Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/cfac31-8356-432d-a34d-b614361196fd/1/17Ijw7DnA-ky4M-qBTdOY4I7ec4.roa
File: 17Ijw7DnA-ky4M-qBTdOY4I7ec4.roa (raw, json)
Hash identifier: iu+mQ1jbZcSsyxSnbAMCeHovGJfrloyLqIxmClTwTuE=
Subject key identifier: D7:B2:23:C3:B0:E7:03:E9:32:E0:CF:AA:05:37:4E:63:82:3B:79:CE
Certificate issuer: /CN=fb723706d0e83758ba52138e9db4207b5a5c189c
Certificate serial: 019426D8CDFF6C13BED719655B366AFA5CFC
Authority key identifier: FB:72:37:06:D0:E8:37:58:BA:52:13:8E:9D:B4:20:7B:5A:5C:18:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-3I3BtDoN1i6UhOOnbQge1pcGJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/cfac31-8356-432d-a34d-b614361196fd/1/17Ijw7DnA-ky4M-qBTdOY4I7ec4.roa
Signing time: Thu 02 Jan 2025 11:48:50 +0000
ROA not before: Thu 02 Jan 2025 11:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48345
IP address blocks: 91.223.220.0/24 maxlen: 24
91.234.215.0/24 maxlen: 24
94.232.112.0/21 maxlen: 21
185.168.168.0/24 maxlen: 24
185.168.169.0/24 maxlen: 24
2001:67c:174::/48 maxlen: 48
2001:67c:15b8::/48 maxlen: 48
2001:67c:28d8::/48 maxlen: 48
2a0e:d340::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:cd:ff:6c:13:be:d7:19:65:5b:36:6a:fa:5c:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb723706d0e83758ba52138e9db4207b5a5c189c
Validity
Not Before: Jan 2 11:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7b223c3b0e703e932e0cfaa05374e63823b79ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:90:5b:78:3c:ff:cd:12:b8:12:c7:7c:57:d4:
3d:64:76:63:9c:82:c8:70:09:7c:47:95:d4:f3:d3:
b5:4b:f5:6f:33:61:b8:41:72:f5:17:1b:27:57:ec:
3a:8c:4e:75:89:f0:af:e3:39:d5:b4:96:b8:42:4b:
d2:ee:43:2c:c2:74:e9:b8:1c:2f:59:c0:d1:9d:8f:
84:1f:f2:52:7d:c8:ac:b8:5f:9e:9c:fb:76:f7:ac:
07:a1:c1:37:58:2a:dc:30:fc:7e:1c:58:50:5f:9a:
ec:af:5d:39:06:d0:e9:11:b0:1a:54:47:44:4a:15:
8c:49:1b:25:ee:26:d6:b1:2f:6c:09:fb:48:6d:bc:
f5:13:84:7f:31:a8:1a:c3:b4:ef:b8:4a:00:15:ca:
f4:10:f7:b0:6c:61:0c:aa:99:87:38:31:8d:13:e8:
28:36:13:4c:f4:4e:e2:32:79:c4:b7:9f:42:23:1e:
d3:d1:2a:e0:0f:75:7e:e8:f9:ac:6e:db:db:33:89:
90:b8:35:12:f7:c9:65:b5:08:84:c4:30:2a:70:6c:
ff:64:c4:8b:d8:d0:c8:30:11:85:58:f9:d0:76:76:
91:d6:fb:85:5b:1b:e6:95:bd:da:db:a1:35:a6:d4:
21:04:1b:57:e9:c2:7f:de:de:1e:99:5e:78:45:dd:
e9:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:B2:23:C3:B0:E7:03:E9:32:E0:CF:AA:05:37:4E:63:82:3B:79:CE
X509v3 Authority Key Identifier:
keyid:FB:72:37:06:D0:E8:37:58:BA:52:13:8E:9D:B4:20:7B:5A:5C:18:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-3I3BtDoN1i6UhOOnbQge1pcGJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/cfac31-8356-432d-a34d-b614361196fd/1/17Ijw7DnA-ky4M-qBTdOY4I7ec4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/cfac31-8356-432d-a34d-b614361196fd/1/1-3I3BtDoN1i6UhOOnbQge1pcGJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.220.0/24
91.234.215.0/24
94.232.112.0/21
185.168.168.0/23
IPv6:
2001:67c:174::/48
2001:67c:15b8::/48
2001:67c:28d8::/48
2a0e:d340::/48
Signature Algorithm: sha256WithRSAEncryption
6a:cd:d3:14:ba:5c:9d:3b:ef:23:44:8c:e4:99:ed:1d:ff:6c:
91:22:95:08:41:cc:28:b1:c8:20:a7:ec:77:ce:49:fa:a5:53:
b9:31:93:d7:e3:82:29:78:94:bb:a4:44:60:ce:6e:6e:16:55:
de:ff:91:7a:5b:56:a4:b9:f6:a4:e6:42:fa:73:2d:2c:0a:79:
57:ef:93:81:09:cd:b0:6d:19:f0:23:a5:10:e7:82:c7:6e:40:
57:50:f6:14:23:14:83:dd:5d:93:69:6c:14:85:f3:2c:18:7b:
1e:20:d4:0d:e5:eb:de:7c:da:df:c6:46:d2:5e:e3:0c:b4:91:
13:9b:06:df:ef:0b:0f:b0:cc:23:cc:0e:ad:66:18:dd:94:f0:
66:20:b1:4d:f4:18:14:1e:f8:32:56:82:1e:0a:12:a1:18:5f:
60:46:3c:fc:f1:28:a0:4b:81:10:3b:44:02:ba:4a:46:73:c8:
cf:ae:07:9b:26:b2:a8:79:f9:3c:8d:da:5a:1d:c9:7b:bd:95:
92:70:cf:f8:d3:5d:1d:28:ad:2e:2d:6b:b2:2e:57:7e:31:84:
4e:13:34:27:ab:2e:b3:85:f6:ed:51:43:80:49:e8:79:3c:95:
54:51:8c:dd:bf:9b:b3:72:d5:64:fe:52:db:ca:bd:a5:66:10:
d3:f3:96:3d
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZQm2M3/bBO+1xllWzZq+lz8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiNzIzNzA2ZDBlODM3NThiYTUyMTM4ZTlkYjQyMDdiNWE1
YzE4OWMwHhcNMjUwMTAyMTE0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2IyMjNjM2IwZTcwM2U5MzJlMGNmYWEwNTM3NGU2MzgyM2I3OWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpBbeDz/zRK4Esd8V9Q9ZHZjnILI
cAl8R5XU89O1S/VvM2G4QXL1FxsnV+w6jE51ifCv4znVtJa4QkvS7kMswnTpuBwv
WcDRnY+EH/JSfcisuF+enPt296wHocE3WCrcMPx+HFhQX5rsr105BtDpEbAaVEdE
ShWMSRsl7ibWsS9sCftIbbz1E4R/Magaw7TvuEoAFcr0EPewbGEMqpmHODGNE+go
NhNM9E7iMnnEt59CIx7T0SrgD3V+6PmsbtvbM4mQuDUS98lltQiExDAqcGz/ZMSL
2NDIMBGFWPnQdnaR1vuFWxvmlb3a26E1ptQhBBtX6cJ/3t4emV54Rd3plwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFNeyI8Ow5wPpMuDPqgU3TmOCO3nOMB8GA1UdIwQY
MBaAFPtyNwbQ6DdYulITjp20IHtaXBicMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS0zSTNCdERvTjFpNlVoT09uYlFnZTFwY0dKdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkvY2ZhYzMxLTgzNTYtNDMyZC1hMzRk
LWI2MTQzNjExOTZmZC8xLzE3SWp3N0RuQS1reTRNLXFCVGRPWTRJN2VjNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTkvY2ZhYzMxLTgzNTYtNDMyZC1hMzRkLWI2MTQzNjExOTZm
ZC8xLzEtM0kzQnREb04xaTZVaE9PbmJRZ2UxcGNHSncuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwXQYIKwYBBQUHAQcBAf8ETjBMMB4EAgABMBgDBABb39wD
BABb6tcDBANe6HADBAG5qKgwKgQCAAIwJAMHACABBnwBdAMHACABBnwVuAMHACAB
Bnwo2AMHACoO00AAADANBgkqhkiG9w0BAQsFAAOCAQEAas3TFLpcnTvvI0SM5Jnt
Hf9skSKVCEHMKLHIIKfsd85J+qVTuTGT1+OCKXiUu6REYM5ubhZV3v+ReltWpLn2
pOZC+nMtLAp5V++TgQnNsG0Z8COlEOeCx25AV1D2FCMUg91dk2lsFIXzLBh7HiDU
DeXr3nza38ZG0l7jDLSRE5sG3+8LD7DMI8wOrWYY3ZTwZiCxTfQYFB74MlaCHgoS
oRhfYEY8/PEooEuBEDtEArpKRnPIz64HmyayqHn5PI3aWh3Je72VknDP+NNdHSit
Li1rsi5XfjGEThM0J6sus4X27VFDgEnoeTyVVFGM3b+bs3LVZP5S28q9pWYQ0/OW
PQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:41:18 2025 by rpki-client