Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/gvJWC2yLpEjXZJye-4N_guKu3Fw.roa
File: gvJWC2yLpEjXZJye-4N_guKu3Fw.roa (raw, json)
Hash identifier: 4vbsiUZEn85H4z62R3QzPtEGSLHU16NGey3ufCdiOsA=
Subject key identifier: 82:F2:56:0B:6C:8B:A4:48:D7:64:9C:9E:FB:83:7F:82:E2:AE:DC:5C
Certificate issuer: /CN=a62f2d3c269d935227690b28b7fbdd953e1e9edc
Certificate serial: 018441F33CACCE3404921CAFD9D4F499413C
Authority key identifier: A6:2F:2D:3C:26:9D:93:52:27:69:0B:28:B7:FB:DD:95:3E:1E:9E:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pi8tPCadk1InaQsot_vdlT4entw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/gvJWC2yLpEjXZJye-4N_guKu3Fw.roa
Signing time: Fri 04 Nov 2022 09:22:50 +0000
ROA not before: Fri 04 Nov 2022 09:22:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212012
IP address blocks: 91.240.72.0/24 maxlen: 24
185.42.232.0/24 maxlen: 24
185.42.233.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:41:f3:3c:ac:ce:34:04:92:1c:af:d9:d4:f4:99:41:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a62f2d3c269d935227690b28b7fbdd953e1e9edc
Validity
Not Before: Nov 4 09:22:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=82f2560b6c8ba448d7649c9efb837f82e2aedc5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:8e:43:46:ab:9f:3c:cb:1c:95:ad:5f:37:31:
57:be:b9:f3:46:36:85:40:ac:cd:a5:e0:8f:57:df:
90:f0:93:b0:15:63:96:46:3c:54:f1:63:8b:d9:bb:
3a:c2:6e:cd:a5:05:dd:50:8f:4b:7e:93:c8:31:d7:
8f:1c:00:19:75:b2:51:97:a9:55:58:b9:f5:e2:6c:
00:88:5d:a4:e1:c7:8e:a3:7a:f6:ce:16:52:3c:a2:
a9:25:d3:0e:16:e2:ca:38:9b:f4:c6:bc:03:46:97:
03:f4:87:35:35:43:6c:93:94:2c:11:f9:f9:57:f8:
cc:a2:dd:d4:39:ba:fe:d8:92:d6:3f:4a:ad:68:6b:
fc:f9:cf:41:ae:45:f0:30:44:8e:39:5c:ef:df:6b:
25:6a:28:bb:bc:c1:50:ef:84:1d:f3:48:53:da:b0:
d4:5f:92:78:be:e7:46:3d:ab:65:a3:a7:60:f4:90:
db:ec:21:98:4a:c2:39:f7:24:df:59:79:b7:8e:5b:
00:4e:f0:5b:9f:05:36:b1:47:8f:d8:f1:f0:70:78:
d6:3a:b8:20:f4:80:8d:8c:45:3b:01:2e:47:29:d0:
69:2a:ea:5a:d5:58:71:39:44:9d:cb:d2:94:3a:94:
17:64:fa:58:31:0b:8b:1b:e5:2e:da:b0:89:2d:da:
a2:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:F2:56:0B:6C:8B:A4:48:D7:64:9C:9E:FB:83:7F:82:E2:AE:DC:5C
X509v3 Authority Key Identifier:
keyid:A6:2F:2D:3C:26:9D:93:52:27:69:0B:28:B7:FB:DD:95:3E:1E:9E:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pi8tPCadk1InaQsot_vdlT4entw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/gvJWC2yLpEjXZJye-4N_guKu3Fw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/pi8tPCadk1InaQsot_vdlT4entw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.72.0/24
185.42.232.0/23
Signature Algorithm: sha256WithRSAEncryption
32:76:6a:b5:2c:2c:71:66:21:2f:a0:ea:1f:4e:3f:51:50:d1:
69:b2:cd:32:b2:29:0f:ad:09:2b:12:9d:3d:e3:bc:10:d7:1b:
47:a4:16:c6:b2:cd:78:05:26:aa:e4:8c:1a:60:38:a1:38:74:
33:ba:c4:2c:63:09:ad:8a:53:33:6d:ba:13:12:04:b7:ea:de:
85:ce:99:fd:46:b9:ad:69:66:84:f5:9d:50:57:b0:bb:20:51:
e0:73:3b:0f:15:f1:67:cc:98:b1:ff:08:f1:07:82:9a:f2:04:
df:cb:6d:e2:1e:65:67:63:11:e4:05:92:cc:b1:74:d6:b9:ca:
52:ff:d7:c3:22:fd:66:37:ca:db:c5:90:b0:b4:a2:71:cb:9f:
69:aa:38:b2:b9:e7:40:3d:a2:ed:bf:4f:8d:b2:da:34:45:e0:
50:63:5e:f5:b7:f4:bb:d4:d4:d9:7b:f6:8a:ba:e8:65:83:88:
3b:4c:a4:f1:51:85:24:70:48:3a:8c:f3:2f:ad:84:56:c2:39:
04:7a:62:2d:73:15:87:d1:49:7a:90:37:e8:e5:5f:4e:c5:cf:
8e:24:ca:23:d8:a9:e5:53:70:84:5f:a7:b6:7f:f5:a5:43:0c:
a1:c3:c3:ad:b3:29:73:d1:aa:32:5e:0a:62:d5:1a:38:8e:b1:
9f:40:5d:41
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRB8zyszjQEkhyv2dT0mUE8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MmYyZDNjMjY5ZDkzNTIyNzY5MGIyOGI3ZmJkZDk1M2Ux
ZTllZGMwHhcNMjIxMTA0MDkyMjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmYyNTYwYjZjOGJhNDQ4ZDc2NDljOWVmYjgzN2Y4MmUyYWVkYzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAho5DRqufPMscla1fNzFXvrnzRjaF
QKzNpeCPV9+Q8JOwFWOWRjxU8WOL2bs6wm7NpQXdUI9LfpPIMdePHAAZdbJRl6lV
WLn14mwAiF2k4ceOo3r2zhZSPKKpJdMOFuLKOJv0xrwDRpcD9Ic1NUNsk5QsEfn5
V/jMot3UObr+2JLWP0qtaGv8+c9BrkXwMESOOVzv32slaii7vMFQ74Qd80hT2rDU
X5J4vudGPatlo6dg9JDb7CGYSsI59yTfWXm3jlsATvBbnwU2sUeP2PHwcHjWOrgg
9ICNjEU7AS5HKdBpKupa1VhxOUSdy9KUOpQXZPpYMQuLG+Uu2rCJLdqi+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFILyVgtsi6RI12ScnvuDf4LirtxcMB8GA1UdIwQY
MBaAFKYvLTwmnZNSJ2kLKLf73ZU+Hp7cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGk4dFBDYWRrMUluYVFzb3RfdmRsVDRlbnR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zMjViODQtMmVkNC00MDkyLTkwNmMt
MTAwZWVkODEyYzQwLzEvZ3ZKV0MyeUxwRWpYWkp5ZS00Tl9ndUt1M0Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8zMjViODQtMmVkNC00MDkyLTkwNmMtMTAwZWVkODEyYzQw
LzEvcGk4dFBDYWRrMUluYVFzb3RfdmRsVDRlbnR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW/BIAwQB
uSroMA0GCSqGSIb3DQEBCwUAA4IBAQAydmq1LCxxZiEvoOofTj9RUNFpss0ysikP
rQkrEp0947wQ1xtHpBbGss14BSaq5IwaYDihOHQzusQsYwmtilMzbboTEgS36t6F
zpn9RrmtaWaE9Z1QV7C7IFHgczsPFfFnzJix/wjxB4Ka8gTfy23iHmVnYxHkBZLM
sXTWucpS/9fDIv1mN8rbxZCwtKJxy59pqjiyuedAPaLtv0+Nsto0ReBQY171t/S7
1NTZe/aKuuhlg4g7TKTxUYUkcEg6jPMvrYRWwjkEemItcxWH0Ul6kDfo5V9Oxc+O
JMoj2KnlU3CEX6e2f/WlQwyhw8Otsylz0aoyXgpi1Ro4jrGfQF1B
-----END CERTIFICATE-----
Generated at Wed Apr 9 23:42:14 2025 by rpki-client