Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/iz2e1WvANnWmtRQavyIoMp6Y1yI.roa
File: iz2e1WvANnWmtRQavyIoMp6Y1yI.roa (raw, json)
Hash identifier: XpD2LA/jEP1F15T6/I8sBUTk7azVeADNLImo4LpU3k8=
Subject key identifier: 8B:3D:9E:D5:6B:C0:36:75:A6:B5:14:1A:BF:22:28:32:9E:98:D7:22
Certificate issuer: /CN=a389e7035b08e181a341f37eda7343d23f1cafa4
Certificate serial: 018570B9879A2B26EFA27DFE5C48E35C598E
Authority key identifier: A3:89:E7:03:5B:08:E1:81:A3:41:F3:7E:DA:73:43:D2:3F:1C:AF:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o4nnA1sI4YGjQfN-2nND0j8cr6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/iz2e1WvANnWmtRQavyIoMp6Y1yI.roa
Signing time: Mon 02 Jan 2023 04:24:45 +0000
ROA not before: Mon 02 Jan 2023 04:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49788
IP address blocks: 91.240.204.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b9:87:9a:2b:26:ef:a2:7d:fe:5c:48:e3:5c:59:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a389e7035b08e181a341f37eda7343d23f1cafa4
Validity
Not Before: Jan 2 04:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b3d9ed56bc03675a6b5141abf2228329e98d722
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f4:7e:69:1c:67:80:25:ea:f3:f1:a6:42:54:
d6:c4:31:54:5f:d5:6f:1c:91:e3:9c:4d:10:90:df:
aa:40:3b:b3:88:ee:90:f9:ac:c9:4a:4e:c0:e0:62:
a8:fa:7c:01:a4:93:6f:7f:da:55:87:46:8e:d8:63:
b6:25:d0:e5:24:63:74:c0:8d:bc:39:e9:16:19:92:
0e:e5:2f:0e:bf:04:1b:d4:5d:c0:28:01:5d:65:e9:
20:be:e2:51:07:fa:e5:fa:7e:6d:f2:9c:74:24:56:
85:e3:33:a0:c2:c1:0b:0e:99:12:40:43:e4:4a:8e:
8b:3e:67:87:fe:c8:f8:99:03:bc:f7:ce:a5:8b:ea:
d2:6d:23:0b:06:24:6d:96:74:21:92:d6:da:04:28:
60:80:0b:45:7b:4e:c5:a8:b4:5b:43:d6:b1:9a:5b:
36:0d:b7:88:e8:fc:d4:33:cc:aa:30:72:a6:09:84:
b1:3d:e5:ec:5c:7e:b3:c8:7d:d3:66:88:fe:5f:db:
d4:99:23:c5:08:f8:a2:2d:39:e1:b1:b6:19:67:bd:
32:0a:c5:5c:5b:12:b0:f7:f0:58:57:58:a0:2e:74:
9d:e0:1a:62:bc:56:02:51:a4:a4:bd:6c:56:32:f0:
c0:e3:58:b2:fa:b3:53:cf:a7:2d:2d:5e:a6:11:1c:
16:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:3D:9E:D5:6B:C0:36:75:A6:B5:14:1A:BF:22:28:32:9E:98:D7:22
X509v3 Authority Key Identifier:
keyid:A3:89:E7:03:5B:08:E1:81:A3:41:F3:7E:DA:73:43:D2:3F:1C:AF:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o4nnA1sI4YGjQfN-2nND0j8cr6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/iz2e1WvANnWmtRQavyIoMp6Y1yI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/o4nnA1sI4YGjQfN-2nND0j8cr6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.204.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:1d:4d:58:f8:35:c4:af:14:4e:5e:ee:70:66:f3:3d:ed:24:
c4:f6:ac:ff:c0:37:b4:45:a8:7f:cb:5d:21:ff:06:72:b2:0e:
47:21:a4:0f:40:47:94:6f:e1:d0:60:e1:55:a5:86:c4:21:04:
9d:78:65:3a:87:c9:41:b1:b1:a0:b2:20:f9:df:95:a2:be:70:
16:e7:ea:6b:47:fb:b3:37:10:6a:5a:a0:45:10:4a:58:3b:52:
4e:c1:57:89:26:11:6c:55:da:10:f9:ce:39:4a:50:94:81:19:
ea:b3:43:94:3e:87:a9:ef:d5:6a:d5:5b:94:ba:8b:9c:5d:97:
82:41:ed:1e:61:79:a3:78:e6:0a:c9:8f:e3:5a:0c:e7:d1:46:
2b:93:1c:9b:12:12:d5:81:3e:a7:34:04:51:7a:d2:4e:b2:a1:
68:fa:d3:ac:c5:9f:86:72:6b:77:9c:75:88:d5:39:a4:4c:bd:
d2:a5:7a:87:05:4d:cc:ea:42:a4:19:19:c6:be:c5:9a:84:87:
c0:db:29:91:74:7a:20:0b:3d:3d:92:ac:d4:bb:58:ba:db:42:
7a:96:60:44:1d:4a:82:cc:0a:4e:53:76:17:4b:6d:7a:03:f2:
33:cc:75:07:9d:aa:f5:79:05:3f:fb:9f:9f:ea:c4:5e:f2:ee:
fe:72:e5:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwuYeaKybvon3+XEjjXFmOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzODllNzAzNWIwOGUxODFhMzQxZjM3ZWRhNzM0M2QyM2Yx
Y2FmYTQwHhcNMjMwMTAyMDQyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjNkOWVkNTZiYzAzNjc1YTZiNTE0MWFiZjIyMjgzMjllOThkNzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/R+aRxngCXq8/GmQlTWxDFUX9Vv
HJHjnE0QkN+qQDuziO6Q+azJSk7A4GKo+nwBpJNvf9pVh0aO2GO2JdDlJGN0wI28
OekWGZIO5S8OvwQb1F3AKAFdZekgvuJRB/rl+n5t8px0JFaF4zOgwsELDpkSQEPk
So6LPmeH/sj4mQO8986li+rSbSMLBiRtlnQhktbaBChggAtFe07FqLRbQ9axmls2
DbeI6PzUM8yqMHKmCYSxPeXsXH6zyH3TZoj+X9vUmSPFCPiiLTnhsbYZZ70yCsVc
WxKw9/BYV1igLnSd4BpivFYCUaSkvWxWMvDA41iy+rNTz6ctLV6mERwWrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIs9ntVrwDZ1prUUGr8iKDKemNciMB8GA1UdIwQY
MBaAFKOJ5wNbCOGBo0HzftpzQ9I/HK+kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzRubkExc0k0WUdqUWZOLTJuTkQwajhjcjZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9mMDUzY2QtMWQ3OS00M2ExLTlhYWIt
MGU3MjQxNmI0ZGM3LzEvaXoyZTFXdkFObldtdFJRYXZ5SW9NcDZZMXlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9mMDUzY2QtMWQ3OS00M2ExLTlhYWItMGU3MjQxNmI0ZGM3
LzEvbzRubkExc0k0WUdqUWZOLTJuTkQwajhjcjZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/DMMA0G
CSqGSIb3DQEBCwUAA4IBAQBuHU1Y+DXErxROXu5wZvM97STE9qz/wDe0Rah/y10h
/wZysg5HIaQPQEeUb+HQYOFVpYbEIQSdeGU6h8lBsbGgsiD535WivnAW5+prR/uz
NxBqWqBFEEpYO1JOwVeJJhFsVdoQ+c45SlCUgRnqs0OUPoep79Vq1VuUuoucXZeC
Qe0eYXmjeOYKyY/jWgzn0UYrkxybEhLVgT6nNARRetJOsqFo+tOsxZ+Gcmt3nHWI
1TmkTL3SpXqHBU3M6kKkGRnGvsWahIfA2ymRdHogCz09kqzUu1i620J6lmBEHUqC
zApOU3YXS216A/IzzHUHnar1eQU/+5+f6sRe8u7+cuWc
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:08:28 2025 by rpki-client