Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/687cd5-6345-4f64-be46-ede70c8ed513/1/cj0dff8EdsGG8DaopETeofzcldw.roa
File: cj0dff8EdsGG8DaopETeofzcldw.roa (raw, json)
Hash identifier: 06o/5+ZmJQt03Z2LLNo5k4a7U1bSw5gDTRAuW+tjkok=
Subject key identifier: 72:3D:1D:7D:FF:04:76:C1:86:F0:36:A8:A4:44:DE:A1:FC:DC:95:DC
Certificate issuer: /CN=2cac84ceec57b35fa39534ae23009aea820239aa
Certificate serial: 0194228DE5526425FF9403A92430FADC3BEE
Authority key identifier: 2C:AC:84:CE:EC:57:B3:5F:A3:95:34:AE:23:00:9A:EA:82:02:39:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LKyEzuxXs1-jlTSuIwCa6oICOao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/687cd5-6345-4f64-be46-ede70c8ed513/1/cj0dff8EdsGG8DaopETeofzcldw.roa
Signing time: Wed 01 Jan 2025 15:48:32 +0000
ROA not before: Wed 01 Jan 2025 15:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49446
IP address blocks: 91.213.2.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:e5:52:64:25:ff:94:03:a9:24:30:fa:dc:3b:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cac84ceec57b35fa39534ae23009aea820239aa
Validity
Not Before: Jan 1 15:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=723d1d7dff0476c186f036a8a444dea1fcdc95dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f2:4c:be:8d:41:26:a9:16:5a:98:6f:77:3a:
26:34:55:e0:cc:c1:40:aa:74:79:4b:a6:05:8e:79:
92:8d:27:75:f1:41:b1:e6:ed:21:0b:e7:90:c8:84:
cf:47:fa:4e:63:f7:ea:cd:36:0f:c3:68:02:b1:07:
48:e9:0c:f0:49:42:00:df:31:c9:2f:31:e2:6a:cd:
5c:42:8b:a2:54:d7:c9:d0:5c:7d:b6:4b:20:fa:66:
e8:38:a5:77:bd:f9:c3:10:cf:83:2f:c1:2d:df:45:
0a:13:bf:f7:80:ef:7f:3b:0b:68:fd:d5:25:e2:c6:
79:8f:ff:9d:be:ee:d3:04:72:0d:c3:ae:a4:c4:d0:
64:6b:36:2a:52:0d:db:74:79:75:0d:2b:15:68:12:
12:39:45:97:ab:8d:b8:f9:0e:1f:e9:cd:e9:c6:7c:
0c:f8:a2:62:70:33:e1:16:75:f3:dc:e8:d0:98:d1:
1d:fa:9e:46:a9:7d:7a:46:3c:bd:f7:a8:13:19:fe:
57:91:62:98:13:ae:25:de:8b:78:e8:ee:4d:74:86:
8c:0b:f2:e3:a4:e4:7d:3d:d9:d4:53:4a:70:cb:f2:
9d:75:7f:86:97:3c:9f:ac:74:ba:93:cb:6d:64:bf:
11:01:83:43:69:98:6f:32:b7:88:93:ea:6f:0f:2a:
65:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:3D:1D:7D:FF:04:76:C1:86:F0:36:A8:A4:44:DE:A1:FC:DC:95:DC
X509v3 Authority Key Identifier:
keyid:2C:AC:84:CE:EC:57:B3:5F:A3:95:34:AE:23:00:9A:EA:82:02:39:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LKyEzuxXs1-jlTSuIwCa6oICOao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/687cd5-6345-4f64-be46-ede70c8ed513/1/cj0dff8EdsGG8DaopETeofzcldw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/687cd5-6345-4f64-be46-ede70c8ed513/1/LKyEzuxXs1-jlTSuIwCa6oICOao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.2.0/24
Signature Algorithm: sha256WithRSAEncryption
42:65:3c:c9:30:01:0b:0a:f2:5c:65:4f:ea:ff:e9:68:a2:01:
e9:d0:43:e7:24:86:63:8b:0f:05:f1:ff:bf:44:4e:99:d8:bd:
68:e8:01:c3:7a:18:c0:fd:28:eb:80:09:70:91:7a:e8:5c:79:
63:71:ef:d8:5f:69:2d:bc:82:d8:af:8f:06:1f:2e:ae:4f:67:
f8:79:d0:7c:b5:5d:04:bd:b2:16:69:45:65:44:2f:dc:58:58:
c8:bf:29:7e:c3:66:61:a3:65:f4:02:4c:9a:d1:64:b0:f5:72:
7a:50:3c:17:4e:64:0c:e0:fd:c2:a7:9a:82:18:f8:48:ee:5a:
e0:b3:fd:b4:62:aa:7b:ac:eb:5a:37:6d:79:4a:c5:cd:ce:f0:
4b:24:b4:99:63:d7:45:61:34:62:2c:c4:80:0e:00:d4:46:a7:
42:f1:1a:6f:48:1c:e0:9b:3a:35:33:e6:ec:e3:01:de:bc:81:
e9:64:20:9f:02:84:3c:52:4e:34:8a:5e:e8:79:0b:ca:06:15:
d6:f4:0c:78:8d:c5:b5:bc:22:77:ce:ae:3b:26:d3:ae:68:48:
4f:b4:6a:2a:b6:b7:28:40:0b:57:06:8c:ae:d6:9c:15:f3:d2:
a2:b7:d6:0c:5f:8d:b4:40:55:db:f2:65:22:24:4f:5b:70:fc:
2c:e7:f6:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijeVSZCX/lAOpJDD63DvuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYWM4NGNlZWM1N2IzNWZhMzk1MzRhZTIzMDA5YWVhODIw
MjM5YWEwHhcNMjUwMTAxMTU0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjNkMWQ3ZGZmMDQ3NmMxODZmMDM2YThhNDQ0ZGVhMWZjZGM5NWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPJMvo1BJqkWWphvdzomNFXgzMFA
qnR5S6YFjnmSjSd18UGx5u0hC+eQyITPR/pOY/fqzTYPw2gCsQdI6QzwSUIA3zHJ
LzHias1cQouiVNfJ0Fx9tksg+mboOKV3vfnDEM+DL8Et30UKE7/3gO9/Owto/dUl
4sZ5j/+dvu7TBHINw66kxNBkazYqUg3bdHl1DSsVaBISOUWXq424+Q4f6c3pxnwM
+KJicDPhFnXz3OjQmNEd+p5GqX16Rjy996gTGf5XkWKYE64l3ot46O5NdIaMC/Lj
pOR9PdnUU0pwy/KddX+GlzyfrHS6k8ttZL8RAYNDaZhvMreIk+pvDyplOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHI9HX3/BHbBhvA2qKRE3qH83JXcMB8GA1UdIwQY
MBaAFCyshM7sV7Nfo5U0riMAmuqCAjmqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEt5RXp1eFhzMS1qbFRTdUl3Q2E2b0lDT2FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC82ODdjZDUtNjM0NS00ZjY0LWJlNDYt
ZWRlNzBjOGVkNTEzLzEvY2owZGZmOEVkc0dHOERhb3BFVGVvZnpjbGR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC82ODdjZDUtNjM0NS00ZjY0LWJlNDYtZWRlNzBjOGVkNTEz
LzEvTEt5RXp1eFhzMS1qbFRTdUl3Q2E2b0lDT2FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9UCMA0G
CSqGSIb3DQEBCwUAA4IBAQBCZTzJMAELCvJcZU/q/+loogHp0EPnJIZjiw8F8f+/
RE6Z2L1o6AHDehjA/SjrgAlwkXroXHljce/YX2ktvILYr48GHy6uT2f4edB8tV0E
vbIWaUVlRC/cWFjIvyl+w2Zho2X0Akya0WSw9XJ6UDwXTmQM4P3Cp5qCGPhI7lrg
s/20Yqp7rOtaN215SsXNzvBLJLSZY9dFYTRiLMSADgDURqdC8RpvSBzgmzo1M+bs
4wHevIHpZCCfAoQ8Uk40il7oeQvKBhXW9Ax4jcW1vCJ3zq47JtOuaEhPtGoqtrco
QAtXBoyu1pwV89Kit9YMX420QFXb8mUiJE9bcPws5/aF
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:45:43 2025 by rpki-client