Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/3f27b3-7110-4d8c-a0d8-03109c15510d/1/cDRKJT1jreKkX4q9e2dqYh6QXME.roa
File: cDRKJT1jreKkX4q9e2dqYh6QXME.roa (raw, json)
Hash identifier: aa+x1MkHDk9945yBf3J7sCcCQFYnHV6TntGDZL3F0pY=
Subject key identifier: 70:34:4A:25:3D:63:AD:E2:A4:5F:8A:BD:7B:67:6A:62:1E:90:5C:C1
Certificate issuer: /CN=60599373b0b6f04319d08becb5ad5792a13bda92
Certificate serial: 01856EAFCBC5C27D6BB1F8613ADDEBCAE0BD
Authority key identifier: 60:59:93:73:B0:B6:F0:43:19:D0:8B:EC:B5:AD:57:92:A1:3B:DA:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFmTc7C28EMZ0Ivsta1XkqE72pI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/3f27b3-7110-4d8c-a0d8-03109c15510d/1/cDRKJT1jreKkX4q9e2dqYh6QXME.roa
Signing time: Sun 01 Jan 2023 18:54:52 +0000
ROA not before: Sun 01 Jan 2023 18:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31463
IP address blocks: 91.199.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:cb:c5:c2:7d:6b:b1:f8:61:3a:dd:eb:ca:e0:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60599373b0b6f04319d08becb5ad5792a13bda92
Validity
Not Before: Jan 1 18:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70344a253d63ade2a45f8abd7b676a621e905cc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a1:42:07:bc:33:df:e9:86:a5:91:3f:87:4c:
ac:fe:f5:23:a7:11:75:14:46:92:48:24:1f:25:3b:
3e:ef:59:ef:4a:87:bf:c1:00:e0:d6:46:37:9f:cb:
0b:90:9b:52:ff:03:de:e2:8c:53:66:c5:d4:64:5e:
70:98:a8:b4:e1:36:94:9b:9a:d5:38:f0:23:4c:14:
77:90:46:f9:da:63:a1:4f:b1:89:5f:5c:bf:02:a8:
bc:85:75:8f:49:cf:8e:c4:9a:32:71:11:b0:f4:49:
bd:64:2d:d3:48:52:bb:9f:22:a9:6f:ef:30:5f:3b:
96:79:df:a3:60:32:16:91:2a:3b:f8:77:f8:c7:24:
c2:ab:5a:cf:01:04:b8:ce:bb:25:d2:66:55:0d:af:
d7:aa:a4:48:83:00:ff:b7:29:1a:18:47:04:d2:e9:
ea:dc:9e:4c:42:9e:8a:ec:87:90:65:cf:cc:72:21:
6b:66:3e:26:c0:00:44:c9:b8:57:04:ae:21:2e:47:
5d:7b:4d:b2:58:cc:96:b3:12:5a:48:46:3a:7f:1c:
0d:7c:ca:e6:df:e1:4d:bc:00:62:29:6c:94:73:ea:
6f:f5:e3:24:0c:41:35:f6:fc:a5:f4:d4:c0:c6:7c:
ef:73:bb:74:6b:c9:d6:e6:6b:bd:fc:56:71:c5:e0:
78:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:34:4A:25:3D:63:AD:E2:A4:5F:8A:BD:7B:67:6A:62:1E:90:5C:C1
X509v3 Authority Key Identifier:
keyid:60:59:93:73:B0:B6:F0:43:19:D0:8B:EC:B5:AD:57:92:A1:3B:DA:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFmTc7C28EMZ0Ivsta1XkqE72pI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3f27b3-7110-4d8c-a0d8-03109c15510d/1/cDRKJT1jreKkX4q9e2dqYh6QXME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3f27b3-7110-4d8c-a0d8-03109c15510d/1/YFmTc7C28EMZ0Ivsta1XkqE72pI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.252.0/24
Signature Algorithm: sha256WithRSAEncryption
32:69:63:4a:20:96:2f:97:18:3d:b7:76:af:86:3d:9f:bb:94:
56:6b:55:3c:33:16:52:bd:8c:9b:95:d8:7e:d9:ab:0d:a7:b5:
05:a4:8a:ed:da:57:bd:a0:1c:62:91:29:65:b2:20:41:97:d3:
7d:b8:fd:48:bd:a8:72:a8:ba:33:0d:72:5f:e8:55:83:39:42:
6d:c4:15:25:93:99:51:d3:ac:9e:c6:fc:db:d2:41:7e:04:39:
e7:7c:bc:56:d3:47:45:59:d2:48:e0:9b:13:32:0b:28:ba:14:
8e:f2:78:51:de:89:61:5b:af:de:6d:b6:b1:fd:d8:ee:f2:78:
13:39:4b:7d:d6:79:e9:ff:5d:0f:2c:73:6d:4f:c9:ee:86:64:
20:2c:c4:91:c0:31:15:87:93:4a:20:50:7e:fb:cd:b0:44:6c:
31:bb:d1:36:e2:0a:11:86:83:c5:74:17:50:f1:9a:5d:6c:2d:
3e:c6:1e:b9:c0:d7:60:75:01:09:0b:28:0f:e9:47:86:5e:3a:
c9:7e:5b:e4:03:0b:aa:8f:b3:35:b1:30:78:43:b5:47:df:9d:
13:e0:ee:03:bb:88:0d:4b:e2:e1:96:39:f8:3b:eb:39:ed:40:
55:0d:e4:a0:f0:cc:43:11:05:5b:36:d9:2e:a2:86:d9:60:0d:
8d:c3:72:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVur8vFwn1rsfhhOt3ryuC9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTk5MzczYjBiNmYwNDMxOWQwOGJlY2I1YWQ1NzkyYTEz
YmRhOTIwHhcNMjMwMTAxMTg1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDM0NGEyNTNkNjNhZGUyYTQ1ZjhhYmQ3YjY3NmE2MjFlOTA1Y2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqFCB7wz3+mGpZE/h0ys/vUjpxF1
FEaSSCQfJTs+71nvSoe/wQDg1kY3n8sLkJtS/wPe4oxTZsXUZF5wmKi04TaUm5rV
OPAjTBR3kEb52mOhT7GJX1y/Aqi8hXWPSc+OxJoycRGw9Em9ZC3TSFK7nyKpb+8w
XzuWed+jYDIWkSo7+Hf4xyTCq1rPAQS4zrsl0mZVDa/XqqRIgwD/tykaGEcE0unq
3J5MQp6K7IeQZc/MciFrZj4mwABEybhXBK4hLkdde02yWMyWsxJaSEY6fxwNfMrm
3+FNvABiKWyUc+pv9eMkDEE19vyl9NTAxnzvc7t0a8nW5mu9/FZxxeB4mwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHA0SiU9Y63ipF+KvXtnamIekFzBMB8GA1UdIwQY
MBaAFGBZk3OwtvBDGdCL7LWtV5KhO9qSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZtVGM3QzI4RU1aMEl2c3RhMVhrcUU3MnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8zZjI3YjMtNzExMC00ZDhjLWEwZDgt
MDMxMDljMTU1MTBkLzEvY0RSS0pUMWpyZUtrWDRxOWUyZHFZaDZRWE1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8zZjI3YjMtNzExMC00ZDhjLWEwZDgtMDMxMDljMTU1MTBk
LzEvWUZtVGM3QzI4RU1aMEl2c3RhMVhrcUU3MnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8f8MA0G
CSqGSIb3DQEBCwUAA4IBAQAyaWNKIJYvlxg9t3avhj2fu5RWa1U8MxZSvYybldh+
2asNp7UFpIrt2le9oBxikSllsiBBl9N9uP1IvahyqLozDXJf6FWDOUJtxBUlk5lR
06yexvzb0kF+BDnnfLxW00dFWdJI4JsTMgsouhSO8nhR3olhW6/ebbax/dju8ngT
OUt91nnp/10PLHNtT8nuhmQgLMSRwDEVh5NKIFB++82wRGwxu9E24goRhoPFdBdQ
8ZpdbC0+xh65wNdgdQEJCygP6UeGXjrJflvkAwuqj7M1sTB4Q7VH350T4O4Du4gN
S+Lhljn4O+s57UBVDeSg8MxDEQVbNtkuoobZYA2Nw3KR
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:18 2025 by rpki-client