Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/e54e89-7b6b-417d-9bc9-62ce84f7075e/1/s1SLHtKOtkgq5r5rHF__j6OHoGY.roa
File: s1SLHtKOtkgq5r5rHF__j6OHoGY.roa (raw, json)
Hash identifier: KY4xp5ySp/G6GnIfRT4waP6fnoRJIDEZEgF7zNS/QEM=
Subject key identifier: B3:54:8B:1E:D2:8E:B6:48:2A:E6:BE:6B:1C:5F:FF:8F:A3:87:A0:66
Certificate issuer: /CN=d4a039aeee62103b288c6c8b9692cf5808743e21
Certificate serial: 019425217C4142964D1ACBE0F9E6410523D0
Authority key identifier: D4:A0:39:AE:EE:62:10:3B:28:8C:6C:8B:96:92:CF:58:08:74:3E:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1KA5ru5iEDsojGyLlpLPWAh0PiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/e54e89-7b6b-417d-9bc9-62ce84f7075e/1/s1SLHtKOtkgq5r5rHF__j6OHoGY.roa
Signing time: Thu 02 Jan 2025 03:48:59 +0000
ROA not before: Thu 02 Jan 2025 03:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208772
IP address blocks: 91.216.35.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:7c:41:42:96:4d:1a:cb:e0:f9:e6:41:05:23:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4a039aeee62103b288c6c8b9692cf5808743e21
Validity
Not Before: Jan 2 03:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3548b1ed28eb6482ae6be6b1c5fff8fa387a066
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:60:34:f0:9c:80:1b:84:c2:50:0e:6e:c7:fe:
93:30:8e:0a:b6:92:e7:3d:f3:e5:d1:83:55:dd:05:
9b:3f:42:74:38:fc:b0:ba:97:92:e4:07:2d:82:ee:
38:1f:f8:66:e6:32:26:ba:e1:00:f6:84:ba:a8:42:
82:93:0d:2e:12:e8:ac:54:c6:44:5b:ff:8c:fe:d0:
3a:2a:88:1d:29:16:e1:ca:b1:05:87:c5:5d:08:19:
d8:1c:a5:b9:c4:a0:1d:0b:bb:03:28:85:21:b0:16:
d2:81:80:b7:fc:9b:9c:7e:36:f6:70:fc:bc:cc:9b:
78:d4:60:9c:cd:c3:40:58:d6:40:2b:19:0d:46:61:
55:f9:73:af:9e:a9:c7:9d:99:64:7e:c0:9b:f1:03:
57:45:3c:1f:7c:10:25:8c:29:02:2a:73:99:c2:95:
29:0a:4c:e5:4c:47:3c:47:e9:14:ce:a9:d9:bd:c5:
2b:75:fc:93:83:75:22:60:76:e3:d4:63:80:0f:f3:
52:cf:38:7e:85:91:0a:61:8f:20:c1:92:07:fa:c4:
0c:0f:cc:20:4e:90:a6:4d:d0:a6:73:32:15:2f:e6:
6f:cc:15:7c:97:c2:18:91:b7:5f:3a:78:be:22:47:
9b:74:51:b7:89:c1:07:9d:9d:b6:5c:dc:5e:66:3e:
15:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:54:8B:1E:D2:8E:B6:48:2A:E6:BE:6B:1C:5F:FF:8F:A3:87:A0:66
X509v3 Authority Key Identifier:
keyid:D4:A0:39:AE:EE:62:10:3B:28:8C:6C:8B:96:92:CF:58:08:74:3E:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1KA5ru5iEDsojGyLlpLPWAh0PiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e54e89-7b6b-417d-9bc9-62ce84f7075e/1/s1SLHtKOtkgq5r5rHF__j6OHoGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e54e89-7b6b-417d-9bc9-62ce84f7075e/1/1KA5ru5iEDsojGyLlpLPWAh0PiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.35.0/24
Signature Algorithm: sha256WithRSAEncryption
97:ed:32:eb:f6:c7:c2:41:ca:45:71:66:81:1e:7c:76:48:5f:
c8:e9:24:a9:9b:1e:40:e7:b3:3f:c8:67:49:f3:ed:27:3b:8d:
21:b2:31:14:4b:c9:89:1f:65:bb:f5:9a:60:7a:5b:24:c2:5c:
d1:11:18:55:71:67:19:cd:9e:77:39:59:5b:f2:cb:28:08:62:
68:d6:43:43:10:17:d2:c4:54:ea:b6:88:1d:ef:62:14:1f:98:
5d:3a:bc:36:12:c9:16:b4:67:27:3a:08:17:a3:4d:d9:18:8a:
9e:86:dc:ee:74:c2:a0:fe:f0:86:b5:11:49:d4:5c:27:62:cb:
b7:59:bb:76:44:ab:a3:fc:d3:73:e2:20:20:fb:fc:ca:26:28:
d8:00:4c:98:53:39:ce:88:26:18:af:3b:60:43:75:92:9e:6a:
c9:c3:ad:ab:4d:cb:ed:97:77:93:4e:38:f1:b8:f9:88:41:0d:
7a:ae:51:d5:f2:86:32:cd:24:da:c5:24:11:f4:00:bb:c5:53:
51:82:0a:9c:2d:8a:b3:22:f3:35:a3:e5:d2:9a:db:da:ac:2a:
23:87:3f:a6:e4:19:66:82:de:15:4a:8b:7e:69:2c:4d:92:3f:
90:0c:a1:f7:a9:9b:c0:92:15:30:ab:93:9f:b0:8f:1f:7c:db:
51:16:78:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIXxBQpZNGsvg+eZBBSPQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YTAzOWFlZWU2MjEwM2IyODhjNmM4Yjk2OTJjZjU4MDg3
NDNlMjEwHhcNMjUwMTAyMDM0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzU0OGIxZWQyOGViNjQ4MmFlNmJlNmIxYzVmZmY4ZmEzODdhMDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWA08JyAG4TCUA5ux/6TMI4KtpLn
PfPl0YNV3QWbP0J0OPywupeS5Actgu44H/hm5jImuuEA9oS6qEKCkw0uEuisVMZE
W/+M/tA6KogdKRbhyrEFh8VdCBnYHKW5xKAdC7sDKIUhsBbSgYC3/Jucfjb2cPy8
zJt41GCczcNAWNZAKxkNRmFV+XOvnqnHnZlkfsCb8QNXRTwffBAljCkCKnOZwpUp
CkzlTEc8R+kUzqnZvcUrdfyTg3UiYHbj1GOAD/NSzzh+hZEKYY8gwZIH+sQMD8wg
TpCmTdCmczIVL+ZvzBV8l8IYkbdfOni+IkebdFG3icEHnZ22XNxeZj4VeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLNUix7SjrZIKua+axxf/4+jh6BmMB8GA1UdIwQY
MBaAFNSgOa7uYhA7KIxsi5aSz1gIdD4hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUtBNXJ1NWlFRHNvakd5TGxwTFBXQWgwUGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lNTRlODktN2I2Yi00MTdkLTliYzkt
NjJjZTg0ZjcwNzVlLzEvczFTTEh0S090a2dxNXI1ckhGX19qNk9Ib0dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lNTRlODktN2I2Yi00MTdkLTliYzktNjJjZTg0ZjcwNzVl
LzEvMUtBNXJ1NWlFRHNvakd5TGxwTFBXQWgwUGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9gjMA0G
CSqGSIb3DQEBCwUAA4IBAQCX7TLr9sfCQcpFcWaBHnx2SF/I6SSpmx5A57M/yGdJ
8+0nO40hsjEUS8mJH2W79ZpgelskwlzRERhVcWcZzZ53OVlb8ssoCGJo1kNDEBfS
xFTqtogd72IUH5hdOrw2EskWtGcnOggXo03ZGIqehtzudMKg/vCGtRFJ1FwnYsu3
Wbt2RKuj/NNz4iAg+/zKJijYAEyYUznOiCYYrztgQ3WSnmrJw62rTcvtl3eTTjjx
uPmIQQ16rlHV8oYyzSTaxSQR9AC7xVNRggqcLYqzIvM1o+XSmtvarCojhz+m5Blm
gt4VSot+aSxNkj+QDKH3qZvAkhUwq5OfsI8ffNtRFnhk
-----END CERTIFICATE-----
Generated at Sat Apr 26 02:19:06 2025 by rpki-client