Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/8l2U8BjF2TRG1j_sX6gPgQfSGRY.roa
File: 8l2U8BjF2TRG1j_sX6gPgQfSGRY.roa (raw, json)
Hash identifier: zp7bHturAeAiPNgL+00clLLVssATk/y2c6BzKIEloYU=
Subject key identifier: F2:5D:94:F0:18:C5:D9:34:46:D6:3F:EC:5F:A8:0F:81:07:D2:19:16
Certificate issuer: /CN=e316318247d211841f9620a9a1130010ddb486f2
Certificate serial: 01919058C5EE2B2FBD247F69B06DCF86E897
Authority key identifier: E3:16:31:82:47:D2:11:84:1F:96:20:A9:A1:13:00:10:DD:B4:86:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4xYxgkfSEYQfliCpoRMAEN20hvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/8l2U8BjF2TRG1j_sX6gPgQfSGRY.roa
Signing time: Mon 26 Aug 2024 20:20:22 +0000
ROA not before: Mon 26 Aug 2024 20:20:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.232.103.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:90:58:c5:ee:2b:2f:bd:24:7f:69:b0:6d:cf:86:e8:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e316318247d211841f9620a9a1130010ddb486f2
Validity
Not Before: Aug 26 20:20:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f25d94f018c5d93446d63fec5fa80f8107d21916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:12:1a:58:43:5c:76:ef:fb:e3:74:4c:13:1b:
a7:41:6a:94:49:1a:dd:1a:9e:fd:8a:1d:9c:1a:78:
66:38:79:ef:13:52:02:ef:d0:f9:a1:12:19:eb:f3:
16:14:93:d1:23:a3:49:d1:81:44:20:a3:05:62:23:
d3:89:ae:07:7a:d0:91:c7:b0:86:84:e9:21:ac:34:
fe:3d:3d:7e:2a:f3:f6:60:f1:c7:9a:39:3c:b4:ce:
44:95:64:12:18:59:5f:51:63:6a:01:2d:c2:de:d3:
b6:b8:de:0a:c2:da:f8:36:e4:69:73:25:7c:c1:23:
9b:17:f5:36:e5:b2:4b:d9:1f:16:6e:4b:de:67:3c:
7c:d3:db:58:b2:52:5f:13:46:90:c5:ec:6a:0a:4f:
61:88:c9:73:25:96:fd:41:57:7c:fe:7b:c4:55:b5:
a8:ab:55:69:c1:27:7b:8f:db:a4:64:4d:ed:66:c2:
6a:ca:31:4e:72:57:4e:dd:f2:af:05:32:64:99:3c:
c0:1d:2a:47:54:5f:2a:62:be:d8:06:8e:b5:f4:40:
57:85:66:43:83:c5:51:74:39:22:c7:35:0c:5d:bf:
25:57:80:a7:81:04:10:11:61:ed:37:b6:f4:19:ab:
c9:1e:88:29:11:92:79:6e:5b:ad:0e:ea:da:e3:79:
d1:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:5D:94:F0:18:C5:D9:34:46:D6:3F:EC:5F:A8:0F:81:07:D2:19:16
X509v3 Authority Key Identifier:
keyid:E3:16:31:82:47:D2:11:84:1F:96:20:A9:A1:13:00:10:DD:B4:86:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xYxgkfSEYQfliCpoRMAEN20hvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/8l2U8BjF2TRG1j_sX6gPgQfSGRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/4xYxgkfSEYQfliCpoRMAEN20hvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.103.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:7c:b5:37:40:8e:fa:3f:6b:26:f0:d2:4e:3e:20:02:70:26:
f4:e2:d0:b1:0c:1c:95:92:ea:12:ef:cf:e1:d4:45:11:9f:5d:
61:b2:66:68:3d:47:1a:dd:ec:e7:ad:bd:3e:95:54:f0:91:b8:
e5:af:e4:f8:c3:3b:e5:81:c6:89:37:27:fd:a7:04:96:74:52:
e1:0b:ba:3f:40:da:ce:8d:21:cd:5e:fc:07:b0:44:4c:c9:22:
b7:3c:3b:69:e3:d8:7f:5d:2f:18:75:c9:63:22:b6:9e:23:cd:
c6:dd:ca:a6:4b:10:38:49:8c:82:0c:1d:a6:92:0e:69:54:06:
a5:ce:68:82:bc:a7:a1:5c:33:98:d4:6a:9f:91:78:c0:27:7b:
c2:35:16:b8:1a:4f:09:36:46:a3:d7:15:cb:68:11:a7:6b:45:
ee:c3:48:28:8f:ea:bb:c1:9e:9d:3d:88:88:6e:38:1e:c1:d0:
3a:c8:ff:bd:5b:70:46:d2:d1:f0:73:33:ed:f6:64:44:2d:5c:
f8:e9:08:08:9c:2a:69:47:4d:75:b8:2a:f3:a3:e7:5b:3d:7d:
66:3d:32:6b:01:fe:c7:47:42:bb:11:5e:14:8b:1c:e3:0b:fd:
6c:98:6e:4f:c7:19:be:e4:54:2d:4e:1c:fc:26:e4:e1:19:d2:
92:58:9e:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGQWMXuKy+9JH9psG3PhuiXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMTYzMTgyNDdkMjExODQxZjk2MjBhOWExMTMwMDEwZGRi
NDg2ZjIwHhcNMjQwODI2MjAyMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjVkOTRmMDE4YzVkOTM0NDZkNjNmZWM1ZmE4MGY4MTA3ZDIxOTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4RIaWENcdu/743RMExunQWqUSRrd
Gp79ih2cGnhmOHnvE1IC79D5oRIZ6/MWFJPRI6NJ0YFEIKMFYiPTia4HetCRx7CG
hOkhrDT+PT1+KvP2YPHHmjk8tM5ElWQSGFlfUWNqAS3C3tO2uN4Kwtr4NuRpcyV8
wSObF/U25bJL2R8WbkveZzx809tYslJfE0aQxexqCk9hiMlzJZb9QVd8/nvEVbWo
q1VpwSd7j9ukZE3tZsJqyjFOcldO3fKvBTJkmTzAHSpHVF8qYr7YBo619EBXhWZD
g8VRdDkixzUMXb8lV4CngQQQEWHtN7b0GavJHogpEZJ5blutDura43nRvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPJdlPAYxdk0RtY/7F+oD4EH0hkWMB8GA1UdIwQY
MBaAFOMWMYJH0hGEH5YgqaETABDdtIbyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHhZeGdrZlNFWVFmbGlDcG9STUFFTjIwaHZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lZTQyYmItMWU0OS00YzIxLWE0ZDYt
ZWMyODdlMWQzN2U1LzEvOGwyVThCakYyVFJHMWpfc1g2Z1BnUWZTR1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9lZTQyYmItMWU0OS00YzIxLWE0ZDYtZWMyODdlMWQzN2U1
LzEvNHhZeGdrZlNFWVFmbGlDcG9STUFFTjIwaHZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+hnMA0G
CSqGSIb3DQEBCwUAA4IBAQA9fLU3QI76P2sm8NJOPiACcCb04tCxDByVkuoS78/h
1EURn11hsmZoPUca3eznrb0+lVTwkbjlr+T4wzvlgcaJNyf9pwSWdFLhC7o/QNrO
jSHNXvwHsERMySK3PDtp49h/XS8YdcljIraeI83G3cqmSxA4SYyCDB2mkg5pVAal
zmiCvKehXDOY1GqfkXjAJ3vCNRa4Gk8JNkaj1xXLaBGna0Xuw0goj+q7wZ6dPYiI
bjgewdA6yP+9W3BG0tHwczPt9mRELVz46QgInCppR011uCrzo+dbPX1mPTJrAf7H
R0K7EV4UixzjC/1smG5Pxxm+5FQtThz8JuThGdKSWJ5n
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:39 2025 by rpki-client