Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/TW9ksFbGISrm8bYlqs2ozzpmjos.roa
File: TW9ksFbGISrm8bYlqs2ozzpmjos.roa (raw, json)
Hash identifier: 0ziWkPMeV4t+G/bAbhTQxZYd+oOXOylZPAVdkzMUOzI=
Subject key identifier: 4D:6F:64:B0:56:C6:21:2A:E6:F1:B6:25:AA:CD:A8:CF:3A:66:8E:8B
Certificate issuer: /CN=4fb2bb7bad50f1921810a028e78edd65f81f6a7d
Certificate serial: 01942521F092FAED9FBAED573742E11DCDBD
Authority key identifier: 4F:B2:BB:7B:AD:50:F1:92:18:10:A0:28:E7:8E:DD:65:F8:1F:6A:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T7K7e61Q8ZIYEKAo547dZfgfan0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/TW9ksFbGISrm8bYlqs2ozzpmjos.roa
Signing time: Thu 02 Jan 2025 03:49:28 +0000
ROA not before: Thu 02 Jan 2025 03:49:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64249
IP address blocks: 91.238.71.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:f0:92:fa:ed:9f:ba:ed:57:37:42:e1:1d:cd:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fb2bb7bad50f1921810a028e78edd65f81f6a7d
Validity
Not Before: Jan 2 03:49:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d6f64b056c6212ae6f1b625aacda8cf3a668e8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e8:a2:cb:06:c4:18:a5:5e:44:62:d1:a0:8f:
17:ac:3f:5e:95:e1:87:a4:49:75:8b:89:72:b5:c6:
88:39:c0:49:51:23:bb:8b:8b:69:57:9f:be:da:c8:
98:fa:eb:6e:2d:65:96:fb:6a:0c:a9:5a:a1:07:2d:
55:4d:cb:e8:76:1e:83:16:af:e0:60:d7:de:22:6f:
22:0b:08:c9:a7:69:8e:23:c5:e9:38:3f:1a:0b:d4:
bd:55:95:81:5c:7f:a2:72:e7:88:7b:5d:45:71:4b:
8a:6f:33:a2:a5:23:a5:60:1b:e6:fb:1f:a1:16:31:
64:62:6d:91:78:9b:0b:48:d7:73:93:b9:8d:5e:6d:
be:30:b3:74:fe:fa:51:e0:7f:b1:8c:6a:b2:ac:51:
36:41:39:59:bb:9c:59:b2:98:f9:48:20:c7:7b:db:
29:e9:3e:d3:26:cb:d2:21:71:d4:4c:ae:d7:c5:e1:
57:e1:8e:3d:9d:0e:01:6d:05:0b:64:ed:88:16:af:
68:a5:f4:e6:07:51:38:54:a5:59:43:a6:d9:0d:7a:
ed:dc:6f:32:1d:ff:00:8d:d1:83:52:37:d7:ee:b0:
1e:9d:1c:b5:6e:15:64:3f:32:fb:7c:a4:c6:79:dd:
70:e6:e3:1d:a4:8f:45:19:d6:69:39:6a:2a:bf:6c:
43:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:6F:64:B0:56:C6:21:2A:E6:F1:B6:25:AA:CD:A8:CF:3A:66:8E:8B
X509v3 Authority Key Identifier:
keyid:4F:B2:BB:7B:AD:50:F1:92:18:10:A0:28:E7:8E:DD:65:F8:1F:6A:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T7K7e61Q8ZIYEKAo547dZfgfan0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/TW9ksFbGISrm8bYlqs2ozzpmjos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/T7K7e61Q8ZIYEKAo547dZfgfan0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.71.0/24
Signature Algorithm: sha256WithRSAEncryption
46:e1:39:2a:87:e3:42:8d:80:4c:2d:1c:3d:87:05:d9:63:62:
78:d8:69:93:c1:22:c9:68:a3:71:fe:4f:6e:42:d6:dd:fc:c5:
b4:ad:c9:f0:68:c3:cf:f2:49:bf:90:3d:be:73:06:46:f4:80:
77:66:d7:9a:b5:07:bc:b1:79:91:e8:aa:02:f4:54:1d:02:d4:
06:7a:9f:96:2a:f4:fd:24:6e:80:d2:13:9c:b0:97:7f:a6:5b:
47:7d:81:e9:b5:a5:4a:dc:9f:6a:cd:87:38:9f:81:43:b0:0a:
2b:88:e1:40:04:74:5d:bb:ae:1b:2d:ee:56:c7:d1:ed:9f:44:
cf:1d:65:c5:6a:ec:37:3f:ce:47:ab:1e:03:cc:85:b5:6d:28:
71:a8:07:7f:2e:39:99:46:51:ad:04:52:a4:df:fa:db:94:95:
23:af:d5:0c:b5:de:f0:63:57:26:91:31:66:19:ae:e8:fc:44:
53:37:7c:34:d6:4f:ee:f8:d6:92:2d:e8:69:b1:27:6a:e6:ef:
e4:2a:b2:cd:41:64:71:fd:83:67:c3:b6:84:8e:22:b2:79:a7:
8d:14:ba:6b:6c:ff:02:01:27:cd:89:92:cf:a1:c3:b8:15:8a:
2e:71:d1:5c:b0:9c:e9:a2:ec:78:53:0b:b2:da:e9:74:7d:42:
f8:9b:f6:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIfCS+u2fuu1XN0LhHc29MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYjJiYjdiYWQ1MGYxOTIxODEwYTAyOGU3OGVkZDY1Zjgx
ZjZhN2QwHhcNMjUwMTAyMDM0OTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDZmNjRiMDU2YzYyMTJhZTZmMWI2MjVhYWNkYThjZjNhNjY4ZThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteiiywbEGKVeRGLRoI8XrD9eleGH
pEl1i4lytcaIOcBJUSO7i4tpV5++2siY+utuLWWW+2oMqVqhBy1VTcvodh6DFq/g
YNfeIm8iCwjJp2mOI8XpOD8aC9S9VZWBXH+icueIe11FcUuKbzOipSOlYBvm+x+h
FjFkYm2ReJsLSNdzk7mNXm2+MLN0/vpR4H+xjGqyrFE2QTlZu5xZspj5SCDHe9sp
6T7TJsvSIXHUTK7XxeFX4Y49nQ4BbQULZO2IFq9opfTmB1E4VKVZQ6bZDXrt3G8y
Hf8AjdGDUjfX7rAenRy1bhVkPzL7fKTGed1w5uMdpI9FGdZpOWoqv2xD9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE1vZLBWxiEq5vG2JarNqM86Zo6LMB8GA1UdIwQY
MBaAFE+yu3utUPGSGBCgKOeO3WX4H2p9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDdLN2U2MVE4WklZRUtBbzU0N2RaZmdmYW4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9mZGEzODItNDI1Ny00MWMzLThlYzYt
MjdmYmM5OWVhM2M2LzEvVFc5a3NGYkdJU3JtOGJZbHFzMm96enBtam9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9mZGEzODItNDI1Ny00MWMzLThlYzYtMjdmYmM5OWVhM2M2
LzEvVDdLN2U2MVE4WklZRUtBbzU0N2RaZmdmYW4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+5HMA0G
CSqGSIb3DQEBCwUAA4IBAQBG4Tkqh+NCjYBMLRw9hwXZY2J42GmTwSLJaKNx/k9u
Qtbd/MW0rcnwaMPP8km/kD2+cwZG9IB3ZteatQe8sXmR6KoC9FQdAtQGep+WKvT9
JG6A0hOcsJd/pltHfYHptaVK3J9qzYc4n4FDsAoriOFABHRdu64bLe5Wx9Htn0TP
HWXFauw3P85Hqx4DzIW1bShxqAd/LjmZRlGtBFKk3/rblJUjr9UMtd7wY1cmkTFm
Ga7o/ERTN3w01k/u+NaSLehpsSdq5u/kKrLNQWRx/YNnw7aEjiKyeaeNFLprbP8C
ASfNiZLPocO4FYoucdFcsJzpoux4Uwuy2ul0fUL4m/YP
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:15:20 2025 by rpki-client