Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/19c9e1-8543-4f50-acae-e4045d8cfe8f/1/flK9dI6qS59uuhUTdI9-Lm32F14.roa
File: flK9dI6qS59uuhUTdI9-Lm32F14.roa (raw, json)
Hash identifier: zlQ+q1YmxirUq/y5GYQVkTybydvIz392HoitTR1/bAQ=
Subject key identifier: 7E:52:BD:74:8E:AA:4B:9F:6E:BA:15:13:74:8F:7E:2E:6D:F6:17:5E
Certificate issuer: /CN=963a0fc47a7adf62845ad6dcd7fb761a6c19fedb
Certificate serial: 01941F8C96D2BF66B0C66E3A4D59076B099A
Authority key identifier: 96:3A:0F:C4:7A:7A:DF:62:84:5A:D6:DC:D7:FB:76:1A:6C:19:FE:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ljoPxHp632KEWtbc1_t2GmwZ_ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/19c9e1-8543-4f50-acae-e4045d8cfe8f/1/flK9dI6qS59uuhUTdI9-Lm32F14.roa
Signing time: Wed 01 Jan 2025 01:48:14 +0000
ROA not before: Wed 01 Jan 2025 01:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58213
IP address blocks: 91.216.74.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:96:d2:bf:66:b0:c6:6e:3a:4d:59:07:6b:09:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=963a0fc47a7adf62845ad6dcd7fb761a6c19fedb
Validity
Not Before: Jan 1 01:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e52bd748eaa4b9f6eba1513748f7e2e6df6175e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:6c:44:e0:29:97:6b:94:f9:ad:1f:c9:ab:c4:
f0:78:50:20:12:31:76:a5:ed:9b:a8:e3:ac:5d:ec:
e5:a2:a5:eb:6e:42:67:40:86:1b:39:75:06:f6:f8:
db:2b:c8:88:e8:46:aa:d3:49:66:15:30:4a:17:67:
31:44:6c:5b:64:da:ba:fc:e3:d8:bd:b1:5c:95:3d:
42:e7:b9:f4:63:76:1b:93:2e:6d:aa:5b:78:53:0f:
18:45:44:65:92:70:52:e4:e4:9c:fc:7b:c0:ed:b8:
d5:a6:aa:a1:38:ab:74:89:ae:d7:51:f6:4a:c0:47:
5c:cd:22:44:30:d8:7d:71:7a:37:b2:58:bc:01:f3:
27:5a:8e:9e:d4:33:4d:40:02:a7:27:75:c6:b7:75:
93:f6:84:0b:0c:35:f6:a2:00:01:e7:94:8c:bd:e0:
38:38:54:cf:f7:29:e4:eb:c2:8b:bf:64:1a:b4:dd:
82:01:63:b7:53:b0:af:c9:c2:b8:2d:0c:bc:8b:e0:
9c:38:41:eb:6f:c2:08:e5:4b:4e:e5:05:13:12:24:
8a:f3:74:51:b5:05:ca:9f:4a:e1:ca:2f:5c:db:51:
02:b0:15:4e:48:c0:5d:d2:25:fd:6d:e6:36:fe:70:
42:2d:14:79:7f:3b:01:da:04:8e:cc:25:a7:79:7d:
ce:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:52:BD:74:8E:AA:4B:9F:6E:BA:15:13:74:8F:7E:2E:6D:F6:17:5E
X509v3 Authority Key Identifier:
keyid:96:3A:0F:C4:7A:7A:DF:62:84:5A:D6:DC:D7:FB:76:1A:6C:19:FE:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ljoPxHp632KEWtbc1_t2GmwZ_ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/19c9e1-8543-4f50-acae-e4045d8cfe8f/1/flK9dI6qS59uuhUTdI9-Lm32F14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/19c9e1-8543-4f50-acae-e4045d8cfe8f/1/ljoPxHp632KEWtbc1_t2GmwZ_ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.74.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:89:e1:59:88:83:37:44:25:75:47:17:a4:2e:b3:c6:fc:53:
be:8b:ba:22:38:d5:ee:ee:98:c1:0d:47:eb:97:7b:bb:73:9a:
41:a4:2c:2f:68:8d:6c:2b:a5:2a:48:e7:a0:84:74:a4:3f:7b:
1c:7f:63:0b:fb:3d:cd:0a:6c:33:92:4b:13:07:26:af:d1:cf:
3b:6f:7d:95:86:4e:e0:45:c2:3d:23:d3:64:74:61:12:2f:28:
b4:bd:ef:63:37:82:b2:bd:42:5c:0f:60:64:b8:6b:cb:fc:ea:
32:49:c1:e4:9a:a3:f9:30:17:13:80:7e:f7:09:27:02:9c:82:
4e:bf:37:08:59:fd:e3:0d:c9:e3:5f:c6:66:b1:0e:3d:56:82:
b6:85:f7:64:3e:db:b8:1c:9c:90:90:ab:6f:cc:2c:2d:65:78:
80:cb:39:4c:4c:c3:da:ae:99:29:4c:b4:f9:2f:2c:46:88:79:
ef:5c:46:23:94:10:72:63:c9:9b:72:ad:e5:18:1d:3a:a9:76:
44:32:4a:58:8f:46:43:3c:75:8a:8d:69:9f:89:bf:b0:70:1f:
aa:5c:1b:81:92:76:9d:8a:32:11:46:8b:2b:9a:01:32:74:c1:
30:26:a9:56:bd:cc:4f:8e:4b:99:f7:a6:ab:ef:a8:8c:fb:53:
f8:31:11:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjJbSv2awxm46TVkHawmaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2M2EwZmM0N2E3YWRmNjI4NDVhZDZkY2Q3ZmI3NjFhNmMx
OWZlZGIwHhcNMjUwMTAxMDE0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTUyYmQ3NDhlYWE0YjlmNmViYTE1MTM3NDhmN2UyZTZkZjYxNzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0GxE4CmXa5T5rR/Jq8TweFAgEjF2
pe2bqOOsXezloqXrbkJnQIYbOXUG9vjbK8iI6Eaq00lmFTBKF2cxRGxbZNq6/OPY
vbFclT1C57n0Y3Ybky5tqlt4Uw8YRURlknBS5OSc/HvA7bjVpqqhOKt0ia7XUfZK
wEdczSJEMNh9cXo3sli8AfMnWo6e1DNNQAKnJ3XGt3WT9oQLDDX2ogAB55SMveA4
OFTP9ynk68KLv2QatN2CAWO3U7CvycK4LQy8i+CcOEHrb8II5UtO5QUTEiSK83RR
tQXKn0rhyi9c21ECsBVOSMBd0iX9beY2/nBCLRR5fzsB2gSOzCWneX3OnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH5SvXSOqkufbroVE3SPfi5t9hdeMB8GA1UdIwQY
MBaAFJY6D8R6et9ihFrW3Nf7dhpsGf7bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGpvUHhIcDYzMktFV3RiYzFfdDJHbXdaX3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8xOWM5ZTEtODU0My00ZjUwLWFjYWUt
ZTQwNDVkOGNmZThmLzEvZmxLOWRJNnFTNTl1dWhVVGRJOS1MbTMyRjE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8xOWM5ZTEtODU0My00ZjUwLWFjYWUtZTQwNDVkOGNmZThm
LzEvbGpvUHhIcDYzMktFV3RiYzFfdDJHbXdaX3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9hKMA0G
CSqGSIb3DQEBCwUAA4IBAQCzieFZiIM3RCV1RxekLrPG/FO+i7oiONXu7pjBDUfr
l3u7c5pBpCwvaI1sK6UqSOeghHSkP3scf2ML+z3NCmwzkksTByav0c87b32Vhk7g
RcI9I9NkdGESLyi0ve9jN4KyvUJcD2BkuGvL/OoyScHkmqP5MBcTgH73CScCnIJO
vzcIWf3jDcnjX8ZmsQ49VoK2hfdkPtu4HJyQkKtvzCwtZXiAyzlMTMParpkpTLT5
LyxGiHnvXEYjlBByY8mbcq3lGB06qXZEMkpYj0ZDPHWKjWmfib+wcB+qXBuBknad
ijIRRosrmgEydMEwJqlWvcxPjkuZ96ar76iM+1P4MRGi
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:08:16 2025 by rpki-client