Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/2343a3-d0f2-4e8a-87d4-4ae3306da793/1/ywVJe-lkT4cEQGeXCZcyrvIvqMk.roa
File: ywVJe-lkT4cEQGeXCZcyrvIvqMk.roa (raw, json)
Hash identifier: iXm02Tfbn6EzSrnc5wNmIlygebDShAhubolyw2KWGH4=
Subject key identifier: CB:05:49:7B:E9:64:4F:87:04:40:67:97:09:97:32:AE:F2:2F:A8:C9
Certificate issuer: /CN=8796b1c31fdde2bd5e98f8fbb7798abc47493cf2
Certificate serial: 018571D7E88283CEE0BF1952DC2075A8E70E
Authority key identifier: 87:96:B1:C3:1F:DD:E2:BD:5E:98:F8:FB:B7:79:8A:BC:47:49:3C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h5axwx_d4r1emPj7t3mKvEdJPPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/2343a3-d0f2-4e8a-87d4-4ae3306da793/1/ywVJe-lkT4cEQGeXCZcyrvIvqMk.roa
Signing time: Mon 02 Jan 2023 09:37:33 +0000
ROA not before: Mon 02 Jan 2023 09:37:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8792
IP address blocks: 91.220.134.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:e8:82:83:ce:e0:bf:19:52:dc:20:75:a8:e7:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8796b1c31fdde2bd5e98f8fbb7798abc47493cf2
Validity
Not Before: Jan 2 09:37:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb05497be9644f8704406797099732aef22fa8c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f0:54:fa:57:14:36:50:0a:0e:a2:32:8e:f1:
b4:0b:83:a9:a7:df:b7:13:d9:9c:96:cc:3f:dd:de:
58:ec:33:ba:86:4b:b9:54:cd:62:7e:07:e0:45:2a:
db:2f:54:3c:0f:bc:b8:56:1d:d3:20:68:d6:5d:fe:
62:98:90:d3:af:4d:00:7b:c5:c1:a0:3b:46:5c:d7:
f2:e9:fd:66:9b:6d:85:a9:f3:1b:10:1a:54:b5:0b:
76:8f:c5:bb:6e:a5:ce:98:c2:51:8d:53:dd:f0:7c:
fb:05:40:84:35:a2:40:e2:32:15:a2:13:87:f1:88:
91:6f:90:a5:51:6e:73:88:13:22:81:0c:9e:2a:5b:
8a:87:13:6e:38:10:fa:6b:0b:55:ab:0a:15:ec:44:
2c:3b:66:18:4f:58:ee:5c:53:13:c8:8f:12:de:0f:
f5:28:be:11:78:9f:1d:bf:9b:ea:ea:7c:a0:ce:d0:
56:b7:0a:17:b6:ea:1e:7b:91:0f:94:79:ba:eb:42:
5e:d4:f9:b7:e5:0c:92:d5:90:23:0a:c0:26:0c:0b:
26:76:80:96:74:e3:61:62:86:dc:a0:19:ea:b9:c1:
3f:1e:ba:d2:b0:54:4d:ef:3e:cc:8d:c1:6e:f6:30:
f2:29:14:fd:a7:83:35:91:4e:ed:30:29:82:74:37:
d8:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:05:49:7B:E9:64:4F:87:04:40:67:97:09:97:32:AE:F2:2F:A8:C9
X509v3 Authority Key Identifier:
keyid:87:96:B1:C3:1F:DD:E2:BD:5E:98:F8:FB:B7:79:8A:BC:47:49:3C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h5axwx_d4r1emPj7t3mKvEdJPPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/2343a3-d0f2-4e8a-87d4-4ae3306da793/1/ywVJe-lkT4cEQGeXCZcyrvIvqMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/2343a3-d0f2-4e8a-87d4-4ae3306da793/1/h5axwx_d4r1emPj7t3mKvEdJPPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.134.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:2e:13:1f:d0:8e:2e:cc:50:52:65:32:f6:57:9c:70:94:e4:
03:a8:bf:ff:5d:56:ea:2b:49:35:73:0a:c0:33:d7:73:68:e1:
21:09:73:35:61:75:a8:e1:25:80:ca:00:8b:d0:be:ea:f6:db:
38:b9:42:a7:ef:a5:a8:ea:fa:f9:e5:67:b4:f5:7f:e9:18:16:
42:ae:e2:22:8d:87:73:76:45:3e:58:f4:4f:05:5c:b0:78:32:
63:8b:b1:f7:1b:d6:b9:08:ac:6f:af:3c:b9:d9:4a:53:d5:0f:
4f:0c:f1:53:bc:c6:df:32:71:ef:b3:55:33:a8:a6:17:64:71:
3f:0b:56:17:1d:67:24:74:26:fd:b8:e9:ad:95:86:bd:f8:7c:
3c:56:3d:2c:23:42:50:43:8e:fd:da:8d:73:0b:46:e3:94:2a:
46:2a:e8:2d:e5:a7:79:48:6a:bc:a1:7e:e2:57:6e:e1:17:12:
09:4f:4c:2c:82:c0:3a:c8:dc:d4:93:79:0b:d1:c3:53:c8:e0:
1a:8c:e9:e0:13:5b:ec:62:3a:24:0e:ec:38:9f:36:41:5c:cd:
1b:13:d5:9d:68:1f:80:08:96:fb:16:d5:d0:38:9b:16:a0:c1:
a9:28:14:81:62:ce:c1:fe:0a:94:72:68:f6:19:b9:64:9e:e0:
eb:67:c8:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx1+iCg87gvxlS3CB1qOcOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3OTZiMWMzMWZkZGUyYmQ1ZTk4ZjhmYmI3Nzk4YWJjNDc0
OTNjZjIwHhcNMjMwMTAyMDkzNzMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjA1NDk3YmU5NjQ0Zjg3MDQ0MDY3OTcwOTk3MzJhZWYyMmZhOGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPBU+lcUNlAKDqIyjvG0C4Opp9+3
E9mclsw/3d5Y7DO6hku5VM1ifgfgRSrbL1Q8D7y4Vh3TIGjWXf5imJDTr00Ae8XB
oDtGXNfy6f1mm22FqfMbEBpUtQt2j8W7bqXOmMJRjVPd8Hz7BUCENaJA4jIVohOH
8YiRb5ClUW5ziBMigQyeKluKhxNuOBD6awtVqwoV7EQsO2YYT1juXFMTyI8S3g/1
KL4ReJ8dv5vq6nygztBWtwoXtuoee5EPlHm660Je1Pm35QyS1ZAjCsAmDAsmdoCW
dONhYobcoBnqucE/HrrSsFRN7z7MjcFu9jDyKRT9p4M1kU7tMCmCdDfYvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMsFSXvpZE+HBEBnlwmXMq7yL6jJMB8GA1UdIwQY
MBaAFIeWscMf3eK9Xpj4+7d5irxHSTzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDVheHd4X2Q0cjFlbVBqN3QzbUt2RWRKUFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8yMzQzYTMtZDBmMi00ZThhLTg3ZDQt
NGFlMzMwNmRhNzkzLzEveXdWSmUtbGtUNGNFUUdlWENaY3lydkl2cU1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8yMzQzYTMtZDBmMi00ZThhLTg3ZDQtNGFlMzMwNmRhNzkz
LzEvaDVheHd4X2Q0cjFlbVBqN3QzbUt2RWRKUFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9yGMA0G
CSqGSIb3DQEBCwUAA4IBAQCqLhMf0I4uzFBSZTL2V5xwlOQDqL//XVbqK0k1cwrA
M9dzaOEhCXM1YXWo4SWAygCL0L7q9ts4uUKn76Wo6vr55We09X/pGBZCruIijYdz
dkU+WPRPBVyweDJji7H3G9a5CKxvrzy52UpT1Q9PDPFTvMbfMnHvs1UzqKYXZHE/
C1YXHWckdCb9uOmtlYa9+Hw8Vj0sI0JQQ4792o1zC0bjlCpGKugt5ad5SGq8oX7i
V27hFxIJT0wsgsA6yNzUk3kL0cNTyOAajOngE1vsYjokDuw4nzZBXM0bE9WdaB+A
CJb7FtXQOJsWoMGpKBSBYs7B/gqUcmj2GblknuDrZ8hG
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:53:58 2025 by rpki-client