Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/JOHfVLRjbgChQjLZ30d-DxmHuLA.roa
File: JOHfVLRjbgChQjLZ30d-DxmHuLA.roa (raw, json)
Hash identifier: OvGleZlyc/SzFlxVrESN9Tsi/ml5v3uiXnmlsUGLhlw=
Subject key identifier: 24:E1:DF:54:B4:63:6E:00:A1:42:32:D9:DF:47:7E:0F:19:87:B8:B0
Certificate issuer: /CN=ca1def8400365e1cac16e8f7887092dac983b73e
Certificate serial: 019420683674B41D9DEB6785DD57759D84D4
Authority key identifier: CA:1D:EF:84:00:36:5E:1C:AC:16:E8:F7:88:70:92:DA:C9:83:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/JOHfVLRjbgChQjLZ30d-DxmHuLA.roa
Signing time: Wed 01 Jan 2025 05:48:08 +0000
ROA not before: Wed 01 Jan 2025 05:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43109
IP address blocks: 91.196.96.0/22 maxlen: 22
193.243.156.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:36:74:b4:1d:9d:eb:67:85:dd:57:75:9d:84:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca1def8400365e1cac16e8f7887092dac983b73e
Validity
Not Before: Jan 1 05:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24e1df54b4636e00a14232d9df477e0f1987b8b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:18:bf:25:80:80:24:90:5c:22:32:87:3b:62:
4b:e5:64:7b:f2:64:60:ff:d6:7b:fe:c9:b8:d0:c4:
2f:ab:9a:2a:cb:06:fd:df:eb:7f:6f:5b:0a:85:6a:
7d:6d:dc:ba:41:27:54:ea:0f:fc:21:f7:10:42:0f:
b3:d2:f9:43:9c:04:57:64:40:42:6c:ea:20:ce:d2:
f4:2f:d6:20:50:2e:b4:04:47:4d:a1:45:5d:b5:04:
0c:79:48:26:f3:fd:88:59:e6:ac:41:53:af:3d:12:
5e:3d:4d:dc:7f:d7:9c:17:45:1e:1b:ba:a2:bb:76:
62:58:86:f0:71:25:22:da:2f:09:bf:cc:9c:e8:da:
c4:bf:46:20:45:97:d2:a8:07:ee:36:50:76:a8:30:
f9:1d:e4:ca:40:9e:51:9a:f1:0b:54:93:c5:f3:24:
7a:d8:aa:7f:fc:d5:01:08:4e:2b:25:cf:e6:05:69:
fe:11:f9:e8:20:4d:ad:a1:24:9f:87:5a:d9:e5:a1:
1c:80:d9:d6:28:67:08:a3:77:03:3d:92:01:cc:3a:
ec:8f:7d:9e:c4:78:57:ea:1b:e0:5e:c1:67:2e:12:
e9:37:c5:7a:6c:3c:9f:5d:23:3a:5b:40:91:e3:a1:
b5:24:cf:d6:db:33:b3:72:23:61:6a:14:67:06:f4:
16:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:E1:DF:54:B4:63:6E:00:A1:42:32:D9:DF:47:7E:0F:19:87:B8:B0
X509v3 Authority Key Identifier:
keyid:CA:1D:EF:84:00:36:5E:1C:AC:16:E8:F7:88:70:92:DA:C9:83:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/JOHfVLRjbgChQjLZ30d-DxmHuLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.96.0/22
193.243.156.0/23
Signature Algorithm: sha256WithRSAEncryption
61:31:fe:ea:f6:b4:18:ed:84:67:ac:f6:7b:17:be:30:c5:5b:
7b:c8:54:9a:2c:9d:9b:9f:eb:04:ac:92:9f:c0:48:43:a5:6d:
29:56:a2:e7:39:43:d3:cb:c9:97:48:a0:7a:fd:21:a9:92:91:
97:36:45:04:b0:4d:c9:6a:d5:dd:8d:d4:c9:f2:9b:1a:e7:13:
ae:22:f4:a5:ff:a1:bd:50:56:d9:8e:76:e6:d0:7b:d4:59:42:
d5:4d:2a:08:1e:8b:1c:fc:db:93:b3:64:cf:ee:07:6b:e1:5c:
35:9c:7b:cd:a4:ce:fb:b1:f0:f0:3c:ed:92:a1:75:9e:88:cb:
94:f4:ef:db:e9:81:1e:d9:27:78:25:d7:68:e8:97:03:9b:f4:
3f:52:37:42:81:07:33:6e:2d:1d:2f:fa:6b:7c:3f:db:19:b5:
aa:e7:18:72:1f:43:03:29:8b:1c:97:4f:28:58:9c:a6:6c:5f:
09:25:18:44:ca:84:b8:f8:bc:f2:e6:31:f6:03:68:1f:d3:1a:
ff:23:59:d3:f2:b1:d4:a6:7d:d0:00:b8:c6:ae:77:65:af:61:
77:6e:ef:de:1d:85:d2:61:ab:4c:39:38:14:82:1f:d9:01:7e:
aa:10:7a:1b:36:56:0a:a6:e3:a0:56:ec:0f:f3:a6:1f:54:b9:
0f:0a:b1:5f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQgaDZ0tB2d62eF3Vd1nYTUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWRlZjg0MDAzNjVlMWNhYzE2ZThmNzg4NzA5MmRhYzk4
M2I3M2UwHhcNMjUwMTAxMDU0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGUxZGY1NGI0NjM2ZTAwYTE0MjMyZDlkZjQ3N2UwZjE5ODdiOGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxi/JYCAJJBcIjKHO2JL5WR78mRg
/9Z7/sm40MQvq5oqywb93+t/b1sKhWp9bdy6QSdU6g/8IfcQQg+z0vlDnARXZEBC
bOogztL0L9YgUC60BEdNoUVdtQQMeUgm8/2IWeasQVOvPRJePU3cf9ecF0UeG7qi
u3ZiWIbwcSUi2i8Jv8yc6NrEv0YgRZfSqAfuNlB2qDD5HeTKQJ5RmvELVJPF8yR6
2Kp//NUBCE4rJc/mBWn+EfnoIE2toSSfh1rZ5aEcgNnWKGcIo3cDPZIBzDrsj32e
xHhX6hvgXsFnLhLpN8V6bDyfXSM6W0CR46G1JM/W2zOzciNhahRnBvQWuwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCTh31S0Y24AoUIy2d9Hfg8Zh7iwMB8GA1UdIwQY
MBaAFMod74QANl4crBbo94hwktrJg7c+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWgzdmhBQTJYaHlzRnVqM2lIQ1Myc21EdHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi83MWZkMTAtNGYyNi00NDlhLWIzNjEt
Zjk4ZWM5ZDE2MmJlLzEvSk9IZlZMUmpiZ0NoUWpMWjMwZC1EeG1IdUxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi83MWZkMTAtNGYyNi00NDlhLWIzNjEtZjk4ZWM5ZDE2MmJl
LzEveWgzdmhBQTJYaHlzRnVqM2lIQ1Myc21EdHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8RgAwQB
wfOcMA0GCSqGSIb3DQEBCwUAA4IBAQBhMf7q9rQY7YRnrPZ7F74wxVt7yFSaLJ2b
n+sErJKfwEhDpW0pVqLnOUPTy8mXSKB6/SGpkpGXNkUEsE3JatXdjdTJ8psa5xOu
IvSl/6G9UFbZjnbm0HvUWULVTSoIHosc/NuTs2TP7gdr4Vw1nHvNpM77sfDwPO2S
oXWeiMuU9O/b6YEe2Sd4Jddo6JcDm/Q/UjdCgQczbi0dL/prfD/bGbWq5xhyH0MD
KYscl08oWJymbF8JJRhEyoS4+Lzy5jH2A2gf0xr/I1nT8rHUpn3QALjGrndlr2F3
bu/eHYXSYatMOTgUgh/ZAX6qEHobNlYKpuOgVuwP86YfVLkPCrFf
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:52:57 2025 by rpki-client