Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/05257e-1e67-4158-8adb-47d6e4bae2cf/1/x9hUxJfn47T_kDyiFQOIzJ-cz6A.roa
File: x9hUxJfn47T_kDyiFQOIzJ-cz6A.roa (raw, json)
Hash identifier: xdaaD+GtntD/xfR79byZL40UTK4Nd3mN7SfVEUnzNx8=
Subject key identifier: C7:D8:54:C4:97:E7:E3:B4:FF:90:3C:A2:15:03:88:CC:9F:9C:CF:A0
Certificate issuer: /CN=3c3f45021d6eb340a42b2e5dd1fbf721a1a66d61
Certificate serial: 0194258F5B15E9D9924C1360ACC7BCCA1A7E
Authority key identifier: 3C:3F:45:02:1D:6E:B3:40:A4:2B:2E:5D:D1:FB:F7:21:A1:A6:6D:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PD9FAh1us0CkKy5d0fv3IaGmbWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/05257e-1e67-4158-8adb-47d6e4bae2cf/1/x9hUxJfn47T_kDyiFQOIzJ-cz6A.roa
Signing time: Thu 02 Jan 2025 05:48:59 +0000
ROA not before: Thu 02 Jan 2025 05:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3303
IP address blocks: 91.212.91.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:5b:15:e9:d9:92:4c:13:60:ac:c7:bc:ca:1a:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c3f45021d6eb340a42b2e5dd1fbf721a1a66d61
Validity
Not Before: Jan 2 05:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c7d854c497e7e3b4ff903ca2150388cc9f9ccfa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:40:ed:87:05:84:a5:0f:12:e7:d9:df:7a:2a:
a5:ff:de:37:15:0c:32:60:53:ec:91:4f:24:26:ef:
5a:de:98:a5:fa:66:b2:33:6c:4c:eb:fb:1a:ef:41:
94:4f:ad:2a:ea:80:de:4e:2a:3e:85:38:0d:17:39:
b0:2d:6f:dc:5e:38:f0:7b:33:37:02:70:6c:3c:ba:
6a:43:71:9d:7d:e3:16:57:56:97:d4:74:4b:88:29:
c1:51:d4:de:ad:7b:82:c9:90:fd:97:64:87:a2:5f:
31:77:18:ae:38:c3:42:d0:fa:39:f2:35:a5:8d:16:
eb:e9:8a:e5:9a:cd:ce:09:a1:1d:66:2f:82:f1:41:
f5:c3:04:4c:09:59:0d:09:0a:af:9f:fc:a5:fa:88:
66:d5:2e:bf:3e:71:66:87:53:93:12:7f:71:7b:8f:
a0:d6:4a:e1:4a:5f:74:4f:0e:b8:7c:8e:3a:1b:80:
86:3f:bf:97:3f:29:cc:03:93:77:7b:12:ad:5b:15:
50:aa:f9:88:4f:97:cf:0e:bb:24:25:95:e1:82:d2:
19:39:ca:a6:66:fb:8a:b4:32:1d:22:a5:01:5d:e9:
d5:93:11:c2:50:a8:dc:41:44:23:3d:cc:e5:1b:28:
86:5e:1f:c8:52:39:05:73:a5:86:5b:5a:c6:9b:c9:
75:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:D8:54:C4:97:E7:E3:B4:FF:90:3C:A2:15:03:88:CC:9F:9C:CF:A0
X509v3 Authority Key Identifier:
keyid:3C:3F:45:02:1D:6E:B3:40:A4:2B:2E:5D:D1:FB:F7:21:A1:A6:6D:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PD9FAh1us0CkKy5d0fv3IaGmbWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/05257e-1e67-4158-8adb-47d6e4bae2cf/1/x9hUxJfn47T_kDyiFQOIzJ-cz6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/05257e-1e67-4158-8adb-47d6e4bae2cf/1/PD9FAh1us0CkKy5d0fv3IaGmbWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.91.0/24
Signature Algorithm: sha256WithRSAEncryption
17:b7:5b:0d:85:a5:24:e0:64:fb:fe:62:73:6c:e6:9f:96:19:
0b:c7:2d:34:70:2f:d1:68:c9:3e:2d:dd:40:6b:af:40:ae:ad:
a4:93:fb:b3:70:d5:55:83:d1:c9:4e:0e:44:c9:e8:4d:87:9f:
46:42:a6:27:69:1e:20:63:2d:42:6a:1d:29:0b:6f:da:1a:e1:
1b:be:d8:99:ab:47:58:b3:36:50:03:fa:92:53:7f:27:8e:26:
49:67:7f:1c:95:4b:2f:0a:46:eb:18:4c:6e:14:7f:d1:56:63:
ed:43:77:cc:6b:dd:90:fb:52:35:83:dd:e6:27:6b:53:50:6d:
62:8b:f3:b5:8a:a5:fa:be:22:57:85:05:3c:67:80:18:09:80:
13:5f:e6:9c:01:3b:ce:0a:bb:8c:4d:16:2f:1b:ed:cc:e8:68:
cc:0f:6d:da:63:29:b2:54:62:3d:88:a3:ca:fa:0e:79:6e:d0:
fa:d1:83:67:62:9f:e5:36:dc:54:08:06:42:01:d3:46:f5:d9:
5d:84:ca:c9:bb:45:2a:14:db:69:33:b2:e4:90:07:89:3a:2a:
00:4d:c7:af:36:7c:4f:73:ae:0b:9f:27:a1:77:0f:e8:1f:72:
e3:75:1f:df:13:86:1f:bb:b2:55:3b:68:8b:84:30:d7:e0:2f:
73:c4:19:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj1sV6dmSTBNgrMe8yhp+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjM2Y0NTAyMWQ2ZWIzNDBhNDJiMmU1ZGQxZmJmNzIxYTFh
NjZkNjEwHhcNMjUwMTAyMDU0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2Q4NTRjNDk3ZTdlM2I0ZmY5MDNjYTIxNTAzODhjYzlmOWNjZmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukDthwWEpQ8S59nfeiql/943FQwy
YFPskU8kJu9a3pil+mayM2xM6/sa70GUT60q6oDeTio+hTgNFzmwLW/cXjjwezM3
AnBsPLpqQ3GdfeMWV1aX1HRLiCnBUdTerXuCyZD9l2SHol8xdxiuOMNC0Po58jWl
jRbr6Yrlms3OCaEdZi+C8UH1wwRMCVkNCQqvn/yl+ohm1S6/PnFmh1OTEn9xe4+g
1krhSl90Tw64fI46G4CGP7+XPynMA5N3exKtWxVQqvmIT5fPDrskJZXhgtIZOcqm
ZvuKtDIdIqUBXenVkxHCUKjcQUQjPczlGyiGXh/IUjkFc6WGW1rGm8l1HQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMfYVMSX5+O0/5A8ohUDiMyfnM+gMB8GA1UdIwQY
MBaAFDw/RQIdbrNApCsuXdH79yGhpm1hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEQ5RkFoMXVzMENrS3k1ZDBmdjNJYUdtYldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My8wNTI1N2UtMWU2Ny00MTU4LThhZGIt
NDdkNmU0YmFlMmNmLzEveDloVXhKZm40N1Rfa0R5aUZRT0l6Si1jejZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My8wNTI1N2UtMWU2Ny00MTU4LThhZGItNDdkNmU0YmFlMmNm
LzEvUEQ5RkFoMXVzMENrS3k1ZDBmdjNJYUdtYldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9RbMA0G
CSqGSIb3DQEBCwUAA4IBAQAXt1sNhaUk4GT7/mJzbOaflhkLxy00cC/RaMk+Ld1A
a69Arq2kk/uzcNVVg9HJTg5EyehNh59GQqYnaR4gYy1Cah0pC2/aGuEbvtiZq0dY
szZQA/qSU38njiZJZ38clUsvCkbrGExuFH/RVmPtQ3fMa92Q+1I1g93mJ2tTUG1i
i/O1iqX6viJXhQU8Z4AYCYATX+acATvOCruMTRYvG+3M6GjMD23aYymyVGI9iKPK
+g55btD60YNnYp/lNtxUCAZCAdNG9dldhMrJu0UqFNtpM7LkkAeJOioATcevNnxP
c64Lnyehdw/oH3LjdR/fE4Yfu7JVO2iLhDDX4C9zxBkK
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:27:02 2025 by rpki-client