Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/77c2db-f7d3-4a8a-9e50-6d0af460fcea/1/JlKOFnMSV20nIhjVGkTvO3IVd5o.roa
File: JlKOFnMSV20nIhjVGkTvO3IVd5o.roa (raw, json)
Hash identifier: n21ELXdPfLGxTVZ/AIv1tZp983vNpukjgOEQ9rvrW5A=
Subject key identifier: 26:52:8E:16:73:12:57:6D:27:22:18:D5:1A:44:EF:3B:72:15:77:9A
Certificate issuer: /CN=eb57a2c600b69e0bbaee2c68996792f6286abfe7
Certificate serial: 0184C9421065D4A5BF442A6FB7D4C6477C36
Authority key identifier: EB:57:A2:C6:00:B6:9E:0B:BA:EE:2C:68:99:67:92:F6:28:6A:BF:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/61eixgC2ngu67ixomWeS9ihqv-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/77c2db-f7d3-4a8a-9e50-6d0af460fcea/1/JlKOFnMSV20nIhjVGkTvO3IVd5o.roa
Signing time: Wed 30 Nov 2022 15:57:40 +0000
ROA not before: Wed 30 Nov 2022 15:57:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 91.212.216.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c9:42:10:65:d4:a5:bf:44:2a:6f:b7:d4:c6:47:7c:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb57a2c600b69e0bbaee2c68996792f6286abfe7
Validity
Not Before: Nov 30 15:57:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=26528e167312576d272218d51a44ef3b7215779a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:3e:df:52:d4:52:75:ca:12:b6:c7:26:a0:12:
0d:0a:17:f7:1c:f2:11:73:0e:24:ff:ae:e0:d8:38:
94:39:f7:87:74:ae:1a:33:dd:a8:0b:5f:0d:6f:e9:
f5:67:8f:4b:36:13:99:aa:d6:20:2c:97:f8:17:3f:
a4:48:de:13:d7:5d:17:39:1f:7d:51:c1:20:09:65:
f6:df:3a:da:8b:23:a6:53:a9:19:45:c1:5c:76:56:
4c:8a:20:5d:44:16:26:8a:70:d9:36:43:a3:19:d6:
6f:83:b4:fb:c5:ab:08:1c:46:ba:7e:11:72:66:5b:
63:d1:e6:13:7e:93:0f:e1:9f:88:23:ce:42:5e:6e:
0d:8b:dc:a5:ea:59:90:59:e9:4b:d3:50:cd:b4:7a:
ec:de:35:c0:27:34:bb:fc:26:11:08:82:a1:ec:7c:
e6:fc:03:79:1a:24:c4:84:fa:2f:ff:30:ed:d0:51:
b7:cf:72:81:25:06:e5:80:3c:60:ae:cf:ce:50:d9:
fb:c7:4a:df:61:fa:90:e1:64:fc:bd:6a:e2:cd:23:
19:b8:6e:72:78:6a:7b:94:8b:30:4c:d7:c2:bd:97:
80:24:6d:c1:1b:50:ef:58:22:71:d5:81:97:a5:0a:
11:a7:bc:27:8b:36:0d:2a:aa:b8:50:7a:35:2d:23:
17:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:52:8E:16:73:12:57:6D:27:22:18:D5:1A:44:EF:3B:72:15:77:9A
X509v3 Authority Key Identifier:
keyid:EB:57:A2:C6:00:B6:9E:0B:BA:EE:2C:68:99:67:92:F6:28:6A:BF:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/61eixgC2ngu67ixomWeS9ihqv-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/77c2db-f7d3-4a8a-9e50-6d0af460fcea/1/JlKOFnMSV20nIhjVGkTvO3IVd5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/77c2db-f7d3-4a8a-9e50-6d0af460fcea/1/61eixgC2ngu67ixomWeS9ihqv-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.216.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:7c:a3:12:83:36:ff:b9:76:46:e6:5b:de:14:85:6b:8c:43:
dc:39:99:7f:75:25:57:6d:01:6e:4d:14:f2:21:d1:0a:32:e7:
cb:be:ea:d3:b4:b4:4c:91:18:6f:c2:d2:e1:4d:72:3d:6b:d8:
91:2c:41:56:3a:28:12:4d:42:6c:76:87:30:ae:0f:fc:97:1c:
56:ac:0b:94:00:4e:94:a5:18:e5:3b:0f:88:61:9e:03:33:41:
d6:40:d4:38:f3:67:88:a4:24:f8:1e:f1:b9:74:91:61:1c:33:
55:63:77:23:94:d4:99:f7:ce:84:dc:f0:2a:49:9c:25:77:ef:
32:1e:8a:d3:0f:6e:ee:16:ce:51:4c:58:79:ee:b7:58:be:73:
2f:d5:d0:e8:37:0b:48:d5:b2:8f:dc:e1:d7:d6:40:ff:ae:6d:
f8:fc:09:50:1d:26:b7:6b:73:8d:9f:92:35:5b:31:ca:ec:90:
44:26:ad:8c:25:14:2b:81:ba:86:43:19:c7:4e:d6:e4:3c:bf:
83:e8:6a:31:17:04:4b:0b:0f:db:07:fb:a1:4b:b3:a7:57:fc:
57:81:71:a9:2b:3c:4c:00:c6:80:82:51:44:1e:b5:1c:6e:da:
a5:04:4d:fb:ee:0d:65:12:bb:48:9a:28:fd:e9:ae:c9:8f:4c:
ab:f7:90:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTJQhBl1KW/RCpvt9TGR3w2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViNTdhMmM2MDBiNjllMGJiYWVlMmM2ODk5Njc5MmY2Mjg2
YWJmZTcwHhcNMjIxMTMwMTU1NzQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjUyOGUxNjczMTI1NzZkMjcyMjE4ZDUxYTQ0ZWYzYjcyMTU3NzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArj7fUtRSdcoStscmoBINChf3HPIR
cw4k/67g2DiUOfeHdK4aM92oC18Nb+n1Z49LNhOZqtYgLJf4Fz+kSN4T110XOR99
UcEgCWX23zraiyOmU6kZRcFcdlZMiiBdRBYminDZNkOjGdZvg7T7xasIHEa6fhFy
Zltj0eYTfpMP4Z+II85CXm4Ni9yl6lmQWelL01DNtHrs3jXAJzS7/CYRCIKh7Hzm
/AN5GiTEhPov/zDt0FG3z3KBJQblgDxgrs/OUNn7x0rfYfqQ4WT8vWrizSMZuG5y
eGp7lIswTNfCvZeAJG3BG1DvWCJx1YGXpQoRp7wnizYNKqq4UHo1LSMXUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCZSjhZzEldtJyIY1RpE7ztyFXeaMB8GA1UdIwQY
MBaAFOtXosYAtp4Luu4saJlnkvYoar/nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjFlaXhnQzJuZ3U2N2l4b21XZVM5aWhxdi1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS83N2MyZGItZjdkMy00YThhLTllNTAt
NmQwYWY0NjBmY2VhLzEvSmxLT0ZuTVNWMjBuSWhqVkdrVHZPM0lWZDVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS83N2MyZGItZjdkMy00YThhLTllNTAtNmQwYWY0NjBmY2Vh
LzEvNjFlaXhnQzJuZ3U2N2l4b21XZVM5aWhxdi1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9TYMA0G
CSqGSIb3DQEBCwUAA4IBAQBNfKMSgzb/uXZG5lveFIVrjEPcOZl/dSVXbQFuTRTy
IdEKMufLvurTtLRMkRhvwtLhTXI9a9iRLEFWOigSTUJsdocwrg/8lxxWrAuUAE6U
pRjlOw+IYZ4DM0HWQNQ482eIpCT4HvG5dJFhHDNVY3cjlNSZ986E3PAqSZwld+8y
HorTD27uFs5RTFh57rdYvnMv1dDoNwtI1bKP3OHX1kD/rm34/AlQHSa3a3ONn5I1
WzHK7JBEJq2MJRQrgbqGQxnHTtbkPL+D6GoxFwRLCw/bB/uhS7OnV/xXgXGpKzxM
AMaAglFEHrUcbtqlBE377g1lErtImij96a7Jj0yr95BT
-----END CERTIFICATE-----
Generated at Wed Apr 23 06:30:27 2025 by rpki-client