Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/3493f6-9636-4fa3-be56-db8030879f51/1/Z6k4PVUyfZNvtBW6nB5nR2R0amg.roa
File: Z6k4PVUyfZNvtBW6nB5nR2R0amg.roa (raw, json)
Hash identifier: gFgurKpY3RWD/+pqzWGTie0De0tX7ossY01q+RXg6WE=
Subject key identifier: 67:A9:38:3D:55:32:7D:93:6F:B4:15:BA:9C:1E:67:47:64:74:6A:68
Certificate issuer: /CN=bf7ae3669f847fa27a69b14bb87f8c7bfd799ee0
Certificate serial: 0194258FBB63E3C41D6C05E95BCA32D4F5F4
Authority key identifier: BF:7A:E3:66:9F:84:7F:A2:7A:69:B1:4B:B8:7F:8C:7B:FD:79:9E:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v3rjZp-Ef6J6abFLuH-Me_15nuA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/3493f6-9636-4fa3-be56-db8030879f51/1/Z6k4PVUyfZNvtBW6nB5nR2R0amg.roa
Signing time: Thu 02 Jan 2025 05:49:24 +0000
ROA not before: Thu 02 Jan 2025 05:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208309
IP address blocks: 91.231.34.0/24 maxlen: 24
2a12:88c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:bb:63:e3:c4:1d:6c:05:e9:5b:ca:32:d4:f5:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf7ae3669f847fa27a69b14bb87f8c7bfd799ee0
Validity
Not Before: Jan 2 05:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67a9383d55327d936fb415ba9c1e674764746a68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:37:73:68:82:17:d6:ec:e9:c8:30:e6:a2:5a:
5f:44:74:49:2a:47:e5:b6:eb:db:7e:79:7c:81:2f:
b0:c0:4d:ac:fc:d8:1a:9d:16:35:3b:d9:51:cb:ca:
48:b5:57:09:84:6e:f8:ed:e4:63:33:c5:57:2b:1e:
e4:21:12:d7:4e:a4:da:0f:41:f2:c0:e9:b9:14:11:
cd:b7:83:0c:aa:a4:3d:51:ff:6c:11:58:1f:49:e2:
dc:a9:b9:b7:84:b1:b7:4a:10:a1:2e:d8:30:a5:3a:
f8:83:0b:31:d1:1e:7d:59:8e:db:e4:41:a7:62:34:
77:0f:81:70:5d:b0:4e:a0:db:ae:55:25:1d:e5:bd:
2e:01:47:1a:4d:02:34:41:93:9a:cf:2b:4e:95:1b:
dc:57:5a:b3:02:6c:3b:1d:02:c7:48:7b:b1:4b:a7:
0e:c3:5a:5c:19:0f:9f:dc:96:48:e7:56:43:25:f7:
7b:25:0c:55:88:ca:54:dd:cf:4c:30:3a:0d:77:d1:
f5:62:c7:53:4d:d1:c7:6b:e3:ec:dc:62:92:51:33:
25:da:ea:b3:a5:28:5a:94:6b:48:ca:c3:bc:ca:ef:
e8:fc:c8:48:e9:c6:13:c0:97:55:bc:3e:1b:0d:43:
4a:0b:96:85:51:e2:72:fc:09:0c:9e:c1:02:18:f3:
50:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:A9:38:3D:55:32:7D:93:6F:B4:15:BA:9C:1E:67:47:64:74:6A:68
X509v3 Authority Key Identifier:
keyid:BF:7A:E3:66:9F:84:7F:A2:7A:69:B1:4B:B8:7F:8C:7B:FD:79:9E:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v3rjZp-Ef6J6abFLuH-Me_15nuA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/3493f6-9636-4fa3-be56-db8030879f51/1/Z6k4PVUyfZNvtBW6nB5nR2R0amg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/3493f6-9636-4fa3-be56-db8030879f51/1/v3rjZp-Ef6J6abFLuH-Me_15nuA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.34.0/24
IPv6:
2a12:88c0::/29
Signature Algorithm: sha256WithRSAEncryption
14:4f:d5:85:d8:0c:35:42:1d:82:b5:e4:5d:d1:32:e0:dc:bd:
7a:16:32:ef:ba:da:a0:2d:05:ad:82:7e:35:19:ee:08:fe:db:
67:bd:69:9c:8f:87:3b:d1:4c:d9:39:c5:92:cb:24:ad:f3:b7:
aa:80:dc:72:69:11:bc:8a:6e:8f:1e:4d:95:f9:7a:aa:fc:2c:
47:f9:3c:52:80:a6:bd:8d:9f:70:62:7a:a1:c1:67:3b:1a:76:
b1:51:c1:2f:df:5b:8e:7a:e5:3c:7f:a1:21:92:8a:f5:45:05:
0c:1a:b3:9c:fd:bd:69:9b:b7:92:10:16:11:b8:2f:74:03:79:
30:9f:72:62:d9:00:77:d3:6b:76:49:6a:da:1a:9d:7e:39:5c:
58:6b:e7:96:35:0d:60:3b:cd:95:34:bf:86:00:aa:b9:37:68:
17:99:43:25:26:da:34:3e:6d:43:5e:43:1d:a1:25:b0:7c:ea:
39:33:4d:c9:3d:3c:ce:35:83:52:f4:42:fe:73:d3:f3:94:24:
d2:96:c8:aa:55:a6:72:89:de:a3:e2:69:2b:bd:fc:c6:fc:1d:
bb:dd:8f:4e:0c:fb:54:64:a9:68:62:4c:c2:18:c8:98:6b:98:
5e:49:2a:4b:c9:ab:1b:3f:0a:6e:1d:01:d9:9b:c1:a2:cc:66:
14:79:3f:f8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlj7tj48QdbAXpW8oy1PX0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmN2FlMzY2OWY4NDdmYTI3YTY5YjE0YmI4N2Y4YzdiZmQ3
OTllZTAwHhcNMjUwMTAyMDU0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2E5MzgzZDU1MzI3ZDkzNmZiNDE1YmE5YzFlNjc0NzY0NzQ2YTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojdzaIIX1uzpyDDmolpfRHRJKkfl
tuvbfnl8gS+wwE2s/NganRY1O9lRy8pItVcJhG747eRjM8VXKx7kIRLXTqTaD0Hy
wOm5FBHNt4MMqqQ9Uf9sEVgfSeLcqbm3hLG3ShChLtgwpTr4gwsx0R59WY7b5EGn
YjR3D4FwXbBOoNuuVSUd5b0uAUcaTQI0QZOazytOlRvcV1qzAmw7HQLHSHuxS6cO
w1pcGQ+f3JZI51ZDJfd7JQxViMpU3c9MMDoNd9H1YsdTTdHHa+Ps3GKSUTMl2uqz
pShalGtIysO8yu/o/MhI6cYTwJdVvD4bDUNKC5aFUeJy/AkMnsECGPNQcwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGepOD1VMn2Tb7QVupweZ0dkdGpoMB8GA1UdIwQY
MBaAFL9642afhH+iemmxS7h/jHv9eZ7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjNyalpwLUVmNko2YWJGTHVILU1lXzE1bnVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8zNDkzZjYtOTYzNi00ZmEzLWJlNTYt
ZGI4MDMwODc5ZjUxLzEvWjZrNFBWVXlmWk52dEJXNm5CNW5SMlIwYW1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8zNDkzZjYtOTYzNi00ZmEzLWJlNTYtZGI4MDMwODc5ZjUx
LzEvdjNyalpwLUVmNko2YWJGTHVILU1lXzE1bnVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW+ciMA0E
AgACMAcDBQMqEojAMA0GCSqGSIb3DQEBCwUAA4IBAQAUT9WF2Aw1Qh2CteRd0TLg
3L16FjLvutqgLQWtgn41Ge4I/ttnvWmcj4c70UzZOcWSyySt87eqgNxyaRG8im6P
Hk2V+Xqq/CxH+TxSgKa9jZ9wYnqhwWc7GnaxUcEv31uOeuU8f6Ehkor1RQUMGrOc
/b1pm7eSEBYRuC90A3kwn3Ji2QB302t2SWraGp1+OVxYa+eWNQ1gO82VNL+GAKq5
N2gXmUMlJto0Pm1DXkMdoSWwfOo5M03JPTzONYNS9EL+c9PzlCTSlsiqVaZyid6j
4mkrvfzG/B273Y9ODPtUZKloYkzCGMiYa5heSSpLyasbPwpuHQHZm8GizGYUeT/4
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:49:10 2025 by rpki-client