Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/6cbf70-fe8f-48c9-9de5-52cfe6cc91e3/1/iWxLCOsNX0nATWzasVTqchH4wlQ.roa
File: iWxLCOsNX0nATWzasVTqchH4wlQ.roa (raw, json)
Hash identifier: OsbOZl7xbR2CKYe2B8D1WX/8jD2waa+DZ+ngM3yRSZk=
Subject key identifier: 89:6C:4B:08:EB:0D:5F:49:C0:4D:6C:DA:B1:54:EA:72:11:F8:C2:54
Certificate issuer: /CN=bd611e1cabe0db5643a5d2945160f45ed84a807a
Certificate serial: 01942068157A6EBE77CE4C22CE8C6C5C501A
Authority key identifier: BD:61:1E:1C:AB:E0:DB:56:43:A5:D2:94:51:60:F4:5E:D8:4A:80:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vWEeHKvg21ZDpdKUUWD0XthKgHo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/6cbf70-fe8f-48c9-9de5-52cfe6cc91e3/1/iWxLCOsNX0nATWzasVTqchH4wlQ.roa
Signing time: Wed 01 Jan 2025 05:47:59 +0000
ROA not before: Wed 01 Jan 2025 05:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3301
IP address blocks: 91.227.49.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:15:7a:6e:be:77:ce:4c:22:ce:8c:6c:5c:50:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd611e1cabe0db5643a5d2945160f45ed84a807a
Validity
Not Before: Jan 1 05:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=896c4b08eb0d5f49c04d6cdab154ea7211f8c254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:33:8d:18:01:66:07:90:7d:1a:f8:72:44:59:
ae:93:3a:a3:1a:3a:19:8d:22:df:6e:1e:ff:fd:85:
0d:dd:d0:2f:db:15:e5:5b:f2:17:74:28:a7:26:c9:
40:db:51:ae:5b:a9:ce:df:e4:31:e9:ec:6e:15:94:
0b:b5:50:bb:0d:3d:9e:1b:ba:56:3a:3b:6d:46:2a:
22:80:55:80:24:7b:67:ce:41:f3:cb:9c:8c:fe:2d:
52:99:10:7e:50:3f:3c:50:a1:5d:7a:2b:3a:a5:78:
23:92:3e:a4:cc:e7:68:75:52:f2:8a:d8:81:7e:0e:
74:6c:b3:bb:33:fe:94:75:dd:17:57:d2:9d:5d:6b:
0a:15:92:8a:b6:b1:37:86:32:51:54:90:c2:c2:1a:
3c:30:2a:67:f6:95:3b:24:46:36:65:4c:bd:ff:56:
dc:96:cf:16:e1:7a:33:08:62:49:a9:ec:4a:88:a7:
f0:d8:8e:26:c2:db:46:9e:b9:29:6e:ea:5e:50:11:
53:54:9f:6b:2a:4a:60:c8:fc:a0:5d:dc:21:c1:68:
f9:57:6d:5e:8f:62:e7:dd:6a:6e:de:5e:59:01:91:
d6:d7:10:95:d4:9c:9d:de:73:30:f6:cb:df:13:64:
0f:3d:ab:57:11:7b:64:93:28:76:2d:98:2a:3b:74:
e3:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:6C:4B:08:EB:0D:5F:49:C0:4D:6C:DA:B1:54:EA:72:11:F8:C2:54
X509v3 Authority Key Identifier:
keyid:BD:61:1E:1C:AB:E0:DB:56:43:A5:D2:94:51:60:F4:5E:D8:4A:80:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vWEeHKvg21ZDpdKUUWD0XthKgHo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/6cbf70-fe8f-48c9-9de5-52cfe6cc91e3/1/iWxLCOsNX0nATWzasVTqchH4wlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/6cbf70-fe8f-48c9-9de5-52cfe6cc91e3/1/vWEeHKvg21ZDpdKUUWD0XthKgHo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.49.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:a2:1a:f5:c1:00:2c:31:83:13:a1:3a:7f:9b:85:88:9f:98:
23:e7:85:ee:3b:8d:71:c3:47:fd:37:ad:ac:8f:fc:50:f5:2f:
4f:9a:48:a3:d4:6e:74:fd:e3:2f:ff:26:7f:56:ee:22:9a:95:
f9:5f:1b:a3:15:ed:29:12:b5:4e:99:2e:6c:c4:ec:e9:a3:79:
70:7c:c2:de:f9:e9:e9:5d:76:7c:44:11:b0:22:bf:32:fa:fc:
2f:7e:20:ec:27:e6:39:9e:c3:b4:4a:39:ae:d4:e4:59:21:71:
9f:c9:6f:b7:9f:9f:66:a5:2e:a7:e6:a8:e3:0f:b9:66:8b:04:
97:02:3e:4b:b4:3f:3f:3a:1d:29:50:9c:42:d9:f3:7b:f6:c1:
38:e7:c2:e0:d6:0b:6a:93:d9:67:76:72:55:a8:28:e7:ed:51:
28:f7:94:da:58:27:dd:d1:02:d0:e1:47:6e:c1:d7:11:d7:02:
37:e8:e0:6f:29:a4:f7:d7:5a:b2:e9:a0:2e:39:49:50:5e:5e:
10:8f:1e:6e:26:73:b2:3e:db:ca:c5:df:e1:ca:00:3b:90:60:
49:52:04:4c:aa:a4:ae:da:1a:37:a3:35:32:ba:0c:62:4f:75:
f5:c3:e9:9a:50:80:eb:b2:1d:b6:5d:f3:7b:c0:c4:10:ba:62:
70:3c:09:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaBV6br53zkwizoxsXFAaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNjExZTFjYWJlMGRiNTY0M2E1ZDI5NDUxNjBmNDVlZDg0
YTgwN2EwHhcNMjUwMTAxMDU0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTZjNGIwOGViMGQ1ZjQ5YzA0ZDZjZGFiMTU0ZWE3MjExZjhjMjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzONGAFmB5B9GvhyRFmukzqjGjoZ
jSLfbh7//YUN3dAv2xXlW/IXdCinJslA21GuW6nO3+Qx6exuFZQLtVC7DT2eG7pW
OjttRioigFWAJHtnzkHzy5yM/i1SmRB+UD88UKFdeis6pXgjkj6kzOdodVLyitiB
fg50bLO7M/6Udd0XV9KdXWsKFZKKtrE3hjJRVJDCwho8MCpn9pU7JEY2ZUy9/1bc
ls8W4XozCGJJqexKiKfw2I4mwttGnrkpbupeUBFTVJ9rKkpgyPygXdwhwWj5V21e
j2Ln3Wpu3l5ZAZHW1xCV1Jyd3nMw9svfE2QPPatXEXtkkyh2LZgqO3TjTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIlsSwjrDV9JwE1s2rFU6nIR+MJUMB8GA1UdIwQY
MBaAFL1hHhyr4NtWQ6XSlFFg9F7YSoB6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdldFZUhLdmcyMVpEcGRLVVVXRDBYdGhLZ0hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC82Y2JmNzAtZmU4Zi00OGM5LTlkZTUt
NTJjZmU2Y2M5MWUzLzEvaVd4TENPc05YMG5BVFd6YXNWVHFjaEg0d2xRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC82Y2JmNzAtZmU4Zi00OGM5LTlkZTUtNTJjZmU2Y2M5MWUz
LzEvdldFZUhLdmcyMVpEcGRLVVVXRDBYdGhLZ0hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+MxMA0G
CSqGSIb3DQEBCwUAA4IBAQAfohr1wQAsMYMToTp/m4WIn5gj54XuO41xw0f9N62s
j/xQ9S9Pmkij1G50/eMv/yZ/Vu4impX5XxujFe0pErVOmS5sxOzpo3lwfMLe+enp
XXZ8RBGwIr8y+vwvfiDsJ+Y5nsO0Sjmu1ORZIXGfyW+3n59mpS6n5qjjD7lmiwSX
Aj5LtD8/Oh0pUJxC2fN79sE458Lg1gtqk9lndnJVqCjn7VEo95TaWCfd0QLQ4Udu
wdcR1wI36OBvKaT311qy6aAuOUlQXl4Qjx5uJnOyPtvKxd/hygA7kGBJUgRMqqSu
2ho3ozUyugxiT3X1w+maUIDrsh22XfN7wMQQumJwPAkz
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:14:36 2025 by rpki-client