Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/6b9c00-cbe0-4f88-aed5-99f5491c4447/1/tAzh4VPUnLoHXlUasjYLwVaWS5s.roa
File: tAzh4VPUnLoHXlUasjYLwVaWS5s.roa (raw, json)
Hash identifier: Lwi/uhcl58DuDuDY5umUuXmZjeenWvvdnpJeABvuS0U=
Subject key identifier: B4:0C:E1:E1:53:D4:9C:BA:07:5E:55:1A:B2:36:0B:C1:56:96:4B:9B
Certificate issuer: /CN=720606eddbcec7a57211941a67cc729b42915c5e
Certificate serial: 01856D9D049F9FBA4E811EF5651D78F8151C
Authority key identifier: 72:06:06:ED:DB:CE:C7:A5:72:11:94:1A:67:CC:72:9B:42:91:5C:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgYG7dvOx6VyEZQaZ8xym0KRXF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/6b9c00-cbe0-4f88-aed5-99f5491c4447/1/tAzh4VPUnLoHXlUasjYLwVaWS5s.roa
Signing time: Sun 01 Jan 2023 13:54:44 +0000
ROA not before: Sun 01 Jan 2023 13:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 91.213.85.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:04:9f:9f:ba:4e:81:1e:f5:65:1d:78:f8:15:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=720606eddbcec7a57211941a67cc729b42915c5e
Validity
Not Before: Jan 1 13:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b40ce1e153d49cba075e551ab2360bc156964b9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:5b:07:b0:e3:4e:c0:19:20:39:bd:5a:2b:2c:
9e:13:d5:f6:d8:2f:d4:98:9a:1c:85:15:18:41:89:
b4:a4:55:46:79:d0:a9:3b:60:23:fe:ec:a5:4c:91:
3c:42:29:fc:a1:54:bc:3d:b6:09:fd:63:52:8d:d0:
c9:13:fe:2c:2f:17:a6:78:a0:80:94:ce:42:15:7d:
48:b8:62:dc:e8:77:7f:61:c1:b1:b4:b7:88:b8:d1:
09:b4:b5:89:e0:64:7e:b5:74:f2:cb:7c:06:82:f3:
15:97:8c:ff:aa:26:31:20:8b:fb:53:dd:3c:6d:a8:
d3:90:70:50:90:cc:13:33:94:ca:52:4b:11:1e:a9:
cb:63:cd:45:15:2e:2c:89:71:bd:87:80:4e:99:20:
a3:2c:6b:54:8b:f3:a6:16:d2:ca:5c:01:ba:da:21:
9e:a5:da:05:ae:a3:ed:8e:99:a4:c2:bb:7d:47:ed:
b2:25:39:7d:9f:2c:76:cc:31:c2:3c:f5:cc:ae:41:
63:19:8d:41:b9:07:2b:f8:57:94:dd:35:c8:b2:aa:
6c:1b:32:f4:e8:dd:eb:cd:4a:df:15:17:69:59:f0:
e7:28:19:0e:3b:57:91:1d:83:09:3a:42:70:86:77:
84:d3:37:5a:74:3b:14:53:4c:9d:4c:07:77:7b:5c:
af:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:0C:E1:E1:53:D4:9C:BA:07:5E:55:1A:B2:36:0B:C1:56:96:4B:9B
X509v3 Authority Key Identifier:
keyid:72:06:06:ED:DB:CE:C7:A5:72:11:94:1A:67:CC:72:9B:42:91:5C:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgYG7dvOx6VyEZQaZ8xym0KRXF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/6b9c00-cbe0-4f88-aed5-99f5491c4447/1/tAzh4VPUnLoHXlUasjYLwVaWS5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/6b9c00-cbe0-4f88-aed5-99f5491c4447/1/cgYG7dvOx6VyEZQaZ8xym0KRXF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.85.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:b7:88:0d:92:46:46:32:57:75:a6:58:52:83:31:80:cb:25:
fe:d8:a0:85:21:50:54:66:5f:7c:99:fc:5c:a2:3a:ca:57:be:
58:60:22:35:16:7f:b6:45:0b:79:14:37:ca:a4:b8:92:70:24:
c5:06:8a:9e:d6:e0:26:71:c2:8e:d3:b3:44:ba:81:10:67:de:
75:34:d2:6d:04:33:fa:0d:3c:00:57:19:3c:34:fb:8f:32:f8:
17:cb:8e:40:b2:42:c7:c5:d8:ff:2b:df:c2:8c:c9:f4:21:81:
9e:c6:d5:d6:bb:de:01:67:08:0c:bf:fc:f2:d7:4d:ff:d0:87:
73:68:89:9b:58:bd:88:b1:57:27:fa:be:a8:c0:06:d6:bf:74:
24:19:21:4d:a7:b6:5d:7b:c6:09:8a:a2:33:f3:fa:51:b4:85:
55:07:b3:c3:6e:cd:75:de:49:3e:76:59:ea:39:4b:84:d3:6b:
c5:13:f2:46:60:b8:cb:3e:26:5f:a9:44:3c:51:50:8a:1d:35:
35:1c:85:e5:42:80:86:94:44:96:4c:50:d1:42:20:95:28:ba:
33:a2:0b:3d:3d:05:eb:de:49:94:b7:58:d7:35:18:7c:bb:71:
47:ce:c1:68:25:aa:5e:4e:b7:37:7a:76:e0:ef:be:9e:8c:ea:
82:a9:ef:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtnQSfn7pOgR71ZR14+BUcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDYwNmVkZGJjZWM3YTU3MjExOTQxYTY3Y2M3MjliNDI5
MTVjNWUwHhcNMjMwMTAxMTM1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDBjZTFlMTUzZDQ5Y2JhMDc1ZTU1MWFiMjM2MGJjMTU2OTY0YjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFsHsONOwBkgOb1aKyyeE9X22C/U
mJochRUYQYm0pFVGedCpO2Aj/uylTJE8Qin8oVS8PbYJ/WNSjdDJE/4sLxemeKCA
lM5CFX1IuGLc6Hd/YcGxtLeIuNEJtLWJ4GR+tXTyy3wGgvMVl4z/qiYxIIv7U908
bajTkHBQkMwTM5TKUksRHqnLY81FFS4siXG9h4BOmSCjLGtUi/OmFtLKXAG62iGe
pdoFrqPtjpmkwrt9R+2yJTl9nyx2zDHCPPXMrkFjGY1BuQcr+FeU3TXIsqpsGzL0
6N3rzUrfFRdpWfDnKBkOO1eRHYMJOkJwhneE0zdadDsUU0ydTAd3e1yvuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLQM4eFT1Jy6B15VGrI2C8FWlkubMB8GA1UdIwQY
MBaAFHIGBu3bzselchGUGmfMcptCkVxeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dZRzdkdk94NlZ5RVpRYVo4eHltMEtSWEY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82YjljMDAtY2JlMC00Zjg4LWFlZDUt
OTlmNTQ5MWM0NDQ3LzEvdEF6aDRWUFVuTG9IWGxVYXNqWUx3VmFXUzVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC82YjljMDAtY2JlMC00Zjg4LWFlZDUtOTlmNTQ5MWM0NDQ3
LzEvY2dZRzdkdk94NlZ5RVpRYVo4eHltMEtSWEY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9VVMA0G
CSqGSIb3DQEBCwUAA4IBAQAet4gNkkZGMld1plhSgzGAyyX+2KCFIVBUZl98mfxc
ojrKV75YYCI1Fn+2RQt5FDfKpLiScCTFBoqe1uAmccKO07NEuoEQZ951NNJtBDP6
DTwAVxk8NPuPMvgXy45AskLHxdj/K9/CjMn0IYGextXWu94BZwgMv/zy103/0Idz
aImbWL2IsVcn+r6owAbWv3QkGSFNp7Zde8YJiqIz8/pRtIVVB7PDbs113kk+dlnq
OUuE02vFE/JGYLjLPiZfqUQ8UVCKHTU1HIXlQoCGlESWTFDRQiCVKLozogs9PQXr
3kmUt1jXNRh8u3FHzsFoJapeTrc3enbg776ejOqCqe/+
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:47:19 2025 by rpki-client