Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/848fd6-eb80-4e1e-8378-3e46ce35d4e7/1/YVf3u5lFieXSo4MA7qYyxZHHzPg.roa
File: YVf3u5lFieXSo4MA7qYyxZHHzPg.roa (raw, json)
Hash identifier: LTVF5N88k7skTnyboglAJr7FjEe2LUwSGTf3pVeiANQ=
Subject key identifier: 61:57:F7:BB:99:45:89:E5:D2:A3:83:00:EE:A6:32:C5:91:C7:CC:F8
Certificate issuer: /CN=0d0dbf9eb836085c19d93f5254221c33948e85e3
Certificate serial: 0194228E27DA382ED9D8F770A301E456400D
Authority key identifier: 0D:0D:BF:9E:B8:36:08:5C:19:D9:3F:52:54:22:1C:33:94:8E:85:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQ2_nrg2CFwZ2T9SVCIcM5SOheM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/848fd6-eb80-4e1e-8378-3e46ce35d4e7/1/YVf3u5lFieXSo4MA7qYyxZHHzPg.roa
Signing time: Wed 01 Jan 2025 15:48:49 +0000
ROA not before: Wed 01 Jan 2025 15:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51817
IP address blocks: 91.220.100.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:27:da:38:2e:d9:d8:f7:70:a3:01:e4:56:40:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d0dbf9eb836085c19d93f5254221c33948e85e3
Validity
Not Before: Jan 1 15:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6157f7bb994589e5d2a38300eea632c591c7ccf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:0a:fb:5e:3d:7b:d9:86:ca:d2:2b:d8:d1:23:
95:10:66:b1:41:4e:91:54:bb:c2:a8:e0:1d:b7:60:
c2:f8:ef:10:64:ac:04:5e:0c:50:4e:3a:af:ad:7a:
fe:10:52:59:c5:4b:3c:fc:17:fb:3c:27:ff:12:d2:
09:f9:89:81:b6:7f:87:bf:eb:73:3c:c2:2d:12:80:
61:1f:9f:a1:71:a7:76:ca:86:0c:f3:16:4e:8a:f3:
58:4a:93:17:cc:06:d6:4e:54:a3:fe:79:b8:6f:58:
6e:64:ad:40:48:fe:09:dd:b5:1b:80:e4:e9:63:0b:
7b:55:73:67:f9:cc:60:0d:d4:1f:11:35:77:b8:b6:
c8:d9:f7:c2:65:90:f2:90:71:ef:4f:b0:8d:b1:7e:
4f:f7:ac:8b:bd:a7:a7:1e:2d:1c:04:93:98:85:34:
30:2e:db:0b:2c:6b:7f:e8:ca:64:d6:2b:8f:0a:9c:
b1:d9:f7:a5:89:2d:b4:eb:ca:79:de:94:77:47:9f:
b3:43:93:2b:5a:81:46:f4:41:ad:91:cb:ff:aa:22:
7e:57:fe:1f:63:39:c5:a7:bb:16:e7:8b:37:7c:70:
32:19:9b:dc:62:12:25:bf:5d:75:81:e2:cf:78:ce:
d5:35:db:70:44:ca:59:a8:9a:af:6f:b6:58:b9:dd:
d3:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:57:F7:BB:99:45:89:E5:D2:A3:83:00:EE:A6:32:C5:91:C7:CC:F8
X509v3 Authority Key Identifier:
keyid:0D:0D:BF:9E:B8:36:08:5C:19:D9:3F:52:54:22:1C:33:94:8E:85:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQ2_nrg2CFwZ2T9SVCIcM5SOheM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/848fd6-eb80-4e1e-8378-3e46ce35d4e7/1/YVf3u5lFieXSo4MA7qYyxZHHzPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/848fd6-eb80-4e1e-8378-3e46ce35d4e7/1/DQ2_nrg2CFwZ2T9SVCIcM5SOheM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.100.0/24
Signature Algorithm: sha256WithRSAEncryption
62:ee:ee:e5:c0:8b:b3:a9:1b:f6:fc:90:c7:57:36:c8:14:9b:
16:b5:5d:e1:ab:49:12:d6:14:79:96:66:79:87:a8:cd:be:85:
56:1d:bb:99:5a:41:a0:97:fe:b0:20:1f:2f:d4:a9:06:08:f6:
b8:e4:34:1f:7a:84:90:d4:56:53:bf:f5:34:42:16:25:ae:db:
81:f4:0c:a2:45:74:aa:0e:64:f1:49:2d:be:4d:d9:a8:e6:c5:
48:78:b0:69:fe:25:c1:d2:81:8e:1f:76:70:78:bb:36:d4:a8:
c6:1b:3f:a0:56:b3:78:4a:53:b1:14:56:ce:28:cf:5f:7a:1a:
dd:ac:47:02:6c:9e:cd:03:eb:06:f3:df:bf:55:7c:3b:a7:18:
26:f0:58:b2:a0:8b:42:12:ce:85:68:b2:f2:f9:1d:93:c9:e9:
8f:58:5a:3d:cc:e2:ab:a4:4e:42:dc:b0:de:b7:f7:ed:a7:a3:
67:ef:87:e2:2a:4c:e3:85:13:61:90:d6:ef:2d:32:29:68:5a:
85:fd:b9:b0:97:0a:6a:f5:44:3d:da:91:07:c7:06:71:ee:ed:
f7:cb:c4:d3:1d:ff:14:8e:ca:9c:76:79:23:1e:72:d6:4e:4e:
15:ee:00:11:fc:9b:76:db:5d:61:5f:c4:dc:b2:90:f9:2f:39:
fa:f6:b0:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijifaOC7Z2PdwowHkVkANMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMGRiZjllYjgzNjA4NWMxOWQ5M2Y1MjU0MjIxYzMzOTQ4
ZTg1ZTMwHhcNMjUwMTAxMTU0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTU3ZjdiYjk5NDU4OWU1ZDJhMzgzMDBlZWE2MzJjNTkxYzdjY2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Qr7Xj172YbK0ivY0SOVEGaxQU6R
VLvCqOAdt2DC+O8QZKwEXgxQTjqvrXr+EFJZxUs8/Bf7PCf/EtIJ+YmBtn+Hv+tz
PMItEoBhH5+hcad2yoYM8xZOivNYSpMXzAbWTlSj/nm4b1huZK1ASP4J3bUbgOTp
Ywt7VXNn+cxgDdQfETV3uLbI2ffCZZDykHHvT7CNsX5P96yLvaenHi0cBJOYhTQw
LtsLLGt/6Mpk1iuPCpyx2feliS2068p53pR3R5+zQ5MrWoFG9EGtkcv/qiJ+V/4f
YznFp7sW54s3fHAyGZvcYhIlv111geLPeM7VNdtwRMpZqJqvb7ZYud3TVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGFX97uZRYnl0qODAO6mMsWRx8z4MB8GA1UdIwQY
MBaAFA0Nv564NghcGdk/UlQiHDOUjoXjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFEyX25yZzJDRndaMlQ5U1ZDSWNNNVNPaGVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS84NDhmZDYtZWI4MC00ZTFlLTgzNzgt
M2U0NmNlMzVkNGU3LzEvWVZmM3U1bEZpZVhTbzRNQTdxWXl4WkhIelBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS84NDhmZDYtZWI4MC00ZTFlLTgzNzgtM2U0NmNlMzVkNGU3
LzEvRFEyX25yZzJDRndaMlQ5U1ZDSWNNNVNPaGVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9xkMA0G
CSqGSIb3DQEBCwUAA4IBAQBi7u7lwIuzqRv2/JDHVzbIFJsWtV3hq0kS1hR5lmZ5
h6jNvoVWHbuZWkGgl/6wIB8v1KkGCPa45DQfeoSQ1FZTv/U0QhYlrtuB9AyiRXSq
DmTxSS2+Tdmo5sVIeLBp/iXB0oGOH3ZweLs21KjGGz+gVrN4SlOxFFbOKM9fehrd
rEcCbJ7NA+sG89+/VXw7pxgm8FiyoItCEs6FaLLy+R2TyemPWFo9zOKrpE5C3LDe
t/ftp6Nn74fiKkzjhRNhkNbvLTIpaFqF/bmwlwpq9UQ92pEHxwZx7u33y8TTHf8U
jsqcdnkjHnLWTk4V7gAR/Jt2211hX8TcspD5Lzn69rBI
-----END CERTIFICATE-----
Generated at Mon Apr 7 14:18:34 2025 by rpki-client