Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/2fb8df-0e48-4665-a99b-dffe59023e89/1/AJ5wMI6kFAAGgXfPHZAVtLCSnP8.roa
File: AJ5wMI6kFAAGgXfPHZAVtLCSnP8.roa (raw, json)
Hash identifier: O5F5OKdgmFhYvl6NemyAslo9muG5v3CdZb38avB1q8I=
Subject key identifier: 00:9E:70:30:8E:A4:14:00:06:81:77:CF:1D:90:15:B4:B0:92:9C:FF
Certificate issuer: /CN=687b91eda16b6f1b1fa0175d67c7994f691d8e97
Certificate serial: 019424B3ECF38A00714CBFFAB9C7D15F0A20
Authority key identifier: 68:7B:91:ED:A1:6B:6F:1B:1F:A0:17:5D:67:C7:99:4F:69:1D:8E:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aHuR7aFrbxsfoBddZ8eZT2kdjpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/2fb8df-0e48-4665-a99b-dffe59023e89/1/AJ5wMI6kFAAGgXfPHZAVtLCSnP8.roa
Signing time: Thu 02 Jan 2025 01:49:18 +0000
ROA not before: Thu 02 Jan 2025 01:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3170
IP address blocks: 91.103.143.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:ec:f3:8a:00:71:4c:bf:fa:b9:c7:d1:5f:0a:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=687b91eda16b6f1b1fa0175d67c7994f691d8e97
Validity
Not Before: Jan 2 01:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=009e70308ea41400068177cf1d9015b4b0929cff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1b:3f:d0:fb:16:90:e0:95:4f:b6:57:f2:c9:
a5:95:73:1a:a0:cd:73:e0:06:30:2e:d9:79:af:d8:
44:a4:78:76:ef:d2:cb:32:d2:1b:23:95:93:b6:15:
90:f7:29:9e:22:77:ee:84:6e:cd:d7:b6:6d:e7:c1:
20:fd:6b:63:ba:cc:1b:d9:2f:f4:37:74:5f:84:62:
e9:dc:e0:98:e2:29:56:a6:54:7b:40:29:2a:a3:0d:
77:87:76:08:b5:84:f2:c0:32:18:a9:62:08:51:4f:
4f:64:56:8c:04:ed:d2:d3:d1:86:45:e9:ec:d0:00:
d2:7f:de:6c:74:a3:d5:ce:6f:ee:19:c1:f8:16:37:
98:8c:54:3d:ef:2b:b7:98:cf:33:5e:3a:f9:47:6c:
ef:45:96:7d:1a:82:67:2b:55:42:4b:ef:1c:c4:2a:
92:20:fa:7a:13:1b:4d:3d:d6:5c:3e:ee:12:e2:c8:
52:8b:97:fa:82:77:54:e6:35:88:6e:9f:87:f3:92:
a7:9d:7f:1a:30:57:e6:ac:1f:45:08:64:86:98:5a:
6c:47:5e:25:00:7c:0d:08:c5:0b:4b:a7:ab:d7:10:
2a:f7:16:87:c0:36:00:fa:4d:d1:7a:9f:ea:6e:6d:
6a:a7:53:95:16:d8:80:a2:d8:9c:2d:4f:fd:6c:14:
b8:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:9E:70:30:8E:A4:14:00:06:81:77:CF:1D:90:15:B4:B0:92:9C:FF
X509v3 Authority Key Identifier:
keyid:68:7B:91:ED:A1:6B:6F:1B:1F:A0:17:5D:67:C7:99:4F:69:1D:8E:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aHuR7aFrbxsfoBddZ8eZT2kdjpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/2fb8df-0e48-4665-a99b-dffe59023e89/1/AJ5wMI6kFAAGgXfPHZAVtLCSnP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/2fb8df-0e48-4665-a99b-dffe59023e89/1/aHuR7aFrbxsfoBddZ8eZT2kdjpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.143.0/24
Signature Algorithm: sha256WithRSAEncryption
39:b1:71:e2:0e:6b:ca:ba:04:97:7c:c3:6e:4f:a4:6e:83:e7:
a5:04:7c:34:47:81:25:36:44:af:cc:15:d9:5e:4c:ab:41:e6:
e4:8c:5b:fd:10:ef:89:31:d8:08:ab:5e:a4:14:9d:58:39:5d:
b1:65:1a:55:c0:c8:b5:f4:84:72:85:92:ef:37:91:83:6a:45:
17:50:09:0e:ea:5c:25:29:6d:3f:eb:88:f5:1b:1d:40:de:2f:
56:25:e8:32:45:66:d7:67:e1:79:bc:27:06:b5:31:fa:6a:d4:
d4:bf:3f:d8:17:3e:8b:8a:83:b5:51:23:ff:76:24:7f:bf:e2:
4b:52:c6:52:89:97:35:d8:0e:58:f9:e2:2f:a2:37:b0:cf:5e:
f7:a4:e6:de:07:b4:0d:ae:b8:90:66:d1:98:cc:d0:a1:2d:0d:
60:60:78:14:b0:2d:cf:4d:89:73:b0:84:dd:21:73:c3:52:77:
93:07:95:91:14:6d:ed:d3:23:be:c3:c7:5d:83:02:82:f6:1c:
84:e1:65:58:95:ad:d6:af:c6:71:96:60:94:97:7e:61:72:57:
e5:79:46:d7:8f:21:13:95:40:4e:4a:ce:dd:fb:2c:b7:5f:99:
a0:c4:44:58:8b:0b:fd:fd:e9:2a:21:62:fa:e2:df:ce:74:52:
c3:a4:ef:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks+zzigBxTL/6ucfRXwogMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4N2I5MWVkYTE2YjZmMWIxZmEwMTc1ZDY3Yzc5OTRmNjkx
ZDhlOTcwHhcNMjUwMTAyMDE0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDllNzAzMDhlYTQxNDAwMDY4MTc3Y2YxZDkwMTViNGIwOTI5Y2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxs/0PsWkOCVT7ZX8smllXMaoM1z
4AYwLtl5r9hEpHh279LLMtIbI5WTthWQ9ymeInfuhG7N17Zt58Eg/Wtjuswb2S/0
N3RfhGLp3OCY4ilWplR7QCkqow13h3YItYTywDIYqWIIUU9PZFaMBO3S09GGRens
0ADSf95sdKPVzm/uGcH4FjeYjFQ97yu3mM8zXjr5R2zvRZZ9GoJnK1VCS+8cxCqS
IPp6ExtNPdZcPu4S4shSi5f6gndU5jWIbp+H85KnnX8aMFfmrB9FCGSGmFpsR14l
AHwNCMULS6er1xAq9xaHwDYA+k3Rep/qbm1qp1OVFtiAoticLU/9bBS4KQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFACecDCOpBQABoF3zx2QFbSwkpz/MB8GA1UdIwQY
MBaAFGh7ke2ha28bH6AXXWfHmU9pHY6XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUh1UjdhRnJieHNmb0JkZFo4ZVpUMmtkanBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS8yZmI4ZGYtMGU0OC00NjY1LWE5OWIt
ZGZmZTU5MDIzZTg5LzEvQUo1d01JNmtGQUFHZ1hmUEhaQVZ0TENTblA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS8yZmI4ZGYtMGU0OC00NjY1LWE5OWItZGZmZTU5MDIzZTg5
LzEvYUh1UjdhRnJieHNmb0JkZFo4ZVpUMmtkanBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW2ePMA0G
CSqGSIb3DQEBCwUAA4IBAQA5sXHiDmvKugSXfMNuT6Rug+elBHw0R4ElNkSvzBXZ
XkyrQebkjFv9EO+JMdgIq16kFJ1YOV2xZRpVwMi19IRyhZLvN5GDakUXUAkO6lwl
KW0/64j1Gx1A3i9WJegyRWbXZ+F5vCcGtTH6atTUvz/YFz6LioO1USP/diR/v+JL
UsZSiZc12A5Y+eIvojewz173pObeB7QNrriQZtGYzNChLQ1gYHgUsC3PTYlzsITd
IXPDUneTB5WRFG3t0yO+w8ddgwKC9hyE4WVYla3Wr8ZxlmCUl35hclfleUbXjyET
lUBOSs7d+yy3X5mgxERYiwv9/ekqIWL64t/OdFLDpO9G
-----END CERTIFICATE-----
Generated at Thu Apr 10 02:00:34 2025 by rpki-client