Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/cba718-aa73-4d37-9a04-98dabe3e2662/1/oZt6wOeBPRzgxfrSHyQvaXZ61CE.roa
File: oZt6wOeBPRzgxfrSHyQvaXZ61CE.roa (raw, json)
Hash identifier: 0c3+xTwK5KGYXpDaZhmc1MdZZB2Ym1lrAvZHlgXOKE4=
Subject key identifier: A1:9B:7A:C0:E7:81:3D:1C:E0:C5:FA:D2:1F:24:2F:69:76:7A:D4:21
Certificate issuer: /CN=d5956cb2e8bbb4d429728e01e20fd3c8e05f3328
Certificate serial: 019426D9E8A958B5597E0898B02EDD23910F
Authority key identifier: D5:95:6C:B2:E8:BB:B4:D4:29:72:8E:01:E2:0F:D3:C8:E0:5F:33:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ZVssui7tNQpco4B4g_TyOBfMyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/cba718-aa73-4d37-9a04-98dabe3e2662/1/oZt6wOeBPRzgxfrSHyQvaXZ61CE.roa
Signing time: Thu 02 Jan 2025 11:50:02 +0000
ROA not before: Thu 02 Jan 2025 11:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48617
IP address blocks: 91.209.194.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:e8:a9:58:b5:59:7e:08:98:b0:2e:dd:23:91:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5956cb2e8bbb4d429728e01e20fd3c8e05f3328
Validity
Not Before: Jan 2 11:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a19b7ac0e7813d1ce0c5fad21f242f69767ad421
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:07:fc:ff:a7:33:bb:62:e9:9b:44:f6:e1:f5:
05:39:21:3a:e4:54:64:8a:9e:22:f5:e1:06:3e:e5:
20:52:1d:b2:46:d0:c4:40:bc:2d:4a:06:1c:39:ee:
b2:39:83:f2:a0:54:95:86:81:57:ba:75:3f:85:c2:
49:d5:dc:c7:20:cc:10:98:94:1e:e3:87:fb:81:00:
af:b8:a0:db:6b:06:83:d7:fa:b0:2c:3f:95:79:60:
c6:a5:d7:42:38:c0:2c:9d:c3:90:0c:86:00:8a:23:
fd:e7:61:38:ac:b9:0e:39:52:91:b3:fb:59:2a:78:
2d:1b:53:63:c3:19:44:e0:d9:b8:98:3a:52:f8:5f:
26:21:25:68:eb:83:3a:5c:75:78:3a:23:bc:4e:0b:
24:96:41:64:a8:f9:a9:07:9f:0a:ef:ea:94:95:6b:
0c:cb:18:01:3b:a6:57:22:60:c9:c4:8d:9e:3e:98:
82:7b:89:36:b8:79:ea:fe:57:2b:74:e8:bb:a3:9f:
5c:e6:50:c2:e5:ce:5a:54:8f:9a:8e:66:97:30:d3:
3a:a7:20:26:1d:65:6d:b0:e4:77:f5:ca:c4:2f:82:
78:1e:2c:fe:98:1c:f8:28:85:37:b4:dd:49:d6:fd:
a4:1f:3f:e6:0a:01:ea:f4:0f:34:9a:a7:3c:b2:6b:
66:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:9B:7A:C0:E7:81:3D:1C:E0:C5:FA:D2:1F:24:2F:69:76:7A:D4:21
X509v3 Authority Key Identifier:
keyid:D5:95:6C:B2:E8:BB:B4:D4:29:72:8E:01:E2:0F:D3:C8:E0:5F:33:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ZVssui7tNQpco4B4g_TyOBfMyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/cba718-aa73-4d37-9a04-98dabe3e2662/1/oZt6wOeBPRzgxfrSHyQvaXZ61CE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/cba718-aa73-4d37-9a04-98dabe3e2662/1/1ZVssui7tNQpco4B4g_TyOBfMyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.194.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:8a:70:7e:d7:80:ea:24:c2:45:57:e4:38:b5:f5:50:3a:c9:
cb:ad:ca:c0:a3:3b:b1:ce:08:8b:24:38:91:a2:5a:34:14:bc:
b6:3b:7f:5e:64:1e:37:57:82:b9:0a:b9:33:03:a1:1b:34:2c:
ee:b4:a7:53:4b:79:ea:85:23:98:c8:cf:20:54:2d:14:d9:37:
39:68:ea:8a:9a:f2:f8:09:55:08:01:9e:04:b2:b8:ee:93:be:
57:94:76:d0:3c:e7:e6:89:db:7f:6b:4b:09:60:bd:8a:cb:ce:
03:95:1b:41:a2:60:6f:9a:c3:8b:3f:45:4f:e5:7f:de:5b:30:
e8:45:cc:a4:3c:a3:4a:60:f0:ab:b1:07:53:b0:ba:79:c9:17:
ae:dd:63:fe:ac:ab:d9:95:16:3c:11:a3:fe:f4:71:d1:1b:3e:
62:eb:e6:32:28:de:af:a5:a1:e8:52:72:fa:ac:34:b2:24:45:
77:d5:10:d7:f9:5c:26:91:7d:35:60:73:e4:60:0e:5a:b4:cf:
65:8d:54:27:b0:07:49:90:b7:bc:fe:f8:ec:30:77:d1:3b:15:
9f:61:20:5b:79:5d:65:27:aa:b3:41:70:ba:c1:37:dd:1c:91:
f4:b9:c6:ac:95:b5:a7:64:9b:13:9a:47:43:da:3b:24:70:6a:
41:26:cd:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2eipWLVZfgiYsC7dI5EPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1OTU2Y2IyZThiYmI0ZDQyOTcyOGUwMWUyMGZkM2M4ZTA1
ZjMzMjgwHhcNMjUwMTAyMTE1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTliN2FjMGU3ODEzZDFjZTBjNWZhZDIxZjI0MmY2OTc2N2FkNDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQf8/6czu2Lpm0T24fUFOSE65FRk
ip4i9eEGPuUgUh2yRtDEQLwtSgYcOe6yOYPyoFSVhoFXunU/hcJJ1dzHIMwQmJQe
44f7gQCvuKDbawaD1/qwLD+VeWDGpddCOMAsncOQDIYAiiP952E4rLkOOVKRs/tZ
KngtG1NjwxlE4Nm4mDpS+F8mISVo64M6XHV4OiO8TgsklkFkqPmpB58K7+qUlWsM
yxgBO6ZXImDJxI2ePpiCe4k2uHnq/lcrdOi7o59c5lDC5c5aVI+ajmaXMNM6pyAm
HWVtsOR39crEL4J4Hiz+mBz4KIU3tN1J1v2kHz/mCgHq9A80mqc8smtmJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKGbesDngT0c4MX60h8kL2l2etQhMB8GA1UdIwQY
MBaAFNWVbLLou7TUKXKOAeIP08jgXzMoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVpWc3N1aTd0TlFwY280QjRnX1R5T0JmTXlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jYmE3MTgtYWE3My00ZDM3LTlhMDQt
OThkYWJlM2UyNjYyLzEvb1p0NndPZUJQUnpneGZyU0h5UXZhWFo2MUNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jYmE3MTgtYWE3My00ZDM3LTlhMDQtOThkYWJlM2UyNjYy
LzEvMVpWc3N1aTd0TlFwY280QjRnX1R5T0JmTXlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9HCMA0G
CSqGSIb3DQEBCwUAA4IBAQBqinB+14DqJMJFV+Q4tfVQOsnLrcrAozuxzgiLJDiR
olo0FLy2O39eZB43V4K5CrkzA6EbNCzutKdTS3nqhSOYyM8gVC0U2Tc5aOqKmvL4
CVUIAZ4Esrjuk75XlHbQPOfmidt/a0sJYL2Ky84DlRtBomBvmsOLP0VP5X/eWzDo
RcykPKNKYPCrsQdTsLp5yReu3WP+rKvZlRY8EaP+9HHRGz5i6+YyKN6vpaHoUnL6
rDSyJEV31RDX+VwmkX01YHPkYA5atM9ljVQnsAdJkLe8/vjsMHfROxWfYSBbeV1l
J6qzQXC6wTfdHJH0ucaslbWnZJsTmkdD2jskcGpBJs06
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:59 2025 by rpki-client