Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/fc60cd-d0b4-4c8b-8a4d-695d8299926e/1/CQgo9i7xKCKF-brlO7bOG3BNmVY.roa
File: CQgo9i7xKCKF-brlO7bOG3BNmVY.roa (raw, json)
Hash identifier: X8lPFkVQRlIn745XFiJL9ENZDguoL523rt5LMcrNdrw=
Subject key identifier: 09:08:28:F6:2E:F1:28:22:85:F9:BA:E5:3B:B6:CE:1B:70:4D:99:56
Certificate issuer: /CN=04b56ec3baf0a9eb22a13614763f18145d0cf04a
Certificate serial: 01941FFA5E77AC9EA76EF0E9B33CFBA6FA24
Authority key identifier: 04:B5:6E:C3:BA:F0:A9:EB:22:A1:36:14:76:3F:18:14:5D:0C:F0:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BLVuw7rwqesioTYUdj8YFF0M8Eo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/fc60cd-d0b4-4c8b-8a4d-695d8299926e/1/CQgo9i7xKCKF-brlO7bOG3BNmVY.roa
Signing time: Wed 01 Jan 2025 03:48:09 +0000
ROA not before: Wed 01 Jan 2025 03:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58282
IP address blocks: 91.208.157.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:5e:77:ac:9e:a7:6e:f0:e9:b3:3c:fb:a6:fa:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04b56ec3baf0a9eb22a13614763f18145d0cf04a
Validity
Not Before: Jan 1 03:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=090828f62ef1282285f9bae53bb6ce1b704d9956
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:86:92:43:d1:54:e9:fe:48:2c:ea:72:da:27:
80:e1:e3:e6:fe:30:2f:62:f5:cc:7a:ff:66:92:e9:
52:54:59:b8:02:95:63:61:67:6f:1c:84:e4:74:80:
b8:40:25:d8:9f:f4:5c:b9:9e:15:89:86:06:2b:87:
b1:57:2b:6d:86:53:c6:f9:9f:38:13:27:29:d7:08:
de:5a:6e:a1:a3:d7:92:a4:81:35:21:3a:6d:ef:c5:
48:c9:ae:2e:b8:f8:99:bc:c5:49:dc:d1:0d:df:4e:
f5:25:a8:be:71:02:0c:15:aa:8c:91:98:b2:be:0a:
ef:3f:d9:80:76:dd:3d:90:5f:96:24:24:e9:d1:cc:
a9:0f:27:8b:e9:a9:61:c0:fc:9a:91:86:08:f3:ab:
3b:61:44:95:4f:fe:a2:db:6f:fc:73:b7:5c:47:0e:
fc:41:69:a2:06:ce:1f:a6:61:b2:08:fa:81:23:55:
0d:bf:d5:3c:3e:25:98:0e:d1:7b:d9:f5:0d:5d:04:
68:c9:39:cf:ef:5a:e9:23:d5:75:fe:98:0f:34:cd:
a7:c7:b3:d1:cb:be:24:7d:35:bf:50:4b:23:f5:14:
38:53:41:63:e3:3c:fc:93:64:4e:b5:02:30:d7:45:
03:fc:5c:b9:be:bf:01:6a:20:8f:a4:85:24:66:46:
dd:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:08:28:F6:2E:F1:28:22:85:F9:BA:E5:3B:B6:CE:1B:70:4D:99:56
X509v3 Authority Key Identifier:
keyid:04:B5:6E:C3:BA:F0:A9:EB:22:A1:36:14:76:3F:18:14:5D:0C:F0:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BLVuw7rwqesioTYUdj8YFF0M8Eo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fc60cd-d0b4-4c8b-8a4d-695d8299926e/1/CQgo9i7xKCKF-brlO7bOG3BNmVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fc60cd-d0b4-4c8b-8a4d-695d8299926e/1/BLVuw7rwqesioTYUdj8YFF0M8Eo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.157.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:71:6b:11:d1:8c:8b:46:fe:14:fb:ac:07:e5:a1:23:d9:3a:
a8:17:d3:57:9d:30:dd:19:23:11:10:07:0a:8e:e3:2b:df:a5:
9d:79:03:aa:82:61:b6:ee:db:64:ba:15:77:b3:3b:e8:56:02:
2d:7f:cb:95:20:0e:fa:da:58:cf:9b:71:c4:d6:2c:5d:eb:98:
17:e8:1d:9d:9a:92:ba:32:f8:de:39:07:dc:b0:7d:7d:90:c0:
eb:be:cd:17:e8:50:1a:c2:a7:3a:af:98:11:31:f0:48:9b:76:
b1:b4:ba:f5:c5:1f:e2:1a:78:08:fc:b0:be:ec:bf:8c:6e:57:
27:c0:40:07:bc:02:b3:ea:19:1c:84:cb:31:89:e7:b0:e1:7f:
18:42:3f:25:38:d7:4c:22:24:fc:4d:9c:23:db:ae:58:69:d4:
77:8c:11:50:3b:c8:4f:0c:dd:fb:d4:0a:7f:bc:f7:80:50:93:
e8:99:0c:ca:dc:0b:d0:2a:80:30:11:7b:98:67:a1:88:dd:f1:
be:5d:cc:32:78:f6:ef:71:ca:d8:27:a5:90:79:41:8f:30:2c:
e5:0a:d8:17:4e:57:f7:82:e8:c5:d2:46:94:0d:7a:08:60:2c:
fb:67:90:99:f9:83:60:5c:2d:15:f2:16:29:b0:d0:13:d3:37:
8d:4e:43:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+l53rJ6nbvDpszz7pvokMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YjU2ZWMzYmFmMGE5ZWIyMmExMzYxNDc2M2YxODE0NWQw
Y2YwNGEwHhcNMjUwMTAxMDM0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTA4MjhmNjJlZjEyODIyODVmOWJhZTUzYmI2Y2UxYjcwNGQ5OTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoaSQ9FU6f5ILOpy2ieA4ePm/jAv
YvXMev9mkulSVFm4ApVjYWdvHITkdIC4QCXYn/RcuZ4ViYYGK4exVytthlPG+Z84
Eycp1wjeWm6ho9eSpIE1ITpt78VIya4uuPiZvMVJ3NEN3071Jai+cQIMFaqMkZiy
vgrvP9mAdt09kF+WJCTp0cypDyeL6alhwPyakYYI86s7YUSVT/6i22/8c7dcRw78
QWmiBs4fpmGyCPqBI1UNv9U8PiWYDtF72fUNXQRoyTnP71rpI9V1/pgPNM2nx7PR
y74kfTW/UEsj9RQ4U0Fj4zz8k2ROtQIw10UD/Fy5vr8BaiCPpIUkZkbddQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAkIKPYu8Sgihfm65Tu2zhtwTZlWMB8GA1UdIwQY
MBaAFAS1bsO68KnrIqE2FHY/GBRdDPBKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkxWdXc3cndxZXNpb1RZVWRqOFlGRjBNOEVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mYzYwY2QtZDBiNC00YzhiLThhNGQt
Njk1ZDgyOTk5MjZlLzEvQ1FnbzlpN3hLQ0tGLWJybE83Yk9HM0JObVZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mYzYwY2QtZDBiNC00YzhiLThhNGQtNjk1ZDgyOTk5MjZl
LzEvQkxWdXc3cndxZXNpb1RZVWRqOFlGRjBNOEVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9CdMA0G
CSqGSIb3DQEBCwUAA4IBAQCocWsR0YyLRv4U+6wH5aEj2TqoF9NXnTDdGSMREAcK
juMr36WdeQOqgmG27ttkuhV3szvoVgItf8uVIA762ljPm3HE1ixd65gX6B2dmpK6
MvjeOQfcsH19kMDrvs0X6FAawqc6r5gRMfBIm3axtLr1xR/iGngI/LC+7L+Mblcn
wEAHvAKz6hkchMsxieew4X8YQj8lONdMIiT8TZwj265YadR3jBFQO8hPDN371Ap/
vPeAUJPomQzK3AvQKoAwEXuYZ6GI3fG+XcwyePbvccrYJ6WQeUGPMCzlCtgXTlf3
gujF0kaUDXoIYCz7Z5CZ+YNgXC0V8hYpsNAT0zeNTkNW
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:18 2025 by rpki-client