Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/421c6d-535c-4c13-8da3-dea12dd8c7f4/1/bGID9MISfapCQvxtnoK2mwgER1c.roa
File: bGID9MISfapCQvxtnoK2mwgER1c.roa (raw, json)
Hash identifier: 48jEs1SYz7H/DF1j6XjhPt2MSQotOuG8cV4gNdbAuRU=
Subject key identifier: 6C:62:03:F4:C2:12:7D:AA:42:42:FC:6D:9E:82:B6:9B:08:04:47:57
Certificate issuer: /CN=b8ed3ebcd2155f9a178a103adab48fda8b2275a5
Certificate serial: 01941FFAAA7847D2EC964D473531407A9A3F
Authority key identifier: B8:ED:3E:BC:D2:15:5F:9A:17:8A:10:3A:DA:B4:8F:DA:8B:22:75:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uO0-vNIVX5oXihA62rSP2osidaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/421c6d-535c-4c13-8da3-dea12dd8c7f4/1/bGID9MISfapCQvxtnoK2mwgER1c.roa
Signing time: Wed 01 Jan 2025 03:48:28 +0000
ROA not before: Wed 01 Jan 2025 03:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43349
IP address blocks: 91.215.201.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:aa:78:47:d2:ec:96:4d:47:35:31:40:7a:9a:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8ed3ebcd2155f9a178a103adab48fda8b2275a5
Validity
Not Before: Jan 1 03:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c6203f4c2127daa4242fc6d9e82b69b08044757
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:05:75:bc:44:6d:d6:76:e2:13:76:76:eb:c7:
bd:d0:f2:8b:ec:ae:e8:5b:b2:d6:e5:f4:2c:99:8c:
50:58:18:fd:79:7c:5f:91:cd:e3:fb:d0:60:c9:88:
3f:4e:96:bc:20:d6:84:34:45:43:fb:f2:d3:76:5d:
f9:bd:f5:c4:fe:b7:55:9f:87:0d:77:c1:73:fe:10:
ae:e4:54:15:75:81:3f:87:f9:2a:49:3c:b3:32:9e:
79:3c:83:93:fa:64:92:8c:58:20:7b:40:46:ca:c9:
f7:3d:d9:3b:e8:20:26:5d:32:70:30:8a:7b:ae:c1:
80:b6:e4:a1:20:12:a6:b8:6d:82:1e:e6:e6:09:b2:
1c:de:3e:55:78:fd:32:05:fa:9d:5d:5c:15:4b:5d:
04:96:ca:ad:0a:0c:9e:ed:7d:96:ce:56:bf:25:3b:
db:c3:1e:a3:0a:a5:b7:8a:ae:62:58:06:82:2c:22:
2e:a2:a1:b7:ef:17:ae:26:b9:50:9f:5b:69:4f:07:
80:69:62:6e:94:e1:ec:b2:4a:da:73:74:f9:6b:57:
0a:a0:ee:9b:5b:bb:ca:80:47:01:8c:69:15:3d:85:
07:41:12:03:ea:d6:f1:30:a0:8a:7e:99:fd:a2:df:
d9:9e:a2:d6:71:ab:d0:c4:1a:9c:f2:7f:36:a0:94:
be:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:62:03:F4:C2:12:7D:AA:42:42:FC:6D:9E:82:B6:9B:08:04:47:57
X509v3 Authority Key Identifier:
keyid:B8:ED:3E:BC:D2:15:5F:9A:17:8A:10:3A:DA:B4:8F:DA:8B:22:75:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uO0-vNIVX5oXihA62rSP2osidaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/421c6d-535c-4c13-8da3-dea12dd8c7f4/1/bGID9MISfapCQvxtnoK2mwgER1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/421c6d-535c-4c13-8da3-dea12dd8c7f4/1/uO0-vNIVX5oXihA62rSP2osidaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.201.0/24
Signature Algorithm: sha256WithRSAEncryption
10:aa:56:5f:45:05:9b:68:f9:a2:25:e3:29:c6:0a:e1:39:68:
3f:12:de:70:ec:0d:45:31:32:2f:5a:de:c2:d9:6b:08:fc:95:
d8:55:7b:76:7e:17:1a:b0:32:7e:47:52:e1:b7:e6:11:21:a6:
83:19:b2:71:2e:18:ab:64:37:3e:60:22:a2:49:83:40:80:97:
24:93:a2:85:00:68:8a:49:84:cc:14:ec:04:34:42:96:fa:86:
a9:1c:4a:f9:54:af:34:35:57:5d:36:4c:ad:57:96:cb:70:af:
10:49:ff:00:4c:30:11:71:19:5f:91:70:c3:e6:65:28:d5:e3:
bc:e9:41:e9:74:e4:c2:92:34:cd:85:cd:3a:5c:b3:16:b5:d6:
92:19:77:d1:15:41:f8:fa:63:5e:a2:ad:ed:7a:47:9e:c3:ab:
a7:8c:41:04:28:55:2b:cb:f0:23:07:a1:05:6e:15:5a:84:27:
81:64:35:e3:d7:1b:d4:d8:63:99:16:e1:c6:cc:c1:75:ea:59:
6e:66:36:37:f0:33:36:d8:df:27:24:a3:c8:ae:ff:79:aa:db:
d6:a4:5a:5e:7c:dd:bb:e0:53:28:fb:c0:89:a1:d6:0b:b1:86:
b6:e2:81:1b:ae:d7:68:f1:7c:dd:06:74:c1:2f:0d:fe:1e:55:
9b:a8:73:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+qp4R9Lslk1HNTFAepo/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZWQzZWJjZDIxNTVmOWExNzhhMTAzYWRhYjQ4ZmRhOGIy
Mjc1YTUwHhcNMjUwMTAxMDM0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzYyMDNmNGMyMTI3ZGFhNDI0MmZjNmQ5ZTgyYjY5YjA4MDQ0NzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5AV1vERt1nbiE3Z268e90PKL7K7o
W7LW5fQsmYxQWBj9eXxfkc3j+9BgyYg/Tpa8INaENEVD+/LTdl35vfXE/rdVn4cN
d8Fz/hCu5FQVdYE/h/kqSTyzMp55PIOT+mSSjFgge0BGysn3Pdk76CAmXTJwMIp7
rsGAtuShIBKmuG2CHubmCbIc3j5VeP0yBfqdXVwVS10ElsqtCgye7X2Wzla/JTvb
wx6jCqW3iq5iWAaCLCIuoqG37xeuJrlQn1tpTweAaWJulOHsskrac3T5a1cKoO6b
W7vKgEcBjGkVPYUHQRID6tbxMKCKfpn9ot/ZnqLWcavQxBqc8n82oJS+LwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGxiA/TCEn2qQkL8bZ6CtpsIBEdXMB8GA1UdIwQY
MBaAFLjtPrzSFV+aF4oQOtq0j9qLInWlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU8wLXZOSVZYNW9YaWhBNjJyU1Ayb3NpZGFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80MjFjNmQtNTM1Yy00YzEzLThkYTMt
ZGVhMTJkZDhjN2Y0LzEvYkdJRDlNSVNmYXBDUXZ4dG5vSzJtd2dFUjFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80MjFjNmQtNTM1Yy00YzEzLThkYTMtZGVhMTJkZDhjN2Y0
LzEvdU8wLXZOSVZYNW9YaWhBNjJyU1Ayb3NpZGFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9fJMA0G
CSqGSIb3DQEBCwUAA4IBAQAQqlZfRQWbaPmiJeMpxgrhOWg/Et5w7A1FMTIvWt7C
2WsI/JXYVXt2fhcasDJ+R1Lht+YRIaaDGbJxLhirZDc+YCKiSYNAgJckk6KFAGiK
SYTMFOwENEKW+oapHEr5VK80NVddNkytV5bLcK8QSf8ATDARcRlfkXDD5mUo1eO8
6UHpdOTCkjTNhc06XLMWtdaSGXfRFUH4+mNeoq3tekeew6unjEEEKFUry/AjB6EF
bhVahCeBZDXj1xvU2GOZFuHGzMF16lluZjY38DM22N8nJKPIrv95qtvWpFpefN27
4FMo+8CJodYLsYa24oEbrtdo8XzdBnTBLw3+HlWbqHPt
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:40:55 2025 by rpki-client