Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/e84e8f-8bb2-4054-b495-125eedf8d9f1/1/g2AkX7o9HPLfXDUc9lLxF0hd7Tw.roa
File: g2AkX7o9HPLfXDUc9lLxF0hd7Tw.roa (raw, json)
Hash identifier: GtbK3C6ImbkCxUfm64Bkm+DP0kf7OaLjUPRMxP6pI/0=
Subject key identifier: 83:60:24:5F:BA:3D:1C:F2:DF:5C:35:1C:F6:52:F1:17:48:5D:ED:3C
Certificate issuer: /CN=20e6a0107d689a9370b622951a449646cc38b590
Certificate serial: 01941F8C76705BFA6DAB227628378208C678
Authority key identifier: 20:E6:A0:10:7D:68:9A:93:70:B6:22:95:1A:44:96:46:CC:38:B5:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IOagEH1ompNwtiKVGkSWRsw4tZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/e84e8f-8bb2-4054-b495-125eedf8d9f1/1/g2AkX7o9HPLfXDUc9lLxF0hd7Tw.roa
Signing time: Wed 01 Jan 2025 01:48:06 +0000
ROA not before: Wed 01 Jan 2025 01:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198677
IP address blocks: 91.238.122.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:76:70:5b:fa:6d:ab:22:76:28:37:82:08:c6:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20e6a0107d689a9370b622951a449646cc38b590
Validity
Not Before: Jan 1 01:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8360245fba3d1cf2df5c351cf652f117485ded3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:59:15:b0:74:81:3b:e2:44:e7:74:aa:7c:89:
d9:c7:ac:b8:02:6d:47:86:57:e5:6d:56:49:39:99:
e2:75:37:ee:9c:e4:db:b1:30:b8:8f:99:d7:fc:16:
fc:2e:1d:8d:1a:bd:91:44:4a:37:d2:15:3d:b6:a9:
40:bb:6e:e4:e1:7e:01:c6:66:54:96:d7:ad:1e:c4:
79:99:f2:aa:0a:24:ad:b7:3e:12:30:ba:6a:c3:df:
76:02:49:1b:3a:d6:40:8c:07:c9:9a:e4:c5:b0:fd:
1c:9f:6c:77:ce:42:ee:76:68:cc:56:f3:11:b1:92:
8f:fb:dc:9a:f3:97:86:15:46:a6:2f:97:f5:46:23:
f3:75:00:e0:06:c2:70:99:9d:5c:20:60:4e:1d:0b:
51:b0:c0:36:8d:44:ee:2b:a0:e2:47:00:50:6e:50:
f0:f3:e5:d0:4b:b7:a6:3d:46:57:63:7d:6c:7b:ee:
d9:5b:e4:04:13:0f:c0:1a:5e:9c:8f:ea:2b:c6:98:
a1:63:35:3c:a8:09:c3:08:f7:86:12:0d:02:72:fb:
04:98:9c:b9:a3:4c:07:36:3d:d5:db:48:68:e1:5e:
da:25:23:2d:38:01:1c:2c:a7:06:c6:9d:d2:54:80:
44:54:b9:fb:03:4e:c0:61:bf:dc:c4:40:62:f7:84:
fd:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:60:24:5F:BA:3D:1C:F2:DF:5C:35:1C:F6:52:F1:17:48:5D:ED:3C
X509v3 Authority Key Identifier:
keyid:20:E6:A0:10:7D:68:9A:93:70:B6:22:95:1A:44:96:46:CC:38:B5:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IOagEH1ompNwtiKVGkSWRsw4tZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/e84e8f-8bb2-4054-b495-125eedf8d9f1/1/g2AkX7o9HPLfXDUc9lLxF0hd7Tw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/e84e8f-8bb2-4054-b495-125eedf8d9f1/1/IOagEH1ompNwtiKVGkSWRsw4tZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.122.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:f5:2d:40:ab:cb:a5:54:64:7a:5e:ee:a6:55:61:91:8d:e2:
b7:d4:12:b6:6a:45:9e:44:1b:3c:66:60:bb:d7:c0:6b:22:0b:
18:0f:5d:95:68:d4:28:d3:ee:13:7f:a5:b1:3b:d1:a6:3e:85:
1f:d0:fa:1d:72:03:8b:3f:cd:42:4b:37:a6:49:9b:61:47:d4:
ad:50:2e:a3:dd:f1:7d:e9:9b:12:d2:c1:32:db:ba:97:91:f3:
70:02:bb:40:d0:7e:bb:a5:2f:b4:fa:8f:16:e4:b4:57:db:d8:
30:d0:20:35:2c:26:95:1e:a8:51:8d:b5:da:2b:e1:68:b4:a0:
d8:82:ee:51:fb:92:dd:8f:ae:f7:cc:78:6c:ca:37:04:b9:ad:
9f:06:b0:46:12:09:c0:8e:69:1e:a4:d8:c6:20:44:d7:de:31:
bc:16:56:19:79:ed:3e:e8:fc:03:07:61:d9:09:a1:d7:5b:fd:
84:c8:80:fb:12:13:ad:3e:68:0c:1d:15:e4:b9:33:ee:12:8b:
6d:5b:3b:46:ce:0c:04:d3:2c:23:1c:62:4b:e1:e6:60:e4:48:
0e:8f:15:75:60:07:2e:aa:34:bc:c3:cd:a0:76:34:42:70:45:
ac:05:3e:a0:71:23:69:5c:48:ee:7b:33:7b:02:78:f0:f1:a8:
65:e4:11:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjHZwW/ptqyJ2KDeCCMZ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZTZhMDEwN2Q2ODlhOTM3MGI2MjI5NTFhNDQ5NjQ2Y2Mz
OGI1OTAwHhcNMjUwMTAxMDE0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzYwMjQ1ZmJhM2QxY2YyZGY1YzM1MWNmNjUyZjExNzQ4NWRlZDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFkVsHSBO+JE53SqfInZx6y4Am1H
hlflbVZJOZnidTfunOTbsTC4j5nX/Bb8Lh2NGr2RREo30hU9tqlAu27k4X4BxmZU
ltetHsR5mfKqCiSttz4SMLpqw992AkkbOtZAjAfJmuTFsP0cn2x3zkLudmjMVvMR
sZKP+9ya85eGFUamL5f1RiPzdQDgBsJwmZ1cIGBOHQtRsMA2jUTuK6DiRwBQblDw
8+XQS7emPUZXY31se+7ZW+QEEw/AGl6cj+orxpihYzU8qAnDCPeGEg0CcvsEmJy5
o0wHNj3V20ho4V7aJSMtOAEcLKcGxp3SVIBEVLn7A07AYb/cxEBi94T90wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFINgJF+6PRzy31w1HPZS8RdIXe08MB8GA1UdIwQY
MBaAFCDmoBB9aJqTcLYilRpElkbMOLWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU9hZ0VIMW9tcE53dGlLVkdrU1dSc3c0dFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9lODRlOGYtOGJiMi00MDU0LWI0OTUt
MTI1ZWVkZjhkOWYxLzEvZzJBa1g3bzlIUExmWERVYzlsTHhGMGhkN1R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9lODRlOGYtOGJiMi00MDU0LWI0OTUtMTI1ZWVkZjhkOWYx
LzEvSU9hZ0VIMW9tcE53dGlLVkdrU1dSc3c0dFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+56MA0G
CSqGSIb3DQEBCwUAA4IBAQBe9S1Aq8ulVGR6Xu6mVWGRjeK31BK2akWeRBs8ZmC7
18BrIgsYD12VaNQo0+4Tf6WxO9GmPoUf0PodcgOLP81CSzemSZthR9StUC6j3fF9
6ZsS0sEy27qXkfNwArtA0H67pS+0+o8W5LRX29gw0CA1LCaVHqhRjbXaK+FotKDY
gu5R+5Ldj673zHhsyjcEua2fBrBGEgnAjmkepNjGIETX3jG8FlYZee0+6PwDB2HZ
CaHXW/2EyID7EhOtPmgMHRXkuTPuEottWztGzgwE0ywjHGJL4eZg5EgOjxV1YAcu
qjS8w82gdjRCcEWsBT6gcSNpXEjuezN7Anjw8ahl5BFj
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:04:58 2025 by rpki-client