Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/OPoJJXIKKrWhudAq1xiuARrS1H4.roa
File: OPoJJXIKKrWhudAq1xiuARrS1H4.roa (raw, json)
Hash identifier: sQTnuyk1NVfltmH/ouY0am8WUGDv6HXMop3KtZ2xXJo=
Subject key identifier: 38:FA:09:25:72:0A:2A:B5:A1:B9:D0:2A:D7:18:AE:01:1A:D2:D4:7E
Certificate issuer: /CN=e316318247d211841f9620a9a1130010ddb486f2
Certificate serial: 01941FFA2C928A7A96B79BE5CB0560D2EB93
Authority key identifier: E3:16:31:82:47:D2:11:84:1F:96:20:A9:A1:13:00:10:DD:B4:86:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4xYxgkfSEYQfliCpoRMAEN20hvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/OPoJJXIKKrWhudAq1xiuARrS1H4.roa
Signing time: Wed 01 Jan 2025 03:47:56 +0000
ROA not before: Wed 01 Jan 2025 03:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20648
IP address blocks: 91.231.156.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:2c:92:8a:7a:96:b7:9b:e5:cb:05:60:d2:eb:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e316318247d211841f9620a9a1130010ddb486f2
Validity
Not Before: Jan 1 03:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38fa0925720a2ab5a1b9d02ad718ae011ad2d47e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:86:4f:15:e4:e1:d9:13:9a:d9:04:dc:3e:9d:
bc:ce:69:81:c6:79:72:a7:7b:14:21:f9:a1:e0:f6:
34:76:bb:b7:fe:5b:7d:25:b8:9b:79:1c:bb:39:cd:
bc:36:75:a2:0f:87:b9:6f:f1:42:4c:70:ae:24:56:
63:24:8d:39:f6:46:20:13:30:a1:b9:d3:fb:a2:d5:
34:d8:b6:f9:bf:57:80:a8:f5:0e:68:39:3f:62:29:
1e:54:fa:76:26:d1:80:c3:a7:c9:1c:9f:01:00:18:
62:8a:3e:28:c0:2c:9d:d4:1c:be:8d:df:6a:c7:e7:
bf:32:30:de:e6:fd:27:81:28:f4:db:ef:c8:d0:b5:
73:3e:5d:32:4c:8b:40:34:9f:ca:bd:d1:38:7e:d2:
d6:75:f4:44:61:97:cb:40:75:d3:c4:b9:89:5b:20:
f1:db:f4:4a:36:51:6d:ca:c1:d5:94:c2:92:1d:b7:
72:c3:89:0d:c6:ca:9c:65:2c:8e:8f:1a:e7:65:43:
aa:50:a2:81:ae:a2:9a:52:05:4a:cb:d2:14:6b:45:
2a:c9:fb:fc:23:90:d6:84:83:ec:af:14:98:24:10:
68:43:17:f1:e3:85:65:45:0c:11:3d:a0:7b:72:f3:
3d:ba:f3:9d:d6:be:c0:e9:23:98:83:60:a1:c1:49:
c3:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:FA:09:25:72:0A:2A:B5:A1:B9:D0:2A:D7:18:AE:01:1A:D2:D4:7E
X509v3 Authority Key Identifier:
keyid:E3:16:31:82:47:D2:11:84:1F:96:20:A9:A1:13:00:10:DD:B4:86:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xYxgkfSEYQfliCpoRMAEN20hvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/OPoJJXIKKrWhudAq1xiuARrS1H4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/4xYxgkfSEYQfliCpoRMAEN20hvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.156.0/24
Signature Algorithm: sha256WithRSAEncryption
36:5d:b6:7f:e0:62:49:4e:32:7d:89:39:42:16:bd:66:97:3e:
ca:61:f4:52:a1:1c:a9:09:3e:1c:33:74:7c:86:eb:92:62:2b:
d0:a1:33:20:55:49:4f:60:53:9e:b8:a1:b8:6d:07:31:5b:19:
63:67:0f:e2:be:8b:2d:41:b9:43:68:88:39:9f:a8:d0:22:42:
bb:fe:51:6f:45:c1:11:30:e0:c1:66:26:16:ec:82:f0:39:cd:
2f:d8:6e:c4:7b:db:f3:cf:6c:f9:45:fa:3f:84:3a:1e:83:ec:
d2:5d:8e:e1:35:01:7d:4d:79:29:9a:2a:be:d8:b7:2a:4d:34:
41:38:92:ef:60:55:72:bc:d5:a2:9b:6c:5b:5d:6d:5c:05:7e:
de:d5:27:5c:3b:06:76:cf:4e:54:2a:1c:d2:5b:7b:18:a1:3b:
a5:fa:26:52:1a:ff:67:a0:bd:ab:4a:0a:88:53:5c:c3:af:b9:
f1:2b:a7:fd:88:2c:b2:3f:b6:73:32:be:ae:4e:97:b7:15:b5:
33:e6:8a:fd:82:ac:1e:ae:ae:7f:95:0b:bd:b4:8d:a0:1d:f8:
d5:31:6e:e7:9e:42:3e:73:41:a6:1b:4a:4f:c7:cf:61:f4:80:
c2:37:8c:7c:d8:cd:c7:40:12:af:30:b2:89:fd:78:64:87:18:
ff:f3:21:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+iySinqWt5vlywVg0uuTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMTYzMTgyNDdkMjExODQxZjk2MjBhOWExMTMwMDEwZGRi
NDg2ZjIwHhcNMjUwMTAxMDM0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGZhMDkyNTcyMGEyYWI1YTFiOWQwMmFkNzE4YWUwMTFhZDJkNDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYZPFeTh2ROa2QTcPp28zmmBxnly
p3sUIfmh4PY0dru3/lt9JbibeRy7Oc28NnWiD4e5b/FCTHCuJFZjJI059kYgEzCh
udP7otU02Lb5v1eAqPUOaDk/YikeVPp2JtGAw6fJHJ8BABhiij4owCyd1By+jd9q
x+e/MjDe5v0ngSj02+/I0LVzPl0yTItANJ/KvdE4ftLWdfREYZfLQHXTxLmJWyDx
2/RKNlFtysHVlMKSHbdyw4kNxsqcZSyOjxrnZUOqUKKBrqKaUgVKy9IUa0Uqyfv8
I5DWhIPsrxSYJBBoQxfx44VlRQwRPaB7cvM9uvOd1r7A6SOYg2ChwUnDuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDj6CSVyCiq1obnQKtcYrgEa0tR+MB8GA1UdIwQY
MBaAFOMWMYJH0hGEH5YgqaETABDdtIbyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHhZeGdrZlNFWVFmbGlDcG9STUFFTjIwaHZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lZTQyYmItMWU0OS00YzIxLWE0ZDYt
ZWMyODdlMWQzN2U1LzEvT1BvSkpYSUtLcldodWRBcTF4aXVBUnJTMUg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9lZTQyYmItMWU0OS00YzIxLWE0ZDYtZWMyODdlMWQzN2U1
LzEvNHhZeGdrZlNFWVFmbGlDcG9STUFFTjIwaHZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+ecMA0G
CSqGSIb3DQEBCwUAA4IBAQA2XbZ/4GJJTjJ9iTlCFr1mlz7KYfRSoRypCT4cM3R8
huuSYivQoTMgVUlPYFOeuKG4bQcxWxljZw/ivostQblDaIg5n6jQIkK7/lFvRcER
MODBZiYW7ILwOc0v2G7Ee9vzz2z5Rfo/hDoeg+zSXY7hNQF9TXkpmiq+2LcqTTRB
OJLvYFVyvNWim2xbXW1cBX7e1SdcOwZ2z05UKhzSW3sYoTul+iZSGv9noL2rSgqI
U1zDr7nxK6f9iCyyP7ZzMr6uTpe3FbUz5or9gqwerq5/lQu9tI2gHfjVMW7nnkI+
c0GmG0pPx89h9IDCN4x82M3HQBKvMLKJ/Xhkhxj/8yGc
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:02 2025 by rpki-client