Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/0d2344-99d7-4313-b1b6-7c4247ae5c1b/1/Jt10BH3qKoOGqx6R1oafXbYBRvg.roa
File: Jt10BH3qKoOGqx6R1oafXbYBRvg.roa (raw, json)
Hash identifier: 9VB1KYRqUDPucDZfXSnHKaNbHiQLBOlnBbvyv/YEMkA=
Subject key identifier: 26:DD:74:04:7D:EA:2A:83:86:AB:1E:91:D6:86:9F:5D:B6:01:46:F8
Certificate issuer: /CN=f2bc11e6ecd3a0af3ee4394dcbb7b3ef90187d30
Certificate serial: 0194221F9E6532699979A23088A39C0F2BA5
Authority key identifier: F2:BC:11:E6:EC:D3:A0:AF:3E:E4:39:4D:CB:B7:B3:EF:90:18:7D:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8rwR5uzToK8-5DlNy7ez75AYfTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/0d2344-99d7-4313-b1b6-7c4247ae5c1b/1/Jt10BH3qKoOGqx6R1oafXbYBRvg.roa
Signing time: Wed 01 Jan 2025 13:48:05 +0000
ROA not before: Wed 01 Jan 2025 13:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34491
IP address blocks: 91.234.21.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:9e:65:32:69:99:79:a2:30:88:a3:9c:0f:2b:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2bc11e6ecd3a0af3ee4394dcbb7b3ef90187d30
Validity
Not Before: Jan 1 13:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=26dd74047dea2a8386ab1e91d6869f5db60146f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:07:7d:7e:a0:be:7d:bf:bd:c8:f0:6d:fe:5c:
25:e6:8e:98:d2:88:09:7a:8e:72:af:68:79:b3:10:
57:e2:49:cd:5c:f4:3b:42:24:18:ed:af:a8:1c:f0:
cb:9f:ba:7d:58:dc:ba:7f:38:57:22:1c:3a:b8:e4:
5e:98:ec:b0:6f:d8:35:27:72:c3:9d:5a:f5:c5:d7:
29:27:cc:d8:f5:92:87:ec:b9:0f:9b:4a:ec:10:bf:
a3:32:1b:f4:69:0c:26:67:18:a8:97:e1:55:d4:fe:
de:a2:7f:9e:bb:73:ba:17:31:59:33:15:7f:4c:d5:
b6:ee:93:c2:86:8b:db:f3:a6:f4:76:22:0c:4c:c1:
0e:a8:9f:90:5a:83:c7:1b:43:36:36:9d:a4:a4:5d:
12:3b:5a:03:20:e8:b8:e1:b7:b2:6e:9a:ab:d3:0b:
3f:e8:40:55:9b:d4:d2:54:a9:fc:7e:0b:9f:9d:e6:
7c:bd:ed:12:b8:ec:7f:26:8b:38:87:d7:bb:36:2e:
b6:70:23:9d:5a:47:37:46:dd:4c:a7:8f:92:6f:da:
a2:a2:1a:a8:f9:9c:d0:83:74:97:39:36:11:91:a9:
2e:6e:5d:8c:5c:db:35:ea:44:a1:d8:38:c8:4a:17:
af:af:e5:84:26:dc:15:9c:3c:17:cb:1c:55:77:db:
c0:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:DD:74:04:7D:EA:2A:83:86:AB:1E:91:D6:86:9F:5D:B6:01:46:F8
X509v3 Authority Key Identifier:
keyid:F2:BC:11:E6:EC:D3:A0:AF:3E:E4:39:4D:CB:B7:B3:EF:90:18:7D:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8rwR5uzToK8-5DlNy7ez75AYfTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/0d2344-99d7-4313-b1b6-7c4247ae5c1b/1/Jt10BH3qKoOGqx6R1oafXbYBRvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/0d2344-99d7-4313-b1b6-7c4247ae5c1b/1/8rwR5uzToK8-5DlNy7ez75AYfTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.21.0/24
Signature Algorithm: sha256WithRSAEncryption
32:3a:ee:18:25:d5:08:cc:32:a6:3a:07:ac:b6:14:b6:9a:59:
ab:21:80:01:49:fd:34:5e:a4:af:8b:b9:a7:75:8e:b2:37:a4:
44:95:1f:44:c0:44:b3:8a:44:17:4d:d8:23:75:17:9c:9f:cf:
81:db:06:0f:c5:ab:b6:ce:40:35:e9:9c:d4:1f:c7:d7:96:17:
79:47:a5:cf:8e:2d:1f:53:4f:65:8d:6e:36:97:0f:c4:9d:44:
70:96:4f:57:25:7d:2b:51:f2:b0:df:19:3b:4a:d6:54:2f:48:
bd:42:ea:5a:b6:ff:c6:3c:25:ce:2f:eb:db:27:f9:e3:7b:2a:
b7:bd:44:7f:68:0a:f3:38:8b:bb:4a:2b:5a:c6:fa:15:17:3d:
ac:81:94:4b:cf:56:9b:8d:46:f7:94:35:91:03:05:30:53:c8:
1e:f3:8d:03:1b:25:57:3e:29:53:da:c5:55:66:22:02:78:96:
6c:fe:a7:87:b9:98:e6:9e:4c:cf:a9:4d:85:ba:c1:da:c9:f0:
ec:b5:53:19:cf:4b:15:ca:2e:fc:49:07:31:da:de:9d:63:c1:
a5:a4:8f:9e:34:ea:a1:5f:46:fc:a7:32:9b:db:bd:17:2b:34:
d6:b3:ef:b1:c6:eb:4b:c7:35:7f:26:6e:33:d5:67:45:b9:d2:
7f:07:b9:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH55lMmmZeaIwiKOcDyulMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyYmMxMWU2ZWNkM2EwYWYzZWU0Mzk0ZGNiYjdiM2VmOTAx
ODdkMzAwHhcNMjUwMTAxMTM0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmRkNzQwNDdkZWEyYTgzODZhYjFlOTFkNjg2OWY1ZGI2MDE0NmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwd9fqC+fb+9yPBt/lwl5o6Y0ogJ
eo5yr2h5sxBX4knNXPQ7QiQY7a+oHPDLn7p9WNy6fzhXIhw6uORemOywb9g1J3LD
nVr1xdcpJ8zY9ZKH7LkPm0rsEL+jMhv0aQwmZxiol+FV1P7eon+eu3O6FzFZMxV/
TNW27pPChovb86b0diIMTMEOqJ+QWoPHG0M2Np2kpF0SO1oDIOi44beybpqr0ws/
6EBVm9TSVKn8fgufneZ8ve0SuOx/Jos4h9e7Ni62cCOdWkc3Rt1Mp4+Sb9qiohqo
+ZzQg3SXOTYRkakubl2MXNs16kSh2DjIShevr+WEJtwVnDwXyxxVd9vAdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCbddAR96iqDhqsekdaGn122AUb4MB8GA1UdIwQY
MBaAFPK8Eebs06CvPuQ5Tcu3s++QGH0wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHJ3UjV1elRvSzgtNURsTnk3ZXo3NUFZZlRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8wZDIzNDQtOTlkNy00MzEzLWIxYjYt
N2M0MjQ3YWU1YzFiLzEvSnQxMEJIM3FLb09HcXg2UjFvYWZYYllCUnZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8wZDIzNDQtOTlkNy00MzEzLWIxYjYtN2M0MjQ3YWU1YzFi
LzEvOHJ3UjV1elRvSzgtNURsTnk3ZXo3NUFZZlRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+oVMA0G
CSqGSIb3DQEBCwUAA4IBAQAyOu4YJdUIzDKmOgesthS2mlmrIYABSf00XqSvi7mn
dY6yN6RElR9EwESzikQXTdgjdRecn8+B2wYPxau2zkA16ZzUH8fXlhd5R6XPji0f
U09ljW42lw/EnURwlk9XJX0rUfKw3xk7StZUL0i9Qupatv/GPCXOL+vbJ/njeyq3
vUR/aArzOIu7SitaxvoVFz2sgZRLz1abjUb3lDWRAwUwU8ge840DGyVXPilT2sVV
ZiICeJZs/qeHuZjmnkzPqU2FusHayfDstVMZz0sVyi78SQcx2t6dY8GlpI+eNOqh
X0b8pzKb270XKzTWs++xxutLxzV/Jm4z1WdFudJ/B7k/
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:03:14 2025 by rpki-client