Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/3997ea-204a-4efd-85d6-2d7fd0fb22ce/1/fUKc1eWdHmKeTh30S5pWd_dRf4M.roa
File: fUKc1eWdHmKeTh30S5pWd_dRf4M.roa (raw, json)
Hash identifier: GDoe187PYSy+m1pOUWwfwziOM1L2+4EiEEfpzL06VQI=
Subject key identifier: 7D:42:9C:D5:E5:9D:1E:62:9E:4E:1D:F4:4B:9A:56:77:F7:51:7F:83
Certificate issuer: /CN=4bd2b3f31a6b0a5d7c0698a37796a51d7b0cb6a4
Certificate serial: 019424B338483BB5AEF012FC8170664504B7
Authority key identifier: 4B:D2:B3:F3:1A:6B:0A:5D:7C:06:98:A3:77:96:A5:1D:7B:0C:B6:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S9Kz8xprCl18Bpijd5alHXsMtqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/3997ea-204a-4efd-85d6-2d7fd0fb22ce/1/fUKc1eWdHmKeTh30S5pWd_dRf4M.roa
Signing time: Thu 02 Jan 2025 01:48:32 +0000
ROA not before: Thu 02 Jan 2025 01:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197055
IP address blocks: 91.216.174.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:38:48:3b:b5:ae:f0:12:fc:81:70:66:45:04:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4bd2b3f31a6b0a5d7c0698a37796a51d7b0cb6a4
Validity
Not Before: Jan 2 01:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d429cd5e59d1e629e4e1df44b9a5677f7517f83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a1:d2:09:a9:32:ed:b6:04:40:11:b4:f9:4d:
d5:5d:17:55:59:5b:ef:2f:d8:a6:78:a3:07:02:65:
3e:71:36:ed:43:11:67:4f:55:d6:4c:cc:6f:18:de:
ee:37:65:e5:9f:8a:63:2b:47:4c:ca:26:78:c8:f8:
79:75:6e:5e:69:ca:c6:50:25:61:be:5a:8b:58:82:
bf:36:7f:86:2b:c5:f0:0f:e4:a6:4b:41:b5:c7:bc:
f3:7d:c1:97:62:50:47:17:8f:cf:9f:a6:7b:db:7f:
64:1b:72:b3:19:19:cb:e2:ca:43:34:7f:a1:ae:5e:
1b:82:54:51:5e:7d:71:65:ab:c1:a7:9f:dd:6e:80:
21:94:68:a2:53:3c:b4:c1:d6:94:ef:90:e1:11:d1:
57:17:82:03:6f:7b:1c:f4:ed:97:4d:37:46:76:eb:
7e:ab:0a:07:7d:77:d9:bb:52:3d:fb:18:bb:18:47:
83:79:64:08:48:f3:90:cb:2f:64:22:d9:eb:10:0f:
5c:76:28:b2:87:81:f5:09:a5:2a:38:31:35:8b:48:
db:88:37:a4:d6:a2:a0:de:9d:c7:e1:8f:c8:df:d5:
42:7a:86:ed:47:eb:2a:e4:0c:02:9f:6e:5b:1b:20:
ec:c9:82:c3:80:65:05:30:d6:4d:ba:db:7b:c8:82:
12:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:42:9C:D5:E5:9D:1E:62:9E:4E:1D:F4:4B:9A:56:77:F7:51:7F:83
X509v3 Authority Key Identifier:
keyid:4B:D2:B3:F3:1A:6B:0A:5D:7C:06:98:A3:77:96:A5:1D:7B:0C:B6:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S9Kz8xprCl18Bpijd5alHXsMtqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/3997ea-204a-4efd-85d6-2d7fd0fb22ce/1/fUKc1eWdHmKeTh30S5pWd_dRf4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/3997ea-204a-4efd-85d6-2d7fd0fb22ce/1/S9Kz8xprCl18Bpijd5alHXsMtqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.174.0/24
Signature Algorithm: sha256WithRSAEncryption
60:bc:09:fa:1a:2c:7f:bb:e3:64:42:80:81:81:cb:ca:5b:3e:
8d:3c:55:4a:c2:5a:a3:cd:6f:be:aa:09:a2:f3:18:09:7e:01:
f4:12:06:36:ac:21:3c:e4:f4:42:56:5a:12:7c:31:64:c5:43:
64:8c:0c:2e:eb:f4:6a:23:93:c0:fa:75:ca:99:e3:95:1a:8d:
72:ec:48:bd:b5:65:1a:ae:bf:02:d2:b4:5c:5f:08:1e:45:ce:
a0:62:45:65:94:dc:62:20:7a:b0:ac:c5:5f:bc:82:53:6c:eb:
f8:5c:ee:3d:75:0d:44:77:29:e3:f7:48:e5:b1:ce:1d:36:0a:
8e:60:44:cc:4e:76:63:96:4e:7e:ee:51:16:ad:12:78:7c:32:
7c:5f:9d:2b:75:2d:30:17:96:95:48:eb:70:2e:b4:6b:24:22:
7a:37:ca:2b:fb:b4:28:ba:a2:db:5e:01:6b:a3:bc:7b:d5:2d:
9a:dd:47:d5:cf:02:61:05:4a:f6:1e:aa:c6:2c:78:30:74:a1:
2c:39:9b:0c:de:f6:25:8b:f8:71:42:e8:76:9b:56:70:d8:f8:
b9:b0:1a:e1:93:8c:dd:ca:76:d6:f6:f6:4b:67:b4:1e:7c:e3:
1d:5f:44:b5:ec:20:72:7d:65:9e:58:81:e9:cc:7a:c3:c2:3f:
4f:ae:9a:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkszhIO7Wu8BL8gXBmRQS3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZDJiM2YzMWE2YjBhNWQ3YzA2OThhMzc3OTZhNTFkN2Iw
Y2I2YTQwHhcNMjUwMTAyMDE0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDQyOWNkNWU1OWQxZTYyOWU0ZTFkZjQ0YjlhNTY3N2Y3NTE3ZjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaHSCaky7bYEQBG0+U3VXRdVWVvv
L9imeKMHAmU+cTbtQxFnT1XWTMxvGN7uN2Xln4pjK0dMyiZ4yPh5dW5eacrGUCVh
vlqLWIK/Nn+GK8XwD+SmS0G1x7zzfcGXYlBHF4/Pn6Z7239kG3KzGRnL4spDNH+h
rl4bglRRXn1xZavBp5/dboAhlGiiUzy0wdaU75DhEdFXF4IDb3sc9O2XTTdGdut+
qwoHfXfZu1I9+xi7GEeDeWQISPOQyy9kItnrEA9cdiiyh4H1CaUqODE1i0jbiDek
1qKg3p3H4Y/I39VCeobtR+sq5AwCn25bGyDsyYLDgGUFMNZNutt7yIISbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH1CnNXlnR5ink4d9EuaVnf3UX+DMB8GA1UdIwQY
MBaAFEvSs/MaawpdfAaYo3eWpR17DLakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzlLejh4cHJDbDE4QnBpamQ1YWxIWHNNdHFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8zOTk3ZWEtMjA0YS00ZWZkLTg1ZDYt
MmQ3ZmQwZmIyMmNlLzEvZlVLYzFlV2RIbUtlVGgzMFM1cFdkX2RSZjRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8zOTk3ZWEtMjA0YS00ZWZkLTg1ZDYtMmQ3ZmQwZmIyMmNl
LzEvUzlLejh4cHJDbDE4QnBpamQ1YWxIWHNNdHFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9iuMA0G
CSqGSIb3DQEBCwUAA4IBAQBgvAn6Gix/u+NkQoCBgcvKWz6NPFVKwlqjzW++qgmi
8xgJfgH0EgY2rCE85PRCVloSfDFkxUNkjAwu6/RqI5PA+nXKmeOVGo1y7Ei9tWUa
rr8C0rRcXwgeRc6gYkVllNxiIHqwrMVfvIJTbOv4XO49dQ1Edynj90jlsc4dNgqO
YETMTnZjlk5+7lEWrRJ4fDJ8X50rdS0wF5aVSOtwLrRrJCJ6N8or+7QouqLbXgFr
o7x71S2a3UfVzwJhBUr2HqrGLHgwdKEsOZsM3vYli/hxQuh2m1Zw2Pi5sBrhk4zd
ynbW9vZLZ7QefOMdX0S17CByfWWeWIHpzHrDwj9PrpqH
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:51:59 2025 by rpki-client