Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/af3da0-af92-41b8-87bf-d58b094df06c/1/DTF9ONSmCnj34QSV3oz7U0spqDo.roa
File: DTF9ONSmCnj34QSV3oz7U0spqDo.roa (raw, json)
Hash identifier: Kw2YkPP6grSzeM7Vvpfj0GyDu4r4ER5vZalMBblwx+c=
Subject key identifier: 0D:31:7D:38:D4:A6:0A:78:F7:E1:04:95:DE:8C:FB:53:4B:29:A8:3A
Certificate issuer: /CN=34e4f60b0e508726dde68c1c255d04bd21a3a183
Certificate serial: 019424B37CD42AFA5EF75ABD2F6740DEA4AF
Authority key identifier: 34:E4:F6:0B:0E:50:87:26:DD:E6:8C:1C:25:5D:04:BD:21:A3:A1:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NOT2Cw5Qhybd5owcJV0EvSGjoYM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/af3da0-af92-41b8-87bf-d58b094df06c/1/DTF9ONSmCnj34QSV3oz7U0spqDo.roa
Signing time: Thu 02 Jan 2025 01:48:50 +0000
ROA not before: Thu 02 Jan 2025 01:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62053
IP address blocks: 91.233.32.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:7c:d4:2a:fa:5e:f7:5a:bd:2f:67:40:de:a4:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34e4f60b0e508726dde68c1c255d04bd21a3a183
Validity
Not Before: Jan 2 01:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d317d38d4a60a78f7e10495de8cfb534b29a83a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:11:d3:d4:b4:4f:cb:c3:4e:48:e7:2a:2a:12:
d3:45:1f:38:5a:12:80:17:86:c0:a2:e5:7f:36:4c:
a8:bc:30:a4:14:e7:de:6d:ae:25:85:96:53:8a:2c:
c6:73:70:07:eb:79:f1:b7:8f:05:f4:e8:35:27:37:
fb:9f:55:96:ac:a7:ef:5d:3d:f9:6c:cd:55:f9:3b:
8d:be:2c:2f:76:23:cd:1a:6a:ed:56:33:71:9b:94:
ad:d6:36:54:66:a9:84:4f:51:9b:f5:ce:b1:32:08:
0f:b6:de:ba:dc:3e:85:53:b3:4d:86:75:57:01:1b:
53:2d:23:40:77:7b:a2:a6:f6:e1:69:04:8c:13:de:
9a:da:4d:e6:fe:ae:84:35:93:6f:fa:66:d9:fc:5c:
ae:27:4c:b8:78:2d:b3:04:7a:9c:62:8f:ea:8f:28:
7d:6b:dd:a4:20:d9:c2:cc:c7:19:a3:07:aa:3d:45:
8a:6b:fa:72:b8:4f:af:1e:52:ca:72:f2:f3:62:88:
05:69:23:fc:29:e0:2b:3b:96:01:e1:cf:0a:61:f2:
42:64:2c:bb:bf:1d:96:0f:07:b0:63:f9:cb:52:93:
27:30:e4:48:2a:85:21:24:f9:0b:88:e5:74:3f:0f:
b2:3a:09:2e:3e:8f:3a:9e:2d:6f:c1:26:87:6c:8d:
10:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:31:7D:38:D4:A6:0A:78:F7:E1:04:95:DE:8C:FB:53:4B:29:A8:3A
X509v3 Authority Key Identifier:
keyid:34:E4:F6:0B:0E:50:87:26:DD:E6:8C:1C:25:5D:04:BD:21:A3:A1:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NOT2Cw5Qhybd5owcJV0EvSGjoYM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/af3da0-af92-41b8-87bf-d58b094df06c/1/DTF9ONSmCnj34QSV3oz7U0spqDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/af3da0-af92-41b8-87bf-d58b094df06c/1/NOT2Cw5Qhybd5owcJV0EvSGjoYM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.32.0/24
Signature Algorithm: sha256WithRSAEncryption
20:c9:bf:f6:cf:5d:f2:fd:e3:c5:44:63:4c:8c:5d:cb:39:c4:
74:1a:87:7f:45:ab:85:4e:b3:9b:9b:ab:33:91:69:23:70:56:
4a:8d:7f:a9:53:43:53:54:73:c8:d0:9c:5d:69:8f:85:fc:33:
00:ce:07:45:6f:d2:c6:e5:09:17:a2:13:66:4c:88:a8:3f:b7:
07:fe:38:d0:7a:7b:81:cf:63:61:70:2d:e9:86:a7:6b:98:8b:
a4:d7:5e:63:64:7e:bf:98:bd:0e:8f:73:31:11:b7:19:c2:94:
2c:a7:ee:e3:d8:83:f1:30:80:98:ca:bc:06:73:73:6c:e3:04:
65:92:ce:b8:42:4c:08:92:46:52:a4:8d:63:25:f2:86:3f:f1:
ce:2e:04:40:b4:78:d5:39:ab:66:40:c0:c8:f5:f4:b1:9d:e0:
04:96:a7:77:57:07:59:fc:f2:3c:76:5b:bb:ee:8f:b8:9d:d3:
da:bb:a4:96:72:bf:be:78:5c:c0:95:2d:47:dd:de:cb:14:63:
9f:35:01:0b:c1:98:18:9d:3b:cf:9f:ea:df:2c:4a:35:cd:a0:
34:26:99:99:00:57:56:1a:d5:28:d2:50:52:c1:3a:20:47:c9:
97:9e:a3:69:b7:6f:03:e1:e7:0c:54:d5:5e:35:44:e1:e6:fe:
af:f0:25:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks3zUKvpe91q9L2dA3qSvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZTRmNjBiMGU1MDg3MjZkZGU2OGMxYzI1NWQwNGJkMjFh
M2ExODMwHhcNMjUwMTAyMDE0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDMxN2QzOGQ0YTYwYTc4ZjdlMTA0OTVkZThjZmI1MzRiMjlhODNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhHT1LRPy8NOSOcqKhLTRR84WhKA
F4bAouV/NkyovDCkFOfeba4lhZZTiizGc3AH63nxt48F9Og1Jzf7n1WWrKfvXT35
bM1V+TuNviwvdiPNGmrtVjNxm5St1jZUZqmET1Gb9c6xMggPtt663D6FU7NNhnVX
ARtTLSNAd3uipvbhaQSME96a2k3m/q6ENZNv+mbZ/FyuJ0y4eC2zBHqcYo/qjyh9
a92kINnCzMcZoweqPUWKa/pyuE+vHlLKcvLzYogFaSP8KeArO5YB4c8KYfJCZCy7
vx2WDwewY/nLUpMnMORIKoUhJPkLiOV0Pw+yOgkuPo86ni1vwSaHbI0Q4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA0xfTjUpgp49+EEld6M+1NLKag6MB8GA1UdIwQY
MBaAFDTk9gsOUIcm3eaMHCVdBL0ho6GDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk9UMkN3NVFoeWJkNW93Y0pWMEV2U0dqb1lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9hZjNkYTAtYWY5Mi00MWI4LTg3YmYt
ZDU4YjA5NGRmMDZjLzEvRFRGOU9OU21DbmozNFFTVjNvejdVMHNwcURvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9hZjNkYTAtYWY5Mi00MWI4LTg3YmYtZDU4YjA5NGRmMDZj
LzEvTk9UMkN3NVFoeWJkNW93Y0pWMEV2U0dqb1lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+kgMA0G
CSqGSIb3DQEBCwUAA4IBAQAgyb/2z13y/ePFRGNMjF3LOcR0God/RauFTrObm6sz
kWkjcFZKjX+pU0NTVHPI0JxdaY+F/DMAzgdFb9LG5QkXohNmTIioP7cH/jjQenuB
z2NhcC3phqdrmIuk115jZH6/mL0Oj3MxEbcZwpQsp+7j2IPxMICYyrwGc3Ns4wRl
ks64QkwIkkZSpI1jJfKGP/HOLgRAtHjVOatmQMDI9fSxneAElqd3VwdZ/PI8dlu7
7o+4ndPau6SWcr++eFzAlS1H3d7LFGOfNQELwZgYnTvPn+rfLEo1zaA0JpmZAFdW
GtUo0lBSwTogR8mXnqNpt28D4ecMVNVeNUTh5v6v8CXz
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:40:31 2025 by rpki-client