Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/de82da-b086-42ea-8c43-5e499468cc2f/1/23dSzTsAcQKsSPYTWD2bFFJgjbI.roa
File: 23dSzTsAcQKsSPYTWD2bFFJgjbI.roa (raw, json)
Hash identifier: Yb1Q/BOpVvmS2Uv8SQpIpXqZDxRf/griLbFDbv6XtMY=
Subject key identifier: DB:77:52:CD:3B:00:71:02:AC:48:F6:13:58:3D:9B:14:52:60:8D:B2
Certificate issuer: /CN=8b2895beaada6d2f957c7ed430ff846b7ebcdb1b
Certificate serial: 01856D78962D63DBC326CF58F1E581466209
Authority key identifier: 8B:28:95:BE:AA:DA:6D:2F:95:7C:7E:D4:30:FF:84:6B:7E:BC:DB:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iyiVvqrabS-VfH7UMP-Ea3682xs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/de82da-b086-42ea-8c43-5e499468cc2f/1/23dSzTsAcQKsSPYTWD2bFFJgjbI.roa
Signing time: Sun 01 Jan 2023 13:14:57 +0000
ROA not before: Sun 01 Jan 2023 13:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34259
IP address blocks: 91.223.77.0/24 maxlen: 24
91.220.101.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:96:2d:63:db:c3:26:cf:58:f1:e5:81:46:62:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b2895beaada6d2f957c7ed430ff846b7ebcdb1b
Validity
Not Before: Jan 1 13:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db7752cd3b007102ac48f613583d9b1452608db2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e2:d4:1f:20:42:3e:c6:18:3b:38:b6:57:d9:
aa:39:1f:d6:a4:78:64:83:b4:f3:9a:2a:e6:9a:57:
9d:0f:37:c9:9f:f3:41:99:98:47:da:bb:bb:39:00:
3f:a7:c5:44:24:d1:31:06:14:28:e4:4d:76:63:1b:
5f:97:0b:cd:00:09:fd:40:b4:2b:54:11:b5:58:ea:
85:a1:e3:3c:bb:31:a8:0d:cd:37:ea:f2:f5:e1:00:
cc:ad:7a:3f:d9:bd:7b:9e:0d:57:31:41:71:0f:91:
1c:9f:24:a0:c0:c8:df:06:a7:e5:59:31:8a:43:8c:
03:96:1f:44:7d:02:5e:83:cf:dd:c1:df:5c:2f:92:
b1:9e:95:f0:8b:06:43:5f:66:83:6c:25:cc:3a:1e:
b4:39:22:d1:bc:d4:73:31:21:5f:fc:bd:d8:a2:48:
0b:ce:6c:71:0f:32:30:7a:21:ed:1d:86:15:3b:86:
cd:cb:6e:e7:fb:75:0e:48:25:2f:bb:7f:89:d5:cb:
e4:66:b7:d7:35:e2:c3:7f:5a:25:fc:6a:ea:18:21:
d4:9b:b6:52:8c:bf:70:24:75:5c:7a:92:cb:d3:e8:
aa:cb:ba:5a:94:1d:34:27:70:52:73:95:5c:db:8e:
13:84:5e:71:79:14:78:83:e1:8c:47:fd:16:96:28:
e7:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:77:52:CD:3B:00:71:02:AC:48:F6:13:58:3D:9B:14:52:60:8D:B2
X509v3 Authority Key Identifier:
keyid:8B:28:95:BE:AA:DA:6D:2F:95:7C:7E:D4:30:FF:84:6B:7E:BC:DB:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iyiVvqrabS-VfH7UMP-Ea3682xs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/de82da-b086-42ea-8c43-5e499468cc2f/1/23dSzTsAcQKsSPYTWD2bFFJgjbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/de82da-b086-42ea-8c43-5e499468cc2f/1/iyiVvqrabS-VfH7UMP-Ea3682xs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.101.0/24
91.223.77.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:2a:05:f5:74:d8:07:fd:b5:1f:3b:2a:69:12:60:66:2c:f3:
ca:67:44:33:99:5f:0b:8f:96:8f:cd:ed:14:b4:62:aa:e0:41:
5d:73:13:56:96:ac:bf:22:6e:fe:2e:4b:dc:16:db:6a:9a:a1:
fe:13:e8:52:05:af:08:d0:41:a9:34:c6:f4:51:5f:fe:3a:6a:
06:93:f4:44:3f:18:93:73:50:48:65:0f:80:36:fc:b8:ea:64:
00:61:d6:71:b1:be:ec:dc:0b:40:64:69:c9:b5:b6:92:45:78:
bb:8c:fa:dc:05:4c:30:45:4f:30:39:91:b4:6d:69:6f:78:1b:
2d:dd:5e:17:83:2c:8d:43:ec:a9:6a:7f:4b:7f:69:d2:19:4e:
b2:03:43:0f:a9:ad:24:3b:2d:ba:27:69:ff:2b:40:c8:4a:b8:
97:ca:21:f9:76:64:5d:13:75:dc:db:58:67:7b:83:61:8b:b5:
38:a1:3a:67:cf:c9:ea:d3:b6:ce:8c:c5:fc:37:89:72:84:c5:
0a:1b:ee:bd:6b:34:71:03:81:7a:f7:76:bc:17:00:aa:09:99:
2c:13:fe:5c:7b:cd:52:c2:1a:a6:74:79:27:ca:52:14:6d:a5:
9f:3b:4d:c6:c6:c8:1f:ca:09:db:32:52:72:a0:c9:00:31:1a:
27:7a:b9:cc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVteJYtY9vDJs9Y8eWBRmIJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMjg5NWJlYWFkYTZkMmY5NTdjN2VkNDMwZmY4NDZiN2Vi
Y2RiMWIwHhcNMjMwMTAxMTMxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjc3NTJjZDNiMDA3MTAyYWM0OGY2MTM1ODNkOWIxNDUyNjA4ZGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+LUHyBCPsYYOzi2V9mqOR/WpHhk
g7TzmirmmledDzfJn/NBmZhH2ru7OQA/p8VEJNExBhQo5E12YxtflwvNAAn9QLQr
VBG1WOqFoeM8uzGoDc036vL14QDMrXo/2b17ng1XMUFxD5EcnySgwMjfBqflWTGK
Q4wDlh9EfQJeg8/dwd9cL5KxnpXwiwZDX2aDbCXMOh60OSLRvNRzMSFf/L3YokgL
zmxxDzIweiHtHYYVO4bNy27n+3UOSCUvu3+J1cvkZrfXNeLDf1ol/GrqGCHUm7ZS
jL9wJHVcepLL0+iqy7palB00J3BSc5Vc244ThF5xeRR4g+GMR/0Wlijn/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNt3Us07AHECrEj2E1g9mxRSYI2yMB8GA1UdIwQY
MBaAFIsolb6q2m0vlXx+1DD/hGt+vNsbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXlpVnZxcmFiUy1WZkg3VU1QLUVhMzY4MnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9kZTgyZGEtYjA4Ni00MmVhLThjNDMt
NWU0OTk0NjhjYzJmLzEvMjNkU3pUc0FjUUtzU1BZVFdEMmJGRkpnamJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9kZTgyZGEtYjA4Ni00MmVhLThjNDMtNWU0OTk0NjhjYzJm
LzEvaXlpVnZxcmFiUy1WZkg3VU1QLUVhMzY4MnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9xlAwQA
W99NMA0GCSqGSIb3DQEBCwUAA4IBAQA+KgX1dNgH/bUfOyppEmBmLPPKZ0QzmV8L
j5aPze0UtGKq4EFdcxNWlqy/Im7+LkvcFttqmqH+E+hSBa8I0EGpNMb0UV/+OmoG
k/REPxiTc1BIZQ+ANvy46mQAYdZxsb7s3AtAZGnJtbaSRXi7jPrcBUwwRU8wOZG0
bWlveBst3V4XgyyNQ+ypan9Lf2nSGU6yA0MPqa0kOy26J2n/K0DISriXyiH5dmRd
E3Xc21hne4Nhi7U4oTpnz8nq07bOjMX8N4lyhMUKG+69azRxA4F693a8FwCqCZks
E/5ce81SwhqmdHknylIUbaWfO03GxsgfygnbMlJyoMkAMRonernM
-----END CERTIFICATE-----
Generated at Wed Apr 9 22:29:10 2025 by rpki-client