Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/IDcUsurlIwrk2WfAK13tr-PGuOQ.roa
File: IDcUsurlIwrk2WfAK13tr-PGuOQ.roa (raw, json)
Hash identifier: AS568Huqr9TIELMxZnCn0Pucs1mbdYattJ1q0ZLCI8Q=
Subject key identifier: 20:37:14:B2:EA:E5:23:0A:E4:D9:67:C0:2B:5D:ED:AF:E3:C6:B8:E4
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 019427B685374D3D5B8E8F57DEC15F83604A
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/IDcUsurlIwrk2WfAK13tr-PGuOQ.roa
Signing time: Thu 02 Jan 2025 15:51:00 +0000
ROA not before: Thu 02 Jan 2025 15:51:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215226
IP address blocks: 91.242.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:85:37:4d:3d:5b:8e:8f:57:de:c1:5f:83:60:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Jan 2 15:51:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=203714b2eae5230ae4d967c02b5dedafe3c6b8e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:e8:af:52:83:08:a9:24:22:94:75:97:33:7f:
93:fd:ce:2b:ea:53:e3:55:ae:2e:d1:bb:d2:3b:4c:
07:26:73:51:21:22:0b:12:1f:f7:d3:ef:23:18:82:
7f:3e:0c:7f:ae:c7:f9:09:79:f2:63:da:c4:1d:e6:
2c:cf:37:e9:77:60:1b:7a:8c:a0:fd:1e:a8:21:ea:
2a:27:db:fa:f2:f5:f3:df:22:d2:ca:44:15:ab:08:
ed:99:cc:ba:69:ef:52:7a:f1:17:8c:45:de:47:f5:
29:1f:99:35:dc:b0:30:22:04:15:3e:fb:e4:6a:a3:
90:84:38:94:32:bc:47:9e:42:a9:0e:c5:42:06:f4:
f9:06:80:2c:88:ee:c7:27:7f:27:25:03:1c:83:96:
b9:5c:d9:ef:d4:f7:c5:de:6e:4a:3e:e7:d9:0d:9e:
08:b2:77:1c:17:8e:e3:cb:9a:88:b9:6d:7d:df:17:
e3:7a:0d:ff:73:e5:b2:9d:fd:72:2d:da:53:cf:eb:
b8:55:30:6f:4a:cd:46:a4:09:e6:14:bf:13:75:12:
76:16:3e:71:df:41:4a:59:f7:8b:66:62:d0:20:5f:
ba:1d:65:9c:5b:59:c5:9d:61:03:6d:e3:b8:64:00:
41:30:7e:1a:89:81:64:32:bb:f6:33:80:4a:30:5f:
ac:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:37:14:B2:EA:E5:23:0A:E4:D9:67:C0:2B:5D:ED:AF:E3:C6:B8:E4
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/IDcUsurlIwrk2WfAK13tr-PGuOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.255.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:2e:16:20:91:a9:31:ad:ca:08:19:53:a2:3f:e2:9b:be:68:
6b:96:11:0c:32:35:1b:46:6a:39:d2:2e:58:48:df:3f:14:90:
2c:97:84:de:7c:03:5a:68:df:7a:bd:8e:9f:68:7a:63:67:9c:
5c:47:33:93:ad:59:ec:5a:c6:ff:42:93:15:20:8b:ab:24:08:
77:66:3b:32:fc:ab:d4:01:da:5a:4c:a1:1a:e3:64:8a:25:fc:
a9:28:c9:fe:5f:fb:83:bb:33:45:c5:0f:23:ad:31:b8:43:50:
62:f3:26:b9:4d:9b:c3:cd:11:14:ab:13:c2:b6:95:81:62:10:
7f:bc:15:76:5b:14:0b:0f:42:26:ba:60:47:2b:50:e6:67:73:
37:f7:9a:41:ff:e5:6b:74:f5:a6:bc:3b:eb:5f:c9:fd:1c:23:
74:6a:50:f0:00:54:c0:99:04:10:db:50:0c:b0:72:1e:fa:00:
0b:9d:03:27:da:16:65:e5:e6:2c:c3:50:dd:aa:2c:d2:cf:ee:
33:27:de:19:cd:42:56:df:65:fa:4a:ba:16:ac:05:da:e2:e7:
55:dd:a3:78:5f:51:73:e4:6b:19:5c:bf:98:88:e0:5d:c4:37:
dd:b4:3d:70:22:3d:6d:c5:99:93:88:9e:bf:03:4b:28:b7:dc:
e7:18:d1:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntoU3TT1bjo9X3sFfg2BKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjUwMTAyMTU1MTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDM3MTRiMmVhZTUyMzBhZTRkOTY3YzAyYjVkZWRhZmUzYzZiOGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5OivUoMIqSQilHWXM3+T/c4r6lPj
Va4u0bvSO0wHJnNRISILEh/30+8jGIJ/Pgx/rsf5CXnyY9rEHeYszzfpd2Abeoyg
/R6oIeoqJ9v68vXz3yLSykQVqwjtmcy6ae9SevEXjEXeR/UpH5k13LAwIgQVPvvk
aqOQhDiUMrxHnkKpDsVCBvT5BoAsiO7HJ38nJQMcg5a5XNnv1PfF3m5KPufZDZ4I
snccF47jy5qIuW193xfjeg3/c+Wynf1yLdpTz+u4VTBvSs1GpAnmFL8TdRJ2Fj5x
30FKWfeLZmLQIF+6HWWcW1nFnWEDbeO4ZABBMH4aiYFkMrv2M4BKMF+sXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCA3FLLq5SMK5NlnwCtd7a/jxrjkMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvSURjVXN1cmxJd3JrMldmQUsxM3RyLVBHdU9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/L/MA0G
CSqGSIb3DQEBCwUAA4IBAQBvLhYgkakxrcoIGVOiP+KbvmhrlhEMMjUbRmo50i5Y
SN8/FJAsl4TefANaaN96vY6faHpjZ5xcRzOTrVnsWsb/QpMVIIurJAh3Zjsy/KvU
AdpaTKEa42SKJfypKMn+X/uDuzNFxQ8jrTG4Q1Bi8ya5TZvDzREUqxPCtpWBYhB/
vBV2WxQLD0ImumBHK1DmZ3M395pB/+VrdPWmvDvrX8n9HCN0alDwAFTAmQQQ21AM
sHIe+gALnQMn2hZl5eYsw1DdqizSz+4zJ94ZzUJW32X6SroWrAXa4udV3aN4X1Fz
5GsZXL+YiOBdxDfdtD1wIj1txZmTiJ6/A0sot9znGNEu
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:32:39 2025 by rpki-client