Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/6bafe9-878b-46fd-a305-7ba25d5595fa/1/rj7cMvisc5sEsNUl1EQ8tKzz6C8.roa
File: rj7cMvisc5sEsNUl1EQ8tKzz6C8.roa (raw, json)
Hash identifier: 6mpsbNewWQwOLcJiFmFyeCARGSCjU8+BOm6oNSA/kho=
Subject key identifier: AE:3E:DC:32:F8:AC:73:9B:04:B0:D5:25:D4:44:3C:B4:AC:F3:E8:2F
Certificate issuer: /CN=9f3ec21e10f3646e4dc0e23f5f7ec44501560de3
Certificate serial: 0194236980059FC5E0830AEB920C902010AA
Authority key identifier: 9F:3E:C2:1E:10:F3:64:6E:4D:C0:E2:3F:5F:7E:C4:45:01:56:0D:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nz7CHhDzZG5NwOI_X37ERQFWDeM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/6bafe9-878b-46fd-a305-7ba25d5595fa/1/rj7cMvisc5sEsNUl1EQ8tKzz6C8.roa
Signing time: Wed 01 Jan 2025 19:48:24 +0000
ROA not before: Wed 01 Jan 2025 19:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15083
IP address blocks: 91.200.145.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:80:05:9f:c5:e0:83:0a:eb:92:0c:90:20:10:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f3ec21e10f3646e4dc0e23f5f7ec44501560de3
Validity
Not Before: Jan 1 19:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae3edc32f8ac739b04b0d525d4443cb4acf3e82f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b5:05:57:d8:7e:4f:10:b7:66:dd:a9:68:52:
a2:6c:03:25:b2:0d:97:59:27:7c:8f:79:8d:74:89:
e2:09:b0:56:79:d3:74:55:79:a7:58:27:17:3b:d3:
df:ae:f0:07:a9:48:f5:07:fc:bc:da:99:19:70:42:
e0:47:f5:8b:a9:8f:f4:a9:5c:49:56:a2:17:51:40:
d0:88:5b:52:eb:67:55:68:9e:1c:9e:0b:fa:7a:5c:
77:53:22:8d:97:3c:c5:be:c1:26:17:3a:99:79:49:
b8:a7:82:9a:73:ca:b8:d1:e6:3b:3f:08:98:b5:61:
cc:35:02:e0:62:26:34:1c:41:43:26:0e:b8:2e:b1:
29:42:ae:d1:dc:6d:5c:09:c8:48:bd:d5:f0:54:8b:
fd:0a:f2:06:5a:4c:48:e1:85:7b:b8:b1:86:94:c4:
db:48:d6:8c:b5:52:d7:90:53:bf:d0:d3:2f:f8:d4:
b0:0e:d9:d5:7f:61:0c:e5:5d:dc:f1:4b:d0:84:7a:
3f:9f:3a:9a:8e:1d:0f:4f:ee:a1:9a:c2:3b:cb:a4:
4f:d3:6c:7e:78:3d:ee:8d:c9:ce:bf:2f:96:9e:34:
1d:c4:04:e8:41:fb:cf:66:a9:60:55:68:c2:97:7f:
67:a3:1d:da:46:fd:e8:6c:7d:78:c7:eb:64:ea:4f:
6e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:3E:DC:32:F8:AC:73:9B:04:B0:D5:25:D4:44:3C:B4:AC:F3:E8:2F
X509v3 Authority Key Identifier:
keyid:9F:3E:C2:1E:10:F3:64:6E:4D:C0:E2:3F:5F:7E:C4:45:01:56:0D:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nz7CHhDzZG5NwOI_X37ERQFWDeM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/6bafe9-878b-46fd-a305-7ba25d5595fa/1/rj7cMvisc5sEsNUl1EQ8tKzz6C8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/6bafe9-878b-46fd-a305-7ba25d5595fa/1/nz7CHhDzZG5NwOI_X37ERQFWDeM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.145.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:e8:f1:df:41:76:bc:e1:1d:95:48:f7:cf:1c:38:6c:d2:2f:
cf:b3:9f:69:f0:5d:b6:f0:a2:01:64:9e:ab:a0:cc:ea:5c:1d:
cd:52:29:c1:d9:99:b7:96:22:b9:1c:c0:55:d2:57:87:ad:a4:
f6:27:a3:73:21:17:fc:87:a5:cc:1a:02:00:2f:d3:f2:69:dc:
9e:31:c7:9d:4d:59:83:ff:ee:22:e8:28:bc:28:ab:9e:49:83:
47:b6:71:f4:21:ad:b5:4f:21:6d:f1:3b:f5:94:a1:78:3f:59:
33:09:0f:5b:6f:b8:37:02:fc:dc:23:a6:54:2c:4a:eb:da:77:
91:c1:44:2f:26:da:45:65:23:9b:07:27:dc:78:30:e2:ec:da:
25:0c:49:f3:9b:d2:3a:59:85:19:67:16:1d:e2:d7:ae:0b:29:
43:4d:c8:f2:54:dd:14:dd:30:39:2d:42:31:6b:69:fe:8c:96:
3a:cd:1f:b9:b9:ae:5b:f2:be:4a:bc:d3:55:37:16:d7:bf:e4:
df:12:7f:9f:f3:a4:e4:d1:d4:bc:51:87:7d:94:83:50:6d:c2:
d4:e2:0e:d1:09:80:34:cb:cd:d5:cb:85:be:e2:ef:7c:34:0d:
fd:c8:f0:3d:bf:71:63:06:08:40:13:ff:1b:8b:a1:df:60:52:
c5:1d:ab:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaYAFn8XggwrrkgyQIBCqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmM2VjMjFlMTBmMzY0NmU0ZGMwZTIzZjVmN2VjNDQ1MDE1
NjBkZTMwHhcNMjUwMTAxMTk0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTNlZGMzMmY4YWM3MzliMDRiMGQ1MjVkNDQ0M2NiNGFjZjNlODJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrUFV9h+TxC3Zt2paFKibAMlsg2X
WSd8j3mNdIniCbBWedN0VXmnWCcXO9PfrvAHqUj1B/y82pkZcELgR/WLqY/0qVxJ
VqIXUUDQiFtS62dVaJ4cngv6elx3UyKNlzzFvsEmFzqZeUm4p4Kac8q40eY7PwiY
tWHMNQLgYiY0HEFDJg64LrEpQq7R3G1cCchIvdXwVIv9CvIGWkxI4YV7uLGGlMTb
SNaMtVLXkFO/0NMv+NSwDtnVf2EM5V3c8UvQhHo/nzqajh0PT+6hmsI7y6RP02x+
eD3ujcnOvy+WnjQdxAToQfvPZqlgVWjCl39nox3aRv3obH14x+tk6k9uBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK4+3DL4rHObBLDVJdREPLSs8+gvMB8GA1UdIwQY
MBaAFJ8+wh4Q82RuTcDiP19+xEUBVg3jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbno3Q0hoRHpaRzVOd09JX1gzN0VSUUZXRGVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS82YmFmZTktODc4Yi00NmZkLWEzMDUt
N2JhMjVkNTU5NWZhLzEvcmo3Y012aXNjNXNFc05VbDFFUTh0S3p6NkM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS82YmFmZTktODc4Yi00NmZkLWEzMDUtN2JhMjVkNTU5NWZh
LzEvbno3Q0hoRHpaRzVOd09JX1gzN0VSUUZXRGVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8iRMA0G
CSqGSIb3DQEBCwUAA4IBAQBM6PHfQXa84R2VSPfPHDhs0i/Ps59p8F228KIBZJ6r
oMzqXB3NUinB2Zm3liK5HMBV0leHraT2J6NzIRf8h6XMGgIAL9PyadyeMcedTVmD
/+4i6Ci8KKueSYNHtnH0Ia21TyFt8Tv1lKF4P1kzCQ9bb7g3AvzcI6ZULErr2neR
wUQvJtpFZSObByfceDDi7NolDEnzm9I6WYUZZxYd4teuCylDTcjyVN0U3TA5LUIx
a2n+jJY6zR+5ua5b8r5KvNNVNxbXv+TfEn+f86Tk0dS8UYd9lINQbcLU4g7RCYA0
y83Vy4W+4u98NA39yPA9v3FjBghAE/8bi6HfYFLFHasC
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:17:45 2025 by rpki-client