Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/883c08-257f-4e84-afc3-a40d2fb39497/1/r0yDlMfY3dGut5D4OvPVo3WLb3U.roa
File: r0yDlMfY3dGut5D4OvPVo3WLb3U.roa (raw, json)
Hash identifier: 5XdByNtiYKL1QxQVEtgBr6ouoTZLFIMNuF45kEcFQHo=
Subject key identifier: AF:4C:83:94:C7:D8:DD:D1:AE:B7:90:F8:3A:F3:D5:A3:75:8B:6F:75
Certificate issuer: /CN=b94dbc5823a1390b4bbc8858794cd057e329f851
Certificate serial: 0192761E540EB682DE6A2DF0A26B9D571065
Authority key identifier: B9:4D:BC:58:23:A1:39:0B:4B:BC:88:58:79:4C:D0:57:E3:29:F8:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uU28WCOhOQtLvIhYeUzQV-Mp-FE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/883c08-257f-4e84-afc3-a40d2fb39497/1/r0yDlMfY3dGut5D4OvPVo3WLb3U.roa
Signing time: Thu 10 Oct 2024 11:09:11 +0000
ROA not before: Thu 10 Oct 2024 11:09:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24740
IP address blocks: 91.223.171.0/24 maxlen: 24
185.59.160.0/23 maxlen: 23
185.59.162.0/23 maxlen: 23
193.111.22.0/23 maxlen: 23
2a04:b4c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:76:1e:54:0e:b6:82:de:6a:2d:f0:a2:6b:9d:57:10:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b94dbc5823a1390b4bbc8858794cd057e329f851
Validity
Not Before: Oct 10 11:09:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af4c8394c7d8ddd1aeb790f83af3d5a3758b6f75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:6e:ef:ee:b9:32:14:2d:5e:30:82:9a:16:35:
50:c1:bc:fe:de:e2:4a:9b:35:4a:55:c1:ea:42:88:
6a:c8:0f:3e:74:42:70:3f:2b:4f:c9:40:ab:42:01:
47:58:3f:b5:a3:6a:54:4a:87:75:f1:89:5d:4d:8a:
ba:62:5c:c3:53:d0:67:06:46:11:fc:1f:06:a4:51:
15:83:79:bc:48:eb:9b:8d:29:cf:e9:12:02:3d:48:
4f:b2:07:9c:34:c5:62:ae:e6:84:2e:e5:12:f1:8b:
83:39:6c:1b:c0:31:16:c5:59:6e:eb:3b:56:1d:f7:
ad:77:cc:79:7a:1f:31:42:7d:c2:95:da:07:30:c7:
a2:1b:f5:1e:ce:fb:46:49:53:57:3c:b3:91:4d:ba:
ef:e3:fa:e7:3c:e7:ad:ce:18:37:0e:bf:ec:8f:b8:
83:10:8c:73:6c:8f:09:46:fe:28:87:13:c4:19:aa:
05:d3:ba:d5:1b:f6:4d:61:84:88:a7:79:de:ef:ba:
07:86:3a:07:4b:0c:86:5e:d3:2d:44:fa:3c:12:a0:
98:dc:d2:96:62:4c:37:ea:26:6e:6b:5e:60:0f:3a:
7b:a4:e5:7d:12:6e:09:f7:44:33:c9:a6:e4:84:7b:
e6:9d:68:60:1b:9f:39:77:87:ec:38:b9:62:fc:ff:
bd:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:4C:83:94:C7:D8:DD:D1:AE:B7:90:F8:3A:F3:D5:A3:75:8B:6F:75
X509v3 Authority Key Identifier:
keyid:B9:4D:BC:58:23:A1:39:0B:4B:BC:88:58:79:4C:D0:57:E3:29:F8:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uU28WCOhOQtLvIhYeUzQV-Mp-FE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/883c08-257f-4e84-afc3-a40d2fb39497/1/r0yDlMfY3dGut5D4OvPVo3WLb3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/883c08-257f-4e84-afc3-a40d2fb39497/1/uU28WCOhOQtLvIhYeUzQV-Mp-FE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.171.0/24
185.59.160.0/22
193.111.22.0/23
IPv6:
2a04:b4c0::/29
Signature Algorithm: sha256WithRSAEncryption
04:18:db:54:1f:89:00:2a:80:6c:44:13:36:e2:1a:5a:3c:62:
54:97:b0:cd:57:f7:54:bd:8e:a0:d4:11:e1:be:97:28:80:20:
c3:b5:c3:20:8b:2b:22:43:03:f5:cd:ba:86:d2:f2:7f:35:93:
21:5d:48:64:ec:d8:b3:cb:9a:e0:3e:d8:b0:73:d5:15:37:50:
f6:7c:15:ca:28:9e:16:e5:e8:cb:ad:d8:a6:90:b0:25:c4:19:
cb:c9:38:5f:6b:85:9d:be:dc:7b:26:2e:1a:2b:3e:b1:89:dd:
51:52:d1:73:68:6f:4f:4b:eb:d8:35:99:68:50:c1:79:3f:e0:
59:68:d9:5e:19:53:ae:db:d3:87:4c:f7:25:2e:68:1c:a7:b5:
65:09:c0:4c:74:44:e8:f9:ac:bc:22:5c:e6:91:a2:6a:b0:d8:
f5:0f:df:92:4a:3a:48:fd:cb:a5:f5:1d:a3:37:31:03:91:9e:
88:3b:a2:21:94:55:9c:5d:1a:d1:56:13:fb:17:7c:a5:0e:f0:
d2:c7:04:fe:fb:c9:e6:5a:38:33:7a:38:0c:09:a7:24:d8:68:
e3:18:c2:d0:02:42:6e:12:3b:7b:74:d8:cf:b9:0d:4c:35:90:
79:3b:28:2f:9a:6a:08:f2:cd:2b:ce:e9:41:79:dc:62:04:65:
e7:af:71:86
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZJ2HlQOtoLeai3womudVxBlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NGRiYzU4MjNhMTM5MGI0YmJjODg1ODc5NGNkMDU3ZTMy
OWY4NTEwHhcNMjQxMDEwMTEwOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjRjODM5NGM3ZDhkZGQxYWViNzkwZjgzYWYzZDVhMzc1OGI2Zjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1W7v7rkyFC1eMIKaFjVQwbz+3uJK
mzVKVcHqQohqyA8+dEJwPytPyUCrQgFHWD+1o2pUSod18YldTYq6YlzDU9BnBkYR
/B8GpFEVg3m8SOubjSnP6RICPUhPsgecNMViruaELuUS8YuDOWwbwDEWxVlu6ztW
Hfetd8x5eh8xQn3CldoHMMeiG/UezvtGSVNXPLORTbrv4/rnPOetzhg3Dr/sj7iD
EIxzbI8JRv4ohxPEGaoF07rVG/ZNYYSIp3ne77oHhjoHSwyGXtMtRPo8EqCY3NKW
Ykw36iZua15gDzp7pOV9Em4J90QzyabkhHvmnWhgG585d4fsOLli/P+9uQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFK9Mg5TH2N3RrreQ+Drz1aN1i291MB8GA1UdIwQY
MBaAFLlNvFgjoTkLS7yIWHlM0FfjKfhRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVUyOFdDT2hPUXRMdkloWWVVelFWLU1wLUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84ODNjMDgtMjU3Zi00ZTg0LWFmYzMt
YTQwZDJmYjM5NDk3LzEvcjB5RGxNZlkzZEd1dDVENE92UFZvM1dMYjNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC84ODNjMDgtMjU3Zi00ZTg0LWFmYzMtYTQwZDJmYjM5NDk3
LzEvdVUyOFdDT2hPUXRMdkloWWVVelFWLU1wLUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW9+rAwQC
uTugAwQBwW8WMA0EAgACMAcDBQMqBLTAMA0GCSqGSIb3DQEBCwUAA4IBAQAEGNtU
H4kAKoBsRBM24hpaPGJUl7DNV/dUvY6g1BHhvpcogCDDtcMgiysiQwP1zbqG0vJ/
NZMhXUhk7Nizy5rgPtiwc9UVN1D2fBXKKJ4W5ejLrdimkLAlxBnLyThfa4Wdvtx7
Ji4aKz6xid1RUtFzaG9PS+vYNZloUMF5P+BZaNleGVOu29OHTPclLmgcp7VlCcBM
dETo+ay8IlzmkaJqsNj1D9+SSjpI/cul9R2jNzEDkZ6IO6IhlFWcXRrRVhP7F3yl
DvDSxwT++8nmWjgzejgMCack2GjjGMLQAkJuEjt7dNjPuQ1MNZB5OygvmmoI8s0r
zulBedxiBGXnr3GG
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:46 2025 by rpki-client