Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/DPyXiBbwikFFfNBorjCq57Kbn6w.roa
File: DPyXiBbwikFFfNBorjCq57Kbn6w.roa (raw, json)
Hash identifier: 2g+3XSQBjVueC3Cc7yqPUcw3m58tp7z8fAYByVgX7to=
Subject key identifier: 0C:FC:97:88:16:F0:8A:41:45:7C:D0:68:AE:30:AA:E7:B2:9B:9F:AC
Certificate issuer: /CN=46d713ada8dabcf77681c0ca42d9969e447c8ea7
Certificate serial: 019417397EB982DDC06228043016EAC51C7B
Authority key identifier: 46:D7:13:AD:A8:DA:BC:F7:76:81:C0:CA:42:D9:96:9E:44:7C:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RtcTrajavPd2gcDKQtmWnkR8jqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/DPyXiBbwikFFfNBorjCq57Kbn6w.roa
Signing time: Mon 30 Dec 2024 11:00:31 +0000
ROA not before: Mon 30 Dec 2024 11:00:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.209.58.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:17:39:7e:b9:82:dd:c0:62:28:04:30:16:ea:c5:1c:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46d713ada8dabcf77681c0ca42d9969e447c8ea7
Validity
Not Before: Dec 30 11:00:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0cfc978816f08a41457cd068ae30aae7b29b9fac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:09:63:7c:c9:07:41:8e:82:20:5c:a6:e8:8c:
f8:9e:3d:72:2c:5c:41:db:d3:cc:39:7c:f2:80:59:
2f:b3:00:74:46:12:bf:b9:21:61:d9:14:3f:32:8c:
f5:3a:1c:ac:fd:23:c8:2a:ae:36:fa:b6:5b:a4:91:
6b:7b:09:cf:dd:31:3c:7d:15:23:90:d6:a9:6a:ef:
32:08:8d:19:71:ba:f3:72:21:74:55:15:7a:82:db:
bd:ff:30:c6:6d:3f:e4:c4:71:ad:dd:75:85:2d:a8:
e6:80:46:26:fb:b3:6b:a2:ce:97:1b:ee:30:3c:ac:
e1:70:a3:52:7b:5f:36:3a:6b:1c:fb:79:56:c8:0e:
3e:e5:df:1e:61:e6:c5:2d:0f:7d:35:08:3c:b0:56:
3c:d0:d5:f6:30:7a:a5:d3:fc:b7:99:e5:34:4f:b0:
e0:29:96:cc:c1:b4:e0:aa:03:ef:2e:6b:4d:07:8c:
e2:1a:73:90:51:a0:2b:0f:0c:ce:13:4e:d2:ec:b3:
a7:3a:04:46:35:39:4a:ed:e9:40:3d:aa:66:a5:c2:
e8:bb:4d:a3:1c:2d:2d:44:87:2b:c1:73:08:6f:96:
aa:4e:8b:39:06:d5:52:dc:e7:44:7d:6b:b9:d0:c9:
71:cc:c8:a2:37:d2:cc:07:0f:99:20:51:ef:26:6d:
54:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:FC:97:88:16:F0:8A:41:45:7C:D0:68:AE:30:AA:E7:B2:9B:9F:AC
X509v3 Authority Key Identifier:
keyid:46:D7:13:AD:A8:DA:BC:F7:76:81:C0:CA:42:D9:96:9E:44:7C:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RtcTrajavPd2gcDKQtmWnkR8jqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/DPyXiBbwikFFfNBorjCq57Kbn6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/RtcTrajavPd2gcDKQtmWnkR8jqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.58.0/24
Signature Algorithm: sha256WithRSAEncryption
21:61:6a:8e:3a:b4:86:43:9a:5c:55:1b:df:18:d8:19:97:9b:
26:85:0d:f9:0d:18:a2:76:ac:33:ad:a2:32:2e:d4:bb:82:d5:
c4:b2:3f:f4:39:f8:54:84:a1:df:fb:c8:89:d5:12:fd:f7:01:
21:cc:b2:e1:e3:62:95:58:dd:51:ef:db:d9:9f:38:75:5c:55:
99:0e:24:3e:8d:d9:f0:c2:4b:78:4a:a7:b7:c2:5a:ee:30:27:
9f:3c:9d:50:5a:fd:7e:34:4e:1d:07:55:b5:c2:d0:17:17:b8:
4a:e5:b6:44:7b:f5:58:79:ed:36:8b:24:2c:c5:52:39:45:c2:
44:d6:84:f0:36:5a:3c:60:9b:ea:da:ce:1d:33:de:a6:1e:f6:
72:6c:08:eb:2e:9f:33:ef:16:59:91:f0:53:a5:39:c3:6f:7f:
e0:4c:47:7e:3e:01:a7:13:34:93:6c:75:86:92:24:53:9a:2d:
fa:79:21:75:02:23:70:58:65:a6:de:b9:e5:41:3f:81:d5:a3:
93:6f:fb:23:94:39:82:06:69:8e:66:4e:47:68:62:1f:84:21:
d3:1a:3d:b3:e9:da:93:7c:31:a3:a7:2f:d1:38:d1:c1:13:96:
8c:c7:d3:8b:5e:47:9b:8e:4c:70:41:e4:b8:cb:24:de:7a:b9:
a7:42:e6:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQXOX65gt3AYigEMBbqxRx7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZDcxM2FkYThkYWJjZjc3NjgxYzBjYTQyZDk5NjllNDQ3
YzhlYTcwHhcNMjQxMjMwMTEwMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2ZjOTc4ODE2ZjA4YTQxNDU3Y2QwNjhhZTMwYWFlN2IyOWI5ZmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4AljfMkHQY6CIFym6Iz4nj1yLFxB
29PMOXzygFkvswB0RhK/uSFh2RQ/Moz1Ohys/SPIKq42+rZbpJFrewnP3TE8fRUj
kNapau8yCI0ZcbrzciF0VRV6gtu9/zDGbT/kxHGt3XWFLajmgEYm+7Nros6XG+4w
PKzhcKNSe182Omsc+3lWyA4+5d8eYebFLQ99NQg8sFY80NX2MHql0/y3meU0T7Dg
KZbMwbTgqgPvLmtNB4ziGnOQUaArDwzOE07S7LOnOgRGNTlK7elAPapmpcLou02j
HC0tRIcrwXMIb5aqTos5BtVS3OdEfWu50MlxzMiiN9LMBw+ZIFHvJm1U3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAz8l4gW8IpBRXzQaK4wqueym5+sMB8GA1UdIwQY
MBaAFEbXE62o2rz3doHAykLZlp5EfI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnRjVHJhamF2UGQyZ2NES1F0bVdua1I4anFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS84OWYwZjYtYTVhYy00NjdiLWE0YWQt
YmUyMThjZWY0YTExLzEvRFB5WGlCYndpa0ZGZk5Cb3JqQ3E1N0tibjZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS84OWYwZjYtYTVhYy00NjdiLWE0YWQtYmUyMThjZWY0YTEx
LzEvUnRjVHJhamF2UGQyZ2NES1F0bVdua1I4anFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9E6MA0G
CSqGSIb3DQEBCwUAA4IBAQAhYWqOOrSGQ5pcVRvfGNgZl5smhQ35DRiidqwzraIy
LtS7gtXEsj/0OfhUhKHf+8iJ1RL99wEhzLLh42KVWN1R79vZnzh1XFWZDiQ+jdnw
wkt4Sqe3wlruMCefPJ1QWv1+NE4dB1W1wtAXF7hK5bZEe/VYee02iyQsxVI5RcJE
1oTwNlo8YJvq2s4dM96mHvZybAjrLp8z7xZZkfBTpTnDb3/gTEd+PgGnEzSTbHWG
kiRTmi36eSF1AiNwWGWm3rnlQT+B1aOTb/sjlDmCBmmOZk5HaGIfhCHTGj2z6dqT
fDGjpy/RONHBE5aMx9OLXkebjkxwQeS4yyTeermnQubS
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:03:38 2025 by rpki-client