Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/4624fc-634f-40cd-a607-5efda468a200/1/K7Dh8rSSQ0ZuRcpwx-Nw9hu6d6Q.roa
File: K7Dh8rSSQ0ZuRcpwx-Nw9hu6d6Q.roa (raw, json)
Hash identifier: MJLuNSDvw5gsLLjMvCyGbPkYHoPaPI+8SDMojGjNJzM=
Subject key identifier: 2B:B0:E1:F2:B4:92:43:46:6E:45:CA:70:C7:E3:70:F6:1B:BA:77:A4
Certificate issuer: /CN=1137c23453b88eba455c4208c6df5b3e1bbc245f
Certificate serial: 019424B38A2937AED695B444625F2EA0ED87
Authority key identifier: 11:37:C2:34:53:B8:8E:BA:45:5C:42:08:C6:DF:5B:3E:1B:BC:24:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ETfCNFO4jrpFXEIIxt9bPhu8JF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/4624fc-634f-40cd-a607-5efda468a200/1/K7Dh8rSSQ0ZuRcpwx-Nw9hu6d6Q.roa
Signing time: Thu 02 Jan 2025 01:48:53 +0000
ROA not before: Thu 02 Jan 2025 01:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47127
IP address blocks: 91.209.191.0/24 maxlen: 24
2001:67c:2b3c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:8a:29:37:ae:d6:95:b4:44:62:5f:2e:a0:ed:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1137c23453b88eba455c4208c6df5b3e1bbc245f
Validity
Not Before: Jan 2 01:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2bb0e1f2b49243466e45ca70c7e370f61bba77a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:4c:d7:6d:a0:6d:59:6f:f3:c4:f4:9d:c9:0a:
47:db:77:dd:0a:ac:f1:fd:a5:e3:47:9e:30:7e:9a:
09:dd:fe:57:25:29:00:54:39:ed:54:57:ab:cd:a0:
3b:0a:a4:fb:a6:1d:aa:e8:91:19:9b:69:ee:50:f8:
d0:05:40:9b:1c:32:cb:3e:72:18:87:75:16:81:4e:
cb:f7:80:26:4f:0a:66:c1:8e:49:f2:27:50:e8:83:
ba:a9:05:d8:26:f4:ee:74:9d:16:49:25:83:67:aa:
b8:ed:02:ca:64:d5:ee:54:07:07:15:e8:23:be:8a:
2c:2b:88:e3:53:04:1b:88:88:67:d2:ef:a3:a8:c1:
17:57:83:5f:64:61:91:45:f9:1a:fe:74:61:d1:27:
23:0e:70:a0:ee:96:d8:0b:0b:f1:8c:23:51:65:5c:
d7:e5:90:32:54:76:3c:06:c6:6c:de:21:68:cf:79:
93:ab:2b:a9:e7:f3:9b:50:e3:11:8c:a1:ae:87:31:
54:dc:aa:fc:53:db:2e:74:31:3d:92:c4:9c:ed:5c:
b9:26:70:61:42:75:27:34:62:b1:ba:fb:62:9e:07:
bd:77:a0:7b:d8:69:ff:21:b2:af:aa:f1:f8:30:55:
48:7b:de:4b:05:d6:77:74:67:3d:ea:63:a8:e1:1d:
27:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:B0:E1:F2:B4:92:43:46:6E:45:CA:70:C7:E3:70:F6:1B:BA:77:A4
X509v3 Authority Key Identifier:
keyid:11:37:C2:34:53:B8:8E:BA:45:5C:42:08:C6:DF:5B:3E:1B:BC:24:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ETfCNFO4jrpFXEIIxt9bPhu8JF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/4624fc-634f-40cd-a607-5efda468a200/1/K7Dh8rSSQ0ZuRcpwx-Nw9hu6d6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/4624fc-634f-40cd-a607-5efda468a200/1/ETfCNFO4jrpFXEIIxt9bPhu8JF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.191.0/24
IPv6:
2001:67c:2b3c::/48
Signature Algorithm: sha256WithRSAEncryption
54:79:40:c7:88:99:92:66:aa:be:3e:97:2a:7a:1d:de:92:74:
a2:09:ae:97:9e:92:b0:8a:c6:14:3f:89:82:4a:67:93:e7:d0:
12:53:c8:5d:c4:87:48:75:4a:96:0d:3a:75:40:9e:32:f2:20:
ea:89:8b:60:ed:8b:ab:b0:53:b6:fa:14:01:bf:39:29:c6:cb:
ca:2c:8e:24:20:78:5d:dd:62:cc:c4:5f:be:10:31:a0:b3:a7:
b4:7a:7f:3e:cd:26:c4:78:9a:68:59:1e:51:aa:c7:7f:57:37:
5e:04:4a:4c:a6:dd:16:4c:12:13:7f:53:d4:79:2f:ae:cf:59:
bf:d0:82:c2:b9:6c:df:af:62:00:73:42:13:1d:67:d4:ee:26:
44:0a:93:3d:90:56:b1:38:54:ca:5e:d8:6e:c5:ef:37:cd:c2:
b1:df:df:1b:5b:ae:a9:b0:b5:66:40:3a:46:c7:fe:44:64:ef:
fc:d6:f9:b3:1d:5d:dc:17:ec:1e:f0:85:b3:c7:c4:72:94:6b:
4e:ff:fd:35:d8:e0:a2:ad:2b:67:d1:0f:bd:86:e7:4a:94:c9:
7f:ff:22:40:7a:f6:e2:63:ba:73:f2:95:be:ff:58:bd:9f:30:
8a:50:18:66:d3:7c:03:aa:1b:ef:9c:70:37:d6:08:d7:52:c8:
30:fd:8d:2f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQks4opN67WlbREYl8uoO2HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMzdjMjM0NTNiODhlYmE0NTVjNDIwOGM2ZGY1YjNlMWJi
YzI0NWYwHhcNMjUwMTAyMDE0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmIwZTFmMmI0OTI0MzQ2NmU0NWNhNzBjN2UzNzBmNjFiYmE3N2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kzXbaBtWW/zxPSdyQpH23fdCqzx
/aXjR54wfpoJ3f5XJSkAVDntVFerzaA7CqT7ph2q6JEZm2nuUPjQBUCbHDLLPnIY
h3UWgU7L94AmTwpmwY5J8idQ6IO6qQXYJvTudJ0WSSWDZ6q47QLKZNXuVAcHFegj
voosK4jjUwQbiIhn0u+jqMEXV4NfZGGRRfka/nRh0ScjDnCg7pbYCwvxjCNRZVzX
5ZAyVHY8BsZs3iFoz3mTqyup5/ObUOMRjKGuhzFU3Kr8U9sudDE9ksSc7Vy5JnBh
QnUnNGKxuvtinge9d6B72Gn/IbKvqvH4MFVIe95LBdZ3dGc96mOo4R0n+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCuw4fK0kkNGbkXKcMfjcPYbunekMB8GA1UdIwQY
MBaAFBE3wjRTuI66RVxCCMbfWz4bvCRfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVRmQ05GTzRqcnBGWEVJSXh0OWJQaHU4SkY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi80NjI0ZmMtNjM0Zi00MGNkLWE2MDct
NWVmZGE0NjhhMjAwLzEvSzdEaDhyU1NRMFp1UmNwd3gtTnc5aHU2ZDZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi80NjI0ZmMtNjM0Zi00MGNkLWE2MDctNWVmZGE0NjhhMjAw
LzEvRVRmQ05GTzRqcnBGWEVJSXh0OWJQaHU4SkY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9G/MA8E
AgACMAkDBwAgAQZ8KzwwDQYJKoZIhvcNAQELBQADggEBAFR5QMeImZJmqr4+lyp6
Hd6SdKIJrpeekrCKxhQ/iYJKZ5Pn0BJTyF3Eh0h1SpYNOnVAnjLyIOqJi2Dti6uw
U7b6FAG/OSnGy8osjiQgeF3dYszEX74QMaCzp7R6fz7NJsR4mmhZHlGqx39XN14E
Skym3RZMEhN/U9R5L67PWb/QgsK5bN+vYgBzQhMdZ9TuJkQKkz2QVrE4VMpe2G7F
7zfNwrHf3xtbrqmwtWZAOkbH/kRk7/zW+bMdXdwX7B7whbPHxHKUa07//TXY4KKt
K2fRD72G50qUyX//IkB69uJjunPylb7/WL2fMIpQGGbTfAOqG++ccDfWCNdSyDD9
jS8=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:33:03 2025 by rpki-client