Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/df9a4c-79fe-4004-9413-4b47e8f8c86f/1/3twUXXIP_KmiWrUBvyT5612yZdA.roa
File: 3twUXXIP_KmiWrUBvyT5612yZdA.roa (raw, json)
Hash identifier: i8TOwD+JQVgsZynDBd1FE+mCLj4YL4GBf0bnlreCNh4=
Subject key identifier: DE:DC:14:5D:72:0F:FC:A9:A2:5A:B5:01:BF:24:F9:EB:5D:B2:65:D0
Certificate issuer: /CN=200b3b2345710a096f6a34d7f089beb1e3fc5388
Certificate serial: 019420D60FB53B32048A977EDA15D1A2440E
Authority key identifier: 20:0B:3B:23:45:71:0A:09:6F:6A:34:D7:F0:89:BE:B1:E3:FC:53:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IAs7I0VxCglvajTX8Im-seP8U4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/df9a4c-79fe-4004-9413-4b47e8f8c86f/1/3twUXXIP_KmiWrUBvyT5612yZdA.roa
Signing time: Wed 01 Jan 2025 07:48:07 +0000
ROA not before: Wed 01 Jan 2025 07:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48134
IP address blocks: 91.209.19.0/24 maxlen: 24
2a0e:58c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:0f:b5:3b:32:04:8a:97:7e:da:15:d1:a2:44:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=200b3b2345710a096f6a34d7f089beb1e3fc5388
Validity
Not Before: Jan 1 07:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dedc145d720ffca9a25ab501bf24f9eb5db265d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:fa:ed:c4:7f:c3:79:d1:39:42:dc:74:35:63:
53:3a:2b:4c:23:fc:bc:95:a6:d3:77:35:fe:40:3a:
35:f9:77:39:7e:87:f4:ce:3d:cf:8c:d7:b9:0d:88:
0e:5d:ae:fa:10:dc:51:a1:16:4b:4d:5e:e6:19:6e:
97:21:2b:d8:58:a3:41:9a:c7:a5:7f:2c:5a:0a:f6:
d5:6b:d0:27:8e:93:17:1c:b3:5c:ba:61:19:df:df:
4d:f5:9a:fd:e1:0d:87:ca:05:89:ba:e9:88:69:f6:
13:04:b6:87:b7:b3:67:0c:ba:36:e3:f0:81:ca:1a:
54:6e:25:b0:45:23:f8:01:c9:06:63:bf:a4:b9:93:
66:b4:23:c0:32:8f:84:5a:8a:ee:4e:be:a2:32:16:
a8:a1:19:c9:a7:3d:ac:79:d9:5a:29:d3:30:3b:f7:
62:bf:7f:6c:f2:c5:b2:f5:df:e5:84:c5:f6:07:aa:
8d:47:e4:57:e0:db:0d:50:83:41:63:8f:3e:8e:9d:
25:cd:ff:4b:01:8c:35:c6:17:e5:e4:ca:71:d7:4b:
4a:4a:1e:c6:2e:88:3e:ea:7b:44:7d:d1:30:9d:1d:
3b:ea:3e:28:37:0c:66:d6:f8:f5:0a:1f:dc:11:b2:
94:54:b3:b6:e6:cd:74:db:9e:48:d0:72:7b:af:ae:
10:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:DC:14:5D:72:0F:FC:A9:A2:5A:B5:01:BF:24:F9:EB:5D:B2:65:D0
X509v3 Authority Key Identifier:
keyid:20:0B:3B:23:45:71:0A:09:6F:6A:34:D7:F0:89:BE:B1:E3:FC:53:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IAs7I0VxCglvajTX8Im-seP8U4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/df9a4c-79fe-4004-9413-4b47e8f8c86f/1/3twUXXIP_KmiWrUBvyT5612yZdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/df9a4c-79fe-4004-9413-4b47e8f8c86f/1/IAs7I0VxCglvajTX8Im-seP8U4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.19.0/24
IPv6:
2a0e:58c0::/29
Signature Algorithm: sha256WithRSAEncryption
7b:c5:0a:c5:8a:d8:70:7e:0b:96:63:f7:f2:00:dd:3a:ed:9b:
4f:7b:c8:a2:ea:64:bb:4b:f3:20:38:26:c6:4d:50:db:f5:31:
7b:55:4b:e0:90:35:cd:9b:03:26:65:12:86:ed:5f:9f:21:b9:
53:d8:0b:2b:68:e7:53:cb:8c:76:0c:54:c2:3c:1e:27:12:b8:
93:59:ee:68:f2:f8:9d:d9:c6:e9:18:2b:9f:43:cc:92:99:f2:
5b:fa:cd:ae:58:22:b3:fc:e8:fc:a3:8f:2a:72:f9:dd:69:98:
56:3f:b1:bd:22:48:c8:a5:37:a1:34:c8:0e:36:63:8a:7e:7f:
e0:09:bf:4f:35:ae:27:86:82:63:1c:4c:c2:c7:28:af:4f:5f:
8c:96:66:8b:20:27:06:81:41:de:10:40:9e:14:7c:bc:40:b6:
fb:9b:d2:71:77:27:b9:7e:9f:11:15:84:21:18:bd:2c:1e:56:
f3:ec:71:cf:36:2e:07:d1:68:c8:86:cb:93:55:34:38:14:03:
71:c9:a7:10:8c:76:3c:3a:48:37:ab:57:a8:18:de:56:78:09:
de:be:5e:be:c2:90:03:ff:a7:a9:d0:d1:a6:13:38:81:bb:12:
1d:ee:24:d6:41:00:f7:16:30:f2:6b:69:20:30:de:4f:f3:9f:
fc:cf:49:f6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQg1g+1OzIEipd+2hXRokQOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMGIzYjIzNDU3MTBhMDk2ZjZhMzRkN2YwODliZWIxZTNm
YzUzODgwHhcNMjUwMTAxMDc0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWRjMTQ1ZDcyMGZmY2E5YTI1YWI1MDFiZjI0ZjllYjVkYjI2NWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvrtxH/DedE5Qtx0NWNTOitMI/y8
labTdzX+QDo1+Xc5fof0zj3PjNe5DYgOXa76ENxRoRZLTV7mGW6XISvYWKNBmsel
fyxaCvbVa9AnjpMXHLNcumEZ399N9Zr94Q2HygWJuumIafYTBLaHt7NnDLo24/CB
yhpUbiWwRSP4AckGY7+kuZNmtCPAMo+EWoruTr6iMhaooRnJpz2sedlaKdMwO/di
v39s8sWy9d/lhMX2B6qNR+RX4NsNUINBY48+jp0lzf9LAYw1xhfl5Mpx10tKSh7G
Log+6ntEfdEwnR076j4oNwxm1vj1Ch/cEbKUVLO25s10255I0HJ7r64QbwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN7cFF1yD/ypolq1Ab8k+etdsmXQMB8GA1UdIwQY
MBaAFCALOyNFcQoJb2o01/CJvrHj/FOIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUFzN0kwVnhDZ2x2YWpUWDhJbS1zZVA4VTRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kZjlhNGMtNzlmZS00MDA0LTk0MTMt
NGI0N2U4ZjhjODZmLzEvM3R3VVhYSVBfS21pV3JVQnZ5VDU2MTJ5WmRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kZjlhNGMtNzlmZS00MDA0LTk0MTMtNGI0N2U4ZjhjODZm
LzEvSUFzN0kwVnhDZ2x2YWpUWDhJbS1zZVA4VTRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9ETMA0E
AgACMAcDBQMqDljAMA0GCSqGSIb3DQEBCwUAA4IBAQB7xQrFithwfguWY/fyAN06
7ZtPe8ii6mS7S/MgOCbGTVDb9TF7VUvgkDXNmwMmZRKG7V+fIblT2AsraOdTy4x2
DFTCPB4nEriTWe5o8vid2cbpGCufQ8ySmfJb+s2uWCKz/Oj8o48qcvndaZhWP7G9
IkjIpTehNMgONmOKfn/gCb9PNa4nhoJjHEzCxyivT1+MlmaLICcGgUHeEECeFHy8
QLb7m9Jxdye5fp8RFYQhGL0sHlbz7HHPNi4H0WjIhsuTVTQ4FANxyacQjHY8Okg3
q1eoGN5WeAnevl6+wpAD/6ep0NGmEziBuxId7iTWQQD3FjDya2kgMN5P85/8z0n2
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:35:06 2025 by rpki-client