Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/6f49e1-e704-4ab4-b94c-5fdcb783a6ec/1/G8WBqm_n-G2Dq7rJrsvaHEWmDxE.roa
File: G8WBqm_n-G2Dq7rJrsvaHEWmDxE.roa (raw, json)
Hash identifier: IA50muj3Iqkw7YnSvxI1jyledliIC9BsrNcG2Szt4iM=
Subject key identifier: 1B:C5:81:AA:6F:E7:F8:6D:83:AB:BA:C9:AE:CB:DA:1C:45:A6:0F:11
Certificate issuer: /CN=f7b069d33df1225a8b3643a01364f279df40d877
Certificate serial: 01942444EB504A48CC3069EC809EDE657D36
Authority key identifier: F7:B0:69:D3:3D:F1:22:5A:8B:36:43:A0:13:64:F2:79:DF:40:D8:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/97Bp0z3xIlqLNkOgE2Tyed9A2Hc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/6f49e1-e704-4ab4-b94c-5fdcb783a6ec/1/G8WBqm_n-G2Dq7rJrsvaHEWmDxE.roa
Signing time: Wed 01 Jan 2025 23:48:03 +0000
ROA not before: Wed 01 Jan 2025 23:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12859
IP address blocks: 91.207.232.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:eb:50:4a:48:cc:30:69:ec:80:9e:de:65:7d:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7b069d33df1225a8b3643a01364f279df40d877
Validity
Not Before: Jan 1 23:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1bc581aa6fe7f86d83abbac9aecbda1c45a60f11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:77:91:36:89:b1:cc:4c:72:e8:8c:2f:d4:69:
2a:9e:81:4e:9d:50:f8:6a:ad:76:5d:b4:94:19:68:
c3:b7:94:d0:88:98:46:0d:af:70:cb:2a:ca:fc:75:
49:3d:a4:e2:07:8f:0a:7d:f2:07:e7:f6:91:f6:99:
29:4f:73:01:ed:b3:77:49:4a:da:58:92:5c:7a:37:
cb:ef:75:21:b1:7e:9b:0c:02:b4:ab:a2:ce:e4:a9:
f9:43:aa:36:e3:ad:7c:60:1e:56:31:70:92:b1:e7:
21:15:e4:1e:e0:fd:3a:c3:41:cd:b5:1f:4f:60:37:
3f:ea:5e:47:fe:68:ad:0d:4e:12:4e:48:80:70:e5:
a2:79:cd:13:6f:b5:27:b8:81:a3:e1:8b:e7:39:9a:
bd:54:2f:71:0d:71:96:ed:ab:da:aa:d0:cc:50:d5:
f5:9b:eb:e6:68:52:99:0d:61:51:87:81:a1:f6:12:
f2:7d:9d:77:53:e5:b9:1b:63:a5:0f:bf:52:0e:3d:
82:13:b9:41:ec:8f:06:a9:a5:51:24:97:d8:4c:44:
46:ef:5e:cb:bc:9c:eb:b7:4d:a4:13:24:4c:2b:ba:
1e:88:9b:67:aa:bb:b8:b1:4c:03:0d:0d:a9:d1:13:
2c:01:21:6f:8a:ee:2b:e4:94:85:39:e5:9c:38:88:
ce:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:C5:81:AA:6F:E7:F8:6D:83:AB:BA:C9:AE:CB:DA:1C:45:A6:0F:11
X509v3 Authority Key Identifier:
keyid:F7:B0:69:D3:3D:F1:22:5A:8B:36:43:A0:13:64:F2:79:DF:40:D8:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/97Bp0z3xIlqLNkOgE2Tyed9A2Hc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6f49e1-e704-4ab4-b94c-5fdcb783a6ec/1/G8WBqm_n-G2Dq7rJrsvaHEWmDxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6f49e1-e704-4ab4-b94c-5fdcb783a6ec/1/97Bp0z3xIlqLNkOgE2Tyed9A2Hc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.232.0/23
Signature Algorithm: sha256WithRSAEncryption
8d:d5:25:cc:ed:f9:0d:65:92:b4:4c:b3:6f:10:a3:5d:9f:34:
a2:20:1b:26:ba:28:79:88:e4:cd:fc:6a:9f:68:b8:8d:d7:c0:
04:35:19:4a:49:04:dd:c2:dd:fc:16:64:8b:8f:d0:05:df:5d:
35:51:ad:c8:d2:23:c6:58:4a:06:10:2a:18:e8:d9:49:ed:b7:
f6:10:a6:f4:f1:3c:21:e9:69:87:fa:d5:8f:11:96:88:13:09:
18:5d:bf:f5:5a:40:31:da:8e:1d:14:9a:04:05:e9:69:eb:ef:
38:be:aa:6e:e6:d3:f9:48:54:5d:77:ea:5e:60:ad:f6:b8:2c:
6a:25:02:21:d9:3e:ab:e3:55:b9:7d:58:eb:39:5c:2a:66:da:
65:dd:dc:99:0c:ad:17:67:2c:c6:33:9c:71:bd:f7:da:07:c3:
70:cb:e8:bd:74:1c:29:c0:91:e2:4f:07:5b:41:49:87:3c:25:
3d:14:8b:d4:de:d6:6d:de:3b:5c:77:47:d2:2f:05:94:dc:54:
d7:35:d0:dd:c7:e7:5b:b8:79:91:7c:50:8b:3a:e6:2f:f6:60:
6f:4e:10:75:29:c6:d9:dd:11:e3:59:7f:80:4c:79:ab:41:84:
77:86:b9:ac:50:f9:6f:d9:0c:8c:15:b9:f8:01:e5:6b:69:99:
2d:bf:f1:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkROtQSkjMMGnsgJ7eZX02MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YjA2OWQzM2RmMTIyNWE4YjM2NDNhMDEzNjRmMjc5ZGY0
MGQ4NzcwHhcNMjUwMTAxMjM0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmM1ODFhYTZmZTdmODZkODNhYmJhYzlhZWNiZGExYzQ1YTYwZjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsneRNomxzExy6Iwv1GkqnoFOnVD4
aq12XbSUGWjDt5TQiJhGDa9wyyrK/HVJPaTiB48KffIH5/aR9pkpT3MB7bN3SUra
WJJcejfL73UhsX6bDAK0q6LO5Kn5Q6o24618YB5WMXCSsechFeQe4P06w0HNtR9P
YDc/6l5H/mitDU4STkiAcOWiec0Tb7UnuIGj4YvnOZq9VC9xDXGW7avaqtDMUNX1
m+vmaFKZDWFRh4Gh9hLyfZ13U+W5G2OlD79SDj2CE7lB7I8GqaVRJJfYTERG717L
vJzrt02kEyRMK7oeiJtnqru4sUwDDQ2p0RMsASFviu4r5JSFOeWcOIjOGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBvFgapv5/htg6u6ya7L2hxFpg8RMB8GA1UdIwQY
MBaAFPewadM98SJaizZDoBNk8nnfQNh3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTdCcDB6M3hJbHFMTmtPZ0UyVHllZDlBMkhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi82ZjQ5ZTEtZTcwNC00YWI0LWI5NGMt
NWZkY2I3ODNhNmVjLzEvRzhXQnFtX24tRzJEcTdySnJzdmFIRVdtRHhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi82ZjQ5ZTEtZTcwNC00YWI0LWI5NGMtNWZkY2I3ODNhNmVj
LzEvOTdCcDB6M3hJbHFMTmtPZ0UyVHllZDlBMkhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8/oMA0G
CSqGSIb3DQEBCwUAA4IBAQCN1SXM7fkNZZK0TLNvEKNdnzSiIBsmuih5iOTN/Gqf
aLiN18AENRlKSQTdwt38FmSLj9AF3101Ua3I0iPGWEoGECoY6NlJ7bf2EKb08Twh
6WmH+tWPEZaIEwkYXb/1WkAx2o4dFJoEBelp6+84vqpu5tP5SFRdd+peYK32uCxq
JQIh2T6r41W5fVjrOVwqZtpl3dyZDK0XZyzGM5xxvffaB8Nwy+i9dBwpwJHiTwdb
QUmHPCU9FIvU3tZt3jtcd0fSLwWU3FTXNdDdx+dbuHmRfFCLOuYv9mBvThB1KcbZ
3RHjWX+ATHmrQYR3hrmsUPlv2QyMFbn4AeVraZktv/F0
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:41:49 2025 by rpki-client