Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/a86f77-fae6-4fe2-ba4b-eb37e776ddd2/1/Bd7FcffIWEfbujnp9WS-BYRh8lY.roa
File: Bd7FcffIWEfbujnp9WS-BYRh8lY.roa (raw, json)
Hash identifier: 1aqbGtOUu0Pm7rzIGfOGmwYKjDdAbGNYXLp563xVUt0=
Subject key identifier: 05:DE:C5:71:F7:C8:58:47:DB:BA:39:E9:F5:64:BE:05:84:61:F2:56
Certificate issuer: /CN=091daad3d27dbcf94d3006fbfba7e1ddd5d29f16
Certificate serial: 019427B589636C912F65217DD1B1325B7329
Authority key identifier: 09:1D:AA:D3:D2:7D:BC:F9:4D:30:06:FB:FB:A7:E1:DD:D5:D2:9F:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CR2q09J9vPlNMAb7-6fh3dXSnxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/a86f77-fae6-4fe2-ba4b-eb37e776ddd2/1/Bd7FcffIWEfbujnp9WS-BYRh8lY.roa
Signing time: Thu 02 Jan 2025 15:49:55 +0000
ROA not before: Thu 02 Jan 2025 15:49:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216186
IP address blocks: 91.238.238.0/24 maxlen: 24
2a10:be40::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:89:63:6c:91:2f:65:21:7d:d1:b1:32:5b:73:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=091daad3d27dbcf94d3006fbfba7e1ddd5d29f16
Validity
Not Before: Jan 2 15:49:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05dec571f7c85847dbba39e9f564be058461f256
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f9:39:17:67:93:c7:95:4e:36:25:17:a2:8e:
dc:82:be:3e:81:bf:c2:3e:e3:fa:ba:f8:61:51:30:
2c:d0:09:2b:55:4a:22:d8:53:4b:0b:ca:fa:e9:e9:
38:1e:cb:81:49:de:83:be:62:e3:3d:f6:96:b2:09:
1f:dc:0f:68:4e:cb:6a:be:7b:13:66:1d:d7:2c:a3:
71:3c:70:63:18:5e:61:41:5c:c8:98:f9:cb:4c:d8:
11:5b:0e:8a:75:59:05:08:36:ff:a0:d1:76:dc:f1:
b9:ac:c7:39:33:5d:35:e3:64:6c:99:ea:dd:12:31:
8a:53:52:a9:4a:5a:d5:8c:cb:ae:e2:28:ca:18:b1:
f7:1c:fa:8b:22:a2:c0:4e:bd:cc:d3:ad:12:79:24:
12:35:6a:95:1c:96:a0:e1:52:79:bd:18:d9:3a:21:
7a:d3:b5:9a:58:98:52:51:1a:a6:7b:12:38:a4:8f:
bf:52:96:56:6b:72:fa:90:75:66:d5:e9:35:c6:04:
7d:83:5c:0b:8b:03:50:ed:9b:6b:6f:84:e2:1d:36:
2f:b7:26:a6:b5:41:4c:a0:44:20:b8:32:f8:3e:4e:
ef:e0:c1:ce:ff:1c:68:9b:a3:24:2c:15:b9:ab:22:
6a:52:b9:fc:81:71:eb:db:dd:94:47:e7:2e:cc:e4:
d3:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:DE:C5:71:F7:C8:58:47:DB:BA:39:E9:F5:64:BE:05:84:61:F2:56
X509v3 Authority Key Identifier:
keyid:09:1D:AA:D3:D2:7D:BC:F9:4D:30:06:FB:FB:A7:E1:DD:D5:D2:9F:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR2q09J9vPlNMAb7-6fh3dXSnxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a86f77-fae6-4fe2-ba4b-eb37e776ddd2/1/Bd7FcffIWEfbujnp9WS-BYRh8lY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a86f77-fae6-4fe2-ba4b-eb37e776ddd2/1/CR2q09J9vPlNMAb7-6fh3dXSnxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.238.0/24
IPv6:
2a10:be40::/32
Signature Algorithm: sha256WithRSAEncryption
00:00:cd:3c:29:d6:e9:b0:fe:fe:41:70:aa:40:4a:6d:ec:42:
32:3c:2e:a5:ab:8a:29:c5:9d:03:7b:89:d1:c3:eb:38:0c:79:
35:09:30:ea:27:16:25:49:1b:f4:14:39:0b:0b:bf:a7:44:8f:
77:42:4b:2a:22:1d:e7:d5:fc:d5:5f:b6:c6:04:25:e8:6b:c3:
97:e5:ff:19:f1:65:26:2a:23:93:80:d8:a2:ea:8a:c5:79:e4:
80:96:7a:5b:ad:16:f0:be:cf:b0:dc:61:4c:1a:01:8e:79:a4:
cb:ae:d0:92:dd:e8:8a:16:be:6a:5b:f0:53:30:30:6e:41:07:
88:40:87:f5:12:b4:07:72:49:12:b5:2f:5c:ea:54:24:0c:fd:
a8:35:65:cf:42:2a:10:d7:da:d1:7c:09:fd:12:a1:f8:d4:ad:
62:5e:a1:48:24:af:1d:62:f0:cb:f5:e6:8d:cf:46:30:a4:ab:
6c:1c:16:02:e2:a8:d7:3f:4d:74:93:f3:c9:c7:d0:9d:1a:0e:
2f:49:a8:b1:48:a3:6d:46:89:6d:46:f8:c1:9f:87:3c:9e:9d:
26:26:c7:a9:2a:9d:63:8a:2d:c2:83:cf:f0:68:5b:20:33:9c:
3c:35:cb:ba:c1:fb:7b:c5:8c:36:4e:64:6c:50:94:e9:7e:6c:
0b:85:12:d2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQntYljbJEvZSF90bEyW3MpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWRhYWQzZDI3ZGJjZjk0ZDMwMDZmYmZiYTdlMWRkZDVk
MjlmMTYwHhcNMjUwMTAyMTU0OTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWRlYzU3MWY3Yzg1ODQ3ZGJiYTM5ZTlmNTY0YmUwNTg0NjFmMjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfk5F2eTx5VONiUXoo7cgr4+gb/C
PuP6uvhhUTAs0AkrVUoi2FNLC8r66ek4HsuBSd6DvmLjPfaWsgkf3A9oTstqvnsT
Zh3XLKNxPHBjGF5hQVzImPnLTNgRWw6KdVkFCDb/oNF23PG5rMc5M10142Rsmerd
EjGKU1KpSlrVjMuu4ijKGLH3HPqLIqLATr3M060SeSQSNWqVHJag4VJ5vRjZOiF6
07WaWJhSURqmexI4pI+/UpZWa3L6kHVm1ek1xgR9g1wLiwNQ7Ztrb4TiHTYvtyam
tUFMoEQguDL4Pk7v4MHO/xxom6MkLBW5qyJqUrn8gXHr292UR+cuzOTT5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAXexXH3yFhH27o56fVkvgWEYfJWMB8GA1UdIwQY
MBaAFAkdqtPSfbz5TTAG+/un4d3V0p8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1IycTA5Sjl2UGxOTUFiNy02ZmgzZFhTbnhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9hODZmNzctZmFlNi00ZmUyLWJhNGIt
ZWIzN2U3NzZkZGQyLzEvQmQ3RmNmZklXRWZidWpucDlXUy1CWVJoOGxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9hODZmNzctZmFlNi00ZmUyLWJhNGItZWIzN2U3NzZkZGQy
LzEvQ1IycTA5Sjl2UGxOTUFiNy02ZmgzZFhTbnhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW+7uMA0E
AgACMAcDBQAqEL5AMA0GCSqGSIb3DQEBCwUAA4IBAQAAAM08KdbpsP7+QXCqQEpt
7EIyPC6lq4opxZ0De4nRw+s4DHk1CTDqJxYlSRv0FDkLC7+nRI93QksqIh3n1fzV
X7bGBCXoa8OX5f8Z8WUmKiOTgNii6orFeeSAlnpbrRbwvs+w3GFMGgGOeaTLrtCS
3eiKFr5qW/BTMDBuQQeIQIf1ErQHckkStS9c6lQkDP2oNWXPQioQ19rRfAn9EqH4
1K1iXqFIJK8dYvDL9eaNz0YwpKtsHBYC4qjXP010k/PJx9CdGg4vSaixSKNtRolt
RvjBn4c8np0mJsepKp1jii3Cg8/waFsgM5w8Ncu6wft7xYw2TmRsUJTpfmwLhRLS
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:56:33 2025 by rpki-client