Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/a793cd-4952-4c4c-ab3f-1640e661c8d3/1/ha-S9w-adorj0OKakUteh61kenA.roa
File: ha-S9w-adorj0OKakUteh61kenA.roa (raw, json)
Hash identifier: XYuhU/BwHUu+ULaYw1sKB/Q9TAYetm0dNHNrwQbT7hA=
Subject key identifier: 85:AF:92:F7:0F:9A:76:8A:E3:D0:E2:9A:91:4B:5E:87:AD:64:7A:70
Certificate issuer: /CN=35df1cdb6d457f1adb33ebbde019ea5b21dfb42c
Certificate serial: 018CC424EE03EC9F1FE99928C1BD6C8C2076
Authority key identifier: 35:DF:1C:DB:6D:45:7F:1A:DB:33:EB:BD:E0:19:EA:5B:21:DF:B4:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nd8c221FfxrbM-u94BnqWyHftCw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/a793cd-4952-4c4c-ab3f-1640e661c8d3/1/ha-S9w-adorj0OKakUteh61kenA.roa
Signing time: Mon 01 Jan 2024 08:30:03 +0000
ROA not before: Mon 01 Jan 2024 08:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59729
IP address blocks: 91.213.230.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:ee:03:ec:9f:1f:e9:99:28:c1:bd:6c:8c:20:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35df1cdb6d457f1adb33ebbde019ea5b21dfb42c
Validity
Not Before: Jan 1 08:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85af92f70f9a768ae3d0e29a914b5e87ad647a70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:1a:5a:7a:63:dd:c9:6d:84:cb:26:0b:d4:98:
bf:58:f5:5a:10:0d:67:7f:5a:1a:31:6b:f8:e1:fe:
5a:4c:27:a1:2b:8b:e1:21:0d:40:ff:71:66:a3:e0:
e0:78:60:08:54:d3:0d:81:91:e4:5b:73:ff:33:85:
b6:cf:9e:d0:96:f1:87:ce:5d:4b:60:e4:69:23:d4:
66:dd:f4:2f:4b:88:95:d6:ee:0e:f0:5e:31:a8:5b:
ee:bf:ac:23:52:ed:64:07:78:0f:d3:75:c8:b1:b6:
fe:0c:84:01:1d:2f:e6:7f:40:d2:16:3e:23:5e:de:
df:34:6a:cf:0e:fb:b2:05:74:f6:83:ab:75:2d:7f:
82:c9:27:4d:9c:1e:85:72:8f:19:44:88:04:e5:7a:
e0:36:92:9b:cf:0a:20:66:6c:f5:2e:9e:73:ca:96:
52:06:a7:53:41:4c:d9:4b:bb:3d:b8:af:1d:55:e2:
bc:2b:3a:4a:2f:71:6d:d6:71:60:a7:1b:12:75:72:
25:79:67:37:ac:2b:05:a9:4b:59:3b:9d:9e:e3:c5:
ea:b2:85:40:1c:51:94:2d:fd:c1:d3:fb:9d:e3:86:
01:1f:96:81:d9:42:a3:0a:c9:a7:a1:0c:0b:c7:7e:
c1:31:5d:a0:9c:6a:c4:7a:85:5b:27:da:b2:48:96:
a2:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:AF:92:F7:0F:9A:76:8A:E3:D0:E2:9A:91:4B:5E:87:AD:64:7A:70
X509v3 Authority Key Identifier:
keyid:35:DF:1C:DB:6D:45:7F:1A:DB:33:EB:BD:E0:19:EA:5B:21:DF:B4:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nd8c221FfxrbM-u94BnqWyHftCw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a793cd-4952-4c4c-ab3f-1640e661c8d3/1/ha-S9w-adorj0OKakUteh61kenA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a793cd-4952-4c4c-ab3f-1640e661c8d3/1/Nd8c221FfxrbM-u94BnqWyHftCw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.230.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:8c:b9:ff:c2:ac:12:5c:ff:10:dc:f7:15:d3:ef:7b:f8:19:
6c:7d:13:72:be:8b:5a:1d:37:5b:fe:bc:fc:4f:77:36:cd:c7:
ee:db:d1:c8:b6:d9:3b:ca:cd:98:b8:5d:fb:0c:e0:32:2a:c3:
2f:95:d8:63:ef:d2:99:f2:43:4a:84:35:3c:80:95:9a:4d:db:
11:4e:92:af:2f:cf:2f:c1:f0:33:ab:b3:9b:dd:99:74:e7:96:
91:b4:a4:15:d1:b7:20:d1:a0:cb:64:c6:39:c5:53:a5:79:70:
79:96:02:a1:81:3a:54:bc:d0:eb:9f:1d:ad:6e:94:21:4b:de:
85:75:c6:d7:d9:be:46:1c:8d:d4:24:5e:3a:e3:80:e9:8a:17:
9a:e3:ab:9e:29:d0:d7:92:8d:e8:4b:ca:d6:d9:ed:21:66:bc:
ba:1c:30:61:a8:f1:9e:6e:45:c0:23:cb:6c:af:ca:aa:e6:db:
da:cc:73:c1:e8:06:c5:79:d2:64:33:0b:30:92:af:1d:2a:e0:
cb:a3:18:ea:d2:72:d2:de:c9:5d:c5:f6:f3:0e:3c:44:bd:6c:
06:3d:63:28:93:66:d4:f2:ed:20:17:6a:73:3f:0c:ef:4d:c9:
37:1d:e1:0b:21:8c:82:49:b4:de:80:4a:34:6e:95:e6:d5:d4:
95:06:c0:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJO4D7J8f6Zkowb1sjCB2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZGYxY2RiNmQ0NTdmMWFkYjMzZWJiZGUwMTllYTViMjFk
ZmI0MmMwHhcNMjQwMTAxMDgzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWFmOTJmNzBmOWE3NjhhZTNkMGUyOWE5MTRiNWU4N2FkNjQ3YTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxpaemPdyW2EyyYL1Ji/WPVaEA1n
f1oaMWv44f5aTCehK4vhIQ1A/3Fmo+DgeGAIVNMNgZHkW3P/M4W2z57QlvGHzl1L
YORpI9Rm3fQvS4iV1u4O8F4xqFvuv6wjUu1kB3gP03XIsbb+DIQBHS/mf0DSFj4j
Xt7fNGrPDvuyBXT2g6t1LX+CySdNnB6Fco8ZRIgE5XrgNpKbzwogZmz1Lp5zypZS
BqdTQUzZS7s9uK8dVeK8KzpKL3Ft1nFgpxsSdXIleWc3rCsFqUtZO52e48XqsoVA
HFGULf3B0/ud44YBH5aB2UKjCsmnoQwLx37BMV2gnGrEeoVbJ9qySJaiJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIWvkvcPmnaK49DimpFLXoetZHpwMB8GA1UdIwQY
MBaAFDXfHNttRX8a2zPrveAZ6lsh37QsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmQ4YzIyMUZmeHJiTS11OTRCbnFXeUhmdEN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9hNzkzY2QtNDk1Mi00YzRjLWFiM2Yt
MTY0MGU2NjFjOGQzLzEvaGEtUzl3LWFkb3JqME9LYWtVdGVoNjFrZW5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9hNzkzY2QtNDk1Mi00YzRjLWFiM2YtMTY0MGU2NjFjOGQz
LzEvTmQ4YzIyMUZmeHJiTS11OTRCbnFXeUhmdEN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9XmMA0G
CSqGSIb3DQEBCwUAA4IBAQCyjLn/wqwSXP8Q3PcV0+97+BlsfRNyvotaHTdb/rz8
T3c2zcfu29HIttk7ys2YuF37DOAyKsMvldhj79KZ8kNKhDU8gJWaTdsRTpKvL88v
wfAzq7Ob3Zl055aRtKQV0bcg0aDLZMY5xVOleXB5lgKhgTpUvNDrnx2tbpQhS96F
dcbX2b5GHI3UJF4644Dpihea46ueKdDXko3oS8rW2e0hZry6HDBhqPGebkXAI8ts
r8qq5tvazHPB6AbFedJkMwswkq8dKuDLoxjq0nLS3sldxfbzDjxEvWwGPWMok2bU
8u0gF2pzPwzvTck3HeELIYyCSbTegEo0bpXm1dSVBsCT
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:15 2025 by rpki-client