Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/772440-876c-42d0-80f5-b4aee8c5d48e/1/sGUfZNonYxZsb_xTxnb3H4Yu91o.roa
File: sGUfZNonYxZsb_xTxnb3H4Yu91o.roa (raw, json)
Hash identifier: s4fR6r2ByqMIr6sZhA9/b2xFuO1KrvktMupAhaQVN8w=
Subject key identifier: B0:65:1F:64:DA:27:63:16:6C:6F:FC:53:C6:76:F7:1F:86:2E:F7:5A
Certificate issuer: /CN=b3b77e52cc777a1eafe69a517f95d2c219c19080
Certificate serial: 01942067D6C0AE212ACDF5819192CAD3A47D
Authority key identifier: B3:B7:7E:52:CC:77:7A:1E:AF:E6:9A:51:7F:95:D2:C2:19:C1:90:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s7d-Usx3eh6v5ppRf5XSwhnBkIA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/772440-876c-42d0-80f5-b4aee8c5d48e/1/sGUfZNonYxZsb_xTxnb3H4Yu91o.roa
Signing time: Wed 01 Jan 2025 05:47:43 +0000
ROA not before: Wed 01 Jan 2025 05:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3303
IP address blocks: 91.220.40.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:d6:c0:ae:21:2a:cd:f5:81:91:92:ca:d3:a4:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3b77e52cc777a1eafe69a517f95d2c219c19080
Validity
Not Before: Jan 1 05:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b0651f64da2763166c6ffc53c676f71f862ef75a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c4:a2:5e:57:c8:b8:91:52:c3:74:69:ce:87:
9a:58:49:5e:4d:30:78:cb:83:d9:52:db:e2:0e:35:
d2:a5:c0:f1:1b:d7:83:f2:9f:8e:81:ca:d0:6a:33:
b1:92:8a:d5:41:e4:e5:2b:ae:65:ba:dd:1c:cb:78:
a3:66:56:b0:8c:28:8d:2e:72:a5:fa:81:0e:60:47:
95:b8:da:2f:a8:67:0a:58:d5:00:75:4d:34:4f:c1:
9b:2c:90:20:cf:37:ce:cb:01:13:0d:e2:27:72:51:
27:16:5e:40:6a:fd:71:ce:d1:47:07:95:a8:98:c6:
21:27:43:f8:9e:d2:82:94:68:57:c2:4a:78:d0:eb:
77:56:d5:fd:ae:4f:69:bc:0f:34:92:ff:25:b1:17:
9b:35:ce:a3:39:92:57:0a:43:99:00:3a:3f:56:04:
ab:4e:12:2b:a4:60:be:bf:f9:25:d6:53:e4:9d:ec:
29:f8:45:15:6b:90:1f:38:bf:ae:2c:5a:3f:62:f9:
c7:60:64:0f:e0:1c:97:60:29:ff:87:c8:67:df:ac:
78:43:fb:1b:77:80:65:40:89:8b:d3:43:95:fb:c7:
3a:99:17:37:1a:66:19:a7:fe:34:db:35:ce:31:a4:
37:b4:dc:a6:d5:0a:68:d5:57:6c:38:63:94:95:d9:
b9:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:65:1F:64:DA:27:63:16:6C:6F:FC:53:C6:76:F7:1F:86:2E:F7:5A
X509v3 Authority Key Identifier:
keyid:B3:B7:7E:52:CC:77:7A:1E:AF:E6:9A:51:7F:95:D2:C2:19:C1:90:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s7d-Usx3eh6v5ppRf5XSwhnBkIA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/772440-876c-42d0-80f5-b4aee8c5d48e/1/sGUfZNonYxZsb_xTxnb3H4Yu91o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/772440-876c-42d0-80f5-b4aee8c5d48e/1/s7d-Usx3eh6v5ppRf5XSwhnBkIA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.40.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:bf:5f:dc:f6:aa:53:b9:9f:7e:7e:3e:98:ba:be:e7:0c:2c:
27:82:40:be:7c:a2:44:c2:a8:86:6d:40:d2:70:5e:17:da:cd:
79:8f:8e:57:19:a7:23:6e:aa:04:6c:9a:0b:c3:f3:14:43:82:
17:8c:c8:91:99:34:84:d4:8f:bb:5b:67:a6:49:24:5c:55:32:
4a:4a:c5:de:06:2a:c3:82:7b:bf:ac:1e:2f:b3:ec:5c:ea:f8:
29:fc:ab:bf:af:56:4f:2e:a4:7b:63:57:ce:70:a6:93:d6:bb:
df:2a:94:a0:80:d7:a9:d3:c4:05:45:78:41:e2:5c:72:3a:c5:
6b:35:f9:4c:ba:2e:2a:1d:77:7f:cf:c5:67:e9:38:53:ba:17:
c1:53:14:16:dd:1e:ba:b0:44:09:6e:76:39:38:87:1c:24:6a:
45:2d:0b:14:9c:69:e7:83:5b:04:4f:ce:c6:e5:32:78:4e:ea:
55:8b:71:41:92:51:4b:e2:b1:f0:70:6a:f8:86:98:e5:df:1f:
a6:82:ce:2e:44:ec:51:96:8f:2a:4f:7d:28:7d:e4:ef:96:7f:
4b:0d:c1:51:77:34:47:85:3b:df:bb:32:84:e6:c4:ea:02:d1:
00:21:23:8c:df:12:7e:c7:9f:8a:16:30:b8:c6:0d:83:de:1f:
51:c4:a1:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ9bAriEqzfWBkZLK06R9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYjc3ZTUyY2M3NzdhMWVhZmU2OWE1MTdmOTVkMmMyMTlj
MTkwODAwHhcNMjUwMTAxMDU0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDY1MWY2NGRhMjc2MzE2NmM2ZmZjNTNjNjc2ZjcxZjg2MmVmNzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssSiXlfIuJFSw3RpzoeaWEleTTB4
y4PZUtviDjXSpcDxG9eD8p+OgcrQajOxkorVQeTlK65lut0cy3ijZlawjCiNLnKl
+oEOYEeVuNovqGcKWNUAdU00T8GbLJAgzzfOywETDeInclEnFl5Aav1xztFHB5Wo
mMYhJ0P4ntKClGhXwkp40Ot3VtX9rk9pvA80kv8lsRebNc6jOZJXCkOZADo/VgSr
ThIrpGC+v/kl1lPknewp+EUVa5AfOL+uLFo/YvnHYGQP4ByXYCn/h8hn36x4Q/sb
d4BlQImL00OV+8c6mRc3GmYZp/402zXOMaQ3tNym1Qpo1VdsOGOUldm5bQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLBlH2TaJ2MWbG/8U8Z29x+GLvdaMB8GA1UdIwQY
MBaAFLO3flLMd3oer+aaUX+V0sIZwZCAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczdkLVVzeDNlaDZ2NXBwUmY1WFN3aG5Ca0lBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My83NzI0NDAtODc2Yy00MmQwLTgwZjUt
YjRhZWU4YzVkNDhlLzEvc0dVZlpOb25ZeFpzYl94VHhuYjNINFl1OTFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My83NzI0NDAtODc2Yy00MmQwLTgwZjUtYjRhZWU4YzVkNDhl
LzEvczdkLVVzeDNlaDZ2NXBwUmY1WFN3aG5Ca0lBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9woMA0G
CSqGSIb3DQEBCwUAA4IBAQAOv1/c9qpTuZ9+fj6Yur7nDCwngkC+fKJEwqiGbUDS
cF4X2s15j45XGacjbqoEbJoLw/MUQ4IXjMiRmTSE1I+7W2emSSRcVTJKSsXeBirD
gnu/rB4vs+xc6vgp/Ku/r1ZPLqR7Y1fOcKaT1rvfKpSggNep08QFRXhB4lxyOsVr
NflMui4qHXd/z8Vn6ThTuhfBUxQW3R66sEQJbnY5OIccJGpFLQsUnGnng1sET87G
5TJ4TupVi3FBklFL4rHwcGr4hpjl3x+mgs4uROxRlo8qT30ofeTvln9LDcFRdzRH
hTvfuzKE5sTqAtEAISOM3xJ+x5+KFjC4xg2D3h9RxKHO
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:15:18 2025 by rpki-client