Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/61083c-4b3d-46d8-82aa-b2997bc61474/1/0BwZhdU4Lc_MGtRgtacxMwCAmgo.roa
File: 0BwZhdU4Lc_MGtRgtacxMwCAmgo.roa (raw, json)
Hash identifier: YpXynUUs/IPOe7m4GtxSxjQNSHfpLk0MgTtZ8VR9x/E=
Subject key identifier: D0:1C:19:85:D5:38:2D:CF:CC:1A:D4:60:B5:A7:31:33:00:80:9A:0A
Certificate issuer: /CN=63427c535873e4c4ead8042d67bbf3f1f47b26b1
Certificate serial: 019422FB70DCE016F3E5E8DEA0426F35EBC9
Authority key identifier: 63:42:7C:53:58:73:E4:C4:EA:D8:04:2D:67:BB:F3:F1:F4:7B:26:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y0J8U1hz5MTq2AQtZ7vz8fR7JrE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/61083c-4b3d-46d8-82aa-b2997bc61474/1/0BwZhdU4Lc_MGtRgtacxMwCAmgo.roa
Signing time: Wed 01 Jan 2025 17:48:11 +0000
ROA not before: Wed 01 Jan 2025 17:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15600
IP address blocks: 91.138.64.0/18 maxlen: 18
185.206.244.0/22 maxlen: 22
2a0a:d1c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:70:dc:e0:16:f3:e5:e8:de:a0:42:6f:35:eb:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63427c535873e4c4ead8042d67bbf3f1f47b26b1
Validity
Not Before: Jan 1 17:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d01c1985d5382dcfcc1ad460b5a7313300809a0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:fe:7a:15:6f:2c:53:3e:43:52:25:1e:ff:58:
86:84:21:28:8a:ae:4e:a5:2d:07:1f:81:91:57:df:
7b:b5:84:f3:e3:0c:a4:54:90:9e:cf:2d:f6:71:aa:
3d:e9:3d:76:b7:94:d2:02:65:fe:ba:fd:a3:f4:b5:
c4:fc:91:f1:d6:4b:a6:4f:a7:ab:49:06:7e:f2:b3:
b1:eb:6c:b4:23:5f:a2:a7:5c:b9:c7:99:96:e3:78:
27:8b:30:ad:8c:a2:c3:65:95:1e:fd:2b:09:cd:34:
31:89:08:40:3f:11:d2:c4:33:53:8c:86:53:d1:f8:
b1:be:ea:5d:38:5c:a5:66:2f:5f:43:1d:e1:52:d3:
38:76:78:85:9a:18:61:f5:a3:b9:b1:a9:26:cb:6d:
92:ad:fa:32:69:f4:08:b4:e3:9e:03:22:de:df:44:
57:b4:65:64:b1:35:77:95:80:76:73:22:9e:4b:4a:
c8:96:b0:82:4e:4c:53:92:89:9c:db:db:8f:4c:71:
c2:a3:e4:c7:46:4b:f4:22:37:a9:59:c0:d4:44:7c:
fe:6f:3c:e4:e0:d7:cd:ee:ce:7a:d4:71:f0:80:e2:
23:f1:c1:ad:a5:5b:a3:e8:f5:b3:cf:f3:6a:d4:98:
01:cb:f5:38:b0:3d:86:fa:6e:1b:9c:04:53:34:6e:
26:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:1C:19:85:D5:38:2D:CF:CC:1A:D4:60:B5:A7:31:33:00:80:9A:0A
X509v3 Authority Key Identifier:
keyid:63:42:7C:53:58:73:E4:C4:EA:D8:04:2D:67:BB:F3:F1:F4:7B:26:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y0J8U1hz5MTq2AQtZ7vz8fR7JrE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/61083c-4b3d-46d8-82aa-b2997bc61474/1/0BwZhdU4Lc_MGtRgtacxMwCAmgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/61083c-4b3d-46d8-82aa-b2997bc61474/1/Y0J8U1hz5MTq2AQtZ7vz8fR7JrE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.138.64.0/18
185.206.244.0/22
IPv6:
2a0a:d1c0::/29
Signature Algorithm: sha256WithRSAEncryption
9c:3c:3c:96:1f:d2:4d:6a:11:bc:e8:fb:e6:3f:16:45:86:ad:
60:2a:a0:d4:ca:f1:5f:44:2a:bb:46:1e:c5:51:ad:c8:d9:97:
c0:07:99:fb:05:6a:ba:d3:40:dc:a1:f3:10:97:27:23:20:48:
60:63:ee:9b:2c:4b:91:59:31:50:36:4f:4d:ef:18:6d:c1:1f:
ff:7a:a6:3f:0e:b3:8a:08:5b:e8:18:0c:fe:2f:14:48:3f:55:
2d:ea:2e:2a:38:fc:b5:a4:e3:6d:42:d8:f9:a5:b7:c1:8a:10:
8b:00:e1:f0:0a:d8:fb:ec:20:2f:cc:f8:35:88:72:97:f2:3e:
e5:44:e8:5b:ec:f5:8a:77:e8:f5:83:bf:9a:96:a7:8d:6a:53:
f2:34:b6:30:9e:fb:6b:12:cd:69:3a:67:6f:a3:be:05:eb:59:
eb:4d:16:0f:6d:d6:41:3c:39:8a:f1:d2:75:50:28:a2:2a:63:
ed:95:24:99:3c:6f:e7:06:a7:f1:aa:65:09:d7:28:5b:99:e6:
d5:9f:d2:32:eb:29:77:bb:3c:c1:95:b5:ce:16:79:87:02:10:
6c:65:f9:2a:d3:b3:d5:6d:ac:a5:6d:86:3b:d1:71:19:5d:7a:
fd:21:c8:06:75:0d:82:cb:c0:57:c5:01:9a:c5:f4:b8:57:34:
1e:e9:97:15
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQi+3Dc4Bbz5ejeoEJvNevJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNDI3YzUzNTg3M2U0YzRlYWQ4MDQyZDY3YmJmM2YxZjQ3
YjI2YjEwHhcNMjUwMTAxMTc0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDFjMTk4NWQ1MzgyZGNmY2MxYWQ0NjBiNWE3MzEzMzAwODA5YTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhP56FW8sUz5DUiUe/1iGhCEoiq5O
pS0HH4GRV997tYTz4wykVJCezy32cao96T12t5TSAmX+uv2j9LXE/JHx1kumT6er
SQZ+8rOx62y0I1+ip1y5x5mW43gnizCtjKLDZZUe/SsJzTQxiQhAPxHSxDNTjIZT
0fixvupdOFylZi9fQx3hUtM4dniFmhhh9aO5sakmy22SrfoyafQItOOeAyLe30RX
tGVksTV3lYB2cyKeS0rIlrCCTkxTkomc29uPTHHCo+THRkv0IjepWcDURHz+bzzk
4NfN7s561HHwgOIj8cGtpVuj6PWzz/Nq1JgBy/U4sD2G+m4bnARTNG4mdQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNAcGYXVOC3PzBrUYLWnMTMAgJoKMB8GA1UdIwQY
MBaAFGNCfFNYc+TE6tgELWe78/H0eyaxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTBKOFUxaHo1TVRxMkFRdFo3dno4ZlI3SnJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82MTA4M2MtNGIzZC00NmQ4LTgyYWEt
YjI5OTdiYzYxNDc0LzEvMEJ3WmhkVTRMY19NR3RSZ3RhY3hNd0NBbWdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC82MTA4M2MtNGIzZC00NmQ4LTgyYWEtYjI5OTdiYzYxNDc0
LzEvWTBKOFUxaHo1TVRxMkFRdFo3dno4ZlI3SnJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGW4pAAwQC
uc70MA0EAgACMAcDBQMqCtHAMA0GCSqGSIb3DQEBCwUAA4IBAQCcPDyWH9JNahG8
6PvmPxZFhq1gKqDUyvFfRCq7Rh7FUa3I2ZfAB5n7BWq600DcofMQlycjIEhgY+6b
LEuRWTFQNk9N7xhtwR//eqY/DrOKCFvoGAz+LxRIP1Ut6i4qOPy1pONtQtj5pbfB
ihCLAOHwCtj77CAvzPg1iHKX8j7lROhb7PWKd+j1g7+alqeNalPyNLYwnvtrEs1p
Omdvo74F61nrTRYPbdZBPDmK8dJ1UCiiKmPtlSSZPG/nBqfxqmUJ1yhbmebVn9Iy
6yl3uzzBlbXOFnmHAhBsZfkq07PVbaylbYY70XEZXXr9IcgGdQ2Cy8BXxQGaxfS4
VzQe6ZcV
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:10:38 2025 by rpki-client