Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/0817cb-6dd2-4f75-8bb5-abcca2b44e9f/1/StjI0CviWbqx5CLiHlK8J2LIoNQ.roa
File: StjI0CviWbqx5CLiHlK8J2LIoNQ.roa (raw, json)
Hash identifier: 31b4mPTOV068i8UQeSik08p+ZiTr9bZAyDDyll19KRA=
Subject key identifier: 4A:D8:C8:D0:2B:E2:59:BA:B1:E4:22:E2:1E:52:BC:27:62:C8:A0:D4
Certificate issuer: /CN=a1b81756b6110f2a75495c74c820e0e734ee8a6c
Certificate serial: 0184377168FAFEE22AB6D4D499FEE2658DBC
Authority key identifier: A1:B8:17:56:B6:11:0F:2A:75:49:5C:74:C8:20:E0:E7:34:EE:8A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/obgXVrYRDyp1SVx0yCDg5zTuimw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/0817cb-6dd2-4f75-8bb5-abcca2b44e9f/1/StjI0CviWbqx5CLiHlK8J2LIoNQ.roa
Signing time: Wed 02 Nov 2022 08:24:49 +0000
ROA not before: Wed 02 Nov 2022 08:24:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6830
IP address blocks: 91.238.60.0/24 maxlen: 24
91.247.147.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:37:71:68:fa:fe:e2:2a:b6:d4:d4:99:fe:e2:65:8d:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1b81756b6110f2a75495c74c820e0e734ee8a6c
Validity
Not Before: Nov 2 08:24:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4ad8c8d02be259bab1e422e21e52bc2762c8a0d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:4f:b5:57:5a:77:be:24:58:96:7e:c6:72:93:
60:a2:cd:0d:ce:44:2a:34:82:d3:2b:d3:25:23:b1:
35:da:63:54:6d:6f:23:29:58:b5:5c:b5:c4:17:34:
d5:04:81:df:33:eb:92:5e:59:91:16:21:24:59:cb:
f1:dd:b8:ee:bf:1d:dd:66:bf:cb:b9:c5:9f:44:c3:
55:71:72:21:ed:0c:9b:02:0f:aa:a2:2b:be:b7:c7:
bb:d6:3d:06:8b:68:7c:9b:53:c0:f0:fb:31:56:8e:
8e:d0:a9:60:e1:d0:04:84:1a:77:32:f9:9b:fd:c7:
28:f7:4b:38:5a:67:ec:4c:ac:83:47:27:d7:5f:d2:
00:45:30:c7:81:97:a5:3e:a2:d0:11:b4:2d:ed:51:
d6:d2:a1:77:39:18:f7:73:ac:91:9a:f6:83:a7:dd:
dd:b4:84:8c:ca:d0:45:52:73:d1:a7:6a:7a:3a:f6:
af:9e:f8:f6:52:67:86:9a:7e:75:09:73:a9:7a:b5:
ea:1b:d0:47:de:d3:6e:57:72:c2:4e:00:7f:bd:3d:
16:53:9d:e4:2b:90:d3:ad:15:ee:11:b9:e0:ef:5d:
34:4a:4f:48:27:a6:3b:50:97:4c:46:2e:c7:47:55:
8e:4d:6c:45:b5:cd:9f:c6:c4:d6:05:c0:91:32:80:
f5:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:D8:C8:D0:2B:E2:59:BA:B1:E4:22:E2:1E:52:BC:27:62:C8:A0:D4
X509v3 Authority Key Identifier:
keyid:A1:B8:17:56:B6:11:0F:2A:75:49:5C:74:C8:20:E0:E7:34:EE:8A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/obgXVrYRDyp1SVx0yCDg5zTuimw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/0817cb-6dd2-4f75-8bb5-abcca2b44e9f/1/StjI0CviWbqx5CLiHlK8J2LIoNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/0817cb-6dd2-4f75-8bb5-abcca2b44e9f/1/obgXVrYRDyp1SVx0yCDg5zTuimw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.60.0/24
91.247.147.0/24
Signature Algorithm: sha256WithRSAEncryption
89:1e:49:c3:d8:84:7e:62:71:bd:82:fd:20:91:f9:2a:f0:f7:
50:cd:ba:b2:81:8e:6e:f6:14:69:07:cc:f8:ff:df:52:82:f6:
e9:c8:73:95:bb:02:b6:a9:50:dc:2d:90:ee:7c:1b:9a:3e:0c:
b8:a6:0f:fa:a0:4e:39:f8:fe:0e:d6:d6:8b:33:27:75:ae:85:
a4:34:0a:97:34:93:38:aa:c3:2d:52:38:f3:6b:88:a6:3a:c5:
d3:35:73:e3:02:2e:0c:ad:af:54:2b:a3:14:18:ba:95:0e:55:
65:43:88:72:c2:75:17:99:ab:66:df:ab:3b:13:ee:c6:e1:07:
2e:39:0e:a7:a1:56:f5:ad:57:18:20:ee:7b:c4:84:4a:4e:e1:
36:c5:2c:26:dd:f0:46:14:19:7f:6a:7e:d8:1a:1c:89:3d:55:
3e:09:8a:34:32:04:e2:53:8c:4b:cb:f9:f5:93:a2:e5:b2:e5:
00:e8:9d:39:21:74:cc:05:03:1f:56:20:01:44:2e:b9:58:d5:
d7:de:4e:0a:d9:24:09:ef:ac:9f:ba:89:78:00:8c:f4:66:17:
86:68:85:b7:74:4c:5d:62:34:56:01:ac:19:66:ad:7b:c7:2e:
a2:65:32:1b:dd:11:10:fd:72:d3:80:eb:c3:42:8b:06:f5:4e:
41:94:a1:2e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQ3cWj6/uIqttTUmf7iZY28MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYjgxNzU2YjYxMTBmMmE3NTQ5NWM3NGM4MjBlMGU3MzRl
ZThhNmMwHhcNMjIxMTAyMDgyNDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWQ4YzhkMDJiZTI1OWJhYjFlNDIyZTIxZTUyYmMyNzYyYzhhMGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsE+1V1p3viRYln7GcpNgos0NzkQq
NILTK9MlI7E12mNUbW8jKVi1XLXEFzTVBIHfM+uSXlmRFiEkWcvx3bjuvx3dZr/L
ucWfRMNVcXIh7QybAg+qoiu+t8e71j0Gi2h8m1PA8PsxVo6O0Klg4dAEhBp3Mvmb
/cco90s4WmfsTKyDRyfXX9IARTDHgZelPqLQEbQt7VHW0qF3ORj3c6yRmvaDp93d
tISMytBFUnPRp2p6Ovavnvj2UmeGmn51CXOperXqG9BH3tNuV3LCTgB/vT0WU53k
K5DTrRXuEbng7100Sk9IJ6Y7UJdMRi7HR1WOTWxFtc2fxsTWBcCRMoD1hwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFErYyNAr4lm6seQi4h5SvCdiyKDUMB8GA1UdIwQY
MBaAFKG4F1a2EQ8qdUlcdMgg4Oc07opsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2JnWFZyWVJEeXAxU1Z4MHlDRGc1elR1aW13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8wODE3Y2ItNmRkMi00Zjc1LThiYjUt
YWJjY2EyYjQ0ZTlmLzEvU3RqSTBDdmlXYnF4NUNMaUhsSzhKMkxJb05RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8wODE3Y2ItNmRkMi00Zjc1LThiYjUtYWJjY2EyYjQ0ZTlm
LzEvb2JnWFZyWVJEeXAxU1Z4MHlDRGc1elR1aW13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+48AwQA
W/eTMA0GCSqGSIb3DQEBCwUAA4IBAQCJHknD2IR+YnG9gv0gkfkq8PdQzbqygY5u
9hRpB8z4/99SgvbpyHOVuwK2qVDcLZDufBuaPgy4pg/6oE45+P4O1taLMyd1roWk
NAqXNJM4qsMtUjjza4imOsXTNXPjAi4Mra9UK6MUGLqVDlVlQ4hywnUXmatm36s7
E+7G4QcuOQ6noVb1rVcYIO57xIRKTuE2xSwm3fBGFBl/an7YGhyJPVU+CYo0MgTi
U4xLy/n1k6LlsuUA6J05IXTMBQMfViABRC65WNXX3k4K2SQJ76yfuol4AIz0ZheG
aIW3dExdYjRWAawZZq17xy6iZTIb3REQ/XLTgOvDQosG9U5BlKEu
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:04:56 2025 by rpki-client