Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/d0be0b-bfa1-46da-bc10-35769f06299a/1/nJjrSgE7Va7EKxllkFfukC6fvJY.roa
File: nJjrSgE7Va7EKxllkFfukC6fvJY.roa (raw, json)
Hash identifier: V3JIEPfJn7JzMttrERHm2nxfQ8d/LYnbQ0isiQmawx8=
Subject key identifier: 9C:98:EB:4A:01:3B:55:AE:C4:2B:19:65:90:57:EE:90:2E:9F:BC:96
Certificate issuer: /CN=8ec0cc08c98e05f4e1fb044008d852a2a4da00f0
Certificate serial: 01942520C2CF8360130E6F22A5D12CDD7208
Authority key identifier: 8E:C0:CC:08:C9:8E:05:F4:E1:FB:04:40:08:D8:52:A2:A4:DA:00:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jsDMCMmOBfTh-wRACNhSoqTaAPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/d0be0b-bfa1-46da-bc10-35769f06299a/1/nJjrSgE7Va7EKxllkFfukC6fvJY.roa
Signing time: Thu 02 Jan 2025 03:48:11 +0000
ROA not before: Thu 02 Jan 2025 03:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3225
IP address blocks: 91.216.188.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:20:c2:cf:83:60:13:0e:6f:22:a5:d1:2c:dd:72:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ec0cc08c98e05f4e1fb044008d852a2a4da00f0
Validity
Not Before: Jan 2 03:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c98eb4a013b55aec42b19659057ee902e9fbc96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:9a:9b:d0:df:f9:ff:58:ea:32:b6:57:94:be:
36:ed:9d:b5:60:30:8b:5e:fe:02:d4:7f:e2:8a:77:
88:5d:10:ad:9d:d5:6b:a4:f0:72:da:61:76:a9:35:
88:98:20:0c:ee:7d:ae:9b:6e:da:b5:d8:8c:19:b5:
b0:2f:3b:89:6b:f5:45:b4:c9:03:a3:6a:a9:36:f2:
6a:69:a9:43:fd:52:bc:7f:3a:61:4d:ce:0f:2d:0c:
2b:51:74:b1:f9:46:f3:fc:cd:89:ca:69:02:50:3a:
6a:ce:c1:c6:f6:c1:9e:20:3d:81:a0:c1:68:d8:ac:
11:c4:f8:fb:2d:b5:de:9b:2c:32:fd:78:3e:d7:45:
f6:7f:ab:e3:5e:5b:99:a3:a2:40:52:d3:f1:d2:3b:
bd:a3:29:cf:c9:57:49:09:2e:d8:8f:21:17:ae:f6:
ca:d7:1a:20:a5:8b:78:73:f4:8a:d6:cf:ab:e8:b0:
8b:61:91:44:c3:d8:10:b1:5d:67:72:47:96:59:a6:
8d:17:20:c4:01:79:64:4a:15:c0:04:0b:94:6f:c8:
d7:44:39:1d:7e:00:d0:17:5e:66:5a:82:7c:0e:db:
67:aa:37:96:f2:4e:2c:18:b4:d7:5c:af:94:56:9b:
c1:6b:16:5e:a5:1d:5f:7a:fe:34:3c:33:3b:7f:b6:
56:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:98:EB:4A:01:3B:55:AE:C4:2B:19:65:90:57:EE:90:2E:9F:BC:96
X509v3 Authority Key Identifier:
keyid:8E:C0:CC:08:C9:8E:05:F4:E1:FB:04:40:08:D8:52:A2:A4:DA:00:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jsDMCMmOBfTh-wRACNhSoqTaAPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/d0be0b-bfa1-46da-bc10-35769f06299a/1/nJjrSgE7Va7EKxllkFfukC6fvJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/d0be0b-bfa1-46da-bc10-35769f06299a/1/jsDMCMmOBfTh-wRACNhSoqTaAPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.188.0/24
Signature Algorithm: sha256WithRSAEncryption
02:be:ab:a2:f1:66:26:fa:85:06:1d:38:4f:62:7f:54:b4:fa:
0f:88:ad:44:7a:06:45:ad:ac:9b:4c:fb:e1:b3:5c:b7:c5:da:
9c:ee:4c:1a:f7:b3:65:0d:40:d3:5d:37:51:d7:43:f9:a9:29:
71:fa:bb:ce:f9:69:e1:01:c6:7d:71:8e:cf:04:43:06:f7:76:
de:05:23:f6:2c:ce:13:0c:dc:7a:8d:41:37:97:7e:34:06:58:
7f:ce:5e:3f:89:40:d7:ef:a5:ee:b4:bd:28:72:e6:5c:85:69:
03:33:14:98:54:e7:1f:65:a8:ce:14:2c:c1:4c:ec:cb:0d:86:
a8:1b:d7:5e:92:66:50:1c:55:b9:d9:18:22:b9:4a:81:40:48:
1f:a7:43:44:39:ba:c6:56:ee:d0:a8:14:6a:0d:fd:5b:3b:42:
0f:db:8e:57:2e:db:58:fe:ae:a1:a6:6e:eb:c9:af:07:aa:ef:
69:58:c5:3e:4a:fe:bb:b5:27:ad:e8:28:63:a0:45:46:72:45:
52:29:51:5d:00:2f:4d:a2:51:2a:78:ba:bf:0e:cb:02:3e:b8:
ab:57:a9:1e:99:f5:1e:07:2a:56:8b:36:1d:38:e2:3c:3a:43:
8e:b5:44:03:57:84:d0:f8:6b:ee:78:4c:90:df:fa:ac:96:f6:
bc:75:a5:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIMLPg2ATDm8ipdEs3XIIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYzBjYzA4Yzk4ZTA1ZjRlMWZiMDQ0MDA4ZDg1MmEyYTRk
YTAwZjAwHhcNMjUwMTAyMDM0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yzk4ZWI0YTAxM2I1NWFlYzQyYjE5NjU5MDU3ZWU5MDJlOWZiYzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Zqb0N/5/1jqMrZXlL427Z21YDCL
Xv4C1H/iineIXRCtndVrpPBy2mF2qTWImCAM7n2um27atdiMGbWwLzuJa/VFtMkD
o2qpNvJqaalD/VK8fzphTc4PLQwrUXSx+Ubz/M2JymkCUDpqzsHG9sGeID2BoMFo
2KwRxPj7LbXemywy/Xg+10X2f6vjXluZo6JAUtPx0ju9oynPyVdJCS7YjyEXrvbK
1xogpYt4c/SK1s+r6LCLYZFEw9gQsV1nckeWWaaNFyDEAXlkShXABAuUb8jXRDkd
fgDQF15mWoJ8DttnqjeW8k4sGLTXXK+UVpvBaxZepR1fev40PDM7f7ZWEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJyY60oBO1WuxCsZZZBX7pAun7yWMB8GA1UdIwQY
MBaAFI7AzAjJjgX04fsEQAjYUqKk2gDwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanNETUNNbU9CZlRoLXdSQUNOaFNvcVRhQVBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9kMGJlMGItYmZhMS00NmRhLWJjMTAt
MzU3NjlmMDYyOTlhLzEvbkpqclNnRTdWYTdFS3hsbGtGZnVrQzZmdkpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9kMGJlMGItYmZhMS00NmRhLWJjMTAtMzU3NjlmMDYyOTlh
LzEvanNETUNNbU9CZlRoLXdSQUNOaFNvcVRhQVBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9i8MA0G
CSqGSIb3DQEBCwUAA4IBAQACvqui8WYm+oUGHThPYn9UtPoPiK1EegZFraybTPvh
s1y3xdqc7kwa97NlDUDTXTdR10P5qSlx+rvO+WnhAcZ9cY7PBEMG93beBSP2LM4T
DNx6jUE3l340Blh/zl4/iUDX76XutL0ocuZchWkDMxSYVOcfZajOFCzBTOzLDYao
G9dekmZQHFW52RgiuUqBQEgfp0NEObrGVu7QqBRqDf1bO0IP245XLttY/q6hpm7r
ya8Hqu9pWMU+Sv67tSet6ChjoEVGckVSKVFdAC9NolEqeLq/DssCPrirV6kemfUe
BypWizYdOOI8OkOOtUQDV4TQ+GvueEyQ3/qslva8daXS
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:51:00 2025 by rpki-client