Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/8ef740-1052-49ec-a409-e615493117d2/1/YOqzdqJgWVyd_2LgxM2J8gMVqBI.roa
File: YOqzdqJgWVyd_2LgxM2J8gMVqBI.roa (raw, json)
Hash identifier: va3bKDhWKpgZL3Z4ed7EIl2pjSDDXrOal9gvmMpvSE0=
Subject key identifier: 60:EA:B3:76:A2:60:59:5C:9D:FF:62:E0:C4:CD:89:F2:03:15:A8:12
Certificate issuer: /CN=3befe50a40fb1732541e8a97450ab5de774771d8
Certificate serial: 019422FB8C49FE8E75A5205FB88157E2D142
Authority key identifier: 3B:EF:E5:0A:40:FB:17:32:54:1E:8A:97:45:0A:B5:DE:77:47:71:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O-_lCkD7FzJUHoqXRQq13ndHcdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/8ef740-1052-49ec-a409-e615493117d2/1/YOqzdqJgWVyd_2LgxM2J8gMVqBI.roa
Signing time: Wed 01 Jan 2025 17:48:18 +0000
ROA not before: Wed 01 Jan 2025 17:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210727
IP address blocks: 91.238.194.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:8c:49:fe:8e:75:a5:20:5f:b8:81:57:e2:d1:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3befe50a40fb1732541e8a97450ab5de774771d8
Validity
Not Before: Jan 1 17:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60eab376a260595c9dff62e0c4cd89f20315a812
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2f:63:a1:40:d8:4e:ab:54:91:64:be:16:a2:
f2:49:30:b0:93:98:c9:51:85:08:e3:be:fd:21:30:
71:3b:bd:0f:b7:51:f8:73:33:37:8d:72:5c:79:99:
a2:4a:38:a8:ac:ea:b1:c4:f3:5a:ee:ab:48:e8:96:
d9:37:4e:61:17:e9:f1:a0:4c:78:26:ce:65:dd:3f:
8c:e2:7f:b9:00:64:9a:d8:61:8c:fa:07:74:2d:cb:
64:1d:64:8e:bd:4d:1c:54:16:1a:42:13:82:08:d0:
16:d9:1e:14:ae:bb:57:c9:5e:c3:bb:47:1a:6b:1a:
76:5b:45:4e:26:1f:af:3b:92:ae:47:61:67:78:ef:
0f:06:51:a8:4c:1c:26:57:ca:be:ed:bf:a9:bd:8c:
6d:f7:72:2b:e5:4c:39:60:c5:80:d4:bf:30:24:37:
16:16:a0:fd:46:f7:68:cc:f4:f2:18:33:c9:08:29:
8c:9e:14:5d:5f:b3:ba:1f:cf:45:76:b7:fd:80:8a:
95:74:93:a1:ef:50:ab:68:19:5b:c0:06:34:6b:e1:
d5:7c:39:e2:b8:c4:90:a2:c6:c2:7d:6d:5f:f4:a9:
fb:39:b6:52:80:34:80:ef:f2:c2:ad:b0:20:52:92:
10:67:33:8e:24:2b:22:0b:ce:6d:ca:61:8c:34:56:
bd:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:EA:B3:76:A2:60:59:5C:9D:FF:62:E0:C4:CD:89:F2:03:15:A8:12
X509v3 Authority Key Identifier:
keyid:3B:EF:E5:0A:40:FB:17:32:54:1E:8A:97:45:0A:B5:DE:77:47:71:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O-_lCkD7FzJUHoqXRQq13ndHcdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/8ef740-1052-49ec-a409-e615493117d2/1/YOqzdqJgWVyd_2LgxM2J8gMVqBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/8ef740-1052-49ec-a409-e615493117d2/1/O-_lCkD7FzJUHoqXRQq13ndHcdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.194.0/24
Signature Algorithm: sha256WithRSAEncryption
83:43:63:25:bd:7c:7e:6f:25:04:da:16:f3:a5:53:22:0d:9b:
a4:5b:17:6b:ac:8b:5b:e6:85:13:26:52:1f:4b:f6:12:5f:a4:
d6:65:72:ce:c6:d5:4a:56:5b:e8:b5:dd:19:7b:89:90:61:ab:
a7:d5:e6:7f:78:48:42:f5:2c:75:09:ad:12:66:b7:58:46:9c:
f8:29:21:fa:65:ae:51:bf:9c:7c:fc:97:a2:4b:6a:81:b9:55:
96:5c:e1:b4:93:fb:14:4d:3a:e5:d6:c8:ee:e7:2d:41:48:84:
a5:bd:17:b5:46:01:25:bc:d6:c6:6c:7d:d6:3f:79:ee:44:31:
91:a9:93:e4:e4:41:aa:51:24:f5:3e:af:a0:95:4d:06:1e:fe:
95:c8:33:09:41:4f:8b:db:b9:dc:a0:23:19:b1:9c:b6:6f:f2:
72:72:e9:dc:ab:68:84:0a:c7:5f:6e:3c:6b:eb:bd:47:64:2a:
72:8a:a7:94:f7:f0:36:6c:31:aa:95:d6:3c:a3:11:1d:14:65:
3f:0a:33:00:20:1c:8e:9b:76:72:0e:bf:28:2e:b2:9b:ec:7e:
4c:fc:2f:c0:73:0b:00:1d:9a:9d:66:e4:a4:10:fe:bb:4f:8a:
70:75:b0:29:ac:4a:e0:8c:13:4a:6e:e8:4e:82:ee:54:a0:45:
28:65:99:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+4xJ/o51pSBfuIFX4tFCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZWZlNTBhNDBmYjE3MzI1NDFlOGE5NzQ1MGFiNWRlNzc0
NzcxZDgwHhcNMjUwMTAxMTc0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGVhYjM3NmEyNjA1OTVjOWRmZjYyZTBjNGNkODlmMjAzMTVhODEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsi9joUDYTqtUkWS+FqLySTCwk5jJ
UYUI4779ITBxO70Pt1H4czM3jXJceZmiSjiorOqxxPNa7qtI6JbZN05hF+nxoEx4
Js5l3T+M4n+5AGSa2GGM+gd0LctkHWSOvU0cVBYaQhOCCNAW2R4UrrtXyV7Du0ca
axp2W0VOJh+vO5KuR2FneO8PBlGoTBwmV8q+7b+pvYxt93Ir5Uw5YMWA1L8wJDcW
FqD9RvdozPTyGDPJCCmMnhRdX7O6H89Fdrf9gIqVdJOh71CraBlbwAY0a+HVfDni
uMSQosbCfW1f9Kn7ObZSgDSA7/LCrbAgUpIQZzOOJCsiC85tymGMNFa9JQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGDqs3aiYFlcnf9i4MTNifIDFagSMB8GA1UdIwQY
MBaAFDvv5QpA+xcyVB6Kl0UKtd53R3HYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTy1fbENrRDdGekpVSG9xWFJRcTEzbmRIY2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi84ZWY3NDAtMTA1Mi00OWVjLWE0MDkt
ZTYxNTQ5MzExN2QyLzEvWU9xemRxSmdXVnlkXzJMZ3hNMko4Z01WcUJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi84ZWY3NDAtMTA1Mi00OWVjLWE0MDktZTYxNTQ5MzExN2Qy
LzEvTy1fbENrRDdGekpVSG9xWFJRcTEzbmRIY2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+7CMA0G
CSqGSIb3DQEBCwUAA4IBAQCDQ2MlvXx+byUE2hbzpVMiDZukWxdrrItb5oUTJlIf
S/YSX6TWZXLOxtVKVlvotd0Ze4mQYaun1eZ/eEhC9Sx1Ca0SZrdYRpz4KSH6Za5R
v5x8/JeiS2qBuVWWXOG0k/sUTTrl1sju5y1BSISlvRe1RgElvNbGbH3WP3nuRDGR
qZPk5EGqUST1Pq+glU0GHv6VyDMJQU+L27ncoCMZsZy2b/Jycuncq2iECsdfbjxr
671HZCpyiqeU9/A2bDGqldY8oxEdFGU/CjMAIByOm3ZyDr8oLrKb7H5M/C/AcwsA
HZqdZuSkEP67T4pwdbAprErgjBNKbuhOgu5UoEUoZZmw
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:29:00 2025 by rpki-client