Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/48e976-3707-4685-a5f9-961b78d9d4bc/1/2hMUvTWNED7AdzekMGtePAfBbmA.roa
File: 2hMUvTWNED7AdzekMGtePAfBbmA.roa (raw, json)
Hash identifier: qNOC6BJXbdCeJs6n66War8yhlL56sKGqTTY348ypj5g=
Subject key identifier: DA:13:14:BD:35:8D:10:3E:C0:77:37:A4:30:6B:5E:3C:07:C1:6E:60
Certificate issuer: /CN=fadbe65b28ff25667409cce635be096e3e6defca
Certificate serial: 019427B58A1A1DA944E605833457A4AE073B
Authority key identifier: FA:DB:E6:5B:28:FF:25:66:74:09:CC:E6:35:BE:09:6E:3E:6D:EF:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-tvmWyj_JWZ0CczmNb4Jbj5t78o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/48e976-3707-4685-a5f9-961b78d9d4bc/1/2hMUvTWNED7AdzekMGtePAfBbmA.roa
Signing time: Thu 02 Jan 2025 15:49:56 +0000
ROA not before: Thu 02 Jan 2025 15:49:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20712
IP address blocks: 91.208.66.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:8a:1a:1d:a9:44:e6:05:83:34:57:a4:ae:07:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fadbe65b28ff25667409cce635be096e3e6defca
Validity
Not Before: Jan 2 15:49:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da1314bd358d103ec07737a4306b5e3c07c16e60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:cd:93:34:13:99:b0:20:6f:c3:7c:c6:ca:d4:
6a:02:5a:a5:11:33:d0:b6:c3:96:67:66:aa:61:4a:
25:ac:f1:76:67:42:b9:52:5a:d0:8a:c3:69:8a:a3:
a8:9f:2b:29:c8:48:b0:af:18:ed:e6:b0:4d:39:ef:
8f:2c:0e:76:91:9e:c1:fc:52:0f:e8:cb:07:e7:2f:
96:77:68:ed:73:96:89:39:ed:93:b2:b7:a4:eb:8d:
9e:82:ba:8a:3f:73:9b:7b:fe:5c:25:26:18:91:9c:
fc:a7:35:35:3a:b3:87:75:b2:0e:69:d2:f6:02:f4:
38:2f:9e:a5:07:66:3b:c2:c8:76:a0:44:df:20:cc:
f7:f8:63:37:d2:dc:b2:e1:2c:49:d1:1a:2b:20:5c:
35:a9:39:ed:42:97:66:49:77:16:57:7c:0f:bf:c5:
24:12:fb:79:43:20:e3:10:4e:a8:02:24:24:01:75:
7e:98:8a:9b:75:4d:da:6d:e3:8d:2e:22:e9:d9:91:
05:2e:2e:6c:13:18:1c:f6:cb:f7:58:1c:9c:34:5f:
2b:62:f8:11:a1:e9:6f:d1:b9:72:da:d1:da:c2:19:
64:28:be:bd:d6:97:d9:91:06:e6:53:3c:82:ec:2b:
24:85:58:a3:58:27:ab:06:7f:d0:4a:ee:36:27:a6:
3b:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:13:14:BD:35:8D:10:3E:C0:77:37:A4:30:6B:5E:3C:07:C1:6E:60
X509v3 Authority Key Identifier:
keyid:FA:DB:E6:5B:28:FF:25:66:74:09:CC:E6:35:BE:09:6E:3E:6D:EF:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-tvmWyj_JWZ0CczmNb4Jbj5t78o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48e976-3707-4685-a5f9-961b78d9d4bc/1/2hMUvTWNED7AdzekMGtePAfBbmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48e976-3707-4685-a5f9-961b78d9d4bc/1/1-tvmWyj_JWZ0CczmNb4Jbj5t78o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.66.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:97:58:3f:59:ac:98:4d:67:be:d5:38:89:36:99:ec:cd:2f:
3d:df:b4:7d:c1:91:8a:1c:b5:dd:03:e6:48:33:f0:f8:14:42:
67:98:3a:e7:ea:f4:8a:97:0c:4c:d1:2f:3e:93:0f:b1:e7:b0:
92:c5:fb:9e:1e:74:7f:46:cc:b5:27:16:86:0e:14:f7:c5:61:
9d:9b:1f:ca:90:aa:7a:45:1b:27:98:e2:c5:9c:56:00:9f:7d:
ec:1a:d9:8d:7a:f6:d5:5a:a5:de:61:1a:82:50:46:46:4e:09:
02:09:7b:dd:02:f1:86:b9:6b:88:63:8c:ec:d7:ea:89:a7:8e:
92:39:4f:eb:61:af:d0:78:ff:e7:fa:83:94:c3:ef:d2:81:48:
82:b2:2c:55:18:ae:9a:b3:78:3f:3c:67:06:88:c9:17:a2:ca:
71:fc:15:0e:02:e7:43:ad:5e:3a:9b:02:19:f7:61:0e:40:4b:
fc:f9:6f:65:d9:df:dc:42:93:e2:ec:48:d7:c2:fe:47:22:98:
04:75:89:54:37:22:07:cd:d1:d7:0c:19:e3:f3:5f:2f:9f:b3:
11:cf:ed:94:5b:10:36:fe:27:f6:08:39:91:ed:05:50:72:d9:
f7:04:c1:11:73:58:46:74:ea:4a:09:d7:91:b9:3a:36:cf:5f:
29:28:ea:94
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQntYoaHalE5gWDNFekrgc7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZGJlNjViMjhmZjI1NjY3NDA5Y2NlNjM1YmUwOTZlM2U2
ZGVmY2EwHhcNMjUwMTAyMTU0OTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTEzMTRiZDM1OGQxMDNlYzA3NzM3YTQzMDZiNWUzYzA3YzE2ZTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxM2TNBOZsCBvw3zGytRqAlqlETPQ
tsOWZ2aqYUolrPF2Z0K5UlrQisNpiqOonyspyEiwrxjt5rBNOe+PLA52kZ7B/FIP
6MsH5y+Wd2jtc5aJOe2Tsrek642egrqKP3Obe/5cJSYYkZz8pzU1OrOHdbIOadL2
AvQ4L56lB2Y7wsh2oETfIMz3+GM30tyy4SxJ0RorIFw1qTntQpdmSXcWV3wPv8Uk
Evt5QyDjEE6oAiQkAXV+mIqbdU3abeONLiLp2ZEFLi5sExgc9sv3WBycNF8rYvgR
oelv0bly2tHawhlkKL691pfZkQbmUzyC7CskhVijWCerBn/QSu42J6Y7OwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNoTFL01jRA+wHc3pDBrXjwHwW5gMB8GA1UdIwQY
MBaAFPrb5lso/yVmdAnM5jW+CW4+be/KMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS10dm1XeWpfSldaMENjem1OYjRKYmo1dDc4by5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2MvNDhlOTc2LTM3MDctNDY4NS1hNWY5
LTk2MWI3OGQ5ZDRiYy8xLzJoTVV2VFdORUQ3QWR6ZWtNR3RlUEFmQmJtQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2MvNDhlOTc2LTM3MDctNDY4NS1hNWY5LTk2MWI3OGQ5ZDRi
Yy8xLzEtdHZtV3lqX0pXWjBDY3ptTmI0SmJqNXQ3OG8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABb0EIw
DQYJKoZIhvcNAQELBQADggEBAByXWD9ZrJhNZ77VOIk2mezNLz3ftH3BkYoctd0D
5kgz8PgUQmeYOufq9IqXDEzRLz6TD7HnsJLF+54edH9GzLUnFoYOFPfFYZ2bH8qQ
qnpFGyeY4sWcVgCffewa2Y169tVapd5hGoJQRkZOCQIJe90C8Ya5a4hjjOzX6omn
jpI5T+thr9B4/+f6g5TD79KBSIKyLFUYrpqzeD88ZwaIyReiynH8FQ4C50OtXjqb
Ahn3YQ5AS/z5b2XZ39xCk+LsSNfC/kcimAR1iVQ3IgfN0dcMGePzXy+fsxHP7ZRb
EDb+J/YIOZHtBVBy2fcEwRFzWEZ06koJ15G5OjbPXyko6pQ=
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:38:12 2025 by rpki-client