Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/R7X9FBaUDr9NUkE0p28Z2uUQ4Bw.roa
File: R7X9FBaUDr9NUkE0p28Z2uUQ4Bw.roa (raw, json)
Hash identifier: E7dIm66l+y4gYXL38eisZbYqWRT0m1OnoffeOxlaIMw=
Subject key identifier: 47:B5:FD:14:16:94:0E:BF:4D:52:41:34:A7:6F:19:DA:E5:10:E0:1C
Certificate issuer: /CN=5a5e66b2759e50bb69bb0a4409eeb3ba48c46c56
Certificate serial: 01942068370753609712E4C466A0871106F9
Authority key identifier: 5A:5E:66:B2:75:9E:50:BB:69:BB:0A:44:09:EE:B3:BA:48:C4:6C:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wl5msnWeULtpuwpECe6zukjEbFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/R7X9FBaUDr9NUkE0p28Z2uUQ4Bw.roa
Signing time: Wed 01 Jan 2025 05:48:08 +0000
ROA not before: Wed 01 Jan 2025 05:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58030
IP address blocks: 91.237.254.0/24 maxlen: 24
91.237.255.0/24 maxlen: 24
91.238.0.0/24 maxlen: 24
2001:67c:1158::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:37:07:53:60:97:12:e4:c4:66:a0:87:11:06:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a5e66b2759e50bb69bb0a4409eeb3ba48c46c56
Validity
Not Before: Jan 1 05:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=47b5fd1416940ebf4d524134a76f19dae510e01c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:5e:05:88:01:fa:36:23:95:d3:18:7f:cc:d8:
8b:f1:67:8a:af:0e:6e:77:c2:c8:54:a2:a3:7e:ce:
e7:f1:d3:e2:3a:fd:d2:32:eb:f9:d2:08:c5:c2:8c:
ba:aa:26:4a:99:41:b9:e7:01:d3:af:d3:1a:98:09:
63:9f:40:2c:da:23:73:06:a2:25:35:ad:1b:a8:a6:
3a:1a:dd:f9:f0:2f:83:c9:ec:f7:1e:f8:b8:2f:28:
ef:44:24:d2:f1:30:89:42:1e:58:00:22:e3:26:ac:
c9:1a:8b:f2:3d:f7:fc:ab:4a:18:05:ef:68:0f:0b:
b4:f3:77:8f:d8:62:a4:dc:80:32:36:61:4a:8c:48:
8f:28:b5:73:5d:bb:af:29:7c:71:c4:93:39:26:23:
f3:dd:d6:ec:a3:7f:10:e4:ed:af:70:48:c3:fd:52:
d5:31:b5:80:76:72:c3:3b:74:e0:77:20:d5:51:0d:
c0:6a:f0:b0:db:8b:b6:dd:3d:bd:f9:c7:dc:2d:0b:
6d:7a:30:5a:93:51:4d:40:bb:df:6c:58:94:0d:9e:
fc:51:f3:0b:4e:6e:3a:9c:d9:a3:1c:9b:61:52:24:
2d:ac:74:1b:95:9c:87:96:f9:f0:83:47:23:bb:e1:
a7:e6:38:70:ad:a2:af:66:0b:5f:d2:fd:11:74:fa:
6f:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:B5:FD:14:16:94:0E:BF:4D:52:41:34:A7:6F:19:DA:E5:10:E0:1C
X509v3 Authority Key Identifier:
keyid:5A:5E:66:B2:75:9E:50:BB:69:BB:0A:44:09:EE:B3:BA:48:C4:6C:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wl5msnWeULtpuwpECe6zukjEbFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/R7X9FBaUDr9NUkE0p28Z2uUQ4Bw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/Wl5msnWeULtpuwpECe6zukjEbFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.254.0-91.238.0.255
IPv6:
2001:67c:1158::/48
Signature Algorithm: sha256WithRSAEncryption
93:5f:aa:d4:98:4c:4f:22:a1:84:4d:a2:18:ae:dd:21:83:e3:
09:00:fe:91:96:ac:a1:17:e7:63:67:99:2a:d6:24:5e:91:c3:
98:ec:93:2f:9b:00:71:fd:38:b7:7b:5f:19:22:ff:21:cf:b2:
df:96:1f:16:8b:da:f0:cd:09:6a:4d:dc:0c:5d:ea:21:a3:85:
7b:a4:00:ed:ef:c3:d1:b5:d8:9f:9e:10:31:1d:47:2c:33:8c:
5d:66:de:95:ce:88:d4:b9:67:1a:54:be:70:86:66:90:b8:19:
45:29:86:21:4d:44:35:8a:40:5f:ae:10:8d:89:47:a1:32:c0:
9f:51:34:b4:9b:64:ca:ec:2c:fb:3f:32:00:e4:b9:f2:34:5a:
41:d8:e0:c9:75:da:20:e9:93:5f:60:c5:ec:86:86:1e:72:39:
33:56:da:e0:cc:11:76:f5:87:95:ae:e1:d5:9d:5f:08:eb:d0:
29:66:25:fc:73:c7:33:c8:e8:ff:ec:d7:f3:3d:dc:0e:2f:61:
6d:6f:2c:ab:21:e6:be:85:91:9f:62:bb:da:39:42:20:d1:97:
da:17:66:ae:77:e2:11:a8:4e:48:f0:9b:ea:85:1b:21:6f:6b:
7a:d9:f1:89:d3:83:61:0d:82:fa:f0:f8:ba:9c:dc:c5:a8:cd:
b0:24:20:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQgaDcHU2CXEuTEZqCHEQb5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNWU2NmIyNzU5ZTUwYmI2OWJiMGE0NDA5ZWViM2JhNDhj
NDZjNTYwHhcNMjUwMTAxMDU0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2I1ZmQxNDE2OTQwZWJmNGQ1MjQxMzRhNzZmMTlkYWU1MTBlMDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6l4FiAH6NiOV0xh/zNiL8WeKrw5u
d8LIVKKjfs7n8dPiOv3SMuv50gjFwoy6qiZKmUG55wHTr9MamAljn0As2iNzBqIl
Na0bqKY6Gt358C+Dyez3Hvi4LyjvRCTS8TCJQh5YACLjJqzJGovyPff8q0oYBe9o
Dwu083eP2GKk3IAyNmFKjEiPKLVzXbuvKXxxxJM5JiPz3dbso38Q5O2vcEjD/VLV
MbWAdnLDO3TgdyDVUQ3AavCw24u23T29+cfcLQttejBak1FNQLvfbFiUDZ78UfML
Tm46nNmjHJthUiQtrHQblZyHlvnwg0cju+Gn5jhwraKvZgtf0v0RdPpvDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEe1/RQWlA6/TVJBNKdvGdrlEOAcMB8GA1UdIwQY
MBaAFFpeZrJ1nlC7absKRAnus7pIxGxWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2w1bXNuV2VVTHRwdXdwRUNlNnp1a2pFYkZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi80Zjc2YjQtN2Q1Ni00N2EwLWFjNWIt
NjUzZjIzOWZlOWEwLzEvUjdYOUZCYVVEcjlOVWtFMHAyOFoydVVRNEJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi80Zjc2YjQtN2Q1Ni00N2EwLWFjNWItNjUzZjIzOWZlOWEw
LzEvV2w1bXNuV2VVTHRwdXdwRUNlNnp1a2pFYkZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAFb7f4D
BABb7gAwDwQCAAIwCQMHACABBnwRWDANBgkqhkiG9w0BAQsFAAOCAQEAk1+q1JhM
TyKhhE2iGK7dIYPjCQD+kZasoRfnY2eZKtYkXpHDmOyTL5sAcf04t3tfGSL/Ic+y
35YfFova8M0Jak3cDF3qIaOFe6QA7e/D0bXYn54QMR1HLDOMXWbelc6I1LlnGlS+
cIZmkLgZRSmGIU1ENYpAX64QjYlHoTLAn1E0tJtkyuws+z8yAOS58jRaQdjgyXXa
IOmTX2DF7IaGHnI5M1ba4MwRdvWHla7h1Z1fCOvQKWYl/HPHM8jo/+zX8z3cDi9h
bW8sqyHmvoWRn2K72jlCINGX2hdmrnfiEahOSPCb6oUbIW9retnxidODYQ2C+vD4
upzcxajNsCQghA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:06:05 2025 by rpki-client