Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/022ee4-44de-4004-9839-a449ce46a9b1/1/gF4h3hPUiQwbrFzucTsw-cGzGHQ.roa
File: gF4h3hPUiQwbrFzucTsw-cGzGHQ.roa (raw, json)
Hash identifier: EmUyYOWtfES7R4OmRJxOMl7sM7cF9x8yLjgV5Oo/MqY=
Subject key identifier: 80:5E:21:DE:13:D4:89:0C:1B:AC:5C:EE:71:3B:30:F9:C1:B3:18:74
Certificate issuer: /CN=91362d3c0953e8c933f0092a589b75494904f962
Certificate serial: 019427B65F1663850C49B19B50CECC7357E3
Authority key identifier: 91:36:2D:3C:09:53:E8:C9:33:F0:09:2A:58:9B:75:49:49:04:F9:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kTYtPAlT6Mkz8AkqWJt1SUkE-WI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/022ee4-44de-4004-9839-a449ce46a9b1/1/gF4h3hPUiQwbrFzucTsw-cGzGHQ.roa
Signing time: Thu 02 Jan 2025 15:50:50 +0000
ROA not before: Thu 02 Jan 2025 15:50:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30754
IP address blocks: 217.71.144.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:5f:16:63:85:0c:49:b1:9b:50:ce:cc:73:57:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91362d3c0953e8c933f0092a589b75494904f962
Validity
Not Before: Jan 2 15:50:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=805e21de13d4890c1bac5cee713b30f9c1b31874
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:79:bb:9e:46:4f:6f:a5:47:7f:ec:11:ea:30:
c5:14:d4:8a:9d:11:a4:51:f5:71:8b:eb:93:cb:37:
6d:a3:b8:9a:d7:9d:4d:fd:46:ab:83:84:b4:71:d1:
8a:cc:6a:22:a7:29:31:10:b2:06:ed:34:6d:f9:5c:
d8:91:17:51:1c:12:f4:02:28:ad:77:fe:8c:79:ff:
63:67:bb:e9:0d:26:a8:0d:58:95:7e:26:28:dc:48:
9e:49:16:14:86:44:aa:4d:af:46:fa:a3:c6:2d:ea:
42:61:fb:1e:11:5d:ec:b6:79:87:6d:42:6c:e2:02:
ae:9f:42:bf:ae:23:2b:ef:f8:35:c3:0d:f7:da:d6:
cc:93:30:46:18:60:b1:59:d8:82:c9:df:64:1f:de:
c0:b3:9b:5b:56:04:04:a1:1b:3d:50:8c:5f:8f:4c:
83:ef:14:22:0e:ea:d2:29:41:d0:f1:af:83:ba:c6:
f6:ef:36:29:72:f7:a3:e9:06:ce:41:7d:81:9a:57:
6f:e5:18:df:67:5f:30:25:00:73:a0:7b:05:b0:66:
1b:bc:0d:29:94:bb:fc:c7:b5:36:18:e2:07:86:79:
6f:3c:1f:64:b9:1b:12:49:04:c2:26:da:4c:5b:59:
bd:bd:ce:80:88:5b:f5:97:15:e2:cb:98:2a:b2:b3:
63:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:5E:21:DE:13:D4:89:0C:1B:AC:5C:EE:71:3B:30:F9:C1:B3:18:74
X509v3 Authority Key Identifier:
keyid:91:36:2D:3C:09:53:E8:C9:33:F0:09:2A:58:9B:75:49:49:04:F9:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kTYtPAlT6Mkz8AkqWJt1SUkE-WI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/022ee4-44de-4004-9839-a449ce46a9b1/1/gF4h3hPUiQwbrFzucTsw-cGzGHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/022ee4-44de-4004-9839-a449ce46a9b1/1/kTYtPAlT6Mkz8AkqWJt1SUkE-WI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.71.144.0/20
Signature Algorithm: sha256WithRSAEncryption
11:a1:1c:23:53:07:c9:d1:47:f0:d5:f9:a2:33:a4:c1:f0:63:
04:a4:94:30:4c:ae:fc:de:77:4c:d6:54:dd:a3:f5:1a:60:34:
69:c1:4c:37:96:73:48:97:77:a2:d9:51:5c:81:a0:53:38:ff:
1f:4d:36:20:f8:e4:4f:0f:e6:30:b2:10:1b:d2:a3:d0:bd:f7:
86:4c:24:1c:03:e3:7a:95:18:dd:77:f6:2e:bf:a4:7c:d1:16:
28:e0:13:23:63:e2:f2:8b:a3:7a:90:a4:77:10:30:d6:05:1f:
33:a4:26:62:e8:7a:86:af:14:57:68:36:2f:8f:7d:5b:63:86:
5d:b9:49:c1:f3:82:2c:f2:97:53:39:4f:10:66:8d:9d:3f:01:
ff:c8:16:ba:e3:3e:84:e8:29:86:c2:30:1b:d8:5c:2c:b4:fa:
cf:a7:16:f4:ed:3e:9f:54:10:9a:c9:59:ed:e7:98:ec:2a:70:
a2:75:cb:01:48:f4:30:81:6a:90:61:cf:3f:9a:24:ad:71:f3:
b6:7f:a2:44:07:e0:cb:74:86:fb:de:05:87:31:a5:fe:b4:ae:
0b:ca:22:1c:bc:2b:90:88:bf:b0:c8:93:d5:f9:a9:77:6b:e5:
78:66:0c:05:7c:46:64:f9:e0:f4:93:ee:0f:c3:39:59:5c:f8:
76:2e:a5:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntl8WY4UMSbGbUM7Mc1fjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMzYyZDNjMDk1M2U4YzkzM2YwMDkyYTU4OWI3NTQ5NDkw
NGY5NjIwHhcNMjUwMTAyMTU1MDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDVlMjFkZTEzZDQ4OTBjMWJhYzVjZWU3MTNiMzBmOWMxYjMxODc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3m7nkZPb6VHf+wR6jDFFNSKnRGk
UfVxi+uTyzdto7ia151N/Uarg4S0cdGKzGoipykxELIG7TRt+VzYkRdRHBL0Aiit
d/6Mef9jZ7vpDSaoDViVfiYo3EieSRYUhkSqTa9G+qPGLepCYfseEV3stnmHbUJs
4gKun0K/riMr7/g1ww332tbMkzBGGGCxWdiCyd9kH97As5tbVgQEoRs9UIxfj0yD
7xQiDurSKUHQ8a+Dusb27zYpcvej6QbOQX2Bmldv5RjfZ18wJQBzoHsFsGYbvA0p
lLv8x7U2GOIHhnlvPB9kuRsSSQTCJtpMW1m9vc6AiFv1lxXiy5gqsrNjXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIBeId4T1IkMG6xc7nE7MPnBsxh0MB8GA1UdIwQY
MBaAFJE2LTwJU+jJM/AJKlibdUlJBPliMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1RZdFBBbFQ2TWt6OEFrcVdKdDFTVWtFLVdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8wMjJlZTQtNDRkZS00MDA0LTk4Mzkt
YTQ0OWNlNDZhOWIxLzEvZ0Y0aDNoUFVpUXdickZ6dWNUc3ctY0d6R0hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8wMjJlZTQtNDRkZS00MDA0LTk4MzktYTQ0OWNlNDZhOWIx
LzEva1RZdFBBbFQ2TWt6OEFrcVdKdDFTVWtFLVdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2UeQMA0G
CSqGSIb3DQEBCwUAA4IBAQARoRwjUwfJ0Ufw1fmiM6TB8GMEpJQwTK783ndM1lTd
o/UaYDRpwUw3lnNIl3ei2VFcgaBTOP8fTTYg+ORPD+YwshAb0qPQvfeGTCQcA+N6
lRjdd/Yuv6R80RYo4BMjY+Lyi6N6kKR3EDDWBR8zpCZi6HqGrxRXaDYvj31bY4Zd
uUnB84Is8pdTOU8QZo2dPwH/yBa64z6E6CmGwjAb2FwstPrPpxb07T6fVBCayVnt
55jsKnCidcsBSPQwgWqQYc8/miStcfO2f6JEB+DLdIb73gWHMaX+tK4LyiIcvCuQ
iL+wyJPV+al3a+V4ZgwFfEZk+eD0k+4PwzlZXPh2LqWa
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:58:02 2025 by rpki-client