Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/08f5cd-8eec-4d55-8812-c93659f76737/1/dJjjOIsvcmwG1yw0BY5P71sFVUw.roa
File: dJjjOIsvcmwG1yw0BY5P71sFVUw.roa (raw, json)
Hash identifier: 71ssAltTmbpploHF43pU09n+JXavvKYPHb8mMd4Firs=
Subject key identifier: 74:98:E3:38:8B:2F:72:6C:06:D7:2C:34:05:8E:4F:EF:5B:05:55:4C
Certificate issuer: /CN=0f95c9c9a7f19a9ad717e4daa530c85cf99ab975
Certificate serial: 01942143A3065FFC6A540F7912B6CE1A3708
Authority key identifier: 0F:95:C9:C9:A7:F1:9A:9A:D7:17:E4:DA:A5:30:C8:5C:F9:9A:B9:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5XJyafxmprXF-TapTDIXPmauXU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/08f5cd-8eec-4d55-8812-c93659f76737/1/dJjjOIsvcmwG1yw0BY5P71sFVUw.roa
Signing time: Wed 01 Jan 2025 09:47:48 +0000
ROA not before: Wed 01 Jan 2025 09:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58221
IP address blocks: 91.239.80.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:a3:06:5f:fc:6a:54:0f:79:12:b6:ce:1a:37:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f95c9c9a7f19a9ad717e4daa530c85cf99ab975
Validity
Not Before: Jan 1 09:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7498e3388b2f726c06d72c34058e4fef5b05554c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4a:a2:d5:a4:e6:c1:87:1a:b5:e1:12:87:d1:
76:21:fb:40:3a:01:92:e8:c7:6d:c2:75:78:a9:1d:
16:ad:51:3d:54:35:2f:68:9e:79:ed:96:14:4b:fc:
e4:b7:cc:e5:8a:de:39:52:5d:55:39:8d:27:2b:45:
78:93:8a:14:33:9f:7a:2e:88:3d:a9:98:33:b1:d0:
9d:fc:72:75:ca:51:93:57:49:03:a6:d4:71:1d:e9:
11:92:62:82:f6:91:5e:7f:27:3b:c3:dd:a6:31:d9:
06:01:ad:a7:1e:ae:2e:97:97:23:b5:71:dd:9c:e9:
c4:5f:95:59:3c:c1:da:de:4e:c7:89:97:30:ba:b9:
d7:35:52:c6:97:46:48:c8:7b:71:49:f4:c9:40:ae:
b7:72:ee:42:e8:90:6c:9b:47:af:b2:93:69:c6:2b:
bb:94:84:4e:71:02:d1:69:47:af:5a:c9:87:64:aa:
64:8e:97:ec:91:0a:9e:01:c8:fe:4f:d8:f8:1f:b4:
d0:e9:49:19:c7:b4:b8:01:ab:14:da:ff:22:6f:74:
d7:4e:be:8e:a6:c9:7e:7f:6f:e8:8f:1c:0e:e5:46:
5d:e5:ee:d4:67:cd:aa:8c:89:fb:75:a4:e3:75:ea:
3f:f8:5a:2b:12:f4:0b:61:3f:1a:23:a6:b6:41:30:
d3:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:98:E3:38:8B:2F:72:6C:06:D7:2C:34:05:8E:4F:EF:5B:05:55:4C
X509v3 Authority Key Identifier:
keyid:0F:95:C9:C9:A7:F1:9A:9A:D7:17:E4:DA:A5:30:C8:5C:F9:9A:B9:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5XJyafxmprXF-TapTDIXPmauXU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/08f5cd-8eec-4d55-8812-c93659f76737/1/dJjjOIsvcmwG1yw0BY5P71sFVUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/08f5cd-8eec-4d55-8812-c93659f76737/1/D5XJyafxmprXF-TapTDIXPmauXU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.80.0/22
Signature Algorithm: sha256WithRSAEncryption
40:c5:45:23:b4:61:f9:c8:7c:7a:4a:4f:44:da:a8:4a:81:cd:
ba:c6:c3:11:d8:4b:3b:ed:06:5d:b9:93:c7:aa:a3:91:09:0d:
34:89:2f:06:27:65:13:83:3d:4b:d1:60:6d:13:83:a2:93:05:
ef:90:62:b3:e3:40:7c:1c:23:a6:ba:b4:4d:34:23:7a:30:bc:
a0:4b:3d:9f:45:73:b5:68:b9:1c:a0:61:49:02:5e:c8:5d:47:
ac:5e:8d:97:f1:26:fd:87:ca:ba:45:88:6d:45:4b:db:e6:e1:
b3:0c:7f:e1:75:7d:0f:5a:e7:78:2e:c7:b6:90:fd:7a:c5:af:
76:4f:9d:9d:c0:ef:2c:aa:22:a0:37:e9:11:05:a1:08:e0:48:
da:5a:de:dd:b6:93:02:e0:40:41:97:c8:6c:e5:5f:ac:ef:31:
a3:f7:da:4d:26:89:55:b8:b2:7b:a5:7b:ab:d3:f6:b4:9f:cf:
b9:e1:7c:86:2c:5d:05:42:93:2e:53:f5:65:6b:95:22:68:58:
f9:71:96:27:71:4f:69:bd:88:6d:25:64:df:20:50:d9:00:12:
39:0a:50:cc:f4:bf:c3:e0:1a:f4:aa:0e:ca:10:d5:3b:f2:f3:
fe:83:25:bf:ff:12:26:15:c8:3d:48:73:91:4e:ae:58:18:a7:
a6:65:9e:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ6MGX/xqVA95ErbOGjcIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmOTVjOWM5YTdmMTlhOWFkNzE3ZTRkYWE1MzBjODVjZjk5
YWI5NzUwHhcNMjUwMTAxMDk0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDk4ZTMzODhiMmY3MjZjMDZkNzJjMzQwNThlNGZlZjViMDU1NTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkqi1aTmwYcateESh9F2IftAOgGS
6MdtwnV4qR0WrVE9VDUvaJ557ZYUS/zkt8zlit45Ul1VOY0nK0V4k4oUM596Log9
qZgzsdCd/HJ1ylGTV0kDptRxHekRkmKC9pFefyc7w92mMdkGAa2nHq4ul5cjtXHd
nOnEX5VZPMHa3k7HiZcwurnXNVLGl0ZIyHtxSfTJQK63cu5C6JBsm0evspNpxiu7
lIROcQLRaUevWsmHZKpkjpfskQqeAcj+T9j4H7TQ6UkZx7S4AasU2v8ib3TXTr6O
psl+f2/ojxwO5UZd5e7UZ82qjIn7daTjdeo/+ForEvQLYT8aI6a2QTDTwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHSY4ziLL3JsBtcsNAWOT+9bBVVMMB8GA1UdIwQY
MBaAFA+Vycmn8Zqa1xfk2qUwyFz5mrl1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDVYSnlhZnhtcHJYRi1UYXBURElYUG1hdVhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8wOGY1Y2QtOGVlYy00ZDU1LTg4MTIt
YzkzNjU5Zjc2NzM3LzEvZEpqak9Jc3ZjbXdHMXl3MEJZNVA3MXNGVlV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8wOGY1Y2QtOGVlYy00ZDU1LTg4MTItYzkzNjU5Zjc2NzM3
LzEvRDVYSnlhZnhtcHJYRi1UYXBURElYUG1hdVhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+9QMA0G
CSqGSIb3DQEBCwUAA4IBAQBAxUUjtGH5yHx6Sk9E2qhKgc26xsMR2Es77QZduZPH
qqORCQ00iS8GJ2UTgz1L0WBtE4OikwXvkGKz40B8HCOmurRNNCN6MLygSz2fRXO1
aLkcoGFJAl7IXUesXo2X8Sb9h8q6RYhtRUvb5uGzDH/hdX0PWud4Lse2kP16xa92
T52dwO8sqiKgN+kRBaEI4EjaWt7dtpMC4EBBl8hs5V+s7zGj99pNJolVuLJ7pXur
0/a0n8+54XyGLF0FQpMuU/Vla5UiaFj5cZYncU9pvYhtJWTfIFDZABI5ClDM9L/D
4Br0qg7KENU78vP+gyW//xImFcg9SHORTq5YGKemZZ6n
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:54:02 2025 by rpki-client