Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/775190-cb94-4063-8c1a-ad147d915791/1/e-RnjFIlCm8TZxht82B3LxYS3ac.roa
File: e-RnjFIlCm8TZxht82B3LxYS3ac.roa (raw, json)
Hash identifier: ohh6LP4UqlNdOtm6OENVkdIGvrhFcseay8nWl5jLWDE=
Subject key identifier: 7B:E4:67:8C:52:25:0A:6F:13:67:18:6D:F3:60:77:2F:16:12:DD:A7
Certificate issuer: /CN=4f8477e569d1d7d60f0469a7cc8a7f4746039bb7
Certificate serial: 018CCA2B5EBDBA78F667F2D61053BD699352
Authority key identifier: 4F:84:77:E5:69:D1:D7:D6:0F:04:69:A7:CC:8A:7F:47:46:03:9B:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4R35WnR19YPBGmnzIp_R0YDm7c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/775190-cb94-4063-8c1a-ad147d915791/1/e-RnjFIlCm8TZxht82B3LxYS3ac.roa
Signing time: Tue 02 Jan 2024 12:34:49 +0000
ROA not before: Tue 02 Jan 2024 12:34:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197386
IP address blocks: 91.220.50.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:5e:bd:ba:78:f6:67:f2:d6:10:53:bd:69:93:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8477e569d1d7d60f0469a7cc8a7f4746039bb7
Validity
Not Before: Jan 2 12:34:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7be4678c52250a6f1367186df360772f1612dda7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ca:ab:51:3d:17:3e:4d:68:6d:df:d1:ae:72:
3a:90:b7:4c:b6:3b:26:ea:99:68:f6:28:1b:b2:32:
70:dd:3c:0b:85:76:c0:f6:18:0a:d9:78:ea:26:e2:
37:e4:23:77:7b:23:3a:77:7f:2e:9c:81:b6:ba:0a:
f0:74:ac:33:10:32:5e:5e:a2:e0:3d:d0:99:59:93:
d2:45:a6:4f:b5:8e:31:39:2e:16:51:28:ee:c1:9d:
70:81:99:29:f1:a3:0b:c0:84:26:e0:9c:92:ca:47:
ec:0c:f4:b4:78:01:38:cf:1c:29:15:45:90:2f:b2:
e2:48:e4:b9:40:10:fc:a8:9b:7d:9b:16:31:12:bd:
22:45:42:8f:38:ac:a3:11:1f:d1:fa:8c:e0:96:f0:
e8:77:f3:50:6f:8a:ee:75:7a:56:8d:57:91:d1:fc:
3c:09:72:35:dd:40:58:8d:eb:a6:39:6a:53:75:6b:
ec:ab:df:ca:d2:cf:9f:cc:2f:9e:c9:6e:ad:0c:e7:
98:b5:f0:7a:d3:95:78:b8:0f:e3:a1:72:85:af:ba:
73:90:cd:08:61:38:71:c6:a8:d6:04:bb:12:2f:07:
ce:e7:1d:2b:eb:b7:fd:58:bb:4e:5c:46:4e:dc:46:
5c:97:e8:b9:6b:73:66:96:1a:fc:74:22:71:e8:88:
a8:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:E4:67:8C:52:25:0A:6F:13:67:18:6D:F3:60:77:2F:16:12:DD:A7
X509v3 Authority Key Identifier:
keyid:4F:84:77:E5:69:D1:D7:D6:0F:04:69:A7:CC:8A:7F:47:46:03:9B:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4R35WnR19YPBGmnzIp_R0YDm7c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/775190-cb94-4063-8c1a-ad147d915791/1/e-RnjFIlCm8TZxht82B3LxYS3ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/775190-cb94-4063-8c1a-ad147d915791/1/T4R35WnR19YPBGmnzIp_R0YDm7c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.50.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:c2:52:53:00:cb:88:cd:3f:cb:d8:82:ee:03:6b:20:3d:70:
f2:05:bf:f4:a5:30:60:2c:2d:89:7c:13:07:9b:63:13:0d:9e:
f7:70:88:03:bb:6e:b4:20:32:87:cc:93:64:d8:e7:36:2c:f4:
96:39:20:95:75:ef:62:b1:62:72:35:d0:f4:b5:45:19:89:fa:
cf:0e:92:03:7d:fe:10:7b:e2:82:0d:a1:d3:6f:bc:24:a4:02:
3e:99:84:fc:ba:f7:28:89:51:f9:1e:56:d7:70:2e:ec:78:a1:
51:92:21:19:bc:1d:59:74:62:71:28:63:0e:67:2f:e4:ff:32:
f9:47:93:6d:da:8c:4b:14:97:82:b0:2f:b8:27:98:3d:9a:18:
04:60:20:40:42:01:91:29:d6:ae:b5:60:e8:69:3d:37:df:ff:
83:1b:b1:24:83:32:73:ef:bc:40:79:ed:2b:35:ed:61:f5:e2:
ef:f2:db:e1:53:9e:68:77:00:d1:d3:ed:dd:2e:09:d3:dc:f2:
8e:a7:da:2b:0b:34:70:33:78:f2:f2:3b:17:84:b2:6e:bd:95:
96:87:8a:c0:95:73:d2:f5:f2:4d:1e:94:50:a4:02:9a:74:25:
51:ad:a8:be:3b:9a:79:d9:75:f7:f5:62:9a:eb:5f:24:df:fb:
a4:2b:8c:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK169unj2Z/LWEFO9aZNSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmODQ3N2U1NjlkMWQ3ZDYwZjA0NjlhN2NjOGE3ZjQ3NDYw
MzliYjcwHhcNMjQwMTAyMTIzNDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmU0Njc4YzUyMjUwYTZmMTM2NzE4NmRmMzYwNzcyZjE2MTJkZGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcqrUT0XPk1obd/RrnI6kLdMtjsm
6plo9igbsjJw3TwLhXbA9hgK2XjqJuI35CN3eyM6d38unIG2ugrwdKwzEDJeXqLg
PdCZWZPSRaZPtY4xOS4WUSjuwZ1wgZkp8aMLwIQm4JySykfsDPS0eAE4zxwpFUWQ
L7LiSOS5QBD8qJt9mxYxEr0iRUKPOKyjER/R+ozglvDod/NQb4rudXpWjVeR0fw8
CXI13UBYjeumOWpTdWvsq9/K0s+fzC+eyW6tDOeYtfB605V4uA/joXKFr7pzkM0I
YThxxqjWBLsSLwfO5x0r67f9WLtOXEZO3EZcl+i5a3Nmlhr8dCJx6IioPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHvkZ4xSJQpvE2cYbfNgdy8WEt2nMB8GA1UdIwQY
MBaAFE+Ed+Vp0dfWDwRpp8yKf0dGA5u3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRSMzVXblIxOVlQQkdtbnpJcF9SMFlEbTdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC83NzUxOTAtY2I5NC00MDYzLThjMWEt
YWQxNDdkOTE1NzkxLzEvZS1SbmpGSWxDbThUWnhodDgyQjNMeFlTM2FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC83NzUxOTAtY2I5NC00MDYzLThjMWEtYWQxNDdkOTE1Nzkx
LzEvVDRSMzVXblIxOVlQQkdtbnpJcF9SMFlEbTdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9wyMA0G
CSqGSIb3DQEBCwUAA4IBAQCPwlJTAMuIzT/L2ILuA2sgPXDyBb/0pTBgLC2JfBMH
m2MTDZ73cIgDu260IDKHzJNk2Oc2LPSWOSCVde9isWJyNdD0tUUZifrPDpIDff4Q
e+KCDaHTb7wkpAI+mYT8uvcoiVH5HlbXcC7seKFRkiEZvB1ZdGJxKGMOZy/k/zL5
R5Nt2oxLFJeCsC+4J5g9mhgEYCBAQgGRKdautWDoaT033/+DG7EkgzJz77xAee0r
Ne1h9eLv8tvhU55odwDR0+3dLgnT3PKOp9orCzRwM3jy8jsXhLJuvZWWh4rAlXPS
9fJNHpRQpAKadCVRrai+O5p52XX39WKa618k3/ukK4y4
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:33:46 2025 by rpki-client