Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/63efc9-5e1c-4773-94a2-e60de555a8be/1/J2N8Pq5LHY3LtQX0Fn7a20GpI68.roa
File: J2N8Pq5LHY3LtQX0Fn7a20GpI68.roa (raw, json)
Hash identifier: 19OZWO2dgLVMCAEnXrWLJVu2JA75D+r/FfHWcvdHMBU=
Subject key identifier: 27:63:7C:3E:AE:4B:1D:8D:CB:B5:05:F4:16:7E:DA:DB:41:A9:23:AF
Certificate issuer: /CN=3fdf2cf8659206d8e6f82c24ec6f9d9e6d673e07
Certificate serial: 01880FF191564929C7F715CBAF06992F3851
Authority key identifier: 3F:DF:2C:F8:65:92:06:D8:E6:F8:2C:24:EC:6F:9D:9E:6D:67:3E:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P98s-GWSBtjm-Cwk7G-dnm1nPgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/63efc9-5e1c-4773-94a2-e60de555a8be/1/J2N8Pq5LHY3LtQX0Fn7a20GpI68.roa
Signing time: Fri 12 May 2023 12:31:09 +0000
ROA not before: Fri 12 May 2023 12:31:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.198.200.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0f:f1:91:56:49:29:c7:f7:15:cb:af:06:99:2f:38:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fdf2cf8659206d8e6f82c24ec6f9d9e6d673e07
Validity
Not Before: May 12 12:31:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=27637c3eae4b1d8dcbb505f4167edadb41a923af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:6e:fa:27:9c:46:75:b3:fa:f3:49:fd:d2:7e:
cb:ba:b9:cf:e2:73:0d:80:db:3e:5b:d5:c7:37:26:
c8:0e:cc:78:b1:80:b0:e1:0e:43:71:65:66:2a:46:
20:1b:f9:26:e1:b1:19:a9:e2:f7:b7:03:82:42:c5:
86:4b:4b:63:af:90:39:bc:c8:f7:b0:21:7f:ac:3c:
fb:7e:c0:28:05:7a:18:27:54:d7:dd:de:71:dd:ed:
95:04:e8:e8:2d:52:10:dc:d9:7b:05:53:63:df:9c:
c0:d3:ca:91:c4:73:81:5c:0d:d7:a5:d2:8b:db:12:
5b:51:1b:ea:11:a8:f9:70:cb:c6:e1:8c:36:6b:f9:
cf:ed:b4:a1:b6:10:f5:29:48:11:9f:ab:5c:e4:45:
75:0d:e8:22:84:92:0a:a2:bc:30:63:b5:62:89:4b:
d6:e4:12:9d:28:f9:92:1f:34:65:09:4a:ab:85:22:
53:18:83:10:f3:49:7d:ff:66:41:b5:a5:f8:e6:53:
8c:ad:40:09:87:78:05:3c:d5:b9:f7:ca:df:f8:53:
de:d4:e7:fa:b0:ac:e4:1f:8a:66:13:53:ec:72:95:
f7:16:9d:6a:81:7c:e8:1c:06:e1:83:f5:e0:ae:06:
50:08:b8:0f:08:cf:b7:cc:c6:7d:62:8c:7a:12:14:
52:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:63:7C:3E:AE:4B:1D:8D:CB:B5:05:F4:16:7E:DA:DB:41:A9:23:AF
X509v3 Authority Key Identifier:
keyid:3F:DF:2C:F8:65:92:06:D8:E6:F8:2C:24:EC:6F:9D:9E:6D:67:3E:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P98s-GWSBtjm-Cwk7G-dnm1nPgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/63efc9-5e1c-4773-94a2-e60de555a8be/1/J2N8Pq5LHY3LtQX0Fn7a20GpI68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/63efc9-5e1c-4773-94a2-e60de555a8be/1/P98s-GWSBtjm-Cwk7G-dnm1nPgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.200.0/24
Signature Algorithm: sha256WithRSAEncryption
06:0c:a0:69:98:6d:c9:30:d7:9b:2b:e4:3d:d2:70:4c:13:43:
e0:93:a2:e4:03:c9:e4:49:3f:c4:77:84:d1:a4:6a:24:cc:40:
77:a5:bf:8d:62:26:02:a8:e0:8d:a1:17:30:ac:d8:7b:57:e7:
74:53:f4:46:02:5b:49:dd:4b:d2:53:b0:50:47:92:b6:0a:b1:
78:8a:c2:60:8a:ce:ce:43:6e:5b:73:84:a2:b7:1b:29:7c:a0:
6a:69:48:1c:4f:3d:d7:c9:5f:6e:69:ef:db:83:88:59:fe:75:
cb:1a:37:be:56:03:3b:f5:26:08:c3:6b:95:c3:ad:9a:2a:17:
a5:6a:aa:aa:d4:6a:51:b8:f5:92:c7:4b:8d:5a:0f:5e:82:42:
4c:f4:fe:86:be:1b:18:a9:fb:3f:fa:8e:39:64:b1:99:61:6d:
d4:a5:8c:e6:e4:3a:1f:96:de:09:7e:b5:f6:a1:82:79:90:41:
a2:35:1d:70:a7:08:57:d9:bb:16:fb:1c:6f:ff:4e:fe:4b:5c:
a7:7e:52:5f:69:32:5c:a4:1b:57:29:ce:0a:a2:38:63:ba:b7:
d1:3e:8e:4e:02:2b:65:65:59:5a:5e:9b:84:68:f5:53:53:00:
43:6b:98:59:f0:d8:d8:a2:18:bf:b8:02:63:a5:c7:16:3d:43:
3f:e2:12:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgP8ZFWSSnH9xXLrwaZLzhRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZGYyY2Y4NjU5MjA2ZDhlNmY4MmMyNGVjNmY5ZDllNmQ2
NzNlMDcwHhcNMjMwNTEyMTIzMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzYzN2MzZWFlNGIxZDhkY2JiNTA1ZjQxNjdlZGFkYjQxYTkyM2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgm76J5xGdbP680n90n7LurnP4nMN
gNs+W9XHNybIDsx4sYCw4Q5DcWVmKkYgG/km4bEZqeL3twOCQsWGS0tjr5A5vMj3
sCF/rDz7fsAoBXoYJ1TX3d5x3e2VBOjoLVIQ3Nl7BVNj35zA08qRxHOBXA3XpdKL
2xJbURvqEaj5cMvG4Yw2a/nP7bShthD1KUgRn6tc5EV1DegihJIKorwwY7ViiUvW
5BKdKPmSHzRlCUqrhSJTGIMQ80l9/2ZBtaX45lOMrUAJh3gFPNW598rf+FPe1Of6
sKzkH4pmE1PscpX3Fp1qgXzoHAbhg/XgrgZQCLgPCM+3zMZ9Yox6EhRS8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCdjfD6uSx2Ny7UF9BZ+2ttBqSOvMB8GA1UdIwQY
MBaAFD/fLPhlkgbY5vgsJOxvnZ5tZz4HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDk4cy1HV1NCdGptLUN3azdHLWRubTFuUGdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS82M2VmYzktNWUxYy00NzczLTk0YTIt
ZTYwZGU1NTVhOGJlLzEvSjJOOFBxNUxIWTNMdFFYMEZuN2EyMEdwSTY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS82M2VmYzktNWUxYy00NzczLTk0YTItZTYwZGU1NTVhOGJl
LzEvUDk4cy1HV1NCdGptLUN3azdHLWRubTFuUGdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8bIMA0G
CSqGSIb3DQEBCwUAA4IBAQAGDKBpmG3JMNebK+Q90nBME0Pgk6LkA8nkST/Ed4TR
pGokzEB3pb+NYiYCqOCNoRcwrNh7V+d0U/RGAltJ3UvSU7BQR5K2CrF4isJgis7O
Q25bc4SitxspfKBqaUgcTz3XyV9uae/bg4hZ/nXLGje+VgM79SYIw2uVw62aKhel
aqqq1GpRuPWSx0uNWg9egkJM9P6GvhsYqfs/+o45ZLGZYW3UpYzm5Doflt4JfrX2
oYJ5kEGiNR1wpwhX2bsW+xxv/07+S1ynflJfaTJcpBtXKc4KojhjurfRPo5OAitl
ZVlaXpuEaPVTUwBDa5hZ8NjYohi/uAJjpccWPUM/4hLC
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:17:27 2025 by rpki-client