Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/44d603-fbf5-459b-a0ba-d2763c007752/1/pFNbbolKWdf6lVoEITxkPbtrK0c.roa
File: pFNbbolKWdf6lVoEITxkPbtrK0c.roa (raw, json)
Hash identifier: dWVbBEqjRH9tmJFYTVH116/QjtCieVc2dcQg6GxblXk=
Subject key identifier: A4:53:5B:6E:89:4A:59:D7:FA:95:5A:04:21:3C:64:3D:BB:6B:2B:47
Certificate issuer: /CN=6603ed4c78454250116f105eb6961dc29e1dbc6c
Certificate serial: 0194236A52D24BF5127DF5BD57273141C468
Authority key identifier: 66:03:ED:4C:78:45:42:50:11:6F:10:5E:B6:96:1D:C2:9E:1D:BC:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZgPtTHhFQlARbxBetpYdwp4dvGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/44d603-fbf5-459b-a0ba-d2763c007752/1/pFNbbolKWdf6lVoEITxkPbtrK0c.roa
Signing time: Wed 01 Jan 2025 19:49:17 +0000
ROA not before: Wed 01 Jan 2025 19:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49266
IP address blocks: 91.207.216.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:52:d2:4b:f5:12:7d:f5:bd:57:27:31:41:c4:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6603ed4c78454250116f105eb6961dc29e1dbc6c
Validity
Not Before: Jan 1 19:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4535b6e894a59d7fa955a04213c643dbb6b2b47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:fa:5b:84:22:71:4d:66:11:61:6e:ba:42:c2:
e7:61:f9:e1:5e:45:68:4f:4d:2d:5a:52:06:e4:0d:
51:c5:c5:a2:15:6b:89:df:30:55:fc:3d:ed:c0:a1:
2b:0b:07:60:42:14:c0:2e:8f:0f:f7:c2:ef:2f:d8:
5d:75:0c:e4:d5:38:5b:45:b2:7c:00:1c:a1:14:7d:
37:80:86:c6:b7:ab:dc:e9:0a:9a:7d:f0:be:84:db:
b3:c8:9c:43:32:44:e3:12:5e:a0:52:3b:f8:ae:9b:
70:5e:bc:b2:90:b5:b7:1f:2c:28:ac:cb:63:ec:76:
37:25:0a:fd:48:84:b5:4f:32:60:64:7c:a1:07:9e:
a0:9c:3d:3d:e3:82:7e:32:2e:e5:27:22:6c:20:7e:
1a:7f:ca:d0:01:7a:fb:a1:4f:8f:9b:b0:3d:ac:89:
fb:82:b8:e6:16:60:cf:d5:64:15:ff:f8:43:a8:18:
b1:d8:cc:7f:ca:d6:9d:03:3f:6c:3f:51:b1:69:5b:
26:28:b8:0c:f4:fb:a3:a9:af:92:4b:80:a5:8b:6c:
fa:98:df:ff:cf:91:81:e1:dd:1f:52:36:ef:69:15:
6b:25:f3:98:97:ae:fd:f6:6f:e3:f9:3b:63:30:89:
2f:61:e7:73:e4:9a:69:c0:a3:06:35:9e:11:ef:16:
a7:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:53:5B:6E:89:4A:59:D7:FA:95:5A:04:21:3C:64:3D:BB:6B:2B:47
X509v3 Authority Key Identifier:
keyid:66:03:ED:4C:78:45:42:50:11:6F:10:5E:B6:96:1D:C2:9E:1D:BC:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZgPtTHhFQlARbxBetpYdwp4dvGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/44d603-fbf5-459b-a0ba-d2763c007752/1/pFNbbolKWdf6lVoEITxkPbtrK0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/44d603-fbf5-459b-a0ba-d2763c007752/1/ZgPtTHhFQlARbxBetpYdwp4dvGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.216.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:37:4d:15:26:0b:d2:d1:2e:6a:39:de:ec:c4:07:68:d3:e7:
d1:04:cd:f1:c2:a9:c0:cf:af:51:96:8b:5f:78:78:89:2f:c0:
06:42:29:ea:d1:d5:f3:e4:69:f9:06:40:b0:7d:52:1c:00:00:
06:03:86:31:a9:f0:d8:80:3c:79:0c:fc:3e:a8:ae:f2:f1:2a:
1e:e7:b8:5e:5b:3d:c6:09:e5:18:e1:0e:59:51:69:a1:a6:f2:
58:66:45:6f:df:24:15:66:94:38:53:a9:22:4d:c1:27:c2:48:
89:4d:f0:0a:9a:ca:5c:ee:50:f6:ff:7d:ed:a2:eb:0d:fd:d1:
f6:da:86:01:43:6a:86:98:f5:b8:42:3e:24:a2:a6:fa:54:ec:
24:61:0a:e9:84:38:28:97:2b:7a:d6:38:99:14:83:6b:f2:8c:
5b:c6:e9:9f:df:e4:b2:ce:23:6c:de:f1:1d:c8:23:12:34:a4:
c9:2a:c0:3b:0f:b2:32:e3:84:51:00:2f:b1:9f:28:7d:77:55:
16:fe:6d:e3:75:c0:89:b7:e2:5d:fb:19:8d:44:aa:c4:bb:e1:
38:e1:1f:4e:7f:4e:ca:eb:6a:ee:e9:af:08:3e:f7:20:2a:8e:
0d:a3:37:d3:09:59:40:e7:6c:4a:4c:53:21:a0:2d:8d:06:a8:
57:c0:f1:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjalLSS/USffW9VycxQcRoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MDNlZDRjNzg0NTQyNTAxMTZmMTA1ZWI2OTYxZGMyOWUx
ZGJjNmMwHhcNMjUwMTAxMTk0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDUzNWI2ZTg5NGE1OWQ3ZmE5NTVhMDQyMTNjNjQzZGJiNmIyYjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5fpbhCJxTWYRYW66QsLnYfnhXkVo
T00tWlIG5A1RxcWiFWuJ3zBV/D3twKErCwdgQhTALo8P98LvL9hddQzk1ThbRbJ8
AByhFH03gIbGt6vc6QqaffC+hNuzyJxDMkTjEl6gUjv4rptwXryykLW3HyworMtj
7HY3JQr9SIS1TzJgZHyhB56gnD0944J+Mi7lJyJsIH4af8rQAXr7oU+Pm7A9rIn7
grjmFmDP1WQV//hDqBix2Mx/ytadAz9sP1GxaVsmKLgM9Pujqa+SS4Cli2z6mN//
z5GB4d0fUjbvaRVrJfOYl6799m/j+TtjMIkvYedz5JppwKMGNZ4R7xanywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKRTW26JSlnX+pVaBCE8ZD27aytHMB8GA1UdIwQY
MBaAFGYD7Ux4RUJQEW8QXraWHcKeHbxsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmdQdFRIaEZRbEFSYnhCZXRwWWR3cDRkdkd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS80NGQ2MDMtZmJmNS00NTliLWEwYmEt
ZDI3NjNjMDA3NzUyLzEvcEZOYmJvbEtXZGY2bFZvRUlUeGtQYnRySzBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS80NGQ2MDMtZmJmNS00NTliLWEwYmEtZDI3NjNjMDA3NzUy
LzEvWmdQdFRIaEZRbEFSYnhCZXRwWWR3cDRkdkd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8/YMA0G
CSqGSIb3DQEBCwUAA4IBAQCuN00VJgvS0S5qOd7sxAdo0+fRBM3xwqnAz69Rlotf
eHiJL8AGQinq0dXz5Gn5BkCwfVIcAAAGA4YxqfDYgDx5DPw+qK7y8Soe57heWz3G
CeUY4Q5ZUWmhpvJYZkVv3yQVZpQ4U6kiTcEnwkiJTfAKmspc7lD2/33tousN/dH2
2oYBQ2qGmPW4Qj4koqb6VOwkYQrphDgolyt61jiZFINr8oxbxumf3+SyziNs3vEd
yCMSNKTJKsA7D7Iy44RRAC+xnyh9d1UW/m3jdcCJt+Jd+xmNRKrEu+E44R9Of07K
62ru6a8IPvcgKo4NozfTCVlA52xKTFMhoC2NBqhXwPFl
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:32 2025 by rpki-client