Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/ca935b-2484-4020-b814-3d4ae80fc45d/1/VSn5uPQ_--q-Fjr7jf4ofg8u7B4.roa
File: VSn5uPQ_--q-Fjr7jf4ofg8u7B4.roa (raw, json)
Hash identifier: RsxVnXtG87aKUHx4Akae24ZWXtmFpmo4diVbmXsY5Fg=
Subject key identifier: 55:29:F9:B8:F4:3F:FB:EA:BE:16:3A:FB:8D:FE:28:7E:0F:2E:EC:1E
Certificate issuer: /CN=10721ead6a4575643cb703062c0968755e8281eb
Certificate serial: 0194228E1D1859328E77CABAC9746B21A527
Authority key identifier: 10:72:1E:AD:6A:45:75:64:3C:B7:03:06:2C:09:68:75:5E:82:81:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EHIerWpFdWQ8twMGLAlodV6Cges.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/ca935b-2484-4020-b814-3d4ae80fc45d/1/VSn5uPQ_--q-Fjr7jf4ofg8u7B4.roa
Signing time: Wed 01 Jan 2025 15:48:46 +0000
ROA not before: Wed 01 Jan 2025 15:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2856
IP address blocks: 91.236.216.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:1d:18:59:32:8e:77:ca:ba:c9:74:6b:21:a5:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10721ead6a4575643cb703062c0968755e8281eb
Validity
Not Before: Jan 1 15:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5529f9b8f43ffbeabe163afb8dfe287e0f2eec1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b9:2a:cd:ec:e9:70:2b:67:44:99:55:88:d7:
e1:98:c6:22:2b:c2:ae:43:a0:68:d2:a3:7b:74:f3:
c9:34:a3:3a:fd:fd:18:df:0f:24:a2:87:2b:5d:82:
a0:59:5d:99:57:91:05:0f:e9:d3:1c:42:f4:58:be:
da:fe:12:70:c8:a3:1e:9d:a4:12:d8:44:d1:46:e3:
9e:84:af:14:35:ad:97:1b:bb:35:b2:18:f9:9d:68:
ff:07:34:1d:a1:bf:63:b5:0e:03:15:93:27:f1:83:
0c:59:57:83:43:fd:87:e8:36:ae:7e:83:a0:26:76:
34:f2:12:e7:fa:5b:b6:4e:1d:f5:1f:83:d9:a9:2f:
61:bb:80:2c:5e:a2:6d:bf:c8:39:92:d8:20:11:cb:
01:79:08:fd:d1:46:b9:4c:13:5c:16:c2:e0:e0:e8:
71:4b:f2:d4:42:f0:e5:0f:c1:e1:8d:43:a5:4c:25:
ab:ba:74:9d:3c:c5:71:1e:1f:e6:c3:fe:5a:1f:c7:
05:61:0b:4b:91:51:56:31:d6:68:69:0f:55:17:72:
af:cd:ef:96:e1:f2:95:c4:6d:ab:dc:95:45:13:94:
ad:2d:6f:99:41:51:b5:a9:23:56:14:9c:71:47:ef:
68:f3:89:d4:98:e0:c2:e5:d3:20:bf:80:73:b0:6c:
f4:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:29:F9:B8:F4:3F:FB:EA:BE:16:3A:FB:8D:FE:28:7E:0F:2E:EC:1E
X509v3 Authority Key Identifier:
keyid:10:72:1E:AD:6A:45:75:64:3C:B7:03:06:2C:09:68:75:5E:82:81:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHIerWpFdWQ8twMGLAlodV6Cges.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/ca935b-2484-4020-b814-3d4ae80fc45d/1/VSn5uPQ_--q-Fjr7jf4ofg8u7B4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/ca935b-2484-4020-b814-3d4ae80fc45d/1/EHIerWpFdWQ8twMGLAlodV6Cges.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.216.0/23
Signature Algorithm: sha256WithRSAEncryption
28:59:04:06:f7:09:53:15:81:52:c5:e7:bd:47:40:00:bf:74:
ef:49:48:ec:e2:38:57:2c:9b:f5:93:d6:04:ed:b7:3f:78:4b:
8f:b1:bb:84:c4:95:66:b5:bb:80:e6:ed:a0:e7:44:ec:6a:e7:
38:82:d9:58:05:fd:f1:0b:db:6e:fd:a0:e8:79:27:86:f4:80:
f8:2a:9e:82:b3:c9:ee:d2:aa:55:aa:1b:98:e7:e2:d4:e1:18:
1f:cf:94:99:8e:09:d5:af:14:58:c3:ef:e7:d1:d9:9b:e4:a2:
f2:5d:a5:2d:90:27:86:04:b8:a0:b0:9c:9e:dd:d4:f7:e0:be:
87:25:59:86:64:e2:d8:97:c0:24:51:44:bf:bc:ef:a9:4f:57:
f6:28:11:85:22:18:e1:bb:0c:4b:36:94:0a:3a:9b:ff:c4:56:
9f:43:a0:51:26:04:01:35:fc:d7:fe:6c:f3:03:58:1c:0e:d8:
bc:0e:52:07:f5:04:e5:fc:8c:ae:66:3a:e7:d2:73:5f:e8:a2:
4d:e9:73:8d:e2:79:c1:73:ce:b5:78:06:3a:6f:84:1c:be:a4:
f8:ff:6d:46:96:7d:30:20:bc:c0:f8:ac:1e:44:34:26:3f:d8:
bc:8a:30:dc:50:af:4d:b1:29:8f:c2:58:a4:e3:1e:2b:3a:05:
f4:47:ef:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijh0YWTKOd8q6yXRrIaUnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzIxZWFkNmE0NTc1NjQzY2I3MDMwNjJjMDk2ODc1NWU4
MjgxZWIwHhcNMjUwMTAxMTU0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTI5ZjliOGY0M2ZmYmVhYmUxNjNhZmI4ZGZlMjg3ZTBmMmVlYzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirkqzezpcCtnRJlViNfhmMYiK8Ku
Q6Bo0qN7dPPJNKM6/f0Y3w8koocrXYKgWV2ZV5EFD+nTHEL0WL7a/hJwyKMenaQS
2ETRRuOehK8UNa2XG7s1shj5nWj/BzQdob9jtQ4DFZMn8YMMWVeDQ/2H6DaufoOg
JnY08hLn+lu2Th31H4PZqS9hu4AsXqJtv8g5ktggEcsBeQj90Ua5TBNcFsLg4Ohx
S/LUQvDlD8HhjUOlTCWrunSdPMVxHh/mw/5aH8cFYQtLkVFWMdZoaQ9VF3Kvze+W
4fKVxG2r3JVFE5StLW+ZQVG1qSNWFJxxR+9o84nUmODC5dMgv4BzsGz0sQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFUp+bj0P/vqvhY6+43+KH4PLuweMB8GA1UdIwQY
MBaAFBByHq1qRXVkPLcDBiwJaHVegoHrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhJZXJXcEZkV1E4dHdNR0xBbG9kVjZDZ2VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9jYTkzNWItMjQ4NC00MDIwLWI4MTQt
M2Q0YWU4MGZjNDVkLzEvVlNuNXVQUV8tLXEtRmpyN2pmNG9mZzh1N0I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9jYTkzNWItMjQ4NC00MDIwLWI4MTQtM2Q0YWU4MGZjNDVk
LzEvRUhJZXJXcEZkV1E4dHdNR0xBbG9kVjZDZ2VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+zYMA0G
CSqGSIb3DQEBCwUAA4IBAQAoWQQG9wlTFYFSxee9R0AAv3TvSUjs4jhXLJv1k9YE
7bc/eEuPsbuExJVmtbuA5u2g50Tsauc4gtlYBf3xC9tu/aDoeSeG9ID4Kp6Cs8nu
0qpVqhuY5+LU4Rgfz5SZjgnVrxRYw+/n0dmb5KLyXaUtkCeGBLigsJye3dT34L6H
JVmGZOLYl8AkUUS/vO+pT1f2KBGFIhjhuwxLNpQKOpv/xFafQ6BRJgQBNfzX/mzz
A1gcDti8DlIH9QTl/IyuZjrn0nNf6KJN6XON4nnBc861eAY6b4QcvqT4/21Gln0w
ILzA+KweRDQmP9i8ijDcUK9NsSmPwlik4x4rOgX0R+8O
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:37:02 2025 by rpki-client