Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/fb212a-7a76-42e2-8989-965529f20d11/1/hR4z317obLmCr-z-mO0WTKxnwB4.roa
File: hR4z317obLmCr-z-mO0WTKxnwB4.roa (raw, json)
Hash identifier: qSSK2kXgDCAMSNboIXAdU2bsXG9y+njLggJrJBbo6ys=
Subject key identifier: 85:1E:33:DF:5E:E8:6C:B9:82:AF:EC:FE:98:ED:16:4C:AC:67:C0:1E
Certificate issuer: /CN=80f9a24bd26cc8217518a11f598e6372025e8ae9
Certificate serial: 01896833CF443AF07B906428E3B83041B114
Authority key identifier: 80:F9:A2:4B:D2:6C:C8:21:75:18:A1:1F:59:8E:63:72:02:5E:8A:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gPmiS9JsyCF1GKEfWY5jcgJeiuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/fb212a-7a76-42e2-8989-965529f20d11/1/hR4z317obLmCr-z-mO0WTKxnwB4.roa
Signing time: Tue 18 Jul 2023 08:52:53 +0000
ROA not before: Tue 18 Jul 2023 08:52:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51859
IP address blocks: 91.185.199.0/24 maxlen: 24
91.185.218.0/23 maxlen: 24
91.185.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:68:33:cf:44:3a:f0:7b:90:64:28:e3:b8:30:41:b1:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80f9a24bd26cc8217518a11f598e6372025e8ae9
Validity
Not Before: Jul 18 08:52:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=851e33df5ee86cb982afecfe98ed164cac67c01e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:26:1f:25:73:78:e6:3f:34:08:4f:2a:18:fb:
00:1d:8b:43:0a:5f:d2:a2:8e:e1:fb:1a:8a:b0:f8:
33:b0:fa:fc:2b:73:ef:18:bf:f2:27:c3:27:4b:16:
67:97:af:cd:5f:cf:30:40:35:c9:27:f0:13:56:bc:
71:60:75:36:e8:99:14:56:3d:8d:55:8c:af:da:60:
1b:b3:3a:2a:e4:7a:11:fe:9e:c7:4b:d9:bc:92:38:
e3:42:f3:12:b1:e1:b7:df:13:1f:fa:d2:7c:8f:8b:
e5:25:5f:ec:79:6d:84:bc:12:f5:6a:b9:14:f3:75:
d4:1f:82:01:f2:36:17:7a:13:ac:bf:db:1d:a5:b1:
4e:ed:33:20:5f:60:3e:ca:7e:f1:55:a2:f2:a9:a4:
0b:99:f6:7d:87:d2:69:e3:2d:fb:b2:f7:48:6d:2d:
81:56:2e:8d:d2:7b:e9:0c:7e:76:12:51:24:da:86:
01:96:80:2d:36:2f:41:27:61:0f:c1:b3:61:1e:be:
fe:c5:ac:07:52:b7:4a:02:ce:f6:ce:8d:23:03:5f:
87:01:2c:fc:c1:01:56:1a:71:e2:da:8b:90:ef:73:
fc:e3:60:f7:25:ae:c0:91:0f:67:a3:c4:d5:08:ac:
da:b7:25:d7:b1:cf:b0:5f:11:b2:92:80:7b:32:53:
e3:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:1E:33:DF:5E:E8:6C:B9:82:AF:EC:FE:98:ED:16:4C:AC:67:C0:1E
X509v3 Authority Key Identifier:
keyid:80:F9:A2:4B:D2:6C:C8:21:75:18:A1:1F:59:8E:63:72:02:5E:8A:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gPmiS9JsyCF1GKEfWY5jcgJeiuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/fb212a-7a76-42e2-8989-965529f20d11/1/hR4z317obLmCr-z-mO0WTKxnwB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/fb212a-7a76-42e2-8989-965529f20d11/1/gPmiS9JsyCF1GKEfWY5jcgJeiuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.185.199.0/24
91.185.218.0/23
91.185.223.0/24
Signature Algorithm: sha256WithRSAEncryption
51:64:83:f4:7e:bf:5b:67:69:63:65:af:f5:ab:74:eb:52:e6:
72:86:54:57:b3:c7:1b:50:6c:64:38:0c:96:a2:09:5d:dc:36:
28:a4:57:9c:a0:a5:4f:61:9a:39:6c:73:23:9b:2c:9e:e1:08:
ec:76:f1:b8:da:43:d4:eb:b1:6e:f1:e8:80:da:be:93:1d:5b:
e0:31:a0:c8:f7:9d:c4:09:10:9e:32:07:21:fe:73:2a:84:17:
ae:e0:25:b6:6d:83:37:bb:79:ef:ad:b9:ea:76:09:79:78:a8:
92:8a:e4:59:04:91:31:f3:1a:27:e8:16:91:66:46:10:0e:de:
cf:c4:57:64:86:0a:6e:06:c0:ba:71:81:e0:28:3b:66:45:26:
3f:8c:a7:c6:12:40:a6:e3:81:b6:5e:d6:f3:f3:b5:8c:18:8b:
cb:ff:f8:f3:27:cb:2b:da:5f:53:5c:a7:51:35:3a:a8:18:32:
27:ba:e9:35:0c:28:d7:e0:e7:0f:61:18:aa:74:88:57:56:fc:
d0:32:8e:ec:97:a7:8c:f1:0c:5e:d8:42:81:09:fc:37:68:89:
4b:bb:81:54:29:57:04:52:ea:69:cd:fd:ac:1e:c4:cb:5f:75:
79:8f:bd:94:ca:d6:59:23:03:f0:09:6f:75:19:07:d7:1d:11:
bb:f2:fb:93
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYloM89EOvB7kGQo47gwQbEUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZjlhMjRiZDI2Y2M4MjE3NTE4YTExZjU5OGU2MzcyMDI1
ZThhZTkwHhcNMjMwNzE4MDg1MjUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTFlMzNkZjVlZTg2Y2I5ODJhZmVjZmU5OGVkMTY0Y2FjNjdjMDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyYfJXN45j80CE8qGPsAHYtDCl/S
oo7h+xqKsPgzsPr8K3PvGL/yJ8MnSxZnl6/NX88wQDXJJ/ATVrxxYHU26JkUVj2N
VYyv2mAbszoq5HoR/p7HS9m8kjjjQvMSseG33xMf+tJ8j4vlJV/seW2EvBL1arkU
83XUH4IB8jYXehOsv9sdpbFO7TMgX2A+yn7xVaLyqaQLmfZ9h9Jp4y37svdIbS2B
Vi6N0nvpDH52ElEk2oYBloAtNi9BJ2EPwbNhHr7+xawHUrdKAs72zo0jA1+HASz8
wQFWGnHi2ouQ73P842D3Ja7AkQ9no8TVCKzatyXXsc+wXxGykoB7MlPjRQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIUeM99e6Gy5gq/s/pjtFkysZ8AeMB8GA1UdIwQY
MBaAFID5okvSbMghdRihH1mOY3ICXorpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1BtaVM5SnN5Q0YxR0tFZldZNWpjZ0plaXVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9mYjIxMmEtN2E3Ni00MmUyLTg5ODkt
OTY1NTI5ZjIwZDExLzEvaFI0ejMxN29iTG1Dci16LW1PMFdUS3hud0I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9mYjIxMmEtN2E3Ni00MmUyLTg5ODktOTY1NTI5ZjIwZDEx
LzEvZ1BtaVM5SnN5Q0YxR0tFZldZNWpjZ0plaXVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW7nHAwQB
W7naAwQAW7nfMA0GCSqGSIb3DQEBCwUAA4IBAQBRZIP0fr9bZ2ljZa/1q3TrUuZy
hlRXs8cbUGxkOAyWogld3DYopFecoKVPYZo5bHMjmyye4QjsdvG42kPU67Fu8eiA
2r6THVvgMaDI953ECRCeMgch/nMqhBeu4CW2bYM3u3nvrbnqdgl5eKiSiuRZBJEx
8xon6BaRZkYQDt7PxFdkhgpuBsC6cYHgKDtmRSY/jKfGEkCm44G2Xtbz87WMGIvL
//jzJ8sr2l9TXKdRNTqoGDInuuk1DCjX4OcPYRiqdIhXVvzQMo7sl6eM8Qxe2EKB
Cfw3aIlLu4FUKVcEUuppzf2sHsTLX3V5j72UytZZIwPwCW91GQfXHRG78vuT
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:36:39 2025 by rpki-client