Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/297f1e-922b-45b4-893f-fb98fe3dbc14/1/21zXl1VT2wOLl9fEbNkRa053DOE.roa
File: 21zXl1VT2wOLl9fEbNkRa053DOE.roa (raw, json)
Hash identifier: 5emuQVjcm3y58xrRXNGECOspFNylmBXZoEALIIh48B4=
Subject key identifier: DB:5C:D7:97:55:53:DB:03:8B:97:D7:C4:6C:D9:11:6B:4E:77:0C:E1
Certificate issuer: /CN=42dcd4d1bd3df29add4075b68f29af907047443c
Certificate serial: 01941FFA242E5C0D9F69E4C380F0257F7E57
Authority key identifier: 42:DC:D4:D1:BD:3D:F2:9A:DD:40:75:B6:8F:29:AF:90:70:47:44:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QtzU0b098prdQHW2jymvkHBHRDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/297f1e-922b-45b4-893f-fb98fe3dbc14/1/21zXl1VT2wOLl9fEbNkRa053DOE.roa
Signing time: Wed 01 Jan 2025 03:47:54 +0000
ROA not before: Wed 01 Jan 2025 03:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8412
IP address blocks: 91.209.75.0/24 maxlen: 24
2001:67c:211c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:24:2e:5c:0d:9f:69:e4:c3:80:f0:25:7f:7e:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42dcd4d1bd3df29add4075b68f29af907047443c
Validity
Not Before: Jan 1 03:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db5cd7975553db038b97d7c46cd9116b4e770ce1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f1:7d:d7:fd:54:81:b1:96:82:07:c0:3c:42:
98:3d:19:e6:8a:ca:5b:7b:66:b8:e0:06:24:df:42:
2e:cf:ec:7e:be:5f:91:d7:3c:fa:16:e6:68:00:53:
c5:7f:56:26:aa:cd:3c:ae:be:cc:b9:8a:34:e7:b9:
55:c0:cf:b9:12:b0:2c:85:0b:10:6e:3f:f2:9c:69:
a4:98:7f:de:1d:f7:a9:f5:6c:92:fc:c9:ea:85:c9:
a7:bb:50:df:8c:72:cb:dd:e9:c6:7a:d6:a2:40:27:
51:e6:c6:52:aa:7f:c6:23:10:58:c5:12:c1:34:9e:
d5:e3:ad:50:34:a0:30:2a:12:2a:21:f0:7e:43:3e:
84:a0:a6:2e:b9:32:6b:e2:f7:cb:5b:9a:b9:42:ff:
99:bf:9f:34:5d:ee:59:5e:6b:d3:c9:e8:00:f9:0f:
dc:06:b7:e4:a7:e7:83:e4:07:4b:30:d5:83:aa:46:
3d:ca:db:f0:d1:75:9a:6f:8c:94:ec:b3:0f:e2:ad:
ad:58:f8:a4:2e:9d:56:e2:1e:22:ba:42:19:14:0e:
10:a2:95:6e:15:39:59:3b:8b:16:d8:38:42:c2:43:
d4:62:33:f6:77:6b:51:85:31:93:60:97:56:27:0f:
82:df:89:e5:e7:0b:a8:e7:fa:d1:54:c1:32:38:21:
80:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:5C:D7:97:55:53:DB:03:8B:97:D7:C4:6C:D9:11:6B:4E:77:0C:E1
X509v3 Authority Key Identifier:
keyid:42:DC:D4:D1:BD:3D:F2:9A:DD:40:75:B6:8F:29:AF:90:70:47:44:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QtzU0b098prdQHW2jymvkHBHRDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/297f1e-922b-45b4-893f-fb98fe3dbc14/1/21zXl1VT2wOLl9fEbNkRa053DOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/297f1e-922b-45b4-893f-fb98fe3dbc14/1/QtzU0b098prdQHW2jymvkHBHRDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.75.0/24
IPv6:
2001:67c:211c::/48
Signature Algorithm: sha256WithRSAEncryption
10:40:9f:cb:f8:3d:7a:42:5b:7a:31:da:12:5a:78:ff:54:48:
90:bb:29:78:6f:e5:77:bb:06:08:f0:59:19:70:10:f4:59:9e:
ab:1f:c3:da:a6:e5:12:c0:f8:2e:d7:ee:59:79:d6:56:36:3c:
a5:76:4f:67:64:c6:9c:a9:27:9f:ab:e4:98:1d:d8:fd:62:7b:
58:81:e7:38:77:bc:72:5d:ec:12:03:04:40:2d:f6:23:8e:a5:
49:b3:98:c2:74:0e:7b:a2:00:9c:b5:32:1c:b4:04:66:d2:ce:
ab:fa:87:b1:67:9b:5e:9e:6f:64:05:7e:81:d7:59:60:d7:c0:
c2:54:76:52:56:77:db:4c:b7:30:1c:d8:bb:7a:27:ac:b1:a9:
54:4c:09:55:e7:07:93:7d:8f:fa:20:5a:fc:15:c3:96:b2:1e:
0f:cf:aa:80:16:2e:f4:d1:51:45:97:b7:90:4c:dc:8c:34:1f:
37:5a:f3:db:4f:53:1c:3f:b6:35:ff:29:cd:c0:04:00:b5:09:
18:a3:2b:de:b3:3f:84:c4:b6:aa:ad:35:52:5d:66:43:ea:c1:
20:3c:40:0c:2e:f4:54:bc:37:39:a5:77:2c:81:3d:ab:1b:60:
2a:f1:89:d3:1d:56:b4:fb:48:5a:f3:6d:67:ac:fa:53:8a:62:
ab:2e:25:f0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQf+iQuXA2faeTDgPAlf35XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZGNkNGQxYmQzZGYyOWFkZDQwNzViNjhmMjlhZjkwNzA0
NzQ0M2MwHhcNMjUwMTAxMDM0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjVjZDc5NzU1NTNkYjAzOGI5N2Q3YzQ2Y2Q5MTE2YjRlNzcwY2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfF91/1UgbGWggfAPEKYPRnmispb
e2a44AYk30Iuz+x+vl+R1zz6FuZoAFPFf1Ymqs08rr7MuYo057lVwM+5ErAshQsQ
bj/ynGmkmH/eHfep9WyS/Mnqhcmnu1DfjHLL3enGetaiQCdR5sZSqn/GIxBYxRLB
NJ7V461QNKAwKhIqIfB+Qz6EoKYuuTJr4vfLW5q5Qv+Zv580Xe5ZXmvTyegA+Q/c
Brfkp+eD5AdLMNWDqkY9ytvw0XWab4yU7LMP4q2tWPikLp1W4h4iukIZFA4QopVu
FTlZO4sW2DhCwkPUYjP2d2tRhTGTYJdWJw+C34nl5wuo5/rRVMEyOCGApwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNtc15dVU9sDi5fXxGzZEWtOdwzhMB8GA1UdIwQY
MBaAFELc1NG9PfKa3UB1to8pr5BwR0Q8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXR6VTBiMDk4cHJkUUhXMmp5bXZrSEJIUkR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8yOTdmMWUtOTIyYi00NWI0LTg5M2Yt
ZmI5OGZlM2RiYzE0LzEvMjF6WGwxVlQyd09MbDlmRWJOa1JhMDUzRE9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8yOTdmMWUtOTIyYi00NWI0LTg5M2YtZmI5OGZlM2RiYzE0
LzEvUXR6VTBiMDk4cHJkUUhXMmp5bXZrSEJIUkR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9FLMA8E
AgACMAkDBwAgAQZ8IRwwDQYJKoZIhvcNAQELBQADggEBABBAn8v4PXpCW3ox2hJa
eP9USJC7KXhv5Xe7BgjwWRlwEPRZnqsfw9qm5RLA+C7X7ll51lY2PKV2T2dkxpyp
J5+r5Jgd2P1ie1iB5zh3vHJd7BIDBEAt9iOOpUmzmMJ0DnuiAJy1Mhy0BGbSzqv6
h7Fnm16eb2QFfoHXWWDXwMJUdlJWd9tMtzAc2Lt6J6yxqVRMCVXnB5N9j/ogWvwV
w5ayHg/PqoAWLvTRUUWXt5BM3Iw0Hzda89tPUxw/tjX/Kc3ABAC1CRijK96zP4TE
tqqtNVJdZkPqwSA8QAwu9FS8NzmldyyBPasbYCrxidMdVrT7SFrzbWes+lOKYqsu
JfA=
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:15:41 2025 by rpki-client