Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/ddf06e-db8b-4589-a656-1716146644e6/1/Ri56NVXWUQxOwe5kNmjRuN3ToFY.roa
File: Ri56NVXWUQxOwe5kNmjRuN3ToFY.roa (raw, json)
Hash identifier: hHbE1YyHNSokMPr6cGdLs8yJ8XQBnuzocmNz/kOlPb0=
Subject key identifier: 46:2E:7A:35:55:D6:51:0C:4E:C1:EE:64:36:68:D1:B8:DD:D3:A0:56
Certificate issuer: /CN=bdfa363346c12f83c60d7b5cfdefecd3e7ff0e2a
Certificate serial: 019422FC43DE4AC749D75AA76DF3447DB17D
Authority key identifier: BD:FA:36:33:46:C1:2F:83:C6:0D:7B:5C:FD:EF:EC:D3:E7:FF:0E:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfo2M0bBL4PGDXtc_e_s0-f_Dio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/ddf06e-db8b-4589-a656-1716146644e6/1/Ri56NVXWUQxOwe5kNmjRuN3ToFY.roa
Signing time: Wed 01 Jan 2025 17:49:05 +0000
ROA not before: Wed 01 Jan 2025 17:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59842
IP address blocks: 91.220.245.0/24 maxlen: 24
185.36.12.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:43:de:4a:c7:49:d7:5a:a7:6d:f3:44:7d:b1:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfa363346c12f83c60d7b5cfdefecd3e7ff0e2a
Validity
Not Before: Jan 1 17:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=462e7a3555d6510c4ec1ee643668d1b8ddd3a056
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4d:34:f0:fc:7d:91:73:5a:fc:75:78:80:0d:
55:de:08:71:7d:21:b8:f8:fc:2c:23:b0:47:b9:2b:
56:c4:b4:3c:5b:22:4e:74:f5:c8:6c:13:80:4f:5c:
d6:70:ab:c4:ae:35:e5:de:5b:8f:01:31:00:dd:51:
b0:8a:8c:88:9c:94:4e:92:7f:3b:b1:53:72:7b:a6:
1f:c8:0e:9f:e2:c4:6e:1b:bb:02:6d:e6:ba:c7:56:
fe:7b:48:b4:7b:b1:48:6b:bd:9f:35:0a:c9:42:07:
b8:50:8d:3b:99:e2:f3:59:11:a5:ea:f2:0f:b6:59:
90:d2:3d:43:b7:1b:a9:95:01:67:59:3e:1a:58:6c:
c0:37:8a:4b:5c:d7:af:f4:92:56:0c:e3:53:7d:10:
f5:52:6b:9c:db:a8:11:59:b1:72:65:66:2d:4f:40:
84:6b:a3:f1:33:45:28:fc:fc:00:c8:c5:1e:0a:b7:
60:85:27:17:0c:24:a5:af:ca:7b:f3:5f:16:1b:68:
e6:b2:8f:63:42:22:f4:7f:a8:f8:eb:16:19:20:33:
42:08:72:53:eb:cb:d9:05:75:4e:6f:2d:c3:22:03:
ad:a5:da:ff:a7:b5:0b:a1:7a:2e:d6:db:a6:81:53:
e7:cb:c7:fd:23:5b:e1:e1:46:65:45:6e:05:59:f6:
81:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:2E:7A:35:55:D6:51:0C:4E:C1:EE:64:36:68:D1:B8:DD:D3:A0:56
X509v3 Authority Key Identifier:
keyid:BD:FA:36:33:46:C1:2F:83:C6:0D:7B:5C:FD:EF:EC:D3:E7:FF:0E:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfo2M0bBL4PGDXtc_e_s0-f_Dio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/ddf06e-db8b-4589-a656-1716146644e6/1/Ri56NVXWUQxOwe5kNmjRuN3ToFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/ddf06e-db8b-4589-a656-1716146644e6/1/vfo2M0bBL4PGDXtc_e_s0-f_Dio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.245.0/24
185.36.12.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:4d:08:83:89:37:e9:83:67:3b:b7:19:40:bc:4a:3c:d8:ce:
c3:3b:7a:e7:98:68:b8:ef:94:7f:ff:76:c6:f5:63:bb:30:79:
bb:e6:0d:06:56:1f:90:76:a1:1f:15:a5:23:72:2c:9f:6f:fa:
78:81:89:ab:46:27:20:dd:de:1a:19:67:fd:d4:65:e2:72:d2:
bb:ee:76:39:bc:a0:e7:30:d3:54:85:49:75:db:f5:ee:d2:bb:
5d:7a:fe:0f:ea:57:e2:75:8f:64:4c:13:77:d6:f8:6d:c3:06:
86:51:c0:a5:de:ee:41:f3:c8:3e:55:d3:19:0c:a1:51:a3:e4:
7c:53:a5:d9:bd:0d:27:66:6f:66:c0:53:17:b4:b7:3d:b9:c0:
69:eb:73:6b:65:26:b4:d9:19:54:c3:87:3c:b5:d8:e2:54:9e:
62:c8:d0:2a:6f:7f:f4:bf:d6:a9:6a:fc:b4:ae:70:5f:24:da:
ef:f7:40:7b:11:9a:0b:a3:30:3f:c1:33:33:e0:50:6e:b7:a5:
c5:d7:ca:f5:09:6c:df:23:79:d0:e4:8a:eb:f3:01:d6:79:d9:
42:f2:10:9d:9f:bf:54:a3:9f:b2:bd:9a:c6:9d:32:23:f8:68:
c0:ee:03:71:66:df:fc:6d:64:c7:83:37:44:0b:3b:f4:21:d4:
dc:26:1a:3d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQi/EPeSsdJ11qnbfNEfbF9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmEzNjMzNDZjMTJmODNjNjBkN2I1Y2ZkZWZlY2QzZTdm
ZjBlMmEwHhcNMjUwMTAxMTc0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjJlN2EzNTU1ZDY1MTBjNGVjMWVlNjQzNjY4ZDFiOGRkZDNhMDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0008Px9kXNa/HV4gA1V3ghxfSG4
+PwsI7BHuStWxLQ8WyJOdPXIbBOAT1zWcKvErjXl3luPATEA3VGwioyInJROkn87
sVNye6YfyA6f4sRuG7sCbea6x1b+e0i0e7FIa72fNQrJQge4UI07meLzWRGl6vIP
tlmQ0j1DtxuplQFnWT4aWGzAN4pLXNev9JJWDONTfRD1Umuc26gRWbFyZWYtT0CE
a6PxM0Uo/PwAyMUeCrdghScXDCSlr8p7818WG2jmso9jQiL0f6j46xYZIDNCCHJT
68vZBXVOby3DIgOtpdr/p7ULoXou1tumgVPny8f9I1vh4UZlRW4FWfaBzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEYuejVV1lEMTsHuZDZo0bjd06BWMB8GA1UdIwQY
MBaAFL36NjNGwS+Dxg17XP3v7NPn/w4qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZvMk0wYkJMNFBHRFh0Y19lX3MwLWZfRGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9kZGYwNmUtZGI4Yi00NTg5LWE2NTYt
MTcxNjE0NjY0NGU2LzEvUmk1Nk5WWFdVUXhPd2U1a05talJ1TjNUb0ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9kZGYwNmUtZGI4Yi00NTg5LWE2NTYtMTcxNjE0NjY0NGU2
LzEvdmZvMk0wYkJMNFBHRFh0Y19lX3MwLWZfRGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9z1AwQC
uSQMMA0GCSqGSIb3DQEBCwUAA4IBAQBfTQiDiTfpg2c7txlAvEo82M7DO3rnmGi4
75R//3bG9WO7MHm75g0GVh+QdqEfFaUjciyfb/p4gYmrRicg3d4aGWf91GXictK7
7nY5vKDnMNNUhUl12/Xu0rtdev4P6lfidY9kTBN31vhtwwaGUcCl3u5B88g+VdMZ
DKFRo+R8U6XZvQ0nZm9mwFMXtLc9ucBp63NrZSa02RlUw4c8tdjiVJ5iyNAqb3/0
v9apavy0rnBfJNrv90B7EZoLozA/wTMz4FBut6XF18r1CWzfI3nQ5Irr8wHWedlC
8hCdn79Uo5+yvZrGnTIj+GjA7gNxZt/8bWTHgzdECzv0IdTcJho9
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:46:57 2025 by rpki-client