Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/Dt-HKFAy_yg2wBlF5QPde7LANEE.roa
File: Dt-HKFAy_yg2wBlF5QPde7LANEE.roa (raw, json)
Hash identifier: EzXnKXTAh73GWqSY42wDaPhy35SU6jbtdG4yFMOBnu4=
Subject key identifier: 0E:DF:87:28:50:32:FF:28:36:C0:19:45:E5:03:DD:7B:B2:C0:34:41
Certificate issuer: /CN=5dd6f6d299bcdec73d13f2d842fc1df4bc1ee2d3
Certificate serial: 019427B5F50A960C9A1E33C020765CA17B3C
Authority key identifier: 5D:D6:F6:D2:99:BC:DE:C7:3D:13:F2:D8:42:FC:1D:F4:BC:1E:E2:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xdb20pm83sc9E_LYQvwd9Lwe4tM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/Dt-HKFAy_yg2wBlF5QPde7LANEE.roa
Signing time: Thu 02 Jan 2025 15:50:23 +0000
ROA not before: Thu 02 Jan 2025 15:50:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42689
IP address blocks: 91.200.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:f5:0a:96:0c:9a:1e:33:c0:20:76:5c:a1:7b:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dd6f6d299bcdec73d13f2d842fc1df4bc1ee2d3
Validity
Not Before: Jan 2 15:50:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0edf87285032ff2836c01945e503dd7bb2c03441
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:89:72:24:de:65:98:c1:ad:c9:13:5f:ba:91:
0c:99:76:4c:3b:a3:e3:58:d7:91:fa:60:7a:a6:a3:
e3:93:37:e3:e6:c2:52:62:83:fc:d1:25:cb:f5:52:
66:24:65:9a:9d:bb:e2:fb:59:a8:5e:df:78:04:b7:
d0:1e:93:b1:ea:f7:3a:e4:a6:d0:03:ec:41:75:ba:
f1:15:ca:26:60:c0:37:23:cd:2c:70:9c:9f:53:c7:
1a:97:ff:29:c1:d3:72:7f:65:09:28:f4:c4:64:d7:
21:f8:d5:34:9e:dc:1d:ee:b7:ec:9e:df:3a:83:6d:
c1:81:76:c9:c6:47:ba:dc:b9:8f:60:43:b7:9d:1e:
db:af:c9:92:53:db:9b:50:f6:fb:98:90:90:41:58:
59:57:78:75:3f:5c:c1:de:8b:7e:4e:a7:6e:e0:46:
4e:bf:d7:67:c3:d8:d3:41:df:c8:2d:74:39:92:13:
c8:d6:0e:3a:da:45:f1:2b:db:ca:41:97:a5:0a:31:
5e:76:bf:46:f0:73:a2:46:ef:cc:6c:6f:80:d1:b9:
a5:87:f7:3a:7b:5d:22:24:40:1d:94:55:30:1d:fa:
b0:12:60:c6:24:e2:c5:db:06:c2:6c:e3:ae:c1:5f:
7d:79:45:c2:95:3c:2d:ca:a2:51:9f:18:98:02:1e:
1d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:DF:87:28:50:32:FF:28:36:C0:19:45:E5:03:DD:7B:B2:C0:34:41
X509v3 Authority Key Identifier:
keyid:5D:D6:F6:D2:99:BC:DE:C7:3D:13:F2:D8:42:FC:1D:F4:BC:1E:E2:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xdb20pm83sc9E_LYQvwd9Lwe4tM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/Dt-HKFAy_yg2wBlF5QPde7LANEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/Xdb20pm83sc9E_LYQvwd9Lwe4tM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.252.0/24
Signature Algorithm: sha256WithRSAEncryption
49:c9:f5:0b:e5:c0:61:a8:3d:92:22:fc:00:a4:56:01:93:f8:
4b:94:06:5e:cf:bb:73:17:07:ec:10:60:45:85:c7:7d:11:e7:
b5:aa:cb:a9:e8:4d:1d:24:1d:80:b2:a4:16:fa:ca:6f:44:a6:
10:8c:ba:a2:94:8f:ec:79:45:d2:f5:cb:5e:1d:fa:18:f7:d1:
f9:55:a5:8d:f4:b6:c3:dc:6f:98:d1:f1:7e:0f:15:ca:1f:25:
c3:78:9f:eb:18:fd:93:ef:f2:78:12:6c:49:4f:3c:15:a4:16:
d6:d0:d3:91:80:2f:3d:91:af:c5:16:61:58:bd:33:9a:13:9e:
37:5e:30:e5:65:81:15:e3:38:18:5d:47:af:69:39:52:89:b0:
01:38:55:02:5a:51:db:93:7d:ad:50:f9:3d:47:ac:b3:78:d1:
ce:c2:c9:56:6b:7f:fa:cc:e8:95:bf:2e:d8:e3:c5:e3:80:48:
54:f7:43:01:fd:65:05:4e:f9:a2:4f:97:72:24:6a:52:2c:1f:
6b:da:12:a7:c7:40:c2:86:45:be:e3:8f:65:0f:74:e5:b1:c9:
0c:90:69:3c:dd:00:22:c6:c5:a3:2d:ef:68:89:f8:88:39:08:
d6:f2:af:b1:ec:0d:12:7a:e1:d8:50:37:1a:f0:62:b5:5c:3b:
43:4f:b2:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntfUKlgyaHjPAIHZcoXs8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDZmNmQyOTliY2RlYzczZDEzZjJkODQyZmMxZGY0YmMx
ZWUyZDMwHhcNMjUwMTAyMTU1MDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWRmODcyODUwMzJmZjI4MzZjMDE5NDVlNTAzZGQ3YmIyYzAzNDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4lyJN5lmMGtyRNfupEMmXZMO6Pj
WNeR+mB6pqPjkzfj5sJSYoP80SXL9VJmJGWanbvi+1moXt94BLfQHpOx6vc65KbQ
A+xBdbrxFcomYMA3I80scJyfU8cal/8pwdNyf2UJKPTEZNch+NU0ntwd7rfsnt86
g23BgXbJxke63LmPYEO3nR7br8mSU9ubUPb7mJCQQVhZV3h1P1zB3ot+Tqdu4EZO
v9dnw9jTQd/ILXQ5khPI1g462kXxK9vKQZelCjFedr9G8HOiRu/MbG+A0bmlh/c6
e10iJEAdlFUwHfqwEmDGJOLF2wbCbOOuwV99eUXClTwtyqJRnxiYAh4dHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA7fhyhQMv8oNsAZReUD3XuywDRBMB8GA1UdIwQY
MBaAFF3W9tKZvN7HPRPy2EL8HfS8HuLTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRiMjBwbTgzc2M5RV9MWVF2d2Q5THdlNHRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hNGI0NDYtYmI3Mi00NWJlLWJjNDYt
NTFmNWZmODFjMTE3LzEvRHQtSEtGQXlfeWcyd0JsRjVRUGRlN0xBTkVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hNGI0NDYtYmI3Mi00NWJlLWJjNDYtNTFmNWZmODFjMTE3
LzEvWGRiMjBwbTgzc2M5RV9MWVF2d2Q5THdlNHRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8j8MA0G
CSqGSIb3DQEBCwUAA4IBAQBJyfUL5cBhqD2SIvwApFYBk/hLlAZez7tzFwfsEGBF
hcd9Eee1qsup6E0dJB2AsqQW+spvRKYQjLqilI/seUXS9cteHfoY99H5VaWN9LbD
3G+Y0fF+DxXKHyXDeJ/rGP2T7/J4EmxJTzwVpBbW0NORgC89ka/FFmFYvTOaE543
XjDlZYEV4zgYXUevaTlSibABOFUCWlHbk32tUPk9R6yzeNHOwslWa3/6zOiVvy7Y
48XjgEhU90MB/WUFTvmiT5dyJGpSLB9r2hKnx0DChkW+449lD3TlsckMkGk83QAi
xsWjLe9oifiIOQjW8q+x7A0SeuHYUDca8GK1XDtDT7Lo
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:13:10 2025 by rpki-client