Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/VTX7TdzvCulNmj7-mJ9Vtw2tssc.roa
File: VTX7TdzvCulNmj7-mJ9Vtw2tssc.roa (raw, json)
Hash identifier: Kwqdft0IkvvdZoshS1u09ZTcPKxDXgJwjYzzDDE6O0k=
Subject key identifier: 55:35:FB:4D:DC:EF:0A:E9:4D:9A:3E:FE:98:9F:55:B7:0D:AD:B2:C7
Certificate issuer: /CN=a62f2d3c269d935227690b28b7fbdd953e1e9edc
Certificate serial: 01843EA2889947FC68EAFA155DEE52B4FB3A
Authority key identifier: A6:2F:2D:3C:26:9D:93:52:27:69:0B:28:B7:FB:DD:95:3E:1E:9E:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pi8tPCadk1InaQsot_vdlT4entw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/VTX7TdzvCulNmj7-mJ9Vtw2tssc.roa
Signing time: Thu 03 Nov 2022 17:55:49 +0000
ROA not before: Thu 03 Nov 2022 17:55:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202
IP address blocks: 91.240.72.0/24 maxlen: 24
185.42.232.0/24 maxlen: 24
185.42.233.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3e:a2:88:99:47:fc:68:ea:fa:15:5d:ee:52:b4:fb:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a62f2d3c269d935227690b28b7fbdd953e1e9edc
Validity
Not Before: Nov 3 17:55:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5535fb4ddcef0ae94d9a3efe989f55b70dadb2c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:43:03:de:e3:e7:8f:2f:89:52:ac:1c:b6:ac:
1e:5c:03:12:3c:3b:71:56:fe:f4:8a:6e:67:84:fa:
b8:c0:03:64:d5:10:77:ff:6e:9a:46:b8:bc:4e:53:
c0:25:9a:40:97:7c:a5:91:8f:36:26:30:bd:d7:6b:
20:b0:ad:d7:00:c3:cf:29:c8:c9:82:a8:9b:1f:54:
ad:3e:ae:0a:dd:b9:55:4d:94:b2:9e:1a:ef:43:2e:
cc:35:cc:f8:c3:65:66:73:2b:5b:06:3d:b6:5a:7d:
9a:b2:bd:bf:e0:de:60:01:25:37:0d:37:5d:e5:dd:
f5:72:fa:e1:c1:ab:bf:f1:be:d3:8f:2c:51:c4:4d:
e3:65:09:69:e7:2b:73:5d:55:27:6f:6f:b5:d4:ce:
7e:61:16:2f:9f:5b:4d:e5:0a:85:22:a1:29:4c:82:
53:f9:1f:a6:53:f1:e0:e0:f3:2b:27:6a:30:d9:4e:
d9:fe:8c:94:42:d5:8f:22:b9:02:69:99:9c:71:84:
27:2b:96:89:77:63:4e:39:83:27:a6:c0:2a:c4:00:
12:27:d1:6b:09:a0:af:70:09:41:1c:f0:37:74:0b:
67:4c:46:52:e9:4e:3a:e2:cb:e9:8b:9a:c9:b3:9a:
6d:34:ec:9a:48:4f:cb:8b:24:9d:05:aa:28:92:d0:
25:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:35:FB:4D:DC:EF:0A:E9:4D:9A:3E:FE:98:9F:55:B7:0D:AD:B2:C7
X509v3 Authority Key Identifier:
keyid:A6:2F:2D:3C:26:9D:93:52:27:69:0B:28:B7:FB:DD:95:3E:1E:9E:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pi8tPCadk1InaQsot_vdlT4entw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/VTX7TdzvCulNmj7-mJ9Vtw2tssc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/pi8tPCadk1InaQsot_vdlT4entw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.72.0/24
185.42.232.0/23
Signature Algorithm: sha256WithRSAEncryption
01:70:ea:ba:5f:5b:10:0c:88:83:72:b0:19:de:7d:18:08:27:
ff:ea:69:51:e9:8e:b7:81:09:53:7e:d2:5d:41:8a:c6:9f:92:
52:ed:1f:91:09:24:44:c0:60:89:44:9a:c8:a4:1d:8b:62:2c:
31:d9:93:63:85:e7:d9:5d:e7:ea:5f:f2:38:11:4b:09:84:df:
3e:a2:16:c0:02:74:3f:b2:ed:d1:c3:77:5a:7a:4d:1e:76:96:
26:7e:05:63:dd:22:d2:7d:11:2d:47:f6:6c:66:14:6b:cc:a5:
b2:73:39:f9:b9:76:62:59:84:9c:5d:ab:e7:ac:27:6e:d7:73:
2b:b6:5a:ed:93:52:b7:95:35:17:ef:bb:3f:aa:08:fc:1c:8d:
e8:e3:26:43:11:2e:f8:20:86:5e:9d:5c:23:36:89:b2:ef:64:
70:46:21:4a:a2:11:5a:bd:c1:1e:0c:f7:4b:0a:a6:d1:36:0b:
90:cd:22:11:88:74:b8:64:c4:c1:42:f9:12:9a:61:63:bf:8c:
d7:47:46:56:90:a5:28:e0:bc:65:18:90:06:96:3c:40:fb:a0:
78:34:19:96:a9:f9:a0:27:da:79:f7:a1:21:b4:72:42:85:b5:
13:d4:86:53:12:17:2a:3c:96:40:8b:cf:e7:6f:9c:d2:e6:56:
c6:13:a7:4f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQ+ooiZR/xo6voVXe5StPs6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MmYyZDNjMjY5ZDkzNTIyNzY5MGIyOGI3ZmJkZDk1M2Ux
ZTllZGMwHhcNMjIxMTAzMTc1NTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTM1ZmI0ZGRjZWYwYWU5NGQ5YTNlZmU5ODlmNTViNzBkYWRiMmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukMD3uPnjy+JUqwctqweXAMSPDtx
Vv70im5nhPq4wANk1RB3/26aRri8TlPAJZpAl3ylkY82JjC912sgsK3XAMPPKcjJ
gqibH1StPq4K3blVTZSynhrvQy7MNcz4w2VmcytbBj22Wn2asr2/4N5gASU3DTdd
5d31cvrhwau/8b7TjyxRxE3jZQlp5ytzXVUnb2+11M5+YRYvn1tN5QqFIqEpTIJT
+R+mU/Hg4PMrJ2ow2U7Z/oyUQtWPIrkCaZmccYQnK5aJd2NOOYMnpsAqxAASJ9Fr
CaCvcAlBHPA3dAtnTEZS6U464svpi5rJs5ptNOyaSE/LiySdBaooktAlQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFU1+03c7wrpTZo+/pifVbcNrbLHMB8GA1UdIwQY
MBaAFKYvLTwmnZNSJ2kLKLf73ZU+Hp7cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGk4dFBDYWRrMUluYVFzb3RfdmRsVDRlbnR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zMjViODQtMmVkNC00MDkyLTkwNmMt
MTAwZWVkODEyYzQwLzEvVlRYN1RkenZDdWxObWo3LW1KOVZ0dzJ0c3NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8zMjViODQtMmVkNC00MDkyLTkwNmMtMTAwZWVkODEyYzQw
LzEvcGk4dFBDYWRrMUluYVFzb3RfdmRsVDRlbnR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW/BIAwQB
uSroMA0GCSqGSIb3DQEBCwUAA4IBAQABcOq6X1sQDIiDcrAZ3n0YCCf/6mlR6Y63
gQlTftJdQYrGn5JS7R+RCSREwGCJRJrIpB2LYiwx2ZNjhefZXefqX/I4EUsJhN8+
ohbAAnQ/su3Rw3daek0edpYmfgVj3SLSfREtR/ZsZhRrzKWyczn5uXZiWYScXavn
rCdu13Mrtlrtk1K3lTUX77s/qgj8HI3o4yZDES74IIZenVwjNomy72RwRiFKohFa
vcEeDPdLCqbRNguQzSIRiHS4ZMTBQvkSmmFjv4zXR0ZWkKUo4LxlGJAGljxA+6B4
NBmWqfmgJ9p596EhtHJChbUT1IZTEhcqPJZAi8/nb5zS5lbGE6dP
-----END CERTIFICATE-----
Generated at Thu Apr 10 00:06:19 2025 by rpki-client