Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/5da729-ba26-4fda-9011-0b04375f9b36/1/2rG3zP2nsK1WFDdtam1fkefUVec.roa
File: 2rG3zP2nsK1WFDdtam1fkefUVec.roa (raw, json)
Hash identifier: FYwcLySS6BHsPeqa2YZMNFpU87urYtsqq/j3a/UUmqo=
Subject key identifier: DA:B1:B7:CC:FD:A7:B0:AD:56:14:37:6D:6A:6D:5F:91:E7:D4:55:E7
Certificate issuer: /CN=42cf4a128d09dfc4b8b035a12cd831f9f7b01469
Certificate serial: 019423D807060B3C2A5037C362766FFC2D61
Authority key identifier: 42:CF:4A:12:8D:09:DF:C4:B8:B0:35:A1:2C:D8:31:F9:F7:B0:14:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qs9KEo0J38S4sDWhLNgx-fewFGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/5da729-ba26-4fda-9011-0b04375f9b36/1/2rG3zP2nsK1WFDdtam1fkefUVec.roa
Signing time: Wed 01 Jan 2025 21:49:07 +0000
ROA not before: Wed 01 Jan 2025 21:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203285
IP address blocks: 91.247.168.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d8:07:06:0b:3c:2a:50:37:c3:62:76:6f:fc:2d:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42cf4a128d09dfc4b8b035a12cd831f9f7b01469
Validity
Not Before: Jan 1 21:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dab1b7ccfda7b0ad5614376d6a6d5f91e7d455e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:22:d0:ac:c0:1b:9d:92:ab:da:e6:a4:f7:1d:
3f:82:84:3d:08:40:e5:77:3d:b7:4d:fb:f7:44:c6:
d0:d4:fe:18:4d:ea:ed:bd:4f:9d:4b:a5:2d:34:dc:
a4:8b:92:84:f7:50:14:38:21:e6:11:13:c8:7d:fb:
15:e4:b0:9b:b2:01:70:79:74:6e:d5:6f:09:7b:ae:
29:72:71:18:30:9a:ab:eb:fe:7c:45:8a:e8:3c:48:
36:00:6b:a3:fa:a4:3a:ff:81:4b:bd:de:4b:38:d2:
95:80:bc:f4:98:04:84:42:a3:bd:ef:91:b3:2c:ba:
bc:79:12:a0:86:20:42:c4:22:f0:2c:b1:c6:90:25:
2d:a0:2c:aa:bb:2a:1f:69:ab:88:0d:44:d7:ed:88:
25:f8:9c:6e:83:1a:f4:cb:b9:6b:b0:ab:2b:31:39:
5f:4e:8b:2e:6e:8c:bb:29:e9:f8:db:82:d7:d5:5d:
bc:e9:62:1d:82:a6:13:ab:c1:92:37:fd:cd:b0:90:
5f:49:5c:35:8f:67:21:e5:57:d7:fa:c7:12:a2:bb:
24:d8:d8:c5:b5:34:e3:ed:0a:06:d4:14:6e:ca:a8:
4f:18:ea:72:89:cf:ef:44:7b:28:60:6a:c0:16:c0:
b0:17:47:c7:9f:0c:a8:56:c9:f5:ca:f5:26:9b:e4:
3c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:B1:B7:CC:FD:A7:B0:AD:56:14:37:6D:6A:6D:5F:91:E7:D4:55:E7
X509v3 Authority Key Identifier:
keyid:42:CF:4A:12:8D:09:DF:C4:B8:B0:35:A1:2C:D8:31:F9:F7:B0:14:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qs9KEo0J38S4sDWhLNgx-fewFGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/5da729-ba26-4fda-9011-0b04375f9b36/1/2rG3zP2nsK1WFDdtam1fkefUVec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/5da729-ba26-4fda-9011-0b04375f9b36/1/Qs9KEo0J38S4sDWhLNgx-fewFGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.247.168.0/24
Signature Algorithm: sha256WithRSAEncryption
09:03:ad:4c:f3:bc:8b:0e:f1:0e:8e:c1:e1:92:9c:17:98:fa:
00:da:ee:c7:82:d1:76:b0:56:dd:31:9b:9f:82:1c:f1:13:4d:
2c:ef:dd:43:c2:82:6f:1b:b1:00:7b:6f:67:50:09:f7:20:fb:
44:56:40:0f:01:00:38:db:17:44:97:d0:88:6a:36:66:5c:cf:
0e:e6:61:62:39:65:e3:32:bc:e5:6b:38:ec:50:55:e4:8f:6d:
58:3b:03:e7:33:8a:26:b8:46:9e:11:b2:63:2d:de:2c:2b:8b:
d0:e5:0a:2f:ca:5c:47:4e:52:95:08:2e:e0:13:7f:ba:2d:1b:
b6:ae:54:7d:e4:d4:87:2d:9d:27:6d:0c:26:d6:ec:b0:34:e3:
68:78:97:61:72:c7:a7:ea:0b:51:55:2e:81:1f:91:01:15:19:
0f:6d:ed:7e:f4:ce:01:4d:fe:44:ae:f6:01:b8:3c:e0:35:b3:
d8:77:9a:7a:1d:f7:8c:a7:48:8a:d0:69:94:a5:41:66:3a:13:
e1:8a:2f:a2:68:54:2e:3d:47:55:1c:69:0d:5a:ea:cb:b5:c2:
10:a3:1d:a0:93:c6:b8:95:1b:ba:09:64:1c:cc:af:b6:9e:67:
a1:28:5e:d5:41:5d:6c:b7:9f:80:2b:34:2d:11:70:68:93:76:
eb:c1:a6:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj2AcGCzwqUDfDYnZv/C1hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyY2Y0YTEyOGQwOWRmYzRiOGIwMzVhMTJjZDgzMWY5Zjdi
MDE0NjkwHhcNMjUwMTAxMjE0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWIxYjdjY2ZkYTdiMGFkNTYxNDM3NmQ2YTZkNWY5MWU3ZDQ1NWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2SLQrMAbnZKr2uak9x0/goQ9CEDl
dz23Tfv3RMbQ1P4YTertvU+dS6UtNNyki5KE91AUOCHmERPIffsV5LCbsgFweXRu
1W8Je64pcnEYMJqr6/58RYroPEg2AGuj+qQ6/4FLvd5LONKVgLz0mASEQqO975Gz
LLq8eRKghiBCxCLwLLHGkCUtoCyquyofaauIDUTX7Ygl+Jxugxr0y7lrsKsrMTlf
Tosuboy7Ken424LX1V286WIdgqYTq8GSN/3NsJBfSVw1j2ch5VfX+scSorsk2NjF
tTTj7QoG1BRuyqhPGOpyic/vRHsoYGrAFsCwF0fHnwyoVsn1yvUmm+Q8yQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNqxt8z9p7CtVhQ3bWptX5Hn1FXnMB8GA1UdIwQY
MBaAFELPShKNCd/EuLA1oSzYMfn3sBRpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXM5S0VvMEozOFM0c0RXaExOZ3gtZmV3RkdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC81ZGE3MjktYmEyNi00ZmRhLTkwMTEt
MGIwNDM3NWY5YjM2LzEvMnJHM3pQMm5zSzFXRkRkdGFtMWZrZWZVVmVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC81ZGE3MjktYmEyNi00ZmRhLTkwMTEtMGIwNDM3NWY5YjM2
LzEvUXM5S0VvMEozOFM0c0RXaExOZ3gtZmV3RkdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/eoMA0G
CSqGSIb3DQEBCwUAA4IBAQAJA61M87yLDvEOjsHhkpwXmPoA2u7HgtF2sFbdMZuf
ghzxE00s791DwoJvG7EAe29nUAn3IPtEVkAPAQA42xdEl9CIajZmXM8O5mFiOWXj
MrzlazjsUFXkj21YOwPnM4omuEaeEbJjLd4sK4vQ5QovylxHTlKVCC7gE3+6LRu2
rlR95NSHLZ0nbQwm1uywNONoeJdhcsen6gtRVS6BH5EBFRkPbe1+9M4BTf5ErvYB
uDzgNbPYd5p6HfeMp0iK0GmUpUFmOhPhii+iaFQuPUdVHGkNWurLtcIQox2gk8a4
lRu6CWQczK+2nmehKF7VQV1st5+AKzQtEXBok3brwaYn
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:43:22 2025 by rpki-client