Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/3df0b6-47c9-40fe-8358-fdebbc927d40/1/toLcHJuza0nk_rSiToUi8cqjpA8.roa
File: toLcHJuza0nk_rSiToUi8cqjpA8.roa (raw, json)
Hash identifier: kRROIdBqbwyv0kgRq3rS5l7ig0u7UsDgEiLSwPvEVgQ=
Subject key identifier: B6:82:DC:1C:9B:B3:6B:49:E4:FE:B4:A2:4E:85:22:F1:CA:A3:A4:0F
Certificate issuer: /CN=af85bb8a50443e504c4853cce025ef58341c1d50
Certificate serial: 01942369DFB5BEE518431550CB19661826D9
Authority key identifier: AF:85:BB:8A:50:44:3E:50:4C:48:53:CC:E0:25:EF:58:34:1C:1D:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4W7ilBEPlBMSFPM4CXvWDQcHVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/3df0b6-47c9-40fe-8358-fdebbc927d40/1/toLcHJuza0nk_rSiToUi8cqjpA8.roa
Signing time: Wed 01 Jan 2025 19:48:48 +0000
ROA not before: Wed 01 Jan 2025 19:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34376
IP address blocks: 91.199.128.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:df:b5:be:e5:18:43:15:50:cb:19:66:18:26:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af85bb8a50443e504c4853cce025ef58341c1d50
Validity
Not Before: Jan 1 19:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b682dc1c9bb36b49e4feb4a24e8522f1caa3a40f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:98:71:b0:4d:24:7e:e7:68:7a:43:8f:1d:83:
0a:70:73:5a:83:cf:60:c1:86:4f:ba:02:3d:ac:d6:
99:2a:7d:be:66:f9:89:f2:41:90:63:01:c2:75:71:
31:17:72:55:86:1a:cb:db:b1:d1:12:90:f3:62:fd:
29:14:4f:ba:bf:e7:04:5f:e8:41:97:ec:35:66:f1:
d9:55:15:0f:b5:b3:0c:5e:69:06:74:85:92:a5:4f:
9c:0d:b5:69:d0:9e:5f:39:7c:d6:9e:6f:9e:c0:45:
6f:f2:11:32:00:4a:9b:72:05:d1:0c:90:55:6d:d6:
10:3d:3c:db:06:36:e1:b4:a7:39:84:54:0f:fd:3a:
3c:22:bb:10:78:d2:8a:57:2e:63:22:5c:c9:a0:19:
d8:de:59:d7:87:ff:c7:06:4a:f9:0d:27:c5:07:07:
08:55:b6:53:74:fe:82:d3:f6:89:c6:fd:29:43:18:
db:72:ec:43:63:b2:4b:73:71:a2:b9:40:e8:82:70:
be:58:85:5d:c9:23:18:50:0d:a8:89:4b:4d:51:d7:
99:7a:71:3d:cf:b5:63:8f:5c:e8:c0:b2:8a:17:fc:
b7:99:d9:78:45:4c:61:fa:81:26:d1:54:f3:b9:46:
4e:25:9f:13:d7:c8:4a:3b:f3:8c:fb:1a:b0:1c:26:
2e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:82:DC:1C:9B:B3:6B:49:E4:FE:B4:A2:4E:85:22:F1:CA:A3:A4:0F
X509v3 Authority Key Identifier:
keyid:AF:85:BB:8A:50:44:3E:50:4C:48:53:CC:E0:25:EF:58:34:1C:1D:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4W7ilBEPlBMSFPM4CXvWDQcHVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3df0b6-47c9-40fe-8358-fdebbc927d40/1/toLcHJuza0nk_rSiToUi8cqjpA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3df0b6-47c9-40fe-8358-fdebbc927d40/1/r4W7ilBEPlBMSFPM4CXvWDQcHVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.128.0/24
Signature Algorithm: sha256WithRSAEncryption
65:95:2e:b9:ee:5a:f3:8a:7e:2f:5b:19:c0:ab:fe:24:30:0b:
cb:84:e0:57:82:89:aa:78:0d:cf:44:a5:df:ff:ba:57:a5:1f:
59:c1:14:43:de:d7:e1:30:15:cf:e9:3f:a2:e6:8d:b2:93:d1:
18:01:c3:96:1c:99:89:84:75:39:05:b4:27:b2:d2:6d:24:ca:
f9:60:0c:f3:c3:e7:54:c5:46:d6:c0:06:a3:5d:c0:4b:1a:ee:
1c:e5:25:7a:8f:01:cd:3e:65:1d:2b:c0:af:9e:ba:54:76:4f:
84:1a:75:3f:41:04:ef:0a:0f:9f:9d:15:b7:84:88:75:4b:d5:
dc:be:bb:44:67:49:1c:04:d4:19:ff:28:12:2c:bd:dd:1b:d4:
3c:01:8e:66:86:1b:65:f8:8a:9c:8f:3a:9e:e7:19:2f:e0:0d:
4f:81:9f:b9:83:8f:46:6c:3a:68:b5:e0:13:d6:ce:0c:ba:69:
7f:27:6e:8e:3a:83:a5:84:65:4c:d2:d4:0e:ff:51:34:c1:94:
91:21:3b:72:0d:11:66:ec:65:90:90:4d:25:f0:3a:a5:ba:ce:
0c:4f:0e:db:0a:42:c6:69:86:36:32:3a:a4:27:6a:df:40:fb:
33:df:4d:89:c9:e5:de:af:16:de:0a:46:a1:c2:d1:55:30:16:
ce:f7:f2:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjad+1vuUYQxVQyxlmGCbZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODViYjhhNTA0NDNlNTA0YzQ4NTNjY2UwMjVlZjU4MzQx
YzFkNTAwHhcNMjUwMTAxMTk0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjgyZGMxYzliYjM2YjQ5ZTRmZWI0YTI0ZTg1MjJmMWNhYTNhNDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZhxsE0kfudoekOPHYMKcHNag89g
wYZPugI9rNaZKn2+ZvmJ8kGQYwHCdXExF3JVhhrL27HREpDzYv0pFE+6v+cEX+hB
l+w1ZvHZVRUPtbMMXmkGdIWSpU+cDbVp0J5fOXzWnm+ewEVv8hEyAEqbcgXRDJBV
bdYQPTzbBjbhtKc5hFQP/To8IrsQeNKKVy5jIlzJoBnY3lnXh//HBkr5DSfFBwcI
VbZTdP6C0/aJxv0pQxjbcuxDY7JLc3GiuUDognC+WIVdySMYUA2oiUtNUdeZenE9
z7Vjj1zowLKKF/y3mdl4RUxh+oEm0VTzuUZOJZ8T18hKO/OM+xqwHCYuwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLaC3Bybs2tJ5P60ok6FIvHKo6QPMB8GA1UdIwQY
MBaAFK+Fu4pQRD5QTEhTzOAl71g0HB1QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRXN2lsQkVQbEJNU0ZQTTRDWHZXRFFjSFZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8zZGYwYjYtNDdjOS00MGZlLTgzNTgt
ZmRlYmJjOTI3ZDQwLzEvdG9MY0hKdXphMG5rX3JTaVRvVWk4Y3FqcEE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8zZGYwYjYtNDdjOS00MGZlLTgzNTgtZmRlYmJjOTI3ZDQw
LzEvcjRXN2lsQkVQbEJNU0ZQTTRDWHZXRFFjSFZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8eAMA0G
CSqGSIb3DQEBCwUAA4IBAQBllS657lrzin4vWxnAq/4kMAvLhOBXgomqeA3PRKXf
/7pXpR9ZwRRD3tfhMBXP6T+i5o2yk9EYAcOWHJmJhHU5BbQnstJtJMr5YAzzw+dU
xUbWwAajXcBLGu4c5SV6jwHNPmUdK8CvnrpUdk+EGnU/QQTvCg+fnRW3hIh1S9Xc
vrtEZ0kcBNQZ/ygSLL3dG9Q8AY5mhhtl+Iqcjzqe5xkv4A1PgZ+5g49GbDpoteAT
1s4Muml/J26OOoOlhGVM0tQO/1E0wZSRITtyDRFm7GWQkE0l8Dqlus4MTw7bCkLG
aYY2MjqkJ2rfQPsz302JyeXerxbeCkahwtFVMBbO9/Kh
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:13:31 2025 by rpki-client