Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4df8f1-241d-4339-b0f6-d65ad430beb7/1/1g3YzsLZ5QOCf6qi-eFi1LVqHQ8.roa
File: 1g3YzsLZ5QOCf6qi-eFi1LVqHQ8.roa (raw, json)
Hash identifier: +wFJ5tj+lSmxnwgEedsXBX4o8rthXQtXpU++hvEpCkM=
Subject key identifier: D6:0D:D8:CE:C2:D9:E5:03:82:7F:AA:A2:F9:E1:62:D4:B5:6A:1D:0F
Certificate issuer: /CN=0d291922587f750f78a19795cbd89bc729af17d5
Certificate serial: 019423D6BFA9A332E78F6F7F48793DB61479
Authority key identifier: 0D:29:19:22:58:7F:75:0F:78:A1:97:95:CB:D8:9B:C7:29:AF:17:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSkZIlh_dQ94oZeVy9ibxymvF9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/4df8f1-241d-4339-b0f6-d65ad430beb7/1/1g3YzsLZ5QOCf6qi-eFi1LVqHQ8.roa
Signing time: Wed 01 Jan 2025 21:47:43 +0000
ROA not before: Wed 01 Jan 2025 21:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39305
IP address blocks: 91.132.44.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:bf:a9:a3:32:e7:8f:6f:7f:48:79:3d:b6:14:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d291922587f750f78a19795cbd89bc729af17d5
Validity
Not Before: Jan 1 21:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d60dd8cec2d9e503827faaa2f9e162d4b56a1d0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:42:61:0d:cf:90:97:22:5a:18:89:61:bc:1e:
b0:12:67:4b:57:21:e5:08:2b:7d:d7:c4:c5:14:30:
55:6e:7b:ed:b1:fb:46:84:0c:f4:ae:ad:8b:b0:67:
5d:e2:58:3f:bb:fd:e2:ea:55:91:b5:0a:ea:7b:79:
ac:60:9a:90:04:eb:48:b3:68:96:3d:aa:3d:ef:8c:
01:5e:ba:62:03:d0:a4:ae:59:7f:1b:b7:d8:ba:3b:
53:85:68:f6:dd:a6:81:60:90:b8:9d:da:cd:f1:6c:
ca:77:e4:1e:c6:0e:3c:58:7d:8f:12:04:73:88:32:
7c:a4:5a:98:4c:89:fa:27:ca:0f:90:e6:6b:92:aa:
28:b0:29:53:d4:de:ad:1e:ad:25:cb:fa:f4:63:12:
44:1f:c3:4f:64:ad:e2:14:13:d8:97:f1:bd:40:7c:
a2:58:72:f4:fc:f0:4c:9d:f2:45:a3:0c:5c:24:52:
2f:a4:40:f0:7e:13:ba:75:d9:92:06:74:9d:ce:ef:
f6:62:bf:da:30:a0:59:1d:0f:d9:16:42:8a:4a:fc:
b5:a5:ae:81:0d:13:b5:2d:e8:e5:c9:00:9e:1c:b6:
b4:f8:c8:e2:1d:02:a3:08:7c:05:0a:00:7e:12:c2:
ae:5b:04:7a:b9:b6:77:64:9a:7d:cc:e5:f4:f3:c8:
ad:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:0D:D8:CE:C2:D9:E5:03:82:7F:AA:A2:F9:E1:62:D4:B5:6A:1D:0F
X509v3 Authority Key Identifier:
keyid:0D:29:19:22:58:7F:75:0F:78:A1:97:95:CB:D8:9B:C7:29:AF:17:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSkZIlh_dQ94oZeVy9ibxymvF9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4df8f1-241d-4339-b0f6-d65ad430beb7/1/1g3YzsLZ5QOCf6qi-eFi1LVqHQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4df8f1-241d-4339-b0f6-d65ad430beb7/1/DSkZIlh_dQ94oZeVy9ibxymvF9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.44.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:78:24:53:a7:86:8b:db:d0:81:57:fb:29:dc:b6:ab:5c:97:
eb:68:e1:5b:fa:5b:c0:fa:31:1f:11:01:18:7d:49:7b:03:3f:
6b:ec:83:82:71:8d:f0:00:62:a4:ae:0a:d9:56:9e:60:c1:d1:
70:19:b4:d0:21:b3:2d:07:ef:58:01:19:6e:a8:ce:b0:62:22:
d1:21:94:2f:f9:8f:49:af:66:34:73:83:57:18:1d:58:4c:55:
0c:a9:a9:5e:aa:c6:48:2f:ba:55:51:e1:33:f5:2f:97:ac:a8:
4a:c9:59:d4:4e:95:48:7d:47:6d:f1:f1:a1:a8:3e:9e:34:90:
df:88:18:40:6e:81:c8:7f:ab:7a:90:78:9d:dc:bc:2a:79:0a:
6f:d6:7d:b7:5a:a6:4a:7e:4d:ba:08:82:f3:89:a1:8c:ba:73:
90:d9:a3:d7:1f:57:1d:4a:e8:18:4f:b9:93:49:82:4f:77:47:
41:ac:9a:66:d2:75:c0:3a:c9:0e:da:72:96:dd:be:66:0f:dc:
fd:90:d0:dd:2c:3e:e4:9d:7b:c1:f0:0a:1a:0f:98:b2:34:99:
d6:46:7d:0c:20:36:34:fb:53:44:bd:2a:a1:ad:67:f8:90:21:
5f:d7:2b:79:2c:09:60:ee:4e:34:db:49:47:3c:cf:ef:dd:e5:
07:ed:36:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1r+pozLnj29/SHk9thR5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjkxOTIyNTg3Zjc1MGY3OGExOTc5NWNiZDg5YmM3Mjlh
ZjE3ZDUwHhcNMjUwMTAxMjE0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjBkZDhjZWMyZDllNTAzODI3ZmFhYTJmOWUxNjJkNGI1NmExZDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0JhDc+QlyJaGIlhvB6wEmdLVyHl
CCt918TFFDBVbnvtsftGhAz0rq2LsGdd4lg/u/3i6lWRtQrqe3msYJqQBOtIs2iW
Pao974wBXrpiA9Ckrll/G7fYujtThWj23aaBYJC4ndrN8WzKd+Qexg48WH2PEgRz
iDJ8pFqYTIn6J8oPkOZrkqoosClT1N6tHq0ly/r0YxJEH8NPZK3iFBPYl/G9QHyi
WHL0/PBMnfJFowxcJFIvpEDwfhO6ddmSBnSdzu/2Yr/aMKBZHQ/ZFkKKSvy1pa6B
DRO1LejlyQCeHLa0+MjiHQKjCHwFCgB+EsKuWwR6ubZ3ZJp9zOX088itGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNYN2M7C2eUDgn+qovnhYtS1ah0PMB8GA1UdIwQY
MBaAFA0pGSJYf3UPeKGXlcvYm8cprxfVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNrWklsaF9kUTk0b1plVnk5aWJ4eW12RjlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80ZGY4ZjEtMjQxZC00MzM5LWIwZjYt
ZDY1YWQ0MzBiZWI3LzEvMWczWXpzTFo1UU9DZjZxaS1lRmkxTFZxSFE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My80ZGY4ZjEtMjQxZC00MzM5LWIwZjYtZDY1YWQ0MzBiZWI3
LzEvRFNrWklsaF9kUTk0b1plVnk5aWJ4eW12RjlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW4QsMA0G
CSqGSIb3DQEBCwUAA4IBAQAqeCRTp4aL29CBV/sp3LarXJfraOFb+lvA+jEfEQEY
fUl7Az9r7IOCcY3wAGKkrgrZVp5gwdFwGbTQIbMtB+9YARluqM6wYiLRIZQv+Y9J
r2Y0c4NXGB1YTFUMqaleqsZIL7pVUeEz9S+XrKhKyVnUTpVIfUdt8fGhqD6eNJDf
iBhAboHIf6t6kHid3LwqeQpv1n23WqZKfk26CILziaGMunOQ2aPXH1cdSugYT7mT
SYJPd0dBrJpm0nXAOskO2nKW3b5mD9z9kNDdLD7knXvB8AoaD5iyNJnWRn0MIDY0
+1NEvSqhrWf4kCFf1yt5LAlg7k4020lHPM/v3eUH7TY1
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:01:26 2025 by rpki-client