Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/bdNQzeukZSWcpf3GbOqNSWivq-4.roa
File: bdNQzeukZSWcpf3GbOqNSWivq-4.roa (raw, json)
Hash identifier: zq3BBXarvfxb6RhHxQi7sMwkQiw4nqXDpdm0fit4YVA=
Subject key identifier: 6D:D3:50:CD:EB:A4:65:25:9C:A5:FD:C6:6C:EA:8D:49:68:AF:AB:EE
Certificate issuer: /CN=46d713ada8dabcf77681c0ca42d9969e447c8ea7
Certificate serial: 01942825A43BB4E00CA7E799279B9CAE59E6
Authority key identifier: 46:D7:13:AD:A8:DA:BC:F7:76:81:C0:CA:42:D9:96:9E:44:7C:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RtcTrajavPd2gcDKQtmWnkR8jqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/bdNQzeukZSWcpf3GbOqNSWivq-4.roa
Signing time: Thu 02 Jan 2025 17:52:22 +0000
ROA not before: Thu 02 Jan 2025 17:52:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 91.209.58.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:a4:3b:b4:e0:0c:a7:e7:99:27:9b:9c:ae:59:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46d713ada8dabcf77681c0ca42d9969e447c8ea7
Validity
Not Before: Jan 2 17:52:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6dd350cdeba465259ca5fdc66cea8d4968afabee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:61:42:e0:92:a3:8f:8e:df:13:57:cd:34:0f:
47:71:9c:3e:91:38:50:0e:6f:13:10:5f:03:cd:ec:
14:78:dc:0b:b1:28:b6:db:e4:29:a3:82:6c:d0:34:
1e:a2:98:f0:1e:46:be:4a:2c:ce:be:17:4c:00:e8:
3a:08:e4:ca:76:0d:b8:0c:62:8c:7f:1c:44:00:0b:
f8:ab:b1:da:ac:31:a9:76:2e:2d:6d:53:a9:9d:42:
03:44:9e:dc:e9:f6:db:29:07:74:c4:9f:e4:a1:06:
64:51:96:42:31:0f:b2:0d:aa:30:79:a4:e9:7d:32:
de:d0:02:ad:0c:0e:0b:0a:00:8e:d2:de:b4:2f:05:
03:2b:c4:bf:bb:de:cf:1f:63:17:25:b1:3f:46:de:
bc:cd:d9:67:ce:e2:74:43:b1:44:43:70:44:9d:a0:
b1:d5:80:9c:20:53:f0:45:d6:64:a7:63:c7:e8:11:
e0:34:a5:36:95:68:2b:f1:ef:89:88:80:57:65:bd:
27:55:db:70:3c:0c:38:19:cc:1c:0b:6e:18:ee:60:
56:51:2f:bf:c7:47:44:38:41:17:48:6d:4c:84:a5:
6a:43:dd:db:fe:bc:28:e6:03:b1:1f:5b:2a:e9:03:
13:b4:b3:14:01:9f:67:2b:ae:3b:85:95:43:24:f7:
cc:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:D3:50:CD:EB:A4:65:25:9C:A5:FD:C6:6C:EA:8D:49:68:AF:AB:EE
X509v3 Authority Key Identifier:
keyid:46:D7:13:AD:A8:DA:BC:F7:76:81:C0:CA:42:D9:96:9E:44:7C:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RtcTrajavPd2gcDKQtmWnkR8jqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/bdNQzeukZSWcpf3GbOqNSWivq-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/RtcTrajavPd2gcDKQtmWnkR8jqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.58.0/24
Signature Algorithm: sha256WithRSAEncryption
09:90:30:60:3a:0f:46:88:04:ee:f0:97:ad:4e:f4:ce:10:a9:
4d:70:51:ee:4d:d0:76:14:5f:1f:79:86:c3:7c:3a:43:13:43:
87:20:4d:af:b5:68:a8:9a:88:c9:1d:07:28:4a:ed:ff:04:50:
ff:fe:c4:45:c7:a9:e4:b9:fc:c1:24:eb:3f:2f:c9:c4:2f:0f:
9b:16:87:20:c9:1b:ff:0f:dc:95:9b:63:83:8a:b8:5f:76:e4:
59:f8:02:c2:7f:38:aa:f7:6a:52:8c:22:f4:7b:39:1b:e4:9a:
b7:4e:6f:57:78:b4:0b:65:95:fb:4b:0d:4b:e7:47:06:ed:ce:
38:12:97:72:c2:8e:96:5b:2b:24:f2:75:62:73:1d:3e:37:4d:
b8:b4:f2:e4:8e:fe:44:e4:57:9b:82:ab:13:4b:0a:78:69:76:
4d:7f:ce:22:77:d0:01:02:b4:3d:19:eb:e3:3c:b5:0e:ea:cd:
ff:68:85:96:a4:1d:09:e4:31:89:7a:fb:94:77:f0:21:70:13:
26:b5:b6:ce:77:d3:30:4f:96:d7:a3:96:c8:6c:62:12:99:97:
b8:17:58:89:ca:61:13:61:2c:8b:71:fa:20:3e:35:37:da:45:
47:8e:93:10:0c:e1:cd:2c:b0:8e:e7:b5:92:55:4f:c3:20:f9:
37:48:87:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJaQ7tOAMp+eZJ5ucrlnmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZDcxM2FkYThkYWJjZjc3NjgxYzBjYTQyZDk5NjllNDQ3
YzhlYTcwHhcNMjUwMTAyMTc1MjIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGQzNTBjZGViYTQ2NTI1OWNhNWZkYzY2Y2VhOGQ0OTY4YWZhYmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGFC4JKjj47fE1fNNA9HcZw+kThQ
Dm8TEF8DzewUeNwLsSi22+Qpo4Js0DQeopjwHka+SizOvhdMAOg6COTKdg24DGKM
fxxEAAv4q7HarDGpdi4tbVOpnUIDRJ7c6fbbKQd0xJ/koQZkUZZCMQ+yDaoweaTp
fTLe0AKtDA4LCgCO0t60LwUDK8S/u97PH2MXJbE/Rt68zdlnzuJ0Q7FEQ3BEnaCx
1YCcIFPwRdZkp2PH6BHgNKU2lWgr8e+JiIBXZb0nVdtwPAw4GcwcC24Y7mBWUS+/
x0dEOEEXSG1MhKVqQ93b/rwo5gOxH1sq6QMTtLMUAZ9nK647hZVDJPfM6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG3TUM3rpGUlnKX9xmzqjUlor6vuMB8GA1UdIwQY
MBaAFEbXE62o2rz3doHAykLZlp5EfI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnRjVHJhamF2UGQyZ2NES1F0bVdua1I4anFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS84OWYwZjYtYTVhYy00NjdiLWE0YWQt
YmUyMThjZWY0YTExLzEvYmROUXpldWtaU1djcGYzR2JPcU5TV2l2cS00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS84OWYwZjYtYTVhYy00NjdiLWE0YWQtYmUyMThjZWY0YTEx
LzEvUnRjVHJhamF2UGQyZ2NES1F0bVdua1I4anFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9E6MA0G
CSqGSIb3DQEBCwUAA4IBAQAJkDBgOg9GiATu8JetTvTOEKlNcFHuTdB2FF8feYbD
fDpDE0OHIE2vtWiomojJHQcoSu3/BFD//sRFx6nkufzBJOs/L8nELw+bFocgyRv/
D9yVm2ODirhfduRZ+ALCfziq92pSjCL0ezkb5Jq3Tm9XeLQLZZX7Sw1L50cG7c44
Epdywo6WWysk8nVicx0+N024tPLkjv5E5FebgqsTSwp4aXZNf84id9ABArQ9Gevj
PLUO6s3/aIWWpB0J5DGJevuUd/AhcBMmtbbOd9MwT5bXo5bIbGISmZe4F1iJymET
YSyLcfogPjU32kVHjpMQDOHNLLCO57WSVU/DIPk3SIex
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:51:47 2025 by rpki-client