Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/a1c8bd-bd94-46f6-aa49-7417e71a76e8/1/d-rkCPEWQiWuiZZUguExXn9RIh8.roa
File: d-rkCPEWQiWuiZZUguExXn9RIh8.roa (raw, json)
Hash identifier: bghyH5rqUf1VZLa/yIfZLWuakQo6sjjmYi5842bNOVM=
Subject key identifier: 77:EA:E4:08:F1:16:42:25:AE:89:96:54:82:E1:31:5E:7F:51:22:1F
Certificate issuer: /CN=f68bc2019e8e506e399cbf6586699cc886fc20f6
Certificate serial: 0194206866FAA8A95D42AF0AC34B2E501427
Authority key identifier: F6:8B:C2:01:9E:8E:50:6E:39:9C:BF:65:86:69:9C:C8:86:FC:20:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9ovCAZ6OUG45nL9lhmmcyIb8IPY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/a1c8bd-bd94-46f6-aa49-7417e71a76e8/1/d-rkCPEWQiWuiZZUguExXn9RIh8.roa
Signing time: Wed 01 Jan 2025 05:48:20 +0000
ROA not before: Wed 01 Jan 2025 05:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51533
IP address blocks: 91.217.238.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:66:fa:a8:a9:5d:42:af:0a:c3:4b:2e:50:14:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f68bc2019e8e506e399cbf6586699cc886fc20f6
Validity
Not Before: Jan 1 05:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77eae408f1164225ae89965482e1315e7f51221f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:9c:dd:1e:97:17:8e:54:12:eb:89:2b:6f:90:
c5:78:88:ec:2f:f7:c7:ac:6b:bb:dd:63:db:e1:53:
7c:2f:0d:df:ad:e7:10:c6:5e:12:9b:66:a8:38:25:
5d:eb:21:66:4b:ab:79:10:f3:69:f2:5e:6d:b3:29:
fc:f0:48:0e:d9:b9:7a:f7:06:76:26:8e:23:c4:f6:
4b:30:82:9a:ab:29:0b:b5:e8:5f:ac:fc:bf:56:af:
5a:f2:cc:a9:a2:e9:f2:06:39:2d:a0:da:65:62:d2:
2e:e5:40:66:c0:7a:f0:a8:8f:08:3c:60:f0:ee:4a:
06:e7:e6:7d:1e:21:5b:ef:bf:3e:c5:24:25:ee:ce:
7c:de:de:3f:97:cc:5f:a9:4d:3b:a3:b1:85:2d:a5:
74:b8:97:7a:61:fb:99:54:e0:7d:ee:1f:20:5d:6d:
c8:cb:cf:f5:5b:94:38:46:6b:49:25:dd:a8:10:66:
df:14:ac:e2:32:72:27:52:3c:0f:5b:2a:4b:e3:ee:
1f:f7:a9:2f:08:82:d9:e8:e8:f8:1c:8b:d8:d8:e5:
ed:26:a0:06:b7:86:a5:ab:e8:b1:2c:90:e4:1b:10:
72:29:9d:8b:84:d3:c5:37:61:35:cc:6f:dd:44:6c:
ff:23:0d:55:84:e5:b6:cd:50:67:00:dc:0f:60:02:
fa:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:EA:E4:08:F1:16:42:25:AE:89:96:54:82:E1:31:5E:7F:51:22:1F
X509v3 Authority Key Identifier:
keyid:F6:8B:C2:01:9E:8E:50:6E:39:9C:BF:65:86:69:9C:C8:86:FC:20:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9ovCAZ6OUG45nL9lhmmcyIb8IPY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/a1c8bd-bd94-46f6-aa49-7417e71a76e8/1/d-rkCPEWQiWuiZZUguExXn9RIh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/a1c8bd-bd94-46f6-aa49-7417e71a76e8/1/9ovCAZ6OUG45nL9lhmmcyIb8IPY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.238.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:ea:2c:6f:0f:e8:ec:ad:a8:b1:06:a5:31:52:f9:fe:74:83:
0c:ec:3f:20:d6:78:f8:b9:2f:00:d6:6d:f2:06:c2:e0:e3:0d:
95:89:f2:6e:4d:9d:b2:2d:bf:4c:06:8a:c0:57:c1:45:9c:33:
7d:a3:de:38:69:b0:25:e2:a6:af:3c:c2:47:8b:f8:0e:39:0e:
64:63:15:42:7e:5c:91:a7:05:e0:9a:72:48:17:90:4e:c2:00:
e8:33:2f:cd:c9:59:2e:f3:3f:f3:6b:9c:a4:ab:7f:05:38:32:
a6:7e:90:99:da:af:b7:df:97:cc:d3:41:ae:ce:03:c0:e9:7e:
fb:32:ca:89:71:9f:1b:c7:8c:e0:21:5a:aa:48:dd:0f:21:4a:
6c:30:e6:6e:45:4f:80:b3:26:8f:99:69:fa:5b:db:da:df:a3:
c5:1b:3d:09:c8:a0:9d:25:7c:8c:44:73:19:39:03:a8:12:d9:
1d:12:30:fc:46:64:16:43:80:34:67:1f:5a:d5:9d:ad:03:2c:
84:7a:10:1b:34:ea:0c:ef:d2:79:52:ef:86:5c:1c:77:24:de:
af:66:ba:db:79:e8:01:54:79:5c:c4:3f:63:4d:eb:76:65:a8:
bf:a4:4c:47:b6:61:d8:fd:56:c9:b7:e0:40:46:c1:4b:e2:2f:
c8:24:e4:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaGb6qKldQq8Kw0suUBQnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2OGJjMjAxOWU4ZTUwNmUzOTljYmY2NTg2Njk5Y2M4ODZm
YzIwZjYwHhcNMjUwMTAxMDU0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2VhZTQwOGYxMTY0MjI1YWU4OTk2NTQ4MmUxMzE1ZTdmNTEyMjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6pzdHpcXjlQS64krb5DFeIjsL/fH
rGu73WPb4VN8Lw3frecQxl4Sm2aoOCVd6yFmS6t5EPNp8l5tsyn88EgO2bl69wZ2
Jo4jxPZLMIKaqykLtehfrPy/Vq9a8sypounyBjktoNplYtIu5UBmwHrwqI8IPGDw
7koG5+Z9HiFb778+xSQl7s583t4/l8xfqU07o7GFLaV0uJd6YfuZVOB97h8gXW3I
y8/1W5Q4RmtJJd2oEGbfFKziMnInUjwPWypL4+4f96kvCILZ6Oj4HIvY2OXtJqAG
t4alq+ixLJDkGxByKZ2LhNPFN2E1zG/dRGz/Iw1VhOW2zVBnANwPYAL6NQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHfq5AjxFkIlromWVILhMV5/USIfMB8GA1UdIwQY
MBaAFPaLwgGejlBuOZy/ZYZpnMiG/CD2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOW92Q0FaNk9VRzQ1bkw5bGhtbWN5SWI4SVBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9hMWM4YmQtYmQ5NC00NmY2LWFhNDkt
NzQxN2U3MWE3NmU4LzEvZC1ya0NQRVdRaVd1aVpaVWd1RXhYbjlSSWg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9hMWM4YmQtYmQ5NC00NmY2LWFhNDktNzQxN2U3MWE3NmU4
LzEvOW92Q0FaNk9VRzQ1bkw5bGhtbWN5SWI4SVBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9nuMA0G
CSqGSIb3DQEBCwUAA4IBAQBq6ixvD+jsraixBqUxUvn+dIMM7D8g1nj4uS8A1m3y
BsLg4w2VifJuTZ2yLb9MBorAV8FFnDN9o944abAl4qavPMJHi/gOOQ5kYxVCflyR
pwXgmnJIF5BOwgDoMy/NyVku8z/za5ykq38FODKmfpCZ2q+335fM00GuzgPA6X77
MsqJcZ8bx4zgIVqqSN0PIUpsMOZuRU+AsyaPmWn6W9va36PFGz0JyKCdJXyMRHMZ
OQOoEtkdEjD8RmQWQ4A0Zx9a1Z2tAyyEehAbNOoM79J5Uu+GXBx3JN6vZrrbeegB
VHlcxD9jTet2Zai/pExHtmHY/VbJt+BARsFL4i/IJORO
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:16:31 2025 by rpki-client