98:10:69:1f:64:ff:db:de:d5:9c:
0a:ef:99:bc:39:25:62:74:19:76:73:cf:bc:9a:00:
84:65:05:89:85:56:fb:93:88:7b:32:1a:96:db:b5:
a3:36:ed:66:eb:eb:93:3b:10:ef:39:8e:d3:e2:e9:
95:e2:5c:77:22:83:41:83:42:3a:eb:44:41:d3:e1:
01:51:4b:f7:a2:17:17:19:18:15:e7:e5:3a:d8:25:
d5:66:59:a1:dc:01:4a:0e:f8:81:f8:8c:a9:51:02:
6a:f3:e1:cf:9a:14:79:94:cb:bf:7c:cb:4b:65:0a:
97:37:74:04:c8:2c:11:89:0d:f3:e8:f8:0a:1d:b6:
49:5a:37:ed:33:b5:59:2c:82:49:ad:60:c4:3a:83:
ce:68:b6:4a:e0:1f:53:f7:ef:e9:a3:0f:7b:c9:ad:
4c:73:68:5e:ca:4b:e0:ca:18:96:c6:ed:81:77:99:
38:3f:28:51:ac:20:60:3b:c8:8f:03:00:1c:0a:89:
31:36:b3:cc:14:e1:88:4f:36:84:6c:d8:aa:e1:ae:
3d:71:71:2d:ec:91:84:d0:d1:f0:6c:2a:25:af:27:
3c:1d:8e:ce:74:20:0c:67:15:0f:33:84:37:af:bb:
c4:20:ef:a9:53:91:aa:c0:8f:04:04:aa:e5:7c:3e:
34:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:05:BB:D7:7D:B4:53:FB:CF:93:B4:24:6A:EC:0A:9D:A4:C9:AD:98
X509v3 Authority Key Identifier:
keyid:3C:DC:C8:BC:DB:6C:74:4A:CD:F4:3D:D7:2D:68:D2:04:51:A1:79:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNzIvNtsdErN9D3XLWjSBFGhefY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/iAW71320U_vPk7QkauwKnaTJrZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/PNzIvNtsdErN9D3XLWjSBFGhefY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.249.0/24
152.89.194.0/24
Signature Algorithm: sha256WithRSAEncryption
38:6a:b5:e3:0c:0d:5c:e7:0b:d2:05:f6:5e:ef:4c:7c:a2:65:
e3:6c:33:8b:38:b7:1b:73:c4:e9:d5:ce:eb:4d:d8:a2:8d:3a:
9b:29:29:1a:a2:90:c3:78:ab:9b:2e:52:08:e3:41:1c:04:9e:
79:a2:11:6d:c0:5f:02:a3:fa:c5:84:2c:c9:0e:58:37:21:11:
ae:e5:b1:4c:e8:e9:e9:3b:ed:d1:ad:90:72:ad:9b:a5:5b:40:
74:f0:38:93:e2:6f:ab:e2:fa:7d:7c:f4:5e:09:99:f3:60:7d:
1b:4b:75:4c:ae:18:e9:92:61:d2:e7:ad:45:53:5b:ee:bc:17:
04:8a:ed:82:8e:b6:ca:f0:20:eb:37:f0:c9:68:e0:a7:5f:00:
05:8b:4d:ef:e3:6b:0a:fa:67:4f:fa:98:bb:b9:a9:62:4e:6c:
e5:09:d8:8f:c8:7f:df:32:18:81:33:27:71:ca:aa:dd:b5:1d:
40:5c:8b:33:a3:ab:97:ad:5c:f2:83:6f:02:26:86:1d:25:5a:
8c:85:6e:4c:ed:c6:49:27:32:67:5b:22:cc:87:a0:b3:70:f2:
e1:1b:21:b6:4f:5c:25:c6:0a:3f:97:19:72:2d:ce:1d:08:e1:
02:bd:a6:36:ba:c0:7e:08:d5:c8:b5:ca:22:fe:0c:ae:c3:e2:
5d:ae:26:a4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYKOgz1rDUFNDj7vpvzOFKC0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZGNjOGJjZGI2Yzc0NGFjZGY0M2RkNzJkNjhkMjA0NTFh
MTc5ZjYwHhcNMjIwODExMjAwNTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODA1YmJkNzdkYjQ1M2ZiY2Y5M2I0MjQ2YWVjMGE5ZGE0YzlhZDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPoDYpgQaR9k/9ve1ZwK75m8OSVi
dBl2c8+8mgCEZQWJhVb7k4h7MhqW27WjNu1m6+uTOxDvOY7T4umV4lx3IoNBg0I6
60RB0+EBUUv3ohcXGRgV5+U62CXVZlmh3AFKDviB+IypUQJq8+HPmhR5lMu/fMtL
ZQqXN3QEyCwRiQ3z6PgKHbZJWjftM7VZLIJJrWDEOoPOaLZK4B9T9+/pow97ya1M
c2heykvgyhiWxu2Bd5k4PyhRrCBgO8iPAwAcCokxNrPMFOGITzaEbNiq4a49cXEt
7JGE0NHwbColryc8HY7OdCAMZxUPM4Q3r7vEIO+pU5GqwI8EBKrlfD40/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIgFu9d9tFP7z5O0JGrsCp2kya2YMB8GA1UdIwQY
MBaAFDzcyLzbbHRKzfQ91y1o0gRRoXn2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE56SXZOdHNkRXJOOUQzWExXalNCRkdoZWZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8zNTY4MjYtZmMxMC00YWE5LTk2YTQt
NjM3YjM3MWRhOGU2LzEvaUFXNzEzMjBVX3ZQazdRa2F1d0tuYVRKclpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8zNTY4MjYtZmMxMC00YWE5LTk2YTQtNjM3YjM3MWRhOGU2
LzEvUE56SXZOdHNkRXJOOUQzWExXalNCRkdoZWZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9z5AwQA
mFnCMA0GCSqGSIb3DQEBCwUAA4IBAQA4arXjDA1c5wvSBfZe70x8omXjbDOLOLcb
c8Tp1c7rTdiijTqbKSkaopDDeKubLlII40EcBJ55ohFtwF8Co/rFhCzJDlg3IRGu
5bFM6OnpO+3RrZByrZulW0B08DiT4m+r4vp9fPReCZnzYH0bS3VMrhjpkmHS561F
U1vuvBcEiu2CjrbK8CDrN/DJaOCnXwAFi03v42sK+mdP+pi7ualiTmzlCdiPyH/f
MhiBMydxyqrdtR1AXIszo6uXrVzyg28CJoYdJVqMhW5M7cZJJzJnWyLMh6CzcPLh
GyG2T1wlxgo/lxlyLc4dCOECvaY2usB+CNXItcoi/gyuw+Jdriak
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:24:35 2025 by rpki-client