Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/ma5oVolydUxkukW1x1dx0oRVMTk.roa
File: ma5oVolydUxkukW1x1dx0oRVMTk.roa (raw, json)
Hash identifier: vE8qPyFhzLzPBn/Dd5S1DZU12rMMyEbmBmsnKLuenBI=
Subject key identifier: 99:AE:68:56:89:72:75:4C:64:BA:45:B5:C7:57:71:D2:84:55:31:39
Certificate issuer: /CN=a7d78de0234e6f99701592f536e45f5f5594eec3
Certificate serial: 01941FFA235BE66FA9C0E6501C1F0242C60F
Authority key identifier: A7:D7:8D:E0:23:4E:6F:99:70:15:92:F5:36:E4:5F:5F:55:94:EE:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p9eN4CNOb5lwFZL1NuRfX1WU7sM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/ma5oVolydUxkukW1x1dx0oRVMTk.roa
Signing time: Wed 01 Jan 2025 03:47:54 +0000
ROA not before: Wed 01 Jan 2025 03:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205774
IP address blocks: 91.233.36.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:23:5b:e6:6f:a9:c0:e6:50:1c:1f:02:42:c6:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7d78de0234e6f99701592f536e45f5f5594eec3
Validity
Not Before: Jan 1 03:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99ae68568972754c64ba45b5c75771d284553139
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9e:80:08:72:e7:d3:56:13:f9:0d:59:a9:5d:
30:e4:53:20:c8:85:d5:64:32:f1:21:db:15:1e:30:
d8:cc:82:96:61:c7:54:c9:7a:7a:d9:d5:31:0b:ba:
7d:b8:cd:f0:06:ec:83:6b:6b:26:6e:15:88:61:38:
7f:d8:0b:dd:7a:80:d0:96:27:90:8d:1f:14:e1:04:
fa:43:7c:fb:74:7c:c2:ca:ac:e0:f3:1a:e2:c8:8d:
9b:7f:0f:a8:43:6b:3a:a4:71:64:cc:34:76:d0:c0:
f6:76:aa:7a:ea:6e:78:53:9e:2d:15:b5:e9:9c:aa:
3b:ad:72:a0:81:d7:a8:c3:46:df:c0:9b:5a:b3:48:
22:43:d1:9a:5b:9f:ea:f8:15:ff:dd:05:1e:fd:19:
80:5c:a2:bd:eb:bd:0e:c6:71:d7:49:04:27:2f:8f:
10:16:16:d5:4f:04:ec:89:36:18:63:5e:26:54:1a:
6e:05:71:e2:24:23:c6:ac:dd:4c:c6:d3:29:85:55:
b7:f2:e1:82:d7:a8:cd:b7:21:7d:59:8a:fd:bf:2e:
73:c0:47:f1:ae:87:f9:06:db:6b:81:fc:9b:5d:6b:
d2:7e:1f:b2:aa:5d:c6:0d:8d:25:f9:59:bc:25:6a:
74:5f:a2:4d:3d:d5:93:7b:47:a3:76:7c:83:b1:8a:
f9:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:AE:68:56:89:72:75:4C:64:BA:45:B5:C7:57:71:D2:84:55:31:39
X509v3 Authority Key Identifier:
keyid:A7:D7:8D:E0:23:4E:6F:99:70:15:92:F5:36:E4:5F:5F:55:94:EE:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p9eN4CNOb5lwFZL1NuRfX1WU7sM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/ma5oVolydUxkukW1x1dx0oRVMTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/p9eN4CNOb5lwFZL1NuRfX1WU7sM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.36.0/23
Signature Algorithm: sha256WithRSAEncryption
24:0b:66:d8:71:6e:a7:cc:25:af:e9:dd:78:ab:3e:99:41:1d:
fd:59:08:db:44:88:f2:72:f9:c8:b2:37:e3:76:97:7f:96:19:
7b:b2:1e:88:40:ae:1c:2e:78:18:18:80:cf:2f:c0:0a:21:3d:
5e:ae:de:3b:1e:55:eb:d6:6f:01:47:19:65:89:87:a6:a5:b3:
97:64:39:6c:ad:fc:73:09:15:e9:27:84:9c:d1:09:64:3a:df:
bb:ef:b5:d9:df:cf:58:2e:68:57:ce:b8:8b:a9:45:a6:2a:e0:
88:d3:4f:9d:56:15:ba:f2:bd:0d:b1:86:ca:fb:91:75:02:29:
ac:94:37:df:53:9e:fd:73:5a:48:8f:ef:20:a0:44:99:bd:77:
47:8a:66:a8:16:a6:a2:12:fc:36:e1:cb:04:43:bc:c9:34:9d:
76:9a:e3:ba:9b:67:dc:26:f3:38:63:79:8e:1e:bb:30:3c:1e:
62:fb:a5:58:65:e6:30:24:5d:32:43:8c:e4:b2:14:b5:7d:5e:
b2:d2:5d:a2:62:8a:1e:93:ce:aa:64:11:4e:93:ab:3a:33:38:
7c:e7:b5:d2:da:3b:99:34:f7:98:0b:95:4d:ee:7a:3c:de:09:
66:70:8c:66:6a:4b:e2:bb:bc:d0:5e:c1:a5:fa:3e:74:fb:c3:
20:b4:eb:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+iNb5m+pwOZQHB8CQsYPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZDc4ZGUwMjM0ZTZmOTk3MDE1OTJmNTM2ZTQ1ZjVmNTU5
NGVlYzMwHhcNMjUwMTAxMDM0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWFlNjg1Njg5NzI3NTRjNjRiYTQ1YjVjNzU3NzFkMjg0NTUzMTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJ6ACHLn01YT+Q1ZqV0w5FMgyIXV
ZDLxIdsVHjDYzIKWYcdUyXp62dUxC7p9uM3wBuyDa2smbhWIYTh/2AvdeoDQlieQ
jR8U4QT6Q3z7dHzCyqzg8xriyI2bfw+oQ2s6pHFkzDR20MD2dqp66m54U54tFbXp
nKo7rXKggdeow0bfwJtas0giQ9GaW5/q+BX/3QUe/RmAXKK9670OxnHXSQQnL48Q
FhbVTwTsiTYYY14mVBpuBXHiJCPGrN1MxtMphVW38uGC16jNtyF9WYr9vy5zwEfx
rof5BttrgfybXWvSfh+yql3GDY0l+Vm8JWp0X6JNPdWTe0ejdnyDsYr5YwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJmuaFaJcnVMZLpFtcdXcdKEVTE5MB8GA1UdIwQY
MBaAFKfXjeAjTm+ZcBWS9TbkX19VlO7DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDllTjRDTk9iNWx3RlpMMU51UmZYMVdVN3NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8zMWFhYmEtYWM3ZS00ODlmLTg3N2Mt
MjhkNWI2MDdhNDdmLzEvbWE1b1ZvbHlkVXhrdWtXMXgxZHgwb1JWTVRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8zMWFhYmEtYWM3ZS00ODlmLTg3N2MtMjhkNWI2MDdhNDdm
LzEvcDllTjRDTk9iNWx3RlpMMU51UmZYMVdVN3NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+kkMA0G
CSqGSIb3DQEBCwUAA4IBAQAkC2bYcW6nzCWv6d14qz6ZQR39WQjbRIjycvnIsjfj
dpd/lhl7sh6IQK4cLngYGIDPL8AKIT1ert47HlXr1m8BRxlliYempbOXZDlsrfxz
CRXpJ4Sc0QlkOt+777XZ389YLmhXzriLqUWmKuCI00+dVhW68r0NsYbK+5F1Aims
lDffU579c1pIj+8goESZvXdHimaoFqaiEvw24csEQ7zJNJ12muO6m2fcJvM4Y3mO
HrswPB5i+6VYZeYwJF0yQ4zkshS1fV6y0l2iYooek86qZBFOk6s6Mzh857XS2juZ
NPeYC5VN7no83glmcIxmakviu7zQXsGl+j50+8MgtOur
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:31:39 2025 by rpki-client