Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/c68bd1-8a98-41b2-b36b-386eea8d8dd6/1/DAiAlkKu2uIH3tPrZHXW35UovoY.roa
File: DAiAlkKu2uIH3tPrZHXW35UovoY.roa (raw, json)
Hash identifier: ii+y3ES147W1gYE6b/JQu7S5U4fp3robU9GiKGcJGDs=
Subject key identifier: 0C:08:80:96:42:AE:DA:E2:07:DE:D3:EB:64:75:D6:DF:95:28:BE:86
Certificate issuer: /CN=4eee86b22c24bca7713071de95d6822c339cfd1c
Certificate serial: 019427B580D01DD9D55BCBB2872E0DAE7917
Authority key identifier: 4E:EE:86:B2:2C:24:BC:A7:71:30:71:DE:95:D6:82:2C:33:9C:FD:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tu6GsiwkvKdxMHHeldaCLDOc_Rw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/c68bd1-8a98-41b2-b36b-386eea8d8dd6/1/DAiAlkKu2uIH3tPrZHXW35UovoY.roa
Signing time: Thu 02 Jan 2025 15:49:53 +0000
ROA not before: Thu 02 Jan 2025 15:49:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30781
IP address blocks: 91.240.109.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:80:d0:1d:d9:d5:5b:cb:b2:87:2e:0d:ae:79:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4eee86b22c24bca7713071de95d6822c339cfd1c
Validity
Not Before: Jan 2 15:49:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c08809642aedae207ded3eb6475d6df9528be86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9a:42:a7:49:75:d3:25:81:73:1c:30:3e:71:
5b:fb:18:63:42:df:bf:8d:c2:dc:32:39:9b:90:56:
37:63:27:8c:38:e6:1c:d5:71:3c:9c:11:03:93:0b:
45:3b:8f:c3:83:2e:16:8b:36:26:9f:78:fc:2f:2b:
57:33:89:3b:bc:18:bf:d7:35:48:e6:48:20:4b:36:
9b:87:8e:65:9e:a6:bd:f2:04:10:78:d6:05:97:9b:
6e:48:9d:40:b2:00:fb:37:6a:9e:12:1c:8b:14:03:
a9:da:30:8a:74:61:a1:64:7e:4a:58:3b:5f:08:c3:
37:13:ff:33:e3:d0:a0:aa:ef:ce:1b:9e:d7:b3:c1:
77:95:ff:58:4c:a4:75:03:aa:a4:4f:a9:00:ca:2c:
19:a1:43:de:66:51:30:af:dc:73:fd:77:b3:df:38:
1a:d6:f8:47:28:9e:84:1e:39:10:ef:17:1d:fc:9a:
c2:78:e4:79:19:4c:42:e2:12:16:7d:51:f1:bf:8b:
20:63:55:71:eb:62:c7:69:b8:d3:47:7f:c7:4f:40:
c2:e1:09:93:bd:d3:bb:bb:99:34:63:97:6e:cb:bd:
d9:c1:d4:c6:b8:7f:5b:08:50:33:08:64:c0:dd:af:
c4:a2:a7:29:14:76:07:bf:e7:65:c9:02:27:86:25:
e0:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:08:80:96:42:AE:DA:E2:07:DE:D3:EB:64:75:D6:DF:95:28:BE:86
X509v3 Authority Key Identifier:
keyid:4E:EE:86:B2:2C:24:BC:A7:71:30:71:DE:95:D6:82:2C:33:9C:FD:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tu6GsiwkvKdxMHHeldaCLDOc_Rw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/c68bd1-8a98-41b2-b36b-386eea8d8dd6/1/DAiAlkKu2uIH3tPrZHXW35UovoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/c68bd1-8a98-41b2-b36b-386eea8d8dd6/1/Tu6GsiwkvKdxMHHeldaCLDOc_Rw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.109.0/24
Signature Algorithm: sha256WithRSAEncryption
02:3e:0f:05:46:00:d5:d2:0c:f6:4b:c6:2b:06:26:fa:3a:e4:
c0:06:1a:23:46:4f:43:1c:66:82:f2:a7:d9:91:7e:68:06:e2:
a7:3f:6f:02:d3:fe:ad:32:e5:1e:57:79:42:15:83:cc:6c:d6:
c7:98:4b:a8:09:a5:c7:ab:91:9c:44:4f:ee:ae:c3:b1:16:14:
e8:d8:bc:c1:e3:e7:e7:48:79:91:29:b0:55:40:6d:41:21:7f:
6f:f9:61:8d:80:93:e5:70:53:8f:db:3c:62:a8:45:f6:4f:94:
87:2b:7d:b6:8e:dc:a8:45:72:29:c6:df:bf:b3:05:24:b2:81:
d2:a7:da:08:47:10:29:76:2c:20:ba:d1:11:b3:e0:d2:47:9c:
c1:ce:8a:ec:ce:6e:04:c0:a8:52:be:02:05:fa:f4:21:f2:08:
6a:f1:e8:4a:88:ab:4b:4c:27:6d:9a:78:47:49:6b:c3:47:14:
5b:fb:66:b7:4d:11:14:48:f1:bb:0c:e4:7b:1a:a0:d3:c0:80:
cd:ff:86:90:10:bd:82:7c:9c:86:73:c7:5d:ae:fa:04:df:0d:
b0:95:1b:32:99:af:6f:c4:1a:ef:1e:3d:54:69:df:5d:96:ac:
92:d3:85:b4:55:a7:10:f8:9f:e1:8a:4e:58:e1:6e:32:9a:d6:
c9:d0:6f:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntYDQHdnVW8uyhy4NrnkXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZWU4NmIyMmMyNGJjYTc3MTMwNzFkZTk1ZDY4MjJjMzM5
Y2ZkMWMwHhcNMjUwMTAyMTU0OTUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzA4ODA5NjQyYWVkYWUyMDdkZWQzZWI2NDc1ZDZkZjk1MjhiZTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJpCp0l10yWBcxwwPnFb+xhjQt+/
jcLcMjmbkFY3YyeMOOYc1XE8nBEDkwtFO4/Dgy4WizYmn3j8LytXM4k7vBi/1zVI
5kggSzabh45lnqa98gQQeNYFl5tuSJ1AsgD7N2qeEhyLFAOp2jCKdGGhZH5KWDtf
CMM3E/8z49Cgqu/OG57Xs8F3lf9YTKR1A6qkT6kAyiwZoUPeZlEwr9xz/Xez3zga
1vhHKJ6EHjkQ7xcd/JrCeOR5GUxC4hIWfVHxv4sgY1Vx62LHabjTR3/HT0DC4QmT
vdO7u5k0Y5duy73ZwdTGuH9bCFAzCGTA3a/EoqcpFHYHv+dlyQInhiXgNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAwIgJZCrtriB97T62R11t+VKL6GMB8GA1UdIwQY
MBaAFE7uhrIsJLyncTBx3pXWgiwznP0cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHU2R3Npd2t2S2R4TUhIZWxkYUNMRE9jX1J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9jNjhiZDEtOGE5OC00MWIyLWIzNmIt
Mzg2ZWVhOGQ4ZGQ2LzEvREFpQWxrS3UydUlIM3RQclpIWFczNVVvdm9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9jNjhiZDEtOGE5OC00MWIyLWIzNmItMzg2ZWVhOGQ4ZGQ2
LzEvVHU2R3Npd2t2S2R4TUhIZWxkYUNMRE9jX1J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/BtMA0G
CSqGSIb3DQEBCwUAA4IBAQACPg8FRgDV0gz2S8YrBib6OuTABhojRk9DHGaC8qfZ
kX5oBuKnP28C0/6tMuUeV3lCFYPMbNbHmEuoCaXHq5GcRE/ursOxFhTo2LzB4+fn
SHmRKbBVQG1BIX9v+WGNgJPlcFOP2zxiqEX2T5SHK322jtyoRXIpxt+/swUksoHS
p9oIRxApdiwgutERs+DSR5zBzorszm4EwKhSvgIF+vQh8ghq8ehKiKtLTCdtmnhH
SWvDRxRb+2a3TREUSPG7DOR7GqDTwIDN/4aQEL2CfJyGc8ddrvoE3w2wlRsyma9v
xBrvHj1Uad9dlqyS04W0VacQ+J/hik5Y4W4ymtbJ0G8V
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:21:51 2025 by rpki-client