Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/F3hqjm97gZ-Ngzc1yl4r9A6hbpY.roa
File: F3hqjm97gZ-Ngzc1yl4r9A6hbpY.roa (raw, json)
Hash identifier: Fjkbha/KmGGw3kpsozM4znLBiuyYYtZFzswuh2XrcB8=
Subject key identifier: 17:78:6A:8E:6F:7B:81:9F:8D:83:37:35:CA:5E:2B:F4:0E:A1:6E:96
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 0191A77B7A075CB4769B5BF0F34A3DA3CBB5
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/F3hqjm97gZ-Ngzc1yl4r9A6hbpY.roa
Signing time: Sat 31 Aug 2024 08:09:32 +0000
ROA not before: Sat 31 Aug 2024 08:09:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199760
IP address blocks: 91.92.40.0/24 maxlen: 24
91.92.43.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a7:7b:7a:07:5c:b4:76:9b:5b:f0:f3:4a:3d:a3:cb:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Aug 31 08:09:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17786a8e6f7b819f8d833735ca5e2bf40ea16e96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:05:23:c2:00:bb:f6:6e:3f:4f:1a:79:e6:96:
8f:dd:c5:c1:4b:61:1b:a6:c3:81:24:0d:ee:91:87:
43:bf:5a:90:61:bc:b5:ae:cb:36:65:9c:f6:25:32:
f5:ac:c9:a2:96:2f:ac:2d:1e:76:f2:4c:70:5b:ae:
62:44:6a:1f:de:2b:08:b4:ef:21:86:c0:79:b8:a8:
36:cc:f4:73:ab:32:c1:12:e4:3a:ba:42:af:ee:f3:
d7:39:c5:6e:fe:08:92:f3:8e:92:d9:7b:8d:02:f7:
1c:a4:cc:c4:c9:64:34:5c:ca:e1:d4:f8:07:cf:6e:
8e:50:a2:01:2f:f1:91:7c:a8:44:21:ba:88:f7:88:
a4:d4:10:e4:80:95:92:5f:26:98:86:12:c6:35:cd:
e2:12:c5:c6:6b:46:47:23:b3:0e:70:d4:fd:1f:17:
40:ee:49:e8:f4:92:74:02:2f:c7:18:59:54:a8:81:
6a:7f:81:dc:dc:50:b2:e5:20:43:04:e5:ac:cb:ad:
dc:90:a6:7b:87:02:6c:9e:a9:02:35:51:ba:b6:0b:
f2:4a:c2:60:9a:d7:7d:c2:dc:14:4f:ff:52:76:81:
7d:47:45:6f:30:47:8f:0d:bf:1c:61:ff:c4:70:a3:
4d:d1:f4:46:d2:42:c2:50:e5:b7:26:82:d7:ce:e2:
2c:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:78:6A:8E:6F:7B:81:9F:8D:83:37:35:CA:5E:2B:F4:0E:A1:6E:96
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/F3hqjm97gZ-Ngzc1yl4r9A6hbpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.40.0/24
91.92.43.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:c8:af:7d:ce:c3:96:89:37:1b:1e:2d:5f:bb:a5:54:94:f5:
72:ce:6c:bc:ff:88:42:ca:a1:bf:32:5b:1b:9a:88:4e:04:36:
82:e4:d9:a3:59:29:e6:70:d7:97:fe:9e:ac:ac:16:a6:da:a9:
c7:74:e7:b6:95:4e:1a:25:2a:54:6e:fd:e4:75:77:a8:52:51:
5f:6f:37:73:e3:a1:bc:fc:f8:e8:fc:fe:96:a2:e8:9b:b6:e9:
0e:cc:b4:8e:e8:7f:fa:3c:2d:b8:fb:45:ec:68:30:45:82:e7:
ec:f2:03:25:36:94:0b:57:d1:f7:14:20:5c:14:f2:50:7c:1f:
a4:71:d0:22:f3:55:da:a7:44:dc:92:ee:75:85:83:68:94:0a:
06:45:29:94:26:76:e9:bb:17:a9:dd:69:f0:73:62:7b:06:a5:
13:60:77:3a:c7:e5:89:c1:fb:56:88:f9:cc:16:78:72:81:06:
9b:56:0c:3e:1d:52:46:86:cf:13:5e:5b:8c:c8:b0:66:cd:9f:
52:df:e6:ed:87:37:68:04:d9:d5:50:be:b1:8a:e0:90:a0:0b:
ee:5d:98:21:39:fe:8c:9c:48:dc:21:cd:07:e1:7d:4e:9e:5e:
31:42:5d:55:51:c2:28:dc:3f:9e:89:38:9c:87:c3:96:dc:ba:
33:ff:92:2a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZGne3oHXLR2m1vw80o9o8u1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjQwODMxMDgwOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzc4NmE4ZTZmN2I4MTlmOGQ4MzM3MzVjYTVlMmJmNDBlYTE2ZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgUjwgC79m4/Txp55paP3cXBS2Eb
psOBJA3ukYdDv1qQYby1rss2ZZz2JTL1rMmili+sLR528kxwW65iRGof3isItO8h
hsB5uKg2zPRzqzLBEuQ6ukKv7vPXOcVu/giS846S2XuNAvccpMzEyWQ0XMrh1PgH
z26OUKIBL/GRfKhEIbqI94ik1BDkgJWSXyaYhhLGNc3iEsXGa0ZHI7MOcNT9HxdA
7kno9JJ0Ai/HGFlUqIFqf4Hc3FCy5SBDBOWsy63ckKZ7hwJsnqkCNVG6tgvySsJg
mtd9wtwUT/9SdoF9R0VvMEePDb8cYf/EcKNN0fRG0kLCUOW3JoLXzuIsuwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBd4ao5ve4GfjYM3NcpeK/QOoW6WMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvRjNocWptOTdnWi1OZ3pjMXlsNHI5QTZoYnBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW1woAwQA
W1wrMA0GCSqGSIb3DQEBCwUAA4IBAQBOyK99zsOWiTcbHi1fu6VUlPVyzmy8/4hC
yqG/MlsbmohOBDaC5NmjWSnmcNeX/p6srBam2qnHdOe2lU4aJSpUbv3kdXeoUlFf
bzdz46G8/Pjo/P6WouibtukOzLSO6H/6PC24+0XsaDBFgufs8gMlNpQLV9H3FCBc
FPJQfB+kcdAi81Xap0Tcku51hYNolAoGRSmUJnbpuxep3Wnwc2J7BqUTYHc6x+WJ
wftWiPnMFnhygQabVgw+HVJGhs8TXluMyLBmzZ9S3+bthzdoBNnVUL6xiuCQoAvu
XZghOf6MnEjcIc0H4X1Onl4xQl1VUcIo3D+eiTich8OW3Loz/5Iq
-----END CERTIFICATE-----
Generated at Wed Apr 9 00:29:24 2025 by rpki-client