Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/0aeda7-6d3a-418e-96d5-1ca2d55e2061/1/EBtBV7UrwVXmkyvzxS0z9vQfx0A.roa
File: EBtBV7UrwVXmkyvzxS0z9vQfx0A.roa (raw, json)
Hash identifier: FkwHMiiwul2LJpS4PfQ3qpF7K64HbhtoogwVA485q3Y=
Subject key identifier: 10:1B:41:57:B5:2B:C1:55:E6:93:2B:F3:C5:2D:33:F6:F4:1F:C7:40
Certificate issuer: /CN=d4459dd6f7ccecfebeb434fc08db8e22d4569c23
Certificate serial: 018E507CE0E0FCD3D15F0C63F5D7B64F6624
Authority key identifier: D4:45:9D:D6:F7:CC:EC:FE:BE:B4:34:FC:08:DB:8E:22:D4:56:9C:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1EWd1vfM7P6-tDT8CNuOItRWnCM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/0aeda7-6d3a-418e-96d5-1ca2d55e2061/1/EBtBV7UrwVXmkyvzxS0z9vQfx0A.roa
Signing time: Mon 18 Mar 2024 07:35:45 +0000
ROA not before: Mon 18 Mar 2024 07:35:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64267
IP address blocks: 91.223.67.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:50:7c:e0:e0:fc:d3:d1:5f:0c:63:f5:d7:b6:4f:66:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4459dd6f7ccecfebeb434fc08db8e22d4569c23
Validity
Not Before: Mar 18 07:35:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=101b4157b52bc155e6932bf3c52d33f6f41fc740
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:10:d1:ae:29:20:9c:81:5e:a0:7f:d0:b5:53:
43:85:e7:ee:d9:75:08:f9:52:06:d6:9e:38:7c:95:
08:4c:18:47:ad:75:0f:d7:3b:56:f1:8b:e2:06:ee:
f2:ab:61:0c:55:72:93:90:86:d1:de:87:46:50:5b:
2d:63:fa:59:f6:a1:be:25:d8:26:9a:1d:88:2c:c7:
e8:3e:15:5a:02:c2:82:60:3f:1e:6b:e1:2f:d4:0b:
c9:82:7f:25:68:39:9e:18:77:ac:da:b3:b6:6f:5c:
b2:65:87:8d:c2:eb:29:87:7b:73:29:7b:c6:c2:a8:
2e:53:56:ca:74:e7:8e:9a:ac:ce:27:aa:dc:23:ad:
8d:11:45:27:f8:3b:92:e0:db:8c:83:b4:42:41:65:
e6:8c:54:4e:af:41:30:36:cf:e3:ec:ce:be:b9:b9:
42:e6:0a:92:d2:93:1c:9d:d9:a9:3f:e8:d5:c2:ec:
54:01:6a:7a:1a:51:92:49:37:22:21:85:34:42:fb:
55:38:b7:d7:28:02:33:df:55:15:ff:18:f4:51:b9:
eb:40:77:67:38:3f:a2:4b:24:1c:9d:e9:6e:54:cf:
96:46:53:25:b8:7b:12:48:05:e5:4c:cf:c1:82:0d:
e9:d4:12:95:6b:a1:fe:5b:1e:7b:87:ae:30:35:d3:
78:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:1B:41:57:B5:2B:C1:55:E6:93:2B:F3:C5:2D:33:F6:F4:1F:C7:40
X509v3 Authority Key Identifier:
keyid:D4:45:9D:D6:F7:CC:EC:FE:BE:B4:34:FC:08:DB:8E:22:D4:56:9C:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1EWd1vfM7P6-tDT8CNuOItRWnCM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/0aeda7-6d3a-418e-96d5-1ca2d55e2061/1/EBtBV7UrwVXmkyvzxS0z9vQfx0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/0aeda7-6d3a-418e-96d5-1ca2d55e2061/1/1EWd1vfM7P6-tDT8CNuOItRWnCM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.67.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:63:02:a4:b7:08:36:cd:e2:15:ff:67:86:4d:d9:41:b7:23:
df:dd:2c:09:52:13:b8:bf:4b:ee:e7:64:33:9a:d6:44:c3:30:
2d:b6:47:fc:cb:1a:53:16:c1:80:7a:c2:12:ee:bb:e3:f7:ce:
24:59:93:bd:dc:6a:d0:48:af:ea:84:d6:c0:8b:8c:e0:9d:ea:
e6:07:43:3b:32:00:40:fc:67:6b:5c:f3:de:84:9f:d4:6b:fd:
43:ba:f2:f3:99:f6:ef:43:ec:e9:5b:48:4d:d6:66:12:ec:d5:
4f:9f:d2:f3:72:36:a8:bb:cb:0f:ea:b8:c0:92:8e:ad:20:70:
a6:9a:b3:cf:33:4e:f3:f5:0f:6e:02:39:25:93:e5:54:38:79:
9a:d2:0b:4d:50:c1:e3:3e:91:8f:3d:4e:97:10:b1:1e:e5:9d:
3a:88:51:b7:9d:16:d9:fd:40:2d:65:ba:bf:d8:1a:c7:ae:e6:
1d:a7:f3:c6:2a:e3:3c:fd:8c:a7:ed:1d:44:cb:2e:b4:f5:ca:
01:bc:db:54:c5:2a:2a:78:5d:26:5f:64:64:91:d9:d4:5d:36:
a3:dd:a9:62:0b:fc:ee:ef:4f:48:8f:a6:90:93:f8:5e:de:8c:
dc:96:92:4d:f6:31:4f:7f:8c:86:38:86:a8:f2:af:d5:17:bf:
8a:3b:6f:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5QfODg/NPRXwxj9de2T2YkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NDU5ZGQ2ZjdjY2VjZmViZWI0MzRmYzA4ZGI4ZTIyZDQ1
NjljMjMwHhcNMjQwMzE4MDczNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDFiNDE1N2I1MmJjMTU1ZTY5MzJiZjNjNTJkMzNmNmY0MWZjNzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5hDRrikgnIFeoH/QtVNDhefu2XUI
+VIG1p44fJUITBhHrXUP1ztW8YviBu7yq2EMVXKTkIbR3odGUFstY/pZ9qG+Jdgm
mh2ILMfoPhVaAsKCYD8ea+Ev1AvJgn8laDmeGHes2rO2b1yyZYeNwusph3tzKXvG
wqguU1bKdOeOmqzOJ6rcI62NEUUn+DuS4NuMg7RCQWXmjFROr0EwNs/j7M6+ublC
5gqS0pMcndmpP+jVwuxUAWp6GlGSSTciIYU0QvtVOLfXKAIz31UV/xj0UbnrQHdn
OD+iSyQcneluVM+WRlMluHsSSAXlTM/Bgg3p1BKVa6H+Wx57h64wNdN4ewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBAbQVe1K8FV5pMr88UtM/b0H8dAMB8GA1UdIwQY
MBaAFNRFndb3zOz+vrQ0/AjbjiLUVpwjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUVXZDF2Zk03UDYtdERUOENOdU9JdFJXbkNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8wYWVkYTctNmQzYS00MThlLTk2ZDUt
MWNhMmQ1NWUyMDYxLzEvRUJ0QlY3VXJ3Vlhta3l2enhTMHo5dlFmeDBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8wYWVkYTctNmQzYS00MThlLTk2ZDUtMWNhMmQ1NWUyMDYx
LzEvMUVXZDF2Zk03UDYtdERUOENOdU9JdFJXbkNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW99DMA0G
CSqGSIb3DQEBCwUAA4IBAQAMYwKktwg2zeIV/2eGTdlBtyPf3SwJUhO4v0vu52Qz
mtZEwzAttkf8yxpTFsGAesIS7rvj984kWZO93GrQSK/qhNbAi4zgnermB0M7MgBA
/GdrXPPehJ/Ua/1DuvLzmfbvQ+zpW0hN1mYS7NVPn9Lzcjaou8sP6rjAko6tIHCm
mrPPM07z9Q9uAjklk+VUOHma0gtNUMHjPpGPPU6XELEe5Z06iFG3nRbZ/UAtZbq/
2BrHruYdp/PGKuM8/Yyn7R1Eyy609coBvNtUxSoqeF0mX2RkkdnUXTaj3aliC/zu
709Ij6aQk/he3ozclpJN9jFPf4yGOIao8q/VF7+KO284
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:43:38 2025 by rpki-client