Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/mVdexk3vKBH_4OglU9QY2xWXbFg.roa
File: mVdexk3vKBH_4OglU9QY2xWXbFg.roa (raw, json)
Hash identifier: T7oxwImzAvvVd0FkOTxcioKajTx/j5GnmzdyER6QnyE=
Subject key identifier: 99:57:5E:C6:4D:EF:28:11:FF:E0:E8:25:53:D4:18:DB:15:97:6C:58
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 01945F3EFEE124DEF7A3D5933EB0D2AB2AD3
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/mVdexk3vKBH_4OglU9QY2xWXbFg.roa
Signing time: Mon 13 Jan 2025 10:39:11 +0000
ROA not before: Mon 13 Jan 2025 10:39:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 91.92.35.0/24 maxlen: 24
91.92.40.0/24 maxlen: 24
91.92.42.0/24 maxlen: 24
91.92.43.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5f:3e:fe:e1:24:de:f7:a3:d5:93:3e:b0:d2:ab:2a:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jan 13 10:39:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99575ec64def2811ffe0e82553d418db15976c58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:bd:d7:51:09:c2:93:1d:c9:ce:e8:04:9a:92:
bc:fb:1d:78:42:b1:c0:af:62:19:2b:a6:4f:bf:47:
b5:75:17:d5:61:1d:59:c7:28:8a:90:0a:25:22:50:
a2:73:86:5f:fb:36:6d:fc:0f:c0:3e:79:32:82:7d:
d0:eb:b8:78:79:19:bd:3c:09:a6:c4:58:8e:98:2e:
7e:a0:36:f6:bd:d3:07:9f:46:b0:b0:9f:df:8f:90:
f0:67:48:04:4d:01:af:fe:2a:33:41:c8:d9:f3:24:
10:10:3c:c1:05:a9:d4:be:2d:52:67:bc:ac:15:bc:
6a:f1:8f:30:d3:bd:eb:0a:f2:b7:60:7a:ba:e5:f5:
51:89:db:0a:35:b5:89:80:3f:d4:11:97:66:f1:0d:
4e:68:79:7d:cc:70:1b:a6:0c:d5:64:87:8d:15:ad:
24:12:78:75:13:52:6e:37:8a:15:e1:be:e4:a5:65:
7e:1d:d2:de:54:17:54:ac:e1:ab:be:9b:bf:54:9b:
ea:dd:b5:18:20:5f:f2:97:6f:70:dc:9d:f5:79:f6:
b7:55:78:f4:61:18:6a:6b:63:91:62:05:14:64:7c:
6e:fd:cc:ad:ab:01:7d:cb:be:6b:ab:17:73:f2:81:
4a:b0:2d:9c:d8:c9:85:09:8b:8d:c1:e9:0a:b5:cf:
65:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:57:5E:C6:4D:EF:28:11:FF:E0:E8:25:53:D4:18:DB:15:97:6C:58
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/mVdexk3vKBH_4OglU9QY2xWXbFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.35.0/24
91.92.40.0/24
91.92.42.0/23
Signature Algorithm: sha256WithRSAEncryption
15:8d:12:bd:9c:f3:0f:89:84:6e:8e:d5:6f:4d:30:e5:80:4e:
3e:17:1c:e0:64:3a:44:d9:b9:18:c2:21:83:2f:c2:0c:13:da:
15:bd:05:b6:09:c3:d7:62:2b:56:c0:ea:11:17:c3:7f:c9:ec:
68:0b:d9:b3:e5:ed:8e:65:c3:94:55:60:0e:c6:07:42:e5:bd:
fd:fb:6f:e6:03:f1:15:d9:cd:f2:81:f2:ef:0e:9c:48:bc:46:
49:b8:54:ca:0e:55:aa:24:98:49:a0:c2:57:10:20:b8:66:d4:
ef:21:6d:5e:b6:1c:ec:42:9c:d4:61:1c:62:84:55:43:80:44:
6b:79:4b:7c:8f:44:91:97:cf:26:7d:b2:97:a5:38:d6:13:8d:
23:96:73:91:d7:11:f3:e6:31:e7:4e:ab:d2:ee:ba:91:19:3f:
08:3d:fb:49:3f:d3:bb:54:bc:16:25:8f:6d:f5:66:6f:3a:12:
fc:41:94:d7:2e:7c:32:3c:f8:a0:00:77:58:50:bf:f3:99:a3:
0d:c3:7c:56:f7:8e:6d:4a:7a:d1:c0:22:09:ef:e2:7a:c7:60:
cd:f0:f4:6c:c2:fb:8c:e0:35:60:b2:dc:26:cf:da:77:d8:52:
72:f4:eb:4a:3f:08:21:38:20:04:b5:f1:07:bc:bf:0b:33:9a:
72:d8:03:1d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZRfPv7hJN73o9WTPrDSqyrTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjUwMTEzMTAzOTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTU3NWVjNjRkZWYyODExZmZlMGU4MjU1M2Q0MThkYjE1OTc2YzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+L3XUQnCkx3JzugEmpK8+x14QrHA
r2IZK6ZPv0e1dRfVYR1ZxyiKkAolIlCic4Zf+zZt/A/APnkygn3Q67h4eRm9PAmm
xFiOmC5+oDb2vdMHn0awsJ/fj5DwZ0gETQGv/iozQcjZ8yQQEDzBBanUvi1SZ7ys
Fbxq8Y8w073rCvK3YHq65fVRidsKNbWJgD/UEZdm8Q1OaHl9zHAbpgzVZIeNFa0k
Enh1E1JuN4oV4b7kpWV+HdLeVBdUrOGrvpu/VJvq3bUYIF/yl29w3J31efa3VXj0
YRhqa2ORYgUUZHxu/cytqwF9y75rqxdz8oFKsC2c2MmFCYuNwekKtc9lowIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJlXXsZN7ygR/+DoJVPUGNsVl2xYMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvbVZkZXhrM3ZLQkhfNE9nbFU5UVkyeFdYYkZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW1wjAwQA
W1woAwQBW1wqMA0GCSqGSIb3DQEBCwUAA4IBAQAVjRK9nPMPiYRujtVvTTDlgE4+
FxzgZDpE2bkYwiGDL8IME9oVvQW2CcPXYitWwOoRF8N/yexoC9mz5e2OZcOUVWAO
xgdC5b39+2/mA/EV2c3ygfLvDpxIvEZJuFTKDlWqJJhJoMJXECC4ZtTvIW1ethzs
QpzUYRxihFVDgERreUt8j0SRl88mfbKXpTjWE40jlnOR1xHz5jHnTqvS7rqRGT8I
PftJP9O7VLwWJY9t9WZvOhL8QZTXLnwyPPigAHdYUL/zmaMNw3xW945tSnrRwCIJ
7+J6x2DN8PRswvuM4DVgstwmz9p32FJy9OtKPwghOCAEtfEHvL8LM5py2AMd
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:21:43 2025 by rpki-client