Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/df4a0a-c33d-4e0e-b15e-cdf4c6b424e1/1/iTGzzeTn1cvcwdDnc9awc3RasYM.roa
File: iTGzzeTn1cvcwdDnc9awc3RasYM.roa (raw, json)
Hash identifier: sjjJq+xn7szTT9rNnI/9CM+WhOcRe4FfSBvE4+CHiBs=
Subject key identifier: 89:31:B3:CD:E4:E7:D5:CB:DC:C1:D0:E7:73:D6:B0:73:74:5A:B1:83
Certificate issuer: /CN=974e35ec2180daebd1bf3dd44403a9e0bfcb56ca
Certificate serial: 01942143F182B833491CF34B43065C8EB322
Authority key identifier: 97:4E:35:EC:21:80:DA:EB:D1:BF:3D:D4:44:03:A9:E0:BF:CB:56:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l0417CGA2uvRvz3URAOp4L_LVso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/df4a0a-c33d-4e0e-b15e-cdf4c6b424e1/1/iTGzzeTn1cvcwdDnc9awc3RasYM.roa
Signing time: Wed 01 Jan 2025 09:48:08 +0000
ROA not before: Wed 01 Jan 2025 09:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215686
IP address blocks: 91.229.236.0/24 maxlen: 24
194.39.242.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:f1:82:b8:33:49:1c:f3:4b:43:06:5c:8e:b3:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=974e35ec2180daebd1bf3dd44403a9e0bfcb56ca
Validity
Not Before: Jan 1 09:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8931b3cde4e7d5cbdcc1d0e773d6b073745ab183
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e0:68:59:e3:1e:0c:28:a7:6a:e6:52:86:ce:
0f:f3:51:c7:f3:fa:3a:2d:96:8b:85:d9:de:d4:50:
81:9a:20:92:87:e3:fe:dd:a9:83:72:13:5d:d3:79:
69:ce:fa:59:9e:71:90:b1:1c:65:2c:b2:2b:21:b7:
40:34:8e:54:88:5e:c9:8b:0b:a3:83:31:2f:31:dd:
4a:c7:a6:9f:4a:af:b7:9b:f3:ef:7c:bc:6a:07:80:
40:97:cb:b6:d7:92:20:69:88:ae:b8:8b:9b:53:20:
7d:da:35:60:0f:ad:34:58:05:c0:03:6a:11:a0:8a:
8f:46:e7:ac:0c:ba:20:d5:35:cd:bf:01:79:bf:c9:
9e:a5:b3:15:24:c2:7a:97:b6:32:94:d5:4d:e9:a1:
19:72:b0:12:a0:70:d8:d3:70:9a:15:f5:8d:9b:37:
ce:ef:bc:ff:8c:d0:18:e8:f2:02:fd:8d:61:94:1f:
43:d7:bb:ee:13:aa:b0:96:3a:cc:8c:7b:39:03:12:
4b:59:92:6d:9c:d3:18:d4:28:99:17:6d:11:48:3c:
51:85:e4:0c:d7:50:72:1b:34:85:27:d3:27:35:f8:
d8:1e:bf:d1:79:c3:0a:07:33:36:47:42:96:40:a4:
98:b8:ac:e5:4d:15:ed:16:c8:0d:02:d0:f4:15:ba:
a5:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:31:B3:CD:E4:E7:D5:CB:DC:C1:D0:E7:73:D6:B0:73:74:5A:B1:83
X509v3 Authority Key Identifier:
keyid:97:4E:35:EC:21:80:DA:EB:D1:BF:3D:D4:44:03:A9:E0:BF:CB:56:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l0417CGA2uvRvz3URAOp4L_LVso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/df4a0a-c33d-4e0e-b15e-cdf4c6b424e1/1/iTGzzeTn1cvcwdDnc9awc3RasYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/df4a0a-c33d-4e0e-b15e-cdf4c6b424e1/1/l0417CGA2uvRvz3URAOp4L_LVso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.236.0/24
194.39.242.0/24
Signature Algorithm: sha256WithRSAEncryption
25:28:c1:98:45:c3:31:e6:a3:6a:90:5a:56:0a:61:0e:1b:8d:
1f:5b:26:9c:7d:f7:d0:fb:a1:1d:66:5a:86:dc:bf:0f:a3:3a:
bd:f3:4d:7d:47:2d:d0:a4:8c:a6:47:62:57:d7:2b:d5:e1:a2:
c0:b2:6b:7f:26:18:ce:8f:5f:6d:01:cd:2b:3b:ff:c6:43:80:
9d:fb:60:97:a0:88:b5:6e:4d:05:0d:9f:da:ed:ec:37:ce:2a:
12:b9:f0:66:83:69:b9:af:d2:00:24:cf:a0:a9:5b:06:d4:bc:
8e:65:f2:c5:1a:eb:26:45:07:b4:ac:81:6e:12:eb:02:91:1c:
56:4b:5a:45:5a:ad:54:cf:b9:be:22:1a:83:72:9e:81:1d:9e:
0e:b3:46:ee:5a:9c:83:48:2b:3a:21:fb:1d:59:92:3b:c0:da:
af:b7:87:d3:be:b8:aa:ea:43:b5:fa:65:02:b9:fe:73:aa:a6:
54:fe:21:a1:e0:17:37:a9:4d:c9:49:cb:5b:91:82:e6:70:14:
ec:9c:56:a8:ab:8a:9f:eb:09:4a:be:aa:3c:ae:d9:24:02:97:
d1:cd:1b:3b:e8:98:2d:7a:db:bb:f9:ce:89:9b:15:96:b0:77:
f8:40:a1:60:e1:f1:28:8e:bf:31:30:e5:c1:69:40:5c:f0:12:
8d:33:99:5b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhQ/GCuDNJHPNLQwZcjrMiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NGUzNWVjMjE4MGRhZWJkMWJmM2RkNDQ0MDNhOWUwYmZj
YjU2Y2EwHhcNMjUwMTAxMDk0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTMxYjNjZGU0ZTdkNWNiZGNjMWQwZTc3M2Q2YjA3Mzc0NWFiMTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreBoWeMeDCinauZShs4P81HH8/o6
LZaLhdne1FCBmiCSh+P+3amDchNd03lpzvpZnnGQsRxlLLIrIbdANI5UiF7Jiwuj
gzEvMd1Kx6afSq+3m/PvfLxqB4BAl8u215IgaYiuuIubUyB92jVgD600WAXAA2oR
oIqPRuesDLog1TXNvwF5v8mepbMVJMJ6l7YylNVN6aEZcrASoHDY03CaFfWNmzfO
77z/jNAY6PIC/Y1hlB9D17vuE6qwljrMjHs5AxJLWZJtnNMY1CiZF20RSDxRheQM
11ByGzSFJ9MnNfjYHr/RecMKBzM2R0KWQKSYuKzlTRXtFsgNAtD0FbqlCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIkxs83k59XL3MHQ53PWsHN0WrGDMB8GA1UdIwQY
MBaAFJdONewhgNrr0b891EQDqeC/y1bKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDA0MTdDR0EydXZSdnozVVJBT3A0TF9MVnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9kZjRhMGEtYzMzZC00ZTBlLWIxNWUt
Y2RmNGM2YjQyNGUxLzEvaVRHenplVG4xY3Zjd2REbmM5YXdjM1Jhc1lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9kZjRhMGEtYzMzZC00ZTBlLWIxNWUtY2RmNGM2YjQyNGUx
LzEvbDA0MTdDR0EydXZSdnozVVJBT3A0TF9MVnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+XsAwQA
wifyMA0GCSqGSIb3DQEBCwUAA4IBAQAlKMGYRcMx5qNqkFpWCmEOG40fWyacfffQ
+6EdZlqG3L8Pozq98019Ry3QpIymR2JX1yvV4aLAsmt/JhjOj19tAc0rO//GQ4Cd
+2CXoIi1bk0FDZ/a7ew3zioSufBmg2m5r9IAJM+gqVsG1LyOZfLFGusmRQe0rIFu
EusCkRxWS1pFWq1Uz7m+IhqDcp6BHZ4Os0buWpyDSCs6IfsdWZI7wNqvt4fTvriq
6kO1+mUCuf5zqqZU/iGh4Bc3qU3JSctbkYLmcBTsnFaoq4qf6wlKvqo8rtkkApfR
zRs76Jgtetu7+c6JmxWWsHf4QKFg4fEojr8xMOXBaUBc8BKNM5lb
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:54:13 2025 by rpki-client