Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/e8ebd6-561d-42af-bb36-5201a23d7a49/1/1-rWfSUWoTN7lzgVE9cggY3PfgD0.roa
File: 1-rWfSUWoTN7lzgVE9cggY3PfgD0.roa (raw, json)
Hash identifier: YuPWb43IFaC3LA5MVH+ScYda6pMJs5sQyYc+nYcGdOE=
Subject key identifier: FA:B5:9F:49:45:A8:4C:DE:E5:CE:05:44:F5:C8:20:63:73:DF:80:3D
Certificate issuer: /CN=24f51bbdf01088d34c6baaeef86bda25a9f02196
Certificate serial: 018B4632A68C2D2D8DED406A18CCBCF236C1
Authority key identifier: 24:F5:1B:BD:F0:10:88:D3:4C:6B:AA:EE:F8:6B:DA:25:A9:F0:21:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JPUbvfAQiNNMa6ru-GvaJanwIZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/e8ebd6-561d-42af-bb36-5201a23d7a49/1/1-rWfSUWoTN7lzgVE9cggY3PfgD0.roa
Signing time: Thu 19 Oct 2023 04:30:06 +0000
ROA not before: Thu 19 Oct 2023 04:30:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 91.205.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:46:32:a6:8c:2d:2d:8d:ed:40:6a:18:cc:bc:f2:36:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24f51bbdf01088d34c6baaeef86bda25a9f02196
Validity
Not Before: Oct 19 04:30:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fab59f4945a84cdee5ce0544f5c8206373df803d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:60:45:30:d3:d0:49:16:88:0c:e8:5d:74:36:
9c:c4:ea:34:35:b8:ea:e9:9c:7b:cc:b0:db:3e:48:
15:ff:04:00:2b:ca:5c:0f:28:ac:98:ac:bf:2b:72:
1f:b5:22:6b:fc:b5:86:aa:f5:57:bd:8e:85:15:22:
fa:b5:bc:16:a9:7e:0a:84:77:c1:86:aa:36:ed:e8:
cc:f6:f9:ce:7b:12:ac:3a:1c:36:56:b6:cc:fc:99:
4a:c4:82:1d:89:f3:fa:1a:72:e8:58:57:05:e1:24:
f4:86:f7:a9:2d:b7:4d:f8:31:e5:03:88:1f:61:67:
06:02:fa:bf:ea:36:02:10:7e:ad:7c:92:30:c0:40:
0b:95:5c:57:af:f3:0c:69:5d:a6:f8:d9:8c:41:c4:
b8:1c:3f:a5:ac:38:f7:92:07:4e:ac:d2:c2:26:10:
46:14:00:ce:de:07:5d:d7:c4:9a:61:46:50:b5:72:
ea:23:a7:36:59:19:be:20:26:39:67:18:68:1d:57:
82:82:ad:79:8e:36:b2:fb:2f:b6:b8:6a:32:ff:c4:
3c:17:7d:44:9f:2a:ba:b2:6e:4f:fb:db:47:ea:3a:
9c:1b:30:b1:e5:5a:7d:fe:c9:3a:3a:1d:a6:92:f5:
e2:23:b2:4f:8c:f4:fa:35:0a:3f:7a:cb:f0:b0:aa:
37:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:B5:9F:49:45:A8:4C:DE:E5:CE:05:44:F5:C8:20:63:73:DF:80:3D
X509v3 Authority Key Identifier:
keyid:24:F5:1B:BD:F0:10:88:D3:4C:6B:AA:EE:F8:6B:DA:25:A9:F0:21:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JPUbvfAQiNNMa6ru-GvaJanwIZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/e8ebd6-561d-42af-bb36-5201a23d7a49/1/1-rWfSUWoTN7lzgVE9cggY3PfgD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/e8ebd6-561d-42af-bb36-5201a23d7a49/1/JPUbvfAQiNNMa6ru-GvaJanwIZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.221.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:c4:2a:1a:28:ad:07:4c:19:53:b0:74:66:05:38:2b:b7:9d:
c7:05:14:35:94:fd:4a:dc:2a:19:56:a8:60:34:cc:2a:73:74:
bb:a0:d0:fe:68:e6:fd:ed:1d:87:fe:e8:90:13:ab:5a:95:10:
3b:a0:27:a4:20:3b:6c:f5:c0:9e:cc:c1:0b:d9:ac:55:43:c5:
5d:ba:a3:6d:d8:30:d7:64:95:8a:a0:6e:68:c1:00:2a:7e:44:
38:b7:a3:a5:63:1d:7a:c9:c9:eb:c1:ba:f8:45:9b:da:51:c8:
ea:c5:91:c3:e6:27:90:25:9f:12:db:8a:93:0d:db:7d:f4:d8:
da:58:c5:2e:6e:f7:77:71:c9:6f:e8:d2:53:76:17:8b:2c:18:
bf:3b:be:68:e9:d4:8e:b4:59:cb:a5:bd:c7:aa:c7:e1:d6:41:
ff:d5:40:a6:0e:d9:ab:39:27:30:b0:4d:9c:81:c5:87:7a:14:
f2:94:af:20:fe:65:93:34:a8:aa:25:74:82:18:bf:0a:f5:a7:
16:6e:b6:65:5b:d8:70:ea:55:16:3f:7e:bf:d1:bb:dd:26:b0:
b5:e1:3b:d9:fa:91:a1:5a:ed:47:df:cf:2f:26:6b:60:57:46:
fa:01:7e:ea:09:86:f4:74:9d:5c:65:dd:0d:c5:47:d7:15:b6:
cc:92:01:48
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYtGMqaMLS2N7UBqGMy88jbBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ZjUxYmJkZjAxMDg4ZDM0YzZiYWFlZWY4NmJkYTI1YTlm
MDIxOTYwHhcNMjMxMDE5MDQzMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWI1OWY0OTQ1YTg0Y2RlZTVjZTA1NDRmNWM4MjA2MzczZGY4MDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWBFMNPQSRaIDOhddDacxOo0Nbjq
6Zx7zLDbPkgV/wQAK8pcDyismKy/K3IftSJr/LWGqvVXvY6FFSL6tbwWqX4KhHfB
hqo27ejM9vnOexKsOhw2VrbM/JlKxIIdifP6GnLoWFcF4ST0hvepLbdN+DHlA4gf
YWcGAvq/6jYCEH6tfJIwwEALlVxXr/MMaV2m+NmMQcS4HD+lrDj3kgdOrNLCJhBG
FADO3gdd18SaYUZQtXLqI6c2WRm+ICY5ZxhoHVeCgq15jjay+y+2uGoy/8Q8F31E
nyq6sm5P+9tH6jqcGzCx5Vp9/sk6Oh2mkvXiI7JPjPT6NQo/esvwsKo3wQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPq1n0lFqEze5c4FRPXIIGNz34A9MB8GA1UdIwQY
MBaAFCT1G73wEIjTTGuq7vhr2iWp8CGWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlBVYnZmQVFpTk5NYTZydS1HdmFKYW53SVpZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9lOGViZDYtNTYxZC00MmFmLWJiMzYt
NTIwMWEyM2Q3YTQ5LzEvMS1yV2ZTVVdvVE43bHpnVkU5Y2dnWTNQZmdEMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWYvZThlYmQ2LTU2MWQtNDJhZi1iYjM2LTUyMDFhMjNkN2E0
OS8xL0pQVWJ2ZkFRaU5OTWE2cnUtR3ZhSmFud0laWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvN3TAN
BgkqhkiG9w0BAQsFAAOCAQEAf8QqGiitB0wZU7B0ZgU4K7edxwUUNZT9StwqGVao
YDTMKnN0u6DQ/mjm/e0dh/7okBOrWpUQO6AnpCA7bPXAnszBC9msVUPFXbqjbdgw
12SViqBuaMEAKn5EOLejpWMdesnJ68G6+EWb2lHI6sWRw+YnkCWfEtuKkw3bffTY
2ljFLm73d3HJb+jSU3YXiywYvzu+aOnUjrRZy6W9x6rH4dZB/9VApg7ZqzknMLBN
nIHFh3oU8pSvIP5lkzSoqiV0ghi/CvWnFm62ZVvYcOpVFj9+v9G73SawteE72fqR
oVrtR9/PLyZrYFdG+gF+6gmG9HSdXGXdDcVH1xW2zJIBSA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:05 2025 by rpki-client