Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/6efac4-d75a-425d-9157-aee6eb28514d/1/WnvN9eO0xROw8P2u2NunmIAmhFM.roa
File: WnvN9eO0xROw8P2u2NunmIAmhFM.roa (raw, json)
Hash identifier: ICDMCpB80BuzlOdYTKVVB47BHhMFIG3MGwkKpb0Kjms=
Subject key identifier: 5A:7B:CD:F5:E3:B4:C5:13:B0:F0:FD:AE:D8:DB:A7:98:80:26:84:53
Certificate issuer: /CN=576b22f2790597484bf96915a83543c194b3fd1e
Certificate serial: 019427B56C642F0B1B6D96DEF3A46947D86B
Authority key identifier: 57:6B:22:F2:79:05:97:48:4B:F9:69:15:A8:35:43:C1:94:B3:FD:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V2si8nkFl0hL-WkVqDVDwZSz_R4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/6efac4-d75a-425d-9157-aee6eb28514d/1/WnvN9eO0xROw8P2u2NunmIAmhFM.roa
Signing time: Thu 02 Jan 2025 15:49:48 +0000
ROA not before: Thu 02 Jan 2025 15:49:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6206
IP address blocks: 91.229.60.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:6c:64:2f:0b:1b:6d:96:de:f3:a4:69:47:d8:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=576b22f2790597484bf96915a83543c194b3fd1e
Validity
Not Before: Jan 2 15:49:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a7bcdf5e3b4c513b0f0fdaed8dba79880268453
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:53:af:07:8a:e0:c5:2f:5d:97:49:9c:b3:a3:
02:0c:14:4b:aa:64:68:7e:12:d9:06:29:30:85:56:
b0:01:f3:8f:96:50:3b:80:91:29:54:c4:8d:07:2f:
c6:fa:1c:6c:79:ca:a6:71:40:5b:bf:41:c8:92:14:
9b:07:4c:b1:be:72:9b:d7:44:ae:00:5a:9a:cc:f8:
b0:bb:1a:f7:19:cc:78:53:1c:ec:72:db:2b:96:7c:
36:f6:22:81:2f:df:74:1b:79:6c:7f:da:12:b8:e6:
fd:5c:ec:18:9c:39:f9:ce:1c:42:58:de:68:29:c5:
a7:7c:65:88:ad:e9:29:a1:55:c7:f4:56:e9:18:38:
16:c2:16:0b:44:0b:4c:a6:ad:2e:76:f3:3d:09:e9:
09:c8:e2:fc:70:0a:83:f4:3f:57:85:5e:5e:45:35:
2a:57:7f:21:4c:f7:17:fb:bf:1e:02:fd:74:e0:8d:
d5:ec:d5:77:d8:4a:99:42:cd:2b:25:09:da:7e:c1:
46:f7:11:08:29:66:d1:e8:fa:cc:df:97:59:22:0c:
85:d3:54:b0:b0:6b:2f:e6:a3:0c:79:1d:0b:33:fc:
f9:cc:e0:e2:2a:c5:2b:04:b5:f0:af:19:e4:f1:76:
86:93:32:16:31:bf:e3:28:ee:2f:0a:f8:ac:34:ac:
f0:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:7B:CD:F5:E3:B4:C5:13:B0:F0:FD:AE:D8:DB:A7:98:80:26:84:53
X509v3 Authority Key Identifier:
keyid:57:6B:22:F2:79:05:97:48:4B:F9:69:15:A8:35:43:C1:94:B3:FD:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V2si8nkFl0hL-WkVqDVDwZSz_R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/6efac4-d75a-425d-9157-aee6eb28514d/1/WnvN9eO0xROw8P2u2NunmIAmhFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/6efac4-d75a-425d-9157-aee6eb28514d/1/V2si8nkFl0hL-WkVqDVDwZSz_R4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.60.0/22
Signature Algorithm: sha256WithRSAEncryption
68:89:9a:0d:d2:27:90:cd:fe:8f:b5:2a:00:48:98:a1:68:6d:
66:9e:f5:f0:b8:9d:31:03:d4:dd:b1:26:91:ad:b6:8f:32:f7:
7c:99:d1:19:47:52:73:d4:d5:42:49:0b:44:be:6e:15:8e:48:
91:c8:15:10:91:0d:17:b8:83:79:d0:33:0e:65:3c:3f:fb:35:
48:6e:b7:5a:ee:e2:00:3b:a9:6c:0e:06:85:eb:43:29:67:2d:
a6:78:78:db:db:26:36:a3:b8:ac:d0:cb:7b:66:8c:ac:92:3f:
f7:fc:53:4b:4a:56:e2:f0:9f:4e:b5:18:55:56:c6:69:2e:6b:
09:f2:2e:65:a9:38:f1:65:f6:4c:bc:39:2e:3e:9e:d3:7f:3f:
59:4b:81:96:18:5f:ff:17:43:7c:0b:2b:b8:5f:e0:7f:6e:f5:
c0:19:35:f6:65:46:b6:c3:e9:4b:9f:30:b2:23:ed:5a:db:e5:
66:b1:eb:8a:4e:10:70:92:6a:6a:37:71:0b:66:42:19:49:a4:
72:7a:eb:0c:8f:f5:43:4d:e5:f0:68:18:38:c0:df:e6:a0:48:
e0:99:cb:60:c2:4b:d9:5e:e4:37:0b:26:99:31:17:8e:c1:eb:
fc:f6:e9:63:20:1b:d8:1e:a2:ce:cd:90:f3:f0:10:ac:4b:25:
71:ec:5f:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntWxkLwsbbZbe86RpR9hrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NmIyMmYyNzkwNTk3NDg0YmY5NjkxNWE4MzU0M2MxOTRi
M2ZkMWUwHhcNMjUwMTAyMTU0OTQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTdiY2RmNWUzYjRjNTEzYjBmMGZkYWVkOGRiYTc5ODgwMjY4NDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVOvB4rgxS9dl0mcs6MCDBRLqmRo
fhLZBikwhVawAfOPllA7gJEpVMSNBy/G+hxsecqmcUBbv0HIkhSbB0yxvnKb10Su
AFqazPiwuxr3Gcx4Uxzsctsrlnw29iKBL990G3lsf9oSuOb9XOwYnDn5zhxCWN5o
KcWnfGWIrekpoVXH9FbpGDgWwhYLRAtMpq0udvM9CekJyOL8cAqD9D9XhV5eRTUq
V38hTPcX+78eAv104I3V7NV32EqZQs0rJQnafsFG9xEIKWbR6PrM35dZIgyF01Sw
sGsv5qMMeR0LM/z5zODiKsUrBLXwrxnk8XaGkzIWMb/jKO4vCvisNKzwRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFp7zfXjtMUTsPD9rtjbp5iAJoRTMB8GA1UdIwQY
MBaAFFdrIvJ5BZdIS/lpFag1Q8GUs/0eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjJzaThua0ZsMGhMLVdrVnFEVkR3WlN6X1I0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS82ZWZhYzQtZDc1YS00MjVkLTkxNTct
YWVlNmViMjg1MTRkLzEvV252TjllTzB4Uk93OFAydTJOdW5tSUFtaEZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS82ZWZhYzQtZDc1YS00MjVkLTkxNTctYWVlNmViMjg1MTRk
LzEvVjJzaThua0ZsMGhMLVdrVnFEVkR3WlN6X1I0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+U8MA0G
CSqGSIb3DQEBCwUAA4IBAQBoiZoN0ieQzf6PtSoASJihaG1mnvXwuJ0xA9TdsSaR
rbaPMvd8mdEZR1Jz1NVCSQtEvm4VjkiRyBUQkQ0XuIN50DMOZTw/+zVIbrda7uIA
O6lsDgaF60MpZy2meHjb2yY2o7is0Mt7Zoyskj/3/FNLSlbi8J9OtRhVVsZpLmsJ
8i5lqTjxZfZMvDkuPp7Tfz9ZS4GWGF//F0N8Cyu4X+B/bvXAGTX2ZUa2w+lLnzCy
I+1a2+VmseuKThBwkmpqN3ELZkIZSaRyeusMj/VDTeXwaBg4wN/moEjgmctgwkvZ
XuQ3CyaZMReOwev89uljIBvYHqLOzZDz8BCsSyVx7F80
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:37:13 2025 by rpki-client