Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/5594ed-7eb8-431e-930c-7f866daa5464/1/obxxCWwwodKEQItq-LvA1UofY7E.roa
File: obxxCWwwodKEQItq-LvA1UofY7E.roa (raw, json)
Hash identifier: EDnG/ruD1T9KRKhZcI5dsIBjNgSOpQ6QRSsT8ooYu6w=
Subject key identifier: A1:BC:71:09:6C:30:A1:D2:84:40:8B:6A:F8:BB:C0:D5:4A:1F:63:B1
Certificate issuer: /CN=1e40ab40e53860871250e9bac4e163339710595d
Certificate serial: 019423D7FFCB858D32C32A2AA536B1ED4669
Authority key identifier: 1E:40:AB:40:E5:38:60:87:12:50:E9:BA:C4:E1:63:33:97:10:59:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HkCrQOU4YIcSUOm6xOFjM5cQWV0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/5594ed-7eb8-431e-930c-7f866daa5464/1/obxxCWwwodKEQItq-LvA1UofY7E.roa
Signing time: Wed 01 Jan 2025 21:49:05 +0000
ROA not before: Wed 01 Jan 2025 21:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200826
IP address blocks: 91.234.241.0/24 maxlen: 24
91.234.242.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:ff:cb:85:8d:32:c3:2a:2a:a5:36:b1:ed:46:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e40ab40e53860871250e9bac4e163339710595d
Validity
Not Before: Jan 1 21:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1bc71096c30a1d284408b6af8bbc0d54a1f63b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e0:ed:f6:c7:bc:4e:17:68:16:c2:f3:fb:c1:
be:b3:f2:cd:7c:01:12:4b:4f:b6:dd:c6:06:6f:d6:
ef:bb:a0:b1:80:bc:34:32:63:07:2b:97:a9:fb:a0:
72:f5:0a:a7:24:f2:5a:f8:9f:10:3a:f3:a6:86:27:
e1:f6:dc:b0:c4:08:2c:e2:70:d9:25:8a:6f:7f:d2:
01:00:fb:22:9b:3f:5a:53:fb:53:aa:a5:b7:26:9e:
f8:85:d4:d1:9e:14:49:cf:33:2a:44:d7:49:0a:fd:
9b:47:5e:07:42:3d:f7:40:16:d7:38:98:65:8b:d0:
5e:4f:1e:da:5a:74:c3:11:45:78:76:8b:0a:be:5e:
0b:3d:0f:2f:fb:6c:f4:ae:fd:68:8a:3c:42:9c:71:
7c:9e:5e:2d:4f:5e:3a:36:52:af:18:14:3d:b0:a3:
3c:bc:d9:2f:7e:59:68:32:c8:27:0f:65:6d:49:32:
f5:ab:81:46:05:45:89:db:84:68:46:56:9a:25:d6:
a3:f3:d9:eb:f4:80:d1:8e:78:64:b6:1b:fc:71:1d:
cb:ac:20:10:11:84:04:ee:9a:3e:ae:82:03:76:0d:
5e:b6:29:19:52:c1:82:1a:ca:22:b7:79:4f:be:dd:
25:ff:eb:f9:31:4c:14:44:d6:9a:e9:f9:63:00:7f:
b4:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:BC:71:09:6C:30:A1:D2:84:40:8B:6A:F8:BB:C0:D5:4A:1F:63:B1
X509v3 Authority Key Identifier:
keyid:1E:40:AB:40:E5:38:60:87:12:50:E9:BA:C4:E1:63:33:97:10:59:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HkCrQOU4YIcSUOm6xOFjM5cQWV0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/5594ed-7eb8-431e-930c-7f866daa5464/1/obxxCWwwodKEQItq-LvA1UofY7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/5594ed-7eb8-431e-930c-7f866daa5464/1/HkCrQOU4YIcSUOm6xOFjM5cQWV0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.241.0-91.234.243.255
Signature Algorithm: sha256WithRSAEncryption
36:a9:30:be:5d:bb:53:07:29:dc:4d:50:65:67:da:57:d9:99:
32:db:35:5c:3a:c6:00:b3:f7:a0:08:e4:93:17:51:cf:d1:c1:
71:9b:c3:72:bc:eb:4a:41:f3:59:0a:23:2f:f0:fd:65:53:00:
ec:79:fb:1d:ba:c1:b6:b5:25:06:79:18:20:f8:ce:c1:30:49:
cd:fa:f0:5a:b0:9a:3f:1e:16:8f:b7:02:2f:40:79:cd:2a:93:
41:1f:e3:12:3d:c7:97:94:0e:6c:ab:fb:0e:00:1d:75:b2:b2:
46:77:aa:ff:7f:30:43:1d:8a:ca:80:00:b2:04:3d:01:65:71:
7d:8a:71:44:aa:98:56:c2:98:b0:17:fc:7c:28:32:0e:39:04:
e6:59:e5:98:03:54:c9:dc:4e:7a:3d:dd:46:74:53:89:9e:be:
aa:e4:c9:84:c8:fd:56:ff:1c:cf:72:ba:b5:b4:af:7a:f9:67:
0a:c2:90:d1:ea:7b:09:e3:5a:70:5a:8e:87:8f:7f:d3:81:dc:
fc:81:6b:5d:1a:4a:83:de:69:04:41:08:3a:87:0c:ae:e6:1e:
24:fb:ed:f9:f1:45:07:7c:8c:b0:b4:85:a8:2c:02:ea:54:5c:
a4:42:70:1f:1e:a0:9a:74:e5:d3:00:af:b5:6c:ec:4a:7b:9c:
3b:bd:ac:aa
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQj1//LhY0ywyoqpTax7UZpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNDBhYjQwZTUzODYwODcxMjUwZTliYWM0ZTE2MzMzOTcx
MDU5NWQwHhcNMjUwMTAxMjE0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWJjNzEwOTZjMzBhMWQyODQ0MDhiNmFmOGJiYzBkNTRhMWY2M2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlODt9se8ThdoFsLz+8G+s/LNfAES
S0+23cYGb9bvu6CxgLw0MmMHK5ep+6By9QqnJPJa+J8QOvOmhifh9tywxAgs4nDZ
JYpvf9IBAPsimz9aU/tTqqW3Jp74hdTRnhRJzzMqRNdJCv2bR14HQj33QBbXOJhl
i9BeTx7aWnTDEUV4dosKvl4LPQ8v+2z0rv1oijxCnHF8nl4tT146NlKvGBQ9sKM8
vNkvflloMsgnD2VtSTL1q4FGBUWJ24RoRlaaJdaj89nr9IDRjnhkthv8cR3LrCAQ
EYQE7po+roIDdg1etikZUsGCGsoit3lPvt0l/+v5MUwURNaa6fljAH+03QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKG8cQlsMKHShECLavi7wNVKH2OxMB8GA1UdIwQY
MBaAFB5Aq0DlOGCHElDpusThYzOXEFldMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGtDclFPVTRZSWNTVU9tNnhPRmpNNWNRV1YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy81NTk0ZWQtN2ViOC00MzFlLTkzMGMt
N2Y4NjZkYWE1NDY0LzEvb2J4eENXd3dvZEtFUUl0cS1MdkExVW9mWTdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy81NTk0ZWQtN2ViOC00MzFlLTkzMGMtN2Y4NjZkYWE1NDY0
LzEvSGtDclFPVTRZSWNTVU9tNnhPRmpNNWNRV1YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABb6vED
BAJb6vAwDQYJKoZIhvcNAQELBQADggEBADapML5du1MHKdxNUGVn2lfZmTLbNVw6
xgCz96AI5JMXUc/RwXGbw3K860pB81kKIy/w/WVTAOx5+x26wba1JQZ5GCD4zsEw
Sc368Fqwmj8eFo+3Ai9Aec0qk0Ef4xI9x5eUDmyr+w4AHXWyskZ3qv9/MEMdisqA
ALIEPQFlcX2KcUSqmFbCmLAX/HwoMg45BOZZ5ZgDVMncTno93UZ0U4mevqrkyYTI
/Vb/HM9yurW0r3r5ZwrCkNHqewnjWnBajoePf9OB3PyBa10aSoPeaQRBCDqHDK7m
HiT77fnxRQd8jLC0hagsAupUXKRCcB8eoJp05dMAr7Vs7Ep7nDu9rKo=
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:07:29 2025 by rpki-client