Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/efa4d7-99a7-4c18-80fd-d29f45f793c7/1/Ac8JO-X0v1wyNDH9iLx9a-8OgU4.roa
File: Ac8JO-X0v1wyNDH9iLx9a-8OgU4.roa (raw, json)
Hash identifier: ft08vatwMICDWwM2Tj9FnfQKl8eMFf78Vl4YfUIqwGQ=
Subject key identifier: 01:CF:09:3B:E5:F4:BF:5C:32:34:31:FD:88:BC:7D:6B:EF:0E:81:4E
Certificate issuer: /CN=72c3a9a3ad320a8fc61b5f8789f525d07e5be251
Certificate serial: 01942521A2FBD32F348DE35DBC9E8667BBEE
Authority key identifier: 72:C3:A9:A3:AD:32:0A:8F:C6:1B:5F:87:89:F5:25:D0:7E:5B:E2:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/csOpo60yCo_GG1-HifUl0H5b4lE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/efa4d7-99a7-4c18-80fd-d29f45f793c7/1/Ac8JO-X0v1wyNDH9iLx9a-8OgU4.roa
Signing time: Thu 02 Jan 2025 03:49:08 +0000
ROA not before: Thu 02 Jan 2025 03:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48409
IP address blocks: 91.207.238.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:a2:fb:d3:2f:34:8d:e3:5d:bc:9e:86:67:bb:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72c3a9a3ad320a8fc61b5f8789f525d07e5be251
Validity
Not Before: Jan 2 03:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=01cf093be5f4bf5c323431fd88bc7d6bef0e814e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:08:21:19:6b:a0:bd:f1:b3:be:a5:42:3f:2e:
61:1c:4a:b9:65:18:71:e9:6e:97:6b:37:95:d2:ed:
e3:f8:c7:02:cf:b6:04:60:4f:3d:37:cb:25:f4:37:
d8:83:d2:d7:b0:7d:ae:3f:bd:f5:2c:8f:18:5f:ad:
dc:46:30:ef:92:05:d0:70:82:e1:27:9b:cc:49:b9:
f1:71:b1:0e:93:58:5e:f9:0a:ec:74:fb:22:fe:6d:
7b:7b:0d:2b:15:f7:6a:65:c2:34:6f:fa:47:a0:ff:
67:b8:3b:7a:e3:d8:59:61:d9:1d:c9:1d:7d:cb:26:
f2:78:bb:52:f4:b9:39:ea:a6:66:2c:9f:7f:b8:5a:
8c:9f:6c:b5:7c:84:a2:42:aa:08:79:d7:cf:6a:6a:
69:89:d3:a9:d9:15:e1:ae:fa:ec:98:28:f5:f0:36:
62:8f:03:1e:a5:5b:b4:81:ea:d0:cf:8f:9e:d7:92:
ff:b7:53:b2:8d:35:fc:89:db:1b:c9:f5:11:a8:00:
cd:f7:4b:cf:af:88:e4:0b:31:6d:3e:68:af:04:f1:
7d:3d:41:f1:29:21:4c:f2:b1:73:9b:58:9c:75:f4:
2f:c5:da:5e:40:f7:01:1b:db:65:28:4f:36:90:f0:
10:ce:8b:c6:3f:c3:b0:cf:61:fc:ae:f1:dd:91:19:
1e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:CF:09:3B:E5:F4:BF:5C:32:34:31:FD:88:BC:7D:6B:EF:0E:81:4E
X509v3 Authority Key Identifier:
keyid:72:C3:A9:A3:AD:32:0A:8F:C6:1B:5F:87:89:F5:25:D0:7E:5B:E2:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/csOpo60yCo_GG1-HifUl0H5b4lE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/efa4d7-99a7-4c18-80fd-d29f45f793c7/1/Ac8JO-X0v1wyNDH9iLx9a-8OgU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/efa4d7-99a7-4c18-80fd-d29f45f793c7/1/csOpo60yCo_GG1-HifUl0H5b4lE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.238.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:e9:1c:0f:6b:46:be:5d:bd:ed:a2:d9:25:0a:f4:f0:9b:c1:
64:31:2f:6c:60:c4:6a:f8:cc:e4:38:41:be:95:66:18:4e:b7:
b8:ea:14:e8:19:f6:1a:29:11:7c:98:7e:06:f9:49:4b:7b:af:
61:f4:48:a1:28:bb:7f:d8:a9:16:5c:ba:ce:1d:60:27:a9:66:
f0:59:04:bc:ec:af:25:53:a5:c8:a6:18:45:ab:69:e5:4e:5c:
a7:6a:66:dd:21:0f:6b:a1:d6:a4:a3:4a:3c:4f:b0:7b:e3:18:
b3:42:59:6a:bb:de:4a:25:e9:64:1b:30:6f:e0:b2:6a:47:7a:
9e:a0:e1:40:28:53:d8:08:77:02:a1:b2:fd:af:87:83:bc:72:
ca:0c:40:bc:5d:85:cc:3b:63:ca:40:80:f4:61:72:93:b2:cb:
f7:01:94:63:ac:93:6d:05:c3:ed:8c:fb:80:3a:ea:5a:6f:30:
72:79:af:1d:41:09:07:2f:f9:e8:1e:96:6b:da:18:b5:b6:5c:
98:9a:e9:70:82:3f:17:9b:5b:a9:2b:a6:f3:bb:ba:1a:6a:fb:
47:19:aa:48:33:b6:84:a4:e2:54:9f:1e:46:c3:51:cc:d7:5b:
75:d7:ca:bd:20:7f:50:d9:61:31:79:6c:ff:14:85:3f:3e:3e:
76:6d:e4:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIaL70y80jeNdvJ6GZ7vuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYzNhOWEzYWQzMjBhOGZjNjFiNWY4Nzg5ZjUyNWQwN2U1
YmUyNTEwHhcNMjUwMTAyMDM0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWNmMDkzYmU1ZjRiZjVjMzIzNDMxZmQ4OGJjN2Q2YmVmMGU4MTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAghGWugvfGzvqVCPy5hHEq5ZRhx
6W6XazeV0u3j+McCz7YEYE89N8sl9DfYg9LXsH2uP731LI8YX63cRjDvkgXQcILh
J5vMSbnxcbEOk1he+QrsdPsi/m17ew0rFfdqZcI0b/pHoP9nuDt649hZYdkdyR19
yybyeLtS9Lk56qZmLJ9/uFqMn2y1fISiQqoIedfPamppidOp2RXhrvrsmCj18DZi
jwMepVu0gerQz4+e15L/t1OyjTX8idsbyfURqADN90vPr4jkCzFtPmivBPF9PUHx
KSFM8rFzm1icdfQvxdpeQPcBG9tlKE82kPAQzovGP8Owz2H8rvHdkRke9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAHPCTvl9L9cMjQx/Yi8fWvvDoFOMB8GA1UdIwQY
MBaAFHLDqaOtMgqPxhtfh4n1JdB+W+JRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3NPcG82MHlDb19HRzEtSGlmVWwwSDViNGxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lZmE0ZDctOTlhNy00YzE4LTgwZmQt
ZDI5ZjQ1Zjc5M2M3LzEvQWM4Sk8tWDB2MXd5TkRIOWlMeDlhLThPZ1U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9lZmE0ZDctOTlhNy00YzE4LTgwZmQtZDI5ZjQ1Zjc5M2M3
LzEvY3NPcG82MHlDb19HRzEtSGlmVWwwSDViNGxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8/uMA0G
CSqGSIb3DQEBCwUAA4IBAQAM6RwPa0a+Xb3totklCvTwm8FkMS9sYMRq+MzkOEG+
lWYYTre46hToGfYaKRF8mH4G+UlLe69h9EihKLt/2KkWXLrOHWAnqWbwWQS87K8l
U6XIphhFq2nlTlynambdIQ9rodako0o8T7B74xizQllqu95KJelkGzBv4LJqR3qe
oOFAKFPYCHcCobL9r4eDvHLKDEC8XYXMO2PKQID0YXKTssv3AZRjrJNtBcPtjPuA
OupabzByea8dQQkHL/noHpZr2hi1tlyYmulwgj8Xm1upK6bzu7oaavtHGapIM7aE
pOJUnx5Gw1HM11t118q9IH9Q2WExeWz/FIU/Pj52beR4
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:20:44 2025 by rpki-client