Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/c5cc6b-bfdf-402f-be6c-47755c63cc03/1/D3i9EVA32LU2rGVYsxndx1JTftM.roa
File: D3i9EVA32LU2rGVYsxndx1JTftM.roa (raw, json)
Hash identifier: tlnX1w1cOV5lcgJWKpzZKTU4C07C/i0e3u+/uvX0sH0=
Subject key identifier: 0F:78:BD:11:50:37:D8:B5:36:AC:65:58:B3:19:DD:C7:52:53:7E:D3
Certificate issuer: /CN=9526fb681fb8754e4d9669b2dc6806ab284ce147
Certificate serial: 019422200201945F7171C7AEB75C572C0C8D
Authority key identifier: 95:26:FB:68:1F:B8:75:4E:4D:96:69:B2:DC:68:06:AB:28:4C:E1:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lSb7aB-4dU5Nlmmy3GgGqyhM4Uc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/c5cc6b-bfdf-402f-be6c-47755c63cc03/1/D3i9EVA32LU2rGVYsxndx1JTftM.roa
Signing time: Wed 01 Jan 2025 13:48:30 +0000
ROA not before: Wed 01 Jan 2025 13:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208783
IP address blocks: 91.213.251.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:02:01:94:5f:71:71:c7:ae:b7:5c:57:2c:0c:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9526fb681fb8754e4d9669b2dc6806ab284ce147
Validity
Not Before: Jan 1 13:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f78bd115037d8b536ac6558b319ddc752537ed3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a8:06:38:ab:f2:e9:ba:09:7f:a7:1c:28:a0:
ac:4e:de:ed:fc:d3:a0:e2:52:80:c4:e0:3d:86:dc:
73:8b:66:46:39:c4:aa:87:8e:8e:c0:af:f6:5f:71:
16:ed:42:37:55:09:75:ca:c3:1b:4c:34:44:8f:45:
7d:ca:49:5d:42:48:14:5e:81:ee:37:ca:3c:56:4a:
55:1b:53:66:7a:a0:e6:b5:e0:5a:7e:77:ce:39:b0:
07:53:7d:e1:c9:c3:3f:d3:f2:41:24:f6:95:04:e3:
af:a1:8f:c9:c0:bc:bb:ad:9f:7e:b4:0a:38:21:67:
e9:2a:ad:4d:d0:80:fa:aa:ae:7a:81:a5:cf:8e:75:
77:1c:91:0c:ca:79:31:6a:35:fa:d7:21:3f:eb:98:
27:89:45:b3:d8:1d:11:0b:f0:f7:7e:fb:67:27:96:
3c:70:3a:5f:f5:7b:49:48:e9:5d:65:84:fb:a1:1f:
cf:a6:3b:c2:f9:78:53:3d:54:f3:c8:e0:24:35:13:
3f:8c:83:b9:70:f9:f7:87:fb:db:14:11:e2:b5:57:
ef:b9:cc:3e:d4:25:91:f4:06:6d:1f:37:65:f6:13:
d5:1f:46:64:0d:c7:56:eb:f6:f3:d4:1a:8f:a6:77:
08:d6:0b:2c:5f:e4:43:96:55:db:f8:7e:06:2f:25:
aa:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:78:BD:11:50:37:D8:B5:36:AC:65:58:B3:19:DD:C7:52:53:7E:D3
X509v3 Authority Key Identifier:
keyid:95:26:FB:68:1F:B8:75:4E:4D:96:69:B2:DC:68:06:AB:28:4C:E1:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lSb7aB-4dU5Nlmmy3GgGqyhM4Uc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/c5cc6b-bfdf-402f-be6c-47755c63cc03/1/D3i9EVA32LU2rGVYsxndx1JTftM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/c5cc6b-bfdf-402f-be6c-47755c63cc03/1/lSb7aB-4dU5Nlmmy3GgGqyhM4Uc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.251.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:0f:b2:28:1d:72:65:f7:15:80:70:d9:1b:2b:1c:6b:dc:79:
4d:35:6b:6a:a8:86:45:d5:dc:67:ca:55:3c:68:4d:c9:f5:a9:
01:94:08:06:b4:60:2d:8f:fe:78:58:6c:be:8e:e8:b3:e2:2a:
fe:49:ea:b7:3c:7b:a1:27:85:f3:6e:c2:21:e3:4c:9a:87:bd:
1d:d9:e0:b9:d5:4e:db:ef:21:e5:4f:f2:ba:f9:fd:71:eb:3f:
0a:02:0a:0a:a8:f4:10:20:2c:80:c4:5f:56:b1:cb:a0:e2:ab:
a6:14:6d:02:32:d3:cb:5a:ef:d1:62:5b:19:84:4a:c6:3a:4e:
f8:c9:7a:cc:21:19:08:5a:7b:7b:bc:75:a8:7a:15:d8:8c:4a:
7e:c6:56:64:30:ef:eb:f8:4b:61:c2:dd:f0:93:08:70:73:c4:
6d:9f:12:0c:95:7c:0c:56:b2:b8:f8:b4:ec:0a:88:85:c8:df:
fa:58:e9:6d:c1:7b:67:ce:ea:98:79:b8:82:d6:45:70:9a:61:
9b:9b:0e:93:c3:26:6b:e6:62:8a:3d:cf:44:1f:31:b9:28:81:
de:d4:ed:6e:46:33:4f:16:9e:97:ec:56:d7:f6:46:56:92:03:
67:be:30:8b:5c:69:ea:25:84:ae:c1:f3:df:87:58:91:66:eb:
99:47:70:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIAIBlF9xcceut1xXLAyNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MjZmYjY4MWZiODc1NGU0ZDk2NjliMmRjNjgwNmFiMjg0
Y2UxNDcwHhcNMjUwMTAxMTM0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjc4YmQxMTUwMzdkOGI1MzZhYzY1NThiMzE5ZGRjNzUyNTM3ZWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqgGOKvy6boJf6ccKKCsTt7t/NOg
4lKAxOA9htxzi2ZGOcSqh46OwK/2X3EW7UI3VQl1ysMbTDREj0V9ykldQkgUXoHu
N8o8VkpVG1NmeqDmteBafnfOObAHU33hycM/0/JBJPaVBOOvoY/JwLy7rZ9+tAo4
IWfpKq1N0ID6qq56gaXPjnV3HJEMynkxajX61yE/65gniUWz2B0RC/D3fvtnJ5Y8
cDpf9XtJSOldZYT7oR/PpjvC+XhTPVTzyOAkNRM/jIO5cPn3h/vbFBHitVfvucw+
1CWR9AZtHzdl9hPVH0ZkDcdW6/bz1BqPpncI1gssX+RDllXb+H4GLyWqwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA94vRFQN9i1NqxlWLMZ3cdSU37TMB8GA1UdIwQY
MBaAFJUm+2gfuHVOTZZpstxoBqsoTOFHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFNiN2FCLTRkVTVObG1teTNHZ0dxeWhNNFVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9jNWNjNmItYmZkZi00MDJmLWJlNmMt
NDc3NTVjNjNjYzAzLzEvRDNpOUVWQTMyTFUyckdWWXN4bmR4MUpUZnRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9jNWNjNmItYmZkZi00MDJmLWJlNmMtNDc3NTVjNjNjYzAz
LzEvbFNiN2FCLTRkVTVObG1teTNHZ0dxeWhNNFVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9X7MA0G
CSqGSIb3DQEBCwUAA4IBAQAcD7IoHXJl9xWAcNkbKxxr3HlNNWtqqIZF1dxnylU8
aE3J9akBlAgGtGAtj/54WGy+juiz4ir+Seq3PHuhJ4XzbsIh40yah70d2eC51U7b
7yHlT/K6+f1x6z8KAgoKqPQQICyAxF9Wscug4qumFG0CMtPLWu/RYlsZhErGOk74
yXrMIRkIWnt7vHWoehXYjEp+xlZkMO/r+Ethwt3wkwhwc8RtnxIMlXwMVrK4+LTs
CoiFyN/6WOltwXtnzuqYebiC1kVwmmGbmw6TwyZr5mKKPc9EHzG5KIHe1O1uRjNP
Fp6X7FbX9kZWkgNnvjCLXGnqJYSuwfPfh1iRZuuZR3DE
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:26:52 2025 by rpki-client