Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/c7c207-a3ba-49c8-a894-084d4748c385/1/S3eWbiRfXZtQFoOUJF8EdYDX9Yc.roa
File: S3eWbiRfXZtQFoOUJF8EdYDX9Yc.roa (raw, json)
Hash identifier: JnGWj1XmSn65dRfGoU3j1BYgj3cm1658PcWeEjvrK4Q=
Subject key identifier: 4B:77:96:6E:24:5F:5D:9B:50:16:83:94:24:5F:04:75:80:D7:F5:87
Certificate issuer: /CN=81a688012c122678185fceb7e1037f0e1ed17861
Certificate serial: 01942143C83582D87A6B86542A0E2F020E29
Authority key identifier: 81:A6:88:01:2C:12:26:78:18:5F:CE:B7:E1:03:7F:0E:1E:D1:78:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gaaIASwSJngYX8634QN_Dh7ReGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/c7c207-a3ba-49c8-a894-084d4748c385/1/S3eWbiRfXZtQFoOUJF8EdYDX9Yc.roa
Signing time: Wed 01 Jan 2025 09:47:57 +0000
ROA not before: Wed 01 Jan 2025 09:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51877
IP address blocks: 91.220.162.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:c8:35:82:d8:7a:6b:86:54:2a:0e:2f:02:0e:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81a688012c122678185fceb7e1037f0e1ed17861
Validity
Not Before: Jan 1 09:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b77966e245f5d9b50168394245f047580d7f587
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:25:5e:81:78:c0:53:8e:04:69:3a:8c:f4:47:
64:25:77:01:d7:d2:8b:99:41:a6:75:53:f5:47:2a:
1e:50:bb:d9:7b:8e:e9:9c:da:4f:7f:20:ea:f8:41:
c0:58:a6:88:f1:08:bd:6e:f0:1f:8c:04:8a:c8:62:
e5:ef:e3:24:b3:00:e8:5e:89:af:b9:d3:19:92:97:
b2:c0:74:f3:e2:f3:a5:13:ea:7f:27:43:a0:a7:7e:
fe:26:9c:78:51:6e:fb:a4:cc:84:13:13:e0:66:d6:
a2:91:af:8d:be:3c:21:bb:41:3a:f1:ec:7a:10:a7:
48:16:d9:ce:ab:69:2d:cf:74:88:07:cc:f7:8b:24:
e3:1d:5b:eb:2b:e8:f5:f8:4d:34:68:22:da:68:3a:
a0:de:9d:fc:18:7d:21:57:02:be:6a:24:7f:92:c5:
a1:1b:13:69:48:19:21:5f:97:43:8d:ca:db:43:02:
4b:7c:04:82:d5:30:33:af:2a:95:0a:7f:b2:2e:a0:
13:d4:ba:83:dd:4c:6a:08:9f:6b:da:c1:46:39:d3:
48:17:b1:60:94:d1:4d:e9:9e:a8:58:21:e6:0a:c1:
57:b8:3c:9a:97:54:ea:cd:93:b3:5c:38:3f:0a:ee:
be:2e:b0:66:bc:89:1d:a0:7c:56:f1:3e:d5:1f:90:
76:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:77:96:6E:24:5F:5D:9B:50:16:83:94:24:5F:04:75:80:D7:F5:87
X509v3 Authority Key Identifier:
keyid:81:A6:88:01:2C:12:26:78:18:5F:CE:B7:E1:03:7F:0E:1E:D1:78:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gaaIASwSJngYX8634QN_Dh7ReGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/c7c207-a3ba-49c8-a894-084d4748c385/1/S3eWbiRfXZtQFoOUJF8EdYDX9Yc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/c7c207-a3ba-49c8-a894-084d4748c385/1/gaaIASwSJngYX8634QN_Dh7ReGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.162.0/24
Signature Algorithm: sha256WithRSAEncryption
db:06:84:20:2b:b7:5c:96:bf:15:40:f9:91:5e:f2:84:95:b7:
eb:dc:7b:8d:99:a1:6d:be:ca:5a:93:71:c9:2d:ea:b6:9e:19:
0a:b5:8f:92:8a:4b:96:26:8a:ff:4e:0c:0f:a5:eb:60:be:32:
e8:d1:f6:fc:f4:ee:13:50:a4:50:16:14:6e:31:c2:8c:d3:c4:
2a:e4:4a:b9:d1:41:de:5b:aa:41:84:2c:b3:2e:b6:a4:23:e6:
33:d0:5d:50:f7:fb:fb:9e:4b:eb:8e:73:b6:02:a8:66:e5:75:
b2:f7:aa:83:2d:26:da:4c:38:27:f7:04:4d:c1:77:6e:38:27:
e5:19:da:f0:c5:90:e6:f3:22:96:0b:9b:77:50:3f:aa:6e:ce:
e2:6b:75:b4:8e:33:3e:50:8a:14:fe:90:75:36:71:e3:dc:92:
84:e3:51:2a:4a:c6:e3:42:0b:62:95:d2:12:c7:e2:21:5d:7a:
90:fe:8c:56:16:0d:70:e4:43:fa:b8:41:0b:1c:0d:dd:d7:de:
38:66:cc:0a:fa:3d:7c:94:5a:cf:a2:25:94:98:16:5d:c1:2e:
39:dc:af:ee:99:8b:06:8c:c3:66:d8:c5:da:62:57:ed:3f:fd:
a1:2b:15:12:25:31:dd:3a:af:a0:58:e6:2a:ac:ce:7b:30:6f:
14:af:fb:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ8g1gth6a4ZUKg4vAg4pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYTY4ODAxMmMxMjI2NzgxODVmY2ViN2UxMDM3ZjBlMWVk
MTc4NjEwHhcNMjUwMTAxMDk0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yjc3OTY2ZTI0NWY1ZDliNTAxNjgzOTQyNDVmMDQ3NTgwZDdmNTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiVegXjAU44EaTqM9EdkJXcB19KL
mUGmdVP1RyoeULvZe47pnNpPfyDq+EHAWKaI8Qi9bvAfjASKyGLl7+MkswDoXomv
udMZkpeywHTz4vOlE+p/J0Ogp37+Jpx4UW77pMyEExPgZtaika+Nvjwhu0E68ex6
EKdIFtnOq2ktz3SIB8z3iyTjHVvrK+j1+E00aCLaaDqg3p38GH0hVwK+aiR/ksWh
GxNpSBkhX5dDjcrbQwJLfASC1TAzryqVCn+yLqAT1LqD3UxqCJ9r2sFGOdNIF7Fg
lNFN6Z6oWCHmCsFXuDyal1TqzZOzXDg/Cu6+LrBmvIkdoHxW8T7VH5B21QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEt3lm4kX12bUBaDlCRfBHWA1/WHMB8GA1UdIwQY
MBaAFIGmiAEsEiZ4GF/Ot+EDfw4e0XhhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2FhSUFTd1NKbmdZWDg2MzRRTl9EaDdSZUdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9jN2MyMDctYTNiYS00OWM4LWE4OTQt
MDg0ZDQ3NDhjMzg1LzEvUzNlV2JpUmZYWnRRRm9PVUpGOEVkWURYOVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9jN2MyMDctYTNiYS00OWM4LWE4OTQtMDg0ZDQ3NDhjMzg1
LzEvZ2FhSUFTd1NKbmdZWDg2MzRRTl9EaDdSZUdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9yiMA0G
CSqGSIb3DQEBCwUAA4IBAQDbBoQgK7dclr8VQPmRXvKElbfr3HuNmaFtvspak3HJ
Leq2nhkKtY+SikuWJor/TgwPpetgvjLo0fb89O4TUKRQFhRuMcKM08Qq5Eq50UHe
W6pBhCyzLrakI+Yz0F1Q9/v7nkvrjnO2Aqhm5XWy96qDLSbaTDgn9wRNwXduOCfl
GdrwxZDm8yKWC5t3UD+qbs7ia3W0jjM+UIoU/pB1NnHj3JKE41EqSsbjQgtildIS
x+IhXXqQ/oxWFg1w5EP6uEELHA3d1944ZswK+j18lFrPoiWUmBZdwS453K/umYsG
jMNm2MXaYlftP/2hKxUSJTHdOq+gWOYqrM57MG8Ur/tn
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:34:58 2025 by rpki-client