Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/0KbtCJykTY4f7nA0QJzqQGWoqYA.roa
File: 0KbtCJykTY4f7nA0QJzqQGWoqYA.roa (raw, json)
Hash identifier: T5Ow7OsLV+eTW1oVpch0eqCQrMYUfj4kySVUiBzlsHs=
Subject key identifier: D0:A6:ED:08:9C:A4:4D:8E:1F:EE:70:34:40:9C:EA:40:65:A8:A9:80
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 0194228E1405497986748EFB5E54D72BE292
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/0KbtCJykTY4f7nA0QJzqQGWoqYA.roa
Signing time: Wed 01 Jan 2025 15:48:44 +0000
ROA not before: Wed 01 Jan 2025 15:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201909
IP address blocks: 91.219.16.0/24 maxlen: 24
91.236.88.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:14:05:49:79:86:74:8e:fb:5e:54:d7:2b:e2:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Jan 1 15:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0a6ed089ca44d8e1fee7034409cea4065a8a980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:76:99:e1:9a:ae:32:e4:ed:33:78:fb:f1:d4:
70:f7:87:0a:a7:34:98:be:c3:d3:4a:19:2c:3c:34:
93:6e:d6:14:8f:b0:fb:0f:9b:c9:10:58:24:0d:9f:
90:cb:d8:ee:13:71:1f:73:45:2b:6f:0f:be:5e:4a:
0c:a5:21:53:bc:17:07:e7:3d:35:e4:47:68:11:2b:
67:28:17:69:de:93:57:9a:cb:c4:30:2f:5b:b3:31:
d6:a9:2b:b4:79:83:c5:7d:57:7e:a8:03:23:0b:f4:
30:ab:7a:f9:a7:e3:8b:d4:06:1e:30:26:8b:f7:13:
02:82:ba:1b:69:d4:69:6f:a3:c0:6f:88:e4:4d:0e:
fc:80:b8:ae:20:c2:b0:a5:76:27:af:3a:48:cf:15:
10:bf:96:55:a7:29:e0:48:a3:ce:3c:8e:dd:5a:1a:
98:f7:fe:da:47:20:d8:6d:eb:b9:8b:41:9f:32:54:
aa:f9:80:e4:b2:fb:3b:39:a5:27:25:2f:25:8b:24:
56:84:74:14:cc:dc:7f:d8:d0:ae:77:68:3c:dd:53:
e6:1c:c1:92:46:b8:cc:2c:62:d0:c7:37:46:49:b7:
04:e6:dc:53:58:bc:90:95:87:c7:6d:0c:2c:3a:71:
85:1f:33:42:28:38:e5:47:e2:af:88:0b:4c:17:9c:
79:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:A6:ED:08:9C:A4:4D:8E:1F:EE:70:34:40:9C:EA:40:65:A8:A9:80
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/0KbtCJykTY4f7nA0QJzqQGWoqYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.16.0/24
91.236.88.0/24
Signature Algorithm: sha256WithRSAEncryption
12:a3:5e:b7:ea:66:54:9c:6e:97:96:2b:90:d7:55:64:81:88:
df:d6:bc:b8:42:20:b5:9a:31:ab:7c:04:07:5e:5f:9e:7c:fb:
ea:9d:55:8c:f4:77:2a:09:6b:56:a9:c0:34:be:fa:5e:22:b1:
9f:6f:b7:4f:8a:77:ab:53:7e:01:93:07:de:ab:e1:12:5c:cb:
99:3b:ef:da:cc:d8:4b:27:5e:c6:84:f6:94:d1:3f:73:83:7b:
01:e0:ee:2b:c4:09:68:35:dd:62:0d:83:8a:cf:a1:e5:b6:ae:
dd:0e:68:f4:1b:92:6a:dd:2d:3e:e7:b5:77:e2:86:db:3e:a1:
38:c0:aa:74:74:7c:94:4c:75:32:69:b0:32:21:7e:d9:03:a1:
98:17:bb:b8:2d:69:58:93:13:1f:48:e0:9f:45:e9:8e:24:93:
8f:ab:6a:5c:b4:4d:47:0d:36:c9:e2:f2:cc:9d:b4:a7:d5:c1:
60:8a:f8:93:ee:c2:12:e2:3a:bc:20:5c:e1:ca:ce:6e:00:b1:
d8:9f:1a:1e:5b:39:da:e8:6b:6a:8c:9d:83:6e:d9:fb:3a:42:
e3:5d:61:6b:00:b8:b5:05:d0:bb:dd:3d:41:9d:ac:5f:74:7e:
60:ef:84:33:e1:f6:01:d1:f0:5d:17:90:54:fa:af:c5:3d:05:
65:c4:b3:94
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQijhQFSXmGdI77XlTXK+KSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjUwMTAxMTU0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGE2ZWQwODljYTQ0ZDhlMWZlZTcwMzQ0MDljZWE0MDY1YThhOTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHaZ4ZquMuTtM3j78dRw94cKpzSY
vsPTShksPDSTbtYUj7D7D5vJEFgkDZ+Qy9juE3Efc0Urbw++XkoMpSFTvBcH5z01
5EdoEStnKBdp3pNXmsvEMC9bszHWqSu0eYPFfVd+qAMjC/Qwq3r5p+OL1AYeMCaL
9xMCgrobadRpb6PAb4jkTQ78gLiuIMKwpXYnrzpIzxUQv5ZVpyngSKPOPI7dWhqY
9/7aRyDYbeu5i0GfMlSq+YDksvs7OaUnJS8liyRWhHQUzNx/2NCud2g83VPmHMGS
RrjMLGLQxzdGSbcE5txTWLyQlYfHbQwsOnGFHzNCKDjlR+KviAtMF5x5IwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNCm7QicpE2OH+5wNECc6kBlqKmAMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvMEtidENKeWtUWTRmN25BMFFKenFRR1dvcVlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9sQAwQA
W+xYMA0GCSqGSIb3DQEBCwUAA4IBAQASo1636mZUnG6XliuQ11VkgYjf1ry4QiC1
mjGrfAQHXl+efPvqnVWM9HcqCWtWqcA0vvpeIrGfb7dPinerU34Bkwfeq+ESXMuZ
O+/azNhLJ17GhPaU0T9zg3sB4O4rxAloNd1iDYOKz6Hltq7dDmj0G5Jq3S0+57V3
4obbPqE4wKp0dHyUTHUyabAyIX7ZA6GYF7u4LWlYkxMfSOCfRemOJJOPq2pctE1H
DTbJ4vLMnbSn1cFgiviT7sIS4jq8IFzhys5uALHYnxoeWzna6GtqjJ2Dbtn7OkLj
XWFrALi1BdC73T1BnaxfdH5g74Qz4fYB0fBdF5BU+q/FPQVlxLOU
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:31:40 2025 by rpki-client