Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/d3953b-b942-4b75-9c9d-985c64fe27ee/1/JcToINykthxZqkBh7fobFCTKp2I.roa
File: JcToINykthxZqkBh7fobFCTKp2I.roa (raw, json)
Hash identifier: F1iAfU1wcqbeN+hDEpqORkaihsCsZaQsLdfSqnLvibY=
Subject key identifier: 25:C4:E8:20:DC:A4:B6:1C:59:AA:40:61:ED:FA:1B:14:24:CA:A7:62
Certificate issuer: /CN=9bbae6e3ed766de47aba6693bb5af8a648974310
Certificate serial: 0194244482A658AFCE33CD1EEDDF50DECD32
Authority key identifier: 9B:BA:E6:E3:ED:76:6D:E4:7A:BA:66:93:BB:5A:F8:A6:48:97:43:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m7rm4-12beR6umaTu1r4pkiXQxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/d3953b-b942-4b75-9c9d-985c64fe27ee/1/JcToINykthxZqkBh7fobFCTKp2I.roa
Signing time: Wed 01 Jan 2025 23:47:37 +0000
ROA not before: Wed 01 Jan 2025 23:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35236
IP address blocks: 45.91.28.0/22 maxlen: 24
2a0e:25c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:82:a6:58:af:ce:33:cd:1e:ed:df:50:de:cd:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bbae6e3ed766de47aba6693bb5af8a648974310
Validity
Not Before: Jan 1 23:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25c4e820dca4b61c59aa4061edfa1b1424caa762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:10:50:24:d5:7c:4e:0c:7d:d5:47:60:3c:65:
35:b0:10:a3:d6:6a:df:e3:a3:a4:8e:0b:90:45:7c:
d9:ca:27:41:d1:41:f2:82:c9:8f:5c:bc:e3:77:5a:
85:ee:ca:d6:1c:37:e4:41:6c:98:cd:b6:3f:50:80:
e3:23:de:87:ca:09:31:93:b2:2d:e8:79:48:ce:ea:
ad:ed:d4:1b:1d:32:f3:dc:7d:d8:93:51:6f:9b:32:
4c:2f:dd:89:af:67:92:1a:a7:04:36:1d:dc:c0:5a:
ff:fb:7a:56:e0:a6:c2:ee:1e:ef:14:ff:b4:8e:7b:
de:82:bd:07:bb:8d:a1:ec:ca:a6:0e:cf:1a:ed:94:
5a:bc:13:cf:f3:cc:35:19:65:1c:7a:f8:8b:fb:15:
3e:6a:14:4d:6a:f9:e0:05:ad:24:92:ee:74:19:7e:
14:ff:da:85:5d:98:cc:50:48:f3:44:d9:42:b1:41:
11:c9:b8:d2:7d:9d:13:2e:f2:45:ea:2c:40:e0:c2:
cd:eb:61:51:ec:4e:65:1e:c8:1f:ed:2b:d9:ca:8e:
e5:36:70:55:6f:1a:11:bf:de:66:6f:35:e8:69:f5:
3a:3f:5f:d2:52:cc:6e:e3:5d:7f:72:95:46:ee:9c:
2d:a1:45:d9:0f:51:cf:cb:21:f9:22:dd:e6:da:ee:
50:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:C4:E8:20:DC:A4:B6:1C:59:AA:40:61:ED:FA:1B:14:24:CA:A7:62
X509v3 Authority Key Identifier:
keyid:9B:BA:E6:E3:ED:76:6D:E4:7A:BA:66:93:BB:5A:F8:A6:48:97:43:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m7rm4-12beR6umaTu1r4pkiXQxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/d3953b-b942-4b75-9c9d-985c64fe27ee/1/JcToINykthxZqkBh7fobFCTKp2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/d3953b-b942-4b75-9c9d-985c64fe27ee/1/m7rm4-12beR6umaTu1r4pkiXQxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.28.0/22
IPv6:
2a0e:25c0::/29
Signature Algorithm: sha256WithRSAEncryption
47:59:07:58:ab:ef:77:9e:d3:b1:76:9e:dd:57:ba:e0:79:da:
4f:49:1c:cf:40:42:e8:75:5e:e3:ba:26:52:78:0e:17:d2:3a:
1f:98:09:5f:5f:0c:dc:6d:c6:3e:b3:47:37:a9:2b:cf:19:96:
48:51:dd:b7:35:59:91:02:07:a0:2c:b7:9e:0c:29:c0:11:c9:
35:23:bb:5c:50:94:13:2e:e8:59:68:25:67:a7:fe:24:61:03:
87:06:58:4b:09:de:6d:65:e2:f6:3e:6c:01:54:0f:6c:e2:0d:
62:5b:7d:1c:9f:7f:57:b0:c3:8e:a8:a9:3e:4b:eb:2b:da:8f:
c8:e3:3c:14:5a:d6:6e:ab:84:d3:45:0d:40:7b:36:42:15:6e:
cd:c9:f4:e1:96:42:c3:ea:70:ab:1b:18:8f:16:48:bb:32:ba:
b8:cf:22:e9:d0:46:12:01:b0:09:ff:bc:74:8c:d6:11:a4:95:
3a:97:6b:04:37:5d:f2:7d:fb:b8:3f:da:a6:50:da:31:92:2a:
97:bf:8c:78:70:29:1d:fd:5c:36:d5:fb:98:f0:25:80:c6:7a:
00:b4:32:64:ce:34:b3:bc:df:86:03:3e:b7:44:b4:ba:f1:01:
6c:29:cb:86:11:77:46:54:36:6b:b3:27:c0:e4:b9:b3:12:62:
79:5a:7d:06
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRIKmWK/OM80e7d9Q3s0yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYmFlNmUzZWQ3NjZkZTQ3YWJhNjY5M2JiNWFmOGE2NDg5
NzQzMTAwHhcNMjUwMTAxMjM0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWM0ZTgyMGRjYTRiNjFjNTlhYTQwNjFlZGZhMWIxNDI0Y2FhNzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5BBQJNV8Tgx91UdgPGU1sBCj1mrf
46OkjguQRXzZyidB0UHygsmPXLzjd1qF7srWHDfkQWyYzbY/UIDjI96Hygkxk7It
6HlIzuqt7dQbHTLz3H3Yk1FvmzJML92Jr2eSGqcENh3cwFr/+3pW4KbC7h7vFP+0
jnvegr0Hu42h7MqmDs8a7ZRavBPP88w1GWUceviL+xU+ahRNavngBa0kku50GX4U
/9qFXZjMUEjzRNlCsUERybjSfZ0TLvJF6ixA4MLN62FR7E5lHsgf7SvZyo7lNnBV
bxoRv95mbzXoafU6P1/SUsxu411/cpVG7pwtoUXZD1HPyyH5It3m2u5QrwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCXE6CDcpLYcWapAYe36GxQkyqdiMB8GA1UdIwQY
MBaAFJu65uPtdm3kerpmk7ta+KZIl0MQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTdybTQtMTJiZVI2dW1hVHUxcjRwa2lYUXhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9kMzk1M2ItYjk0Mi00Yjc1LTljOWQt
OTg1YzY0ZmUyN2VlLzEvSmNUb0lOeWt0aHhacWtCaDdmb2JGQ1RLcDJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9kMzk1M2ItYjk0Mi00Yjc1LTljOWQtOTg1YzY0ZmUyN2Vl
LzEvbTdybTQtMTJiZVI2dW1hVHUxcjRwa2lYUXhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVscMA0E
AgACMAcDBQMqDiXAMA0GCSqGSIb3DQEBCwUAA4IBAQBHWQdYq+93ntOxdp7dV7rg
edpPSRzPQELodV7juiZSeA4X0jofmAlfXwzcbcY+s0c3qSvPGZZIUd23NVmRAgeg
LLeeDCnAEck1I7tcUJQTLuhZaCVnp/4kYQOHBlhLCd5tZeL2PmwBVA9s4g1iW30c
n39XsMOOqKk+S+sr2o/I4zwUWtZuq4TTRQ1AezZCFW7NyfThlkLD6nCrGxiPFki7
Mrq4zyLp0EYSAbAJ/7x0jNYRpJU6l2sEN13yffu4P9qmUNoxkiqXv4x4cCkd/Vw2
1fuY8CWAxnoAtDJkzjSzvN+GAz63RLS68QFsKcuGEXdGVDZrsyfA5LmzEmJ5Wn0G
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:47:52 2025 by rpki-client