Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/2a72ee-ec1f-40c6-ad9d-5a4df896fc3e/1/gNRsmV0XFCKJkgH1T9VLPl0qkP8.roa
File: gNRsmV0XFCKJkgH1T9VLPl0qkP8.roa (raw, json)
Hash identifier: 7DieLwMe7vSj5T5/A8Tf5cCcPLC+4LWTW8IbIDeyX70=
Subject key identifier: 80:D4:6C:99:5D:17:14:22:89:92:01:F5:4F:D5:4B:3E:5D:2A:90:FF
Certificate issuer: /CN=480b4e6530f58db338e41d434e5c248eb8b49eb5
Certificate serial: 019420D5ACEB3CEFE250EFC7E80293440922
Authority key identifier: 48:0B:4E:65:30:F5:8D:B3:38:E4:1D:43:4E:5C:24:8E:B8:B4:9E:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAtOZTD1jbM45B1DTlwkjri0nrU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/2a72ee-ec1f-40c6-ad9d-5a4df896fc3e/1/gNRsmV0XFCKJkgH1T9VLPl0qkP8.roa
Signing time: Wed 01 Jan 2025 07:47:41 +0000
ROA not before: Wed 01 Jan 2025 07:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3266
IP address blocks: 91.211.177.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:ac:eb:3c:ef:e2:50:ef:c7:e8:02:93:44:09:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=480b4e6530f58db338e41d434e5c248eb8b49eb5
Validity
Not Before: Jan 1 07:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=80d46c995d171422899201f54fd54b3e5d2a90ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:60:00:df:fa:6c:2d:22:51:1c:f3:26:f1:85:
16:5a:d6:38:73:89:25:ec:ad:3b:e3:41:a8:4f:87:
33:77:43:4b:45:45:c9:8a:4e:1b:83:f2:24:ea:3d:
a1:90:0c:38:eb:16:3e:c1:7e:e1:28:19:d2:bc:ff:
2a:9e:d5:01:36:22:45:72:06:16:5a:de:ca:a8:f2:
a4:23:56:30:54:db:4a:6f:84:ee:b7:3b:ca:cd:17:
55:d6:52:3e:dc:94:f2:83:ae:01:39:18:fd:45:ec:
b1:55:62:8f:3a:90:2c:ff:49:cc:4b:b6:cd:5a:25:
37:c9:c0:18:28:15:8c:c4:ee:fd:1c:00:ea:2c:da:
88:81:43:e9:dc:55:01:f0:50:4b:47:76:03:57:ab:
28:3e:3b:9c:3e:e7:8e:5e:4c:16:b5:69:8c:c9:8f:
fb:d4:15:df:26:aa:d5:ef:73:f9:49:ae:ab:0b:8f:
91:e2:c0:d0:7c:d0:1d:22:74:2e:0f:bc:92:c3:9b:
7a:60:74:4e:94:03:e1:81:e1:03:49:8e:6e:0e:20:
d7:03:25:73:26:fc:2f:b8:d3:cd:f8:9a:f6:51:3e:
4f:ac:d7:b5:de:08:b1:19:cb:65:c1:09:9c:9a:03:
d1:65:57:1b:00:55:4a:b4:96:9b:d5:8a:79:e6:04:
43:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:D4:6C:99:5D:17:14:22:89:92:01:F5:4F:D5:4B:3E:5D:2A:90:FF
X509v3 Authority Key Identifier:
keyid:48:0B:4E:65:30:F5:8D:B3:38:E4:1D:43:4E:5C:24:8E:B8:B4:9E:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAtOZTD1jbM45B1DTlwkjri0nrU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/2a72ee-ec1f-40c6-ad9d-5a4df896fc3e/1/gNRsmV0XFCKJkgH1T9VLPl0qkP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/2a72ee-ec1f-40c6-ad9d-5a4df896fc3e/1/SAtOZTD1jbM45B1DTlwkjri0nrU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.177.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:68:f5:2f:33:c9:b8:52:e4:e0:20:5f:b6:5a:a9:fa:6c:af:
a4:db:94:5c:d3:87:1d:51:56:cd:44:ba:cd:4e:4c:44:2c:d0:
eb:77:31:3e:22:9c:c3:21:26:79:2c:53:65:8c:b1:0c:3b:00:
88:b4:2a:47:1f:aa:fe:6b:2f:13:88:5f:e8:9a:ef:ef:1f:ec:
ed:b5:bb:93:2c:56:43:7e:b6:e3:3b:a5:65:cb:6f:2f:0d:c8:
69:2c:37:a2:7e:7f:21:41:fe:e0:63:00:db:ef:c4:32:89:6e:
1f:de:6d:91:2e:54:a0:dc:8c:68:a6:6b:f6:6d:bf:d8:3d:ca:
4c:c4:2a:11:1c:23:25:3a:e0:ec:5f:14:a6:5b:9e:c8:9e:9e:
37:13:1b:57:de:6e:49:db:1c:d7:ac:6d:e6:0a:fe:95:43:db:
0f:92:4c:f1:ea:ed:7f:eb:e1:ef:93:aa:6b:b3:31:7d:22:54:
3e:27:4a:61:e9:62:25:aa:e2:9a:8a:86:4c:99:b6:f7:5c:65:
2b:7c:73:a1:e6:59:62:70:a0:5e:8c:0b:06:7d:18:7b:98:cd:
f9:44:f0:6a:a3:9a:7d:dd:6b:27:a3:c7:a1:6a:bc:e3:05:0b:
4c:4d:e6:7f:52:14:fe:ce:69:08:a6:7b:33:90:27:00:10:fd:
c5:ac:ae:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1azrPO/iUO/H6AKTRAkiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MGI0ZTY1MzBmNThkYjMzOGU0MWQ0MzRlNWMyNDhlYjhi
NDllYjUwHhcNMjUwMTAxMDc0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGQ0NmM5OTVkMTcxNDIyODk5MjAxZjU0ZmQ1NGIzZTVkMmE5MGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGAA3/psLSJRHPMm8YUWWtY4c4kl
7K0740GoT4czd0NLRUXJik4bg/Ik6j2hkAw46xY+wX7hKBnSvP8qntUBNiJFcgYW
Wt7KqPKkI1YwVNtKb4TutzvKzRdV1lI+3JTyg64BORj9ReyxVWKPOpAs/0nMS7bN
WiU3ycAYKBWMxO79HADqLNqIgUPp3FUB8FBLR3YDV6soPjucPueOXkwWtWmMyY/7
1BXfJqrV73P5Sa6rC4+R4sDQfNAdInQuD7ySw5t6YHROlAPhgeEDSY5uDiDXAyVz
JvwvuNPN+Jr2UT5PrNe13gixGctlwQmcmgPRZVcbAFVKtJab1Yp55gRDDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIDUbJldFxQiiZIB9U/VSz5dKpD/MB8GA1UdIwQY
MBaAFEgLTmUw9Y2zOOQdQ05cJI64tJ61MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0F0T1pURDFqYk00NUIxRFRsd2tqcmkwbnJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8yYTcyZWUtZWMxZi00MGM2LWFkOWQt
NWE0ZGY4OTZmYzNlLzEvZ05Sc21WMFhGQ0tKa2dIMVQ5VkxQbDBxa1A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8yYTcyZWUtZWMxZi00MGM2LWFkOWQtNWE0ZGY4OTZmYzNl
LzEvU0F0T1pURDFqYk00NUIxRFRsd2tqcmkwbnJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9OxMA0G
CSqGSIb3DQEBCwUAA4IBAQANaPUvM8m4UuTgIF+2Wqn6bK+k25Rc04cdUVbNRLrN
TkxELNDrdzE+IpzDISZ5LFNljLEMOwCItCpHH6r+ay8TiF/omu/vH+zttbuTLFZD
frbjO6Vly28vDchpLDeifn8hQf7gYwDb78QyiW4f3m2RLlSg3Ixopmv2bb/YPcpM
xCoRHCMlOuDsXxSmW57Inp43ExtX3m5J2xzXrG3mCv6VQ9sPkkzx6u1/6+Hvk6pr
szF9IlQ+J0ph6WIlquKaioZMmbb3XGUrfHOh5llicKBejAsGfRh7mM35RPBqo5p9
3Wsno8eharzjBQtMTeZ/UhT+zmkIpnszkCcAEP3FrK57
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:24 2025 by rpki-client