Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/e53313-ba6a-4e81-ba7b-6715f58ceebf/1/jITbU3zSJQrd44BqEbMTS0qbtl8.roa
File: jITbU3zSJQrd44BqEbMTS0qbtl8.roa (raw, json)
Hash identifier: 15yUrQCKFBILR3HXPZHMDxo7EXaGYlFtxflDri84oN4=
Subject key identifier: 8C:84:DB:53:7C:D2:25:0A:DD:E3:80:6A:11:B3:13:4B:4A:9B:B6:5F
Certificate issuer: /CN=c79a7ca44027d2e5ad389f169ed15936d7851166
Certificate serial: 018CC348EB6F6C353E99BEB7187AB5862F0D
Authority key identifier: C7:9A:7C:A4:40:27:D2:E5:AD:38:9F:16:9E:D1:59:36:D7:85:11:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x5p8pEAn0uWtOJ8WntFZNteFEWY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/e53313-ba6a-4e81-ba7b-6715f58ceebf/1/jITbU3zSJQrd44BqEbMTS0qbtl8.roa
Signing time: Mon 01 Jan 2024 04:29:45 +0000
ROA not before: Mon 01 Jan 2024 04:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204881
IP address blocks: 91.240.163.0/24 maxlen: 24
91.213.235.0/24 maxlen: 24
2a12:fd40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:eb:6f:6c:35:3e:99:be:b7:18:7a:b5:86:2f:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c79a7ca44027d2e5ad389f169ed15936d7851166
Validity
Not Before: Jan 1 04:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c84db537cd2250adde3806a11b3134b4a9bb65f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e3:8d:8f:42:31:c2:c1:04:06:14:37:b6:8f:
0c:96:7b:70:9a:1d:10:ca:6f:4e:af:33:ad:77:eb:
14:16:b9:2b:06:8e:22:be:7b:f3:ca:91:25:ca:77:
ff:ac:fb:bc:0b:3c:ec:ac:c0:c0:46:47:26:bd:a7:
ff:60:86:8f:14:aa:aa:27:9a:17:2b:5a:d3:52:a3:
86:1f:55:e2:6c:87:f9:f8:5e:d1:6c:c4:b3:a4:04:
55:09:e2:32:6d:67:0c:b4:bd:3c:d7:25:5d:1d:8b:
82:80:d1:7a:bb:96:a1:02:43:fe:57:e5:8a:7e:81:
28:76:41:55:14:c5:14:0b:da:23:18:c3:a0:4f:d2:
fb:59:ac:dd:0e:80:75:7e:b7:86:1e:e6:4c:5b:8a:
27:15:01:bb:82:37:cd:46:0a:cf:cf:d0:f0:fc:eb:
2b:35:39:75:0a:b8:22:c5:80:4a:0a:c4:4f:b6:b9:
19:29:6f:a0:d9:7c:86:a9:15:2d:aa:f4:18:c9:83:
35:3c:4a:0d:73:3b:7f:ae:69:03:54:9b:f0:aa:5d:
8f:35:f2:8b:8f:4f:17:e9:43:b3:ca:81:61:39:64:
09:51:7c:b5:69:b8:66:21:b1:97:fb:50:9e:ba:9f:
56:ce:75:10:1f:64:80:31:5e:81:59:55:98:a6:d1:
62:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:84:DB:53:7C:D2:25:0A:DD:E3:80:6A:11:B3:13:4B:4A:9B:B6:5F
X509v3 Authority Key Identifier:
keyid:C7:9A:7C:A4:40:27:D2:E5:AD:38:9F:16:9E:D1:59:36:D7:85:11:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x5p8pEAn0uWtOJ8WntFZNteFEWY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/e53313-ba6a-4e81-ba7b-6715f58ceebf/1/jITbU3zSJQrd44BqEbMTS0qbtl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/e53313-ba6a-4e81-ba7b-6715f58ceebf/1/x5p8pEAn0uWtOJ8WntFZNteFEWY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.235.0/24
91.240.163.0/24
IPv6:
2a12:fd40::/29
Signature Algorithm: sha256WithRSAEncryption
1b:bf:df:a0:69:0b:8a:94:98:33:48:d7:84:6a:a5:d0:45:00:
8f:9b:ba:b3:89:20:15:cb:07:f5:87:08:33:99:08:aa:da:23:
06:c5:4f:87:5b:61:ca:da:7c:3d:ba:84:38:40:e8:81:48:15:
12:3d:b5:2c:d8:26:7f:ba:d6:34:15:48:22:28:26:ed:71:90:
a5:da:a0:95:90:99:12:32:9d:88:16:9b:4d:76:a1:a6:2c:17:
b3:46:11:75:36:b5:69:16:4f:a1:ec:26:b2:4e:98:28:cd:27:
6c:f3:e3:78:61:69:a6:62:5b:de:6e:07:31:da:bc:fa:dc:93:
ae:ae:68:99:6c:83:c4:ff:f4:50:16:d8:0f:af:b7:ff:45:66:
30:6e:2e:6a:cb:ab:31:81:e9:eb:57:cf:cb:f7:cb:92:4e:d4:
61:57:10:63:f4:37:a9:ea:28:dd:2f:b8:51:b4:02:4b:3b:21:
18:77:54:79:43:f9:be:af:0a:0f:e5:5c:92:9c:f1:6d:14:99:
b7:b2:e9:12:27:d4:1d:45:08:27:4b:63:4e:2f:7e:26:69:29:
d9:9c:df:3d:c1:2c:37:ad:d8:af:3e:8c:38:9c:ef:13:95:c9:
fb:0c:0a:c7:6d:6f:97:22:dd:77:d2:a2:39:46:64:16:e2:aa:
7e:3f:9b:a4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDSOtvbDU+mb63GHq1hi8NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3OWE3Y2E0NDAyN2QyZTVhZDM4OWYxNjllZDE1OTM2ZDc4
NTExNjYwHhcNMjQwMTAxMDQyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yzg0ZGI1MzdjZDIyNTBhZGRlMzgwNmExMWIzMTM0YjRhOWJiNjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOONj0IxwsEEBhQ3to8Mlntwmh0Q
ym9OrzOtd+sUFrkrBo4ivnvzypElynf/rPu8CzzsrMDARkcmvaf/YIaPFKqqJ5oX
K1rTUqOGH1XibIf5+F7RbMSzpARVCeIybWcMtL081yVdHYuCgNF6u5ahAkP+V+WK
foEodkFVFMUUC9ojGMOgT9L7WazdDoB1freGHuZMW4onFQG7gjfNRgrPz9Dw/Osr
NTl1CrgixYBKCsRPtrkZKW+g2XyGqRUtqvQYyYM1PEoNczt/rmkDVJvwql2PNfKL
j08X6UOzyoFhOWQJUXy1abhmIbGX+1Ceup9WznUQH2SAMV6BWVWYptFiaQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIyE21N80iUK3eOAahGzE0tKm7ZfMB8GA1UdIwQY
MBaAFMeafKRAJ9LlrTifFp7RWTbXhRFmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDVwOHBFQW4wdVd0T0o4V250RlpOdGVGRVdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9lNTMzMTMtYmE2YS00ZTgxLWJhN2It
NjcxNWY1OGNlZWJmLzEvaklUYlUzelNKUXJkNDRCcUViTVRTMHFidGw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9lNTMzMTMtYmE2YS00ZTgxLWJhN2ItNjcxNWY1OGNlZWJm
LzEveDVwOHBFQW4wdVd0T0o4V250RlpOdGVGRVdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9XrAwQA
W/CjMA0EAgACMAcDBQMqEv1AMA0GCSqGSIb3DQEBCwUAA4IBAQAbv9+gaQuKlJgz
SNeEaqXQRQCPm7qziSAVywf1hwgzmQiq2iMGxU+HW2HK2nw9uoQ4QOiBSBUSPbUs
2CZ/utY0FUgiKCbtcZCl2qCVkJkSMp2IFptNdqGmLBezRhF1NrVpFk+h7CayTpgo
zSds8+N4YWmmYlvebgcx2rz63JOurmiZbIPE//RQFtgPr7f/RWYwbi5qy6sxgenr
V8/L98uSTtRhVxBj9Dep6ijdL7hRtAJLOyEYd1R5Q/m+rwoP5VySnPFtFJm3sukS
J9QdRQgnS2NOL34maSnZnN89wSw3rdivPow4nO8Tlcn7DArHbW+XIt130qI5RmQW
4qp+P5uk
-----END CERTIFICATE-----
Generated at Tue Apr 8 01:17:43 2025 by rpki-client