Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/2727b5-4c93-49e7-b7ee-f9895bb85fb1/1/A9BdydN29FvPsFmUXmkJUt1z5lg.roa
File: A9BdydN29FvPsFmUXmkJUt1z5lg.roa (raw, json)
Hash identifier: 07G62hi6uRxn6lCEtnbQczr67xsZY3XXsIL62SIp26U=
Subject key identifier: 03:D0:5D:C9:D3:76:F4:5B:CF:B0:59:94:5E:69:09:52:DD:73:E6:58
Certificate issuer: /CN=537b37656cd14d488a70512921875717a0d910b6
Certificate serial: 0183D21B0014261D924B451C59B667B0A16F
Authority key identifier: 53:7B:37:65:6C:D1:4D:48:8A:70:51:29:21:87:57:17:A0:D9:10:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U3s3ZWzRTUiKcFEpIYdXF6DZELY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/2727b5-4c93-49e7-b7ee-f9895bb85fb1/1/A9BdydN29FvPsFmUXmkJUt1z5lg.roa
Signing time: Thu 13 Oct 2022 16:08:48 +0000
ROA not before: Thu 13 Oct 2022 16:08:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12345
IP address blocks: 91.240.163.0/24 maxlen: 24
178.239.21.0/24 maxlen: 24
91.240.128.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d2:1b:00:14:26:1d:92:4b:45:1c:59:b6:67:b0:a1:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=537b37656cd14d488a70512921875717a0d910b6
Validity
Not Before: Oct 13 16:08:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=03d05dc9d376f45bcfb059945e690952dd73e658
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b3:a0:e9:d0:24:fa:2e:a4:91:72:aa:02:d0:
1f:f7:55:ae:cc:c5:05:a7:8b:a1:c3:30:66:b3:c2:
00:8b:aa:24:8a:3f:eb:f5:a2:ed:a9:df:15:f0:93:
6b:72:db:f9:d6:d0:7d:33:e6:08:cc:b6:13:2f:e8:
78:59:72:bd:9e:bb:9a:29:5d:0b:d2:87:74:b1:bf:
2a:34:2f:f8:e0:34:53:d9:9d:81:e3:48:07:5e:c3:
9c:b6:86:3d:0e:da:2c:3b:b2:e5:bc:4c:51:b3:1f:
27:d6:85:cf:69:33:fd:8a:60:d4:7d:f7:86:4c:41:
9b:51:76:18:6b:d4:d1:3e:35:b3:28:08:00:aa:de:
82:31:83:94:92:f8:f1:1d:4a:a4:32:9a:0e:1f:1a:
2e:fb:35:6c:17:58:f6:27:27:5e:9c:a5:52:bd:04:
bb:59:11:b7:e9:5e:1a:44:40:f3:4f:3f:86:ce:06:
69:b9:64:ae:fe:07:9b:32:af:6a:63:88:7c:21:84:
e8:e4:89:17:ce:3b:8b:cd:d9:2f:cc:6d:90:55:23:
00:4d:e8:c3:18:6c:55:6b:65:55:93:1c:87:6c:c0:
af:31:cf:31:9f:c7:ff:3b:ce:d3:47:43:43:12:a9:
26:07:ed:18:9a:ee:73:7f:04:e3:ff:5b:f1:8f:c3:
cc:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:D0:5D:C9:D3:76:F4:5B:CF:B0:59:94:5E:69:09:52:DD:73:E6:58
X509v3 Authority Key Identifier:
keyid:53:7B:37:65:6C:D1:4D:48:8A:70:51:29:21:87:57:17:A0:D9:10:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U3s3ZWzRTUiKcFEpIYdXF6DZELY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/2727b5-4c93-49e7-b7ee-f9895bb85fb1/1/A9BdydN29FvPsFmUXmkJUt1z5lg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/2727b5-4c93-49e7-b7ee-f9895bb85fb1/1/U3s3ZWzRTUiKcFEpIYdXF6DZELY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.128.0/24
91.240.163.0/24
178.239.21.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:d8:2d:2f:69:4d:b3:ec:60:37:34:de:4c:d5:72:52:23:b7:
4a:3a:e9:e6:06:4d:56:d7:95:f8:7b:de:13:80:a8:17:5a:e5:
ae:95:bb:97:2f:2f:a9:99:c1:08:20:ad:5f:62:2f:8b:7d:7e:
cb:cc:20:08:6f:48:b7:0d:12:49:20:de:99:62:c4:6c:56:6b:
32:28:83:28:dd:43:19:b7:a1:05:7d:38:27:99:28:79:36:e3:
9f:7e:45:99:f2:50:28:df:36:a4:49:7b:81:63:78:7a:6e:2f:
84:6e:03:72:23:2c:d1:96:fc:83:d3:06:f8:12:19:87:f6:03:
e3:73:cb:03:3e:bf:c1:05:27:1d:0e:76:89:76:9b:54:b0:eb:
14:e0:ac:41:2b:ec:fe:64:a3:f6:37:cd:24:ff:93:0a:94:9c:
bf:ed:5d:8e:81:11:4b:88:5b:65:c5:6c:4c:67:7a:b1:9b:60:
fc:4d:16:3c:93:0d:ca:36:c3:f1:c8:e7:35:ff:92:39:fd:3e:
cc:7d:14:aa:71:94:9e:8f:d3:2a:bd:11:f3:7e:6f:f4:df:79:
95:9c:8e:c2:69:e5:25:8b:7a:cb:29:39:88:3d:45:b6:9e:28:
c0:fe:87:42:2c:cf:b9:5b:36:41:85:07:ca:8e:44:1e:63:22:
b2:00:2b:d8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYPSGwAUJh2SS0UcWbZnsKFvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzN2IzNzY1NmNkMTRkNDg4YTcwNTEyOTIxODc1NzE3YTBk
OTEwYjYwHhcNMjIxMDEzMTYwODQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2QwNWRjOWQzNzZmNDViY2ZiMDU5OTQ1ZTY5MDk1MmRkNzNlNjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLOg6dAk+i6kkXKqAtAf91WuzMUF
p4uhwzBms8IAi6okij/r9aLtqd8V8JNrctv51tB9M+YIzLYTL+h4WXK9nruaKV0L
0od0sb8qNC/44DRT2Z2B40gHXsOctoY9DtosO7LlvExRsx8n1oXPaTP9imDUffeG
TEGbUXYYa9TRPjWzKAgAqt6CMYOUkvjxHUqkMpoOHxou+zVsF1j2JydenKVSvQS7
WRG36V4aREDzTz+GzgZpuWSu/gebMq9qY4h8IYTo5IkXzjuLzdkvzG2QVSMATejD
GGxVa2VVkxyHbMCvMc8xn8f/O87TR0NDEqkmB+0Ymu5zfwTj/1vxj8PMpwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAPQXcnTdvRbz7BZlF5pCVLdc+ZYMB8GA1UdIwQY
MBaAFFN7N2Vs0U1IinBRKSGHVxeg2RC2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTNzM1pXelJUVWlLY0ZFcElZZFhGNkRaRUxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8yNzI3YjUtNGM5My00OWU3LWI3ZWUt
Zjk4OTViYjg1ZmIxLzEvQTlCZHlkTjI5RnZQc0ZtVVhta0pVdDF6NWxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8yNzI3YjUtNGM5My00OWU3LWI3ZWUtZjk4OTViYjg1ZmIx
LzEvVTNzM1pXelJUVWlLY0ZFcElZZFhGNkRaRUxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW/CAAwQA
W/CjAwQAsu8VMA0GCSqGSIb3DQEBCwUAA4IBAQAf2C0vaU2z7GA3NN5M1XJSI7dK
OunmBk1W15X4e94TgKgXWuWulbuXLy+pmcEIIK1fYi+LfX7LzCAIb0i3DRJJIN6Z
YsRsVmsyKIMo3UMZt6EFfTgnmSh5NuOffkWZ8lAo3zakSXuBY3h6bi+EbgNyIyzR
lvyD0wb4EhmH9gPjc8sDPr/BBScdDnaJdptUsOsU4KxBK+z+ZKP2N80k/5MKlJy/
7V2OgRFLiFtlxWxMZ3qxm2D8TRY8kw3KNsPxyOc1/5I5/T7MfRSqcZSej9MqvRHz
fm/033mVnI7CaeUli3rLKTmIPUW2nijA/odCLM+5WzZBhQfKjkQeYyKyACvY
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:07:03 2025 by rpki-client