Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/CufnYSstlNtENOE9efd7-2ln8Es.roa
File: CufnYSstlNtENOE9efd7-2ln8Es.roa (raw, json)
Hash identifier: z8qQP+b43sULkWDkQAPO4p2CYsOjqrih9Z+imFI0Iok=
Subject key identifier: 0A:E7:E7:61:2B:2D:94:DB:44:34:E1:3D:79:F7:7B:FB:69:67:F0:4B
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 019594E01BB49CFB3A572A08509AAC36F338
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/CufnYSstlNtENOE9efd7-2ln8Es.roa
Signing time: Fri 14 Mar 2025 13:37:49 +0000
ROA not before: Fri 14 Mar 2025 13:37:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207083
IP address blocks: 91.92.34.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:94:e0:1b:b4:9c:fb:3a:57:2a:08:50:9a:ac:36:f3:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Mar 14 13:37:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ae7e7612b2d94db4434e13d79f77bfb6967f04b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d6:58:c2:b1:98:b5:9b:94:e5:11:e1:9f:13:
4f:fb:2d:93:6b:39:8c:60:4c:3c:3a:6b:06:83:de:
09:9a:74:74:46:a0:35:d6:1b:ca:cc:20:dc:c3:ce:
2d:57:c7:f3:9f:47:c5:b3:bd:51:05:1c:7c:84:af:
fd:08:c8:9a:6d:10:cc:d9:50:16:8c:b8:ed:fe:3c:
2b:fb:4a:d5:4d:8b:25:c2:02:0b:01:9b:1b:4b:d7:
1b:d7:80:57:c8:b5:1b:90:7d:58:6e:14:91:89:ae:
b4:01:fc:c4:e3:16:d1:cc:a6:ef:04:3d:0b:df:57:
a2:f5:f2:c7:72:6d:bf:e6:52:16:36:13:b1:cb:43:
5e:f8:db:b0:62:08:c1:6f:c2:dc:c6:8f:04:1f:03:
5a:e9:46:29:cd:72:6c:79:82:1b:59:95:92:08:c2:
a1:7e:ae:c5:7b:e9:ce:24:fd:76:39:32:bf:ef:08:
02:ca:f0:44:73:51:98:45:e7:96:54:7d:5a:da:2b:
7c:1a:cf:09:01:34:c0:fb:0c:8c:da:0a:b2:07:c8:
2b:16:cc:8d:be:19:f4:1f:46:a9:51:12:57:4a:4b:
81:09:42:1c:af:cd:74:db:2b:4d:99:43:3b:7c:ad:
2f:53:4c:c9:af:68:c4:b0:77:e4:33:24:89:4c:e6:
c5:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:E7:E7:61:2B:2D:94:DB:44:34:E1:3D:79:F7:7B:FB:69:67:F0:4B
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/CufnYSstlNtENOE9efd7-2ln8Es.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.34.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:d4:1e:44:25:2e:1c:0c:b5:35:db:81:14:be:f2:06:79:6c:
0b:e7:8e:ea:c8:6d:7e:1e:55:19:ef:ab:a5:49:89:b9:58:14:
c8:93:ce:18:4f:16:6c:8d:a2:45:e5:63:09:e1:be:b6:1d:01:
ff:6e:d6:c1:a4:35:fe:26:8b:1c:ef:be:ad:33:f7:c7:4d:43:
c6:d5:f8:35:5a:8e:70:6b:e1:f0:d4:26:61:22:6d:a6:ab:30:
7b:3e:ac:fb:f4:51:63:71:c8:dd:56:89:48:e8:2c:81:33:ea:
d5:fa:f5:2d:9b:20:9c:8c:9c:bf:2c:ea:26:f3:cf:78:99:ee:
ee:16:01:94:46:e4:ca:74:dc:fa:29:93:7d:5f:97:b4:75:1b:
a7:cf:b4:7b:7a:88:a4:e5:83:ee:9e:df:a6:ab:df:3a:1e:8c:
ca:c5:64:db:42:45:09:7a:9c:44:a1:63:63:6c:80:11:20:e1:
58:06:e8:14:2e:7d:84:21:ad:d4:2b:36:47:82:db:7c:41:22:
04:56:32:7e:02:61:9a:a7:c5:e7:f1:2b:3d:2e:ec:1f:10:58:
05:d0:43:59:bf:0b:77:5e:a2:00:14:20:12:3f:c7:be:a2:8f:
68:c9:16:b8:a4:bf:8b:e9:3a:b8:53:fc:b2:9d:40:32:40:3f:
8c:e1:a7:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWU4Bu0nPs6VyoIUJqsNvM4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjUwMzE0MTMzNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWU3ZTc2MTJiMmQ5NGRiNDQzNGUxM2Q3OWY3N2JmYjY5NjdmMDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdZYwrGYtZuU5RHhnxNP+y2TazmM
YEw8OmsGg94JmnR0RqA11hvKzCDcw84tV8fzn0fFs71RBRx8hK/9CMiabRDM2VAW
jLjt/jwr+0rVTYslwgILAZsbS9cb14BXyLUbkH1YbhSRia60AfzE4xbRzKbvBD0L
31ei9fLHcm2/5lIWNhOxy0Ne+NuwYgjBb8Lcxo8EHwNa6UYpzXJseYIbWZWSCMKh
fq7Fe+nOJP12OTK/7wgCyvBEc1GYReeWVH1a2it8Gs8JATTA+wyM2gqyB8grFsyN
vhn0H0apURJXSkuBCUIcr8102ytNmUM7fK0vU0zJr2jEsHfkMySJTObFBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFArn52ErLZTbRDThPXn3e/tpZ/BLMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvQ3VmbllTc3RsTnRFTk9FOWVmZDctMmxuOEVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW1wiMA0G
CSqGSIb3DQEBCwUAA4IBAQCf1B5EJS4cDLU124EUvvIGeWwL547qyG1+HlUZ76ul
SYm5WBTIk84YTxZsjaJF5WMJ4b62HQH/btbBpDX+Josc776tM/fHTUPG1fg1Wo5w
a+Hw1CZhIm2mqzB7Pqz79FFjccjdVolI6CyBM+rV+vUtmyCcjJy/LOom8894me7u
FgGURuTKdNz6KZN9X5e0dRunz7R7eoik5YPunt+mq986HozKxWTbQkUJepxEoWNj
bIARIOFYBugULn2EIa3UKzZHgtt8QSIEVjJ+AmGap8Xn8Ss9LuwfEFgF0ENZvwt3
XqIAFCASP8e+oo9oyRa4pL+L6Tq4U/yynUAyQD+M4adE
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:34:08 2025 by rpki-client