Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/1-SD58DvCs7ya-7E2FpTU4fI87Ow.roa
File: 1-SD58DvCs7ya-7E2FpTU4fI87Ow.roa (raw, json)
Hash identifier: HUsbSacmCFroTzSN4bvsRHu/98AfJF8ghdyReaEsmzs=
Subject key identifier: F9:20:F9:F0:3B:C2:B3:BC:9A:FB:B1:36:16:94:D4:E1:F2:3C:EC:EC
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 0194228E0E2323320575097D654037359F2B
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/1-SD58DvCs7ya-7E2FpTU4fI87Ow.roa
Signing time: Wed 01 Jan 2025 15:48:42 +0000
ROA not before: Wed 01 Jan 2025 15:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13213
IP address blocks: 91.236.89.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:0e:23:23:32:05:75:09:7d:65:40:37:35:9f:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Jan 1 15:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f920f9f03bc2b3bc9afbb1361694d4e1f23cecec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:bc:c7:9c:e2:20:9b:a4:7d:f7:9f:0a:76:44:
b7:98:6c:64:8e:8f:8a:7d:9a:62:22:55:15:08:66:
f5:c1:bb:a8:54:01:6e:c3:40:8a:2e:73:36:08:82:
8f:2a:8c:7d:1b:d9:06:67:3e:d9:9f:38:04:14:07:
aa:b3:1e:76:ed:be:6c:4a:32:1d:d6:f7:a4:b0:e6:
95:13:33:e3:60:89:8b:2b:75:54:39:45:4b:92:b4:
15:b6:28:ce:ae:2c:6e:fb:74:7d:b5:d8:11:d2:1f:
05:51:76:44:e0:a8:53:c9:84:f2:ce:2a:9d:1b:76:
6b:08:92:cb:a4:c5:7c:ac:bf:2f:1a:9b:bc:4a:b3:
82:73:45:42:11:0a:d6:fa:67:6e:39:d5:43:9e:ff:
1a:e8:26:7e:52:c0:c2:f8:b7:df:0a:23:95:c3:5e:
ac:da:91:52:89:a6:28:c4:67:b6:08:88:d6:b9:fb:
4c:b1:ce:39:ae:3c:f9:35:9f:1b:21:d1:b8:56:24:
89:84:8c:cd:5d:05:2f:2f:80:d7:db:eb:93:4a:a8:
11:aa:11:d5:6a:8d:2a:82:e0:e0:a6:fe:aa:c3:51:
1c:29:a3:bc:53:90:04:34:e8:26:dd:67:45:65:29:
ef:8c:5c:3d:0f:73:7d:5c:4a:13:c2:db:f2:2f:55:
8c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:20:F9:F0:3B:C2:B3:BC:9A:FB:B1:36:16:94:D4:E1:F2:3C:EC:EC
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/1-SD58DvCs7ya-7E2FpTU4fI87Ow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.89.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:6c:c0:df:c8:41:b0:86:e2:9e:55:1b:15:d8:4b:d9:c7:d3:
65:bc:57:fc:a2:d7:84:ad:80:f7:da:81:44:14:ea:2a:95:8e:
d8:6c:1f:df:05:b8:2c:bd:b6:8d:54:17:1b:7e:88:0a:b2:98:
ed:32:ad:46:1e:1c:68:13:69:f8:1b:dc:ef:01:90:f5:d6:55:
69:93:39:87:93:42:fe:0c:1f:e4:8a:bd:10:fd:10:16:65:bc:
8d:74:f9:22:71:2a:dd:2f:dc:18:f8:5c:25:b3:c6:7c:fc:b2:
b3:9e:ec:af:c7:ed:68:15:dc:03:23:84:f6:2c:e6:95:3f:f8:
fd:84:cc:d8:db:d5:a9:f5:d6:eb:00:93:86:84:29:7c:8a:a4:
53:e7:18:66:ee:74:5f:21:7c:c0:e3:a9:d1:d5:0e:73:f0:2d:
10:b2:51:39:f2:82:6a:ce:a9:ca:42:cc:32:07:4b:81:08:90:
d3:81:5c:ad:85:1d:6b:94:b7:2a:ce:4b:34:b1:05:94:c0:40:
46:7b:f2:f0:fd:65:93:4e:e8:14:e6:c5:a5:6a:b2:63:93:23:
97:00:ea:a7:90:26:51:03:a1:2b:01:6f:aa:cb:60:69:fc:4b:
c1:4c:ab:42:9c:8b:7d:87:0f:0a:fe:df:44:70:95:62:4c:b8:
77:0d:04:75
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQijg4jIzIFdQl9ZUA3NZ8rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjUwMTAxMTU0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTIwZjlmMDNiYzJiM2JjOWFmYmIxMzYxNjk0ZDRlMWYyM2NlY2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubzHnOIgm6R9958KdkS3mGxkjo+K
fZpiIlUVCGb1wbuoVAFuw0CKLnM2CIKPKox9G9kGZz7ZnzgEFAeqsx527b5sSjId
1veksOaVEzPjYImLK3VUOUVLkrQVtijOrixu+3R9tdgR0h8FUXZE4KhTyYTyziqd
G3ZrCJLLpMV8rL8vGpu8SrOCc0VCEQrW+mduOdVDnv8a6CZ+UsDC+LffCiOVw16s
2pFSiaYoxGe2CIjWuftMsc45rjz5NZ8bIdG4ViSJhIzNXQUvL4DX2+uTSqgRqhHV
ao0qguDgpv6qw1EcKaO8U5AENOgm3WdFZSnvjFw9D3N9XEoTwtvyL1WMFwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPkg+fA7wrO8mvuxNhaU1OHyPOzsMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvMS1TRDU4RHZDczd5YS03RTJGcFRVNGZJODdPdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2IvNjAyNTMwLTZkMjItNDZmMS04ZTA1LTAyZGVmNmU4NGM5
MS8xL0l2TEM1N3dkcFUyUm5LVzFsQjAzaUpLeXpMSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvsWTAN
BgkqhkiG9w0BAQsFAAOCAQEAjWzA38hBsIbinlUbFdhL2cfTZbxX/KLXhK2A99qB
RBTqKpWO2Gwf3wW4LL22jVQXG36ICrKY7TKtRh4caBNp+Bvc7wGQ9dZVaZM5h5NC
/gwf5Iq9EP0QFmW8jXT5InEq3S/cGPhcJbPGfPyys57sr8ftaBXcAyOE9izmlT/4
/YTM2NvVqfXW6wCThoQpfIqkU+cYZu50XyF8wOOp0dUOc/AtELJROfKCas6pykLM
MgdLgQiQ04FcrYUda5S3Ks5LNLEFlMBARnvy8P1lk07oFObFpWqyY5MjlwDqp5Am
UQOhKwFvqstgafxLwUyrQpyLfYcPCv7fRHCVYky4dw0EdQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:46:25 2025 by rpki-client