Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/591600-8b26-4286-9ec2-77002f70fb4a/1/ysfFdWNe3c5fhmJm7HG2F6bIZWk.roa
File: ysfFdWNe3c5fhmJm7HG2F6bIZWk.roa (raw, json)
Hash identifier: kYAKmFDZnKlOhN9pBmJ9NvU/vERSiEHA+J66ixThxDQ=
Subject key identifier: CA:C7:C5:75:63:5E:DD:CE:5F:86:62:66:EC:71:B6:17:A6:C8:65:69
Certificate issuer: /CN=d41f8efdcf6e266a82c61302526f6bcfc465e571
Certificate serial: 019425222F99B9B8EFA79F53CE3071EDBBAD
Authority key identifier: D4:1F:8E:FD:CF:6E:26:6A:82:C6:13:02:52:6F:6B:CF:C4:65:E5:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1B-O_c9uJmqCxhMCUm9rz8Rl5XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/591600-8b26-4286-9ec2-77002f70fb4a/1/ysfFdWNe3c5fhmJm7HG2F6bIZWk.roa
Signing time: Thu 02 Jan 2025 03:49:44 +0000
ROA not before: Thu 02 Jan 2025 03:49:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51143
IP address blocks: 91.216.172.0/24 maxlen: 24
2001:678:29c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:2f:99:b9:b8:ef:a7:9f:53:ce:30:71:ed:bb:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d41f8efdcf6e266a82c61302526f6bcfc465e571
Validity
Not Before: Jan 2 03:49:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cac7c575635eddce5f866266ec71b617a6c86569
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:9e:9c:a0:f1:df:66:c1:ce:ba:72:23:80:8b:
cd:84:60:60:ce:e7:1b:71:40:be:2a:55:39:d9:30:
8a:8a:67:82:6f:72:d7:0c:33:e0:65:98:1a:3e:8e:
8e:dd:10:b5:39:0a:19:97:5b:d4:35:2b:12:8c:56:
df:4d:80:2f:c1:e8:7b:cb:c6:37:7b:29:c9:d0:a6:
3c:dd:dc:48:8b:a6:2a:05:46:53:92:15:29:7f:7c:
e8:3f:89:f9:7a:8b:89:2a:ba:69:d6:43:98:cd:64:
8a:e3:82:78:26:98:3a:63:06:e1:e8:da:1b:2e:ed:
bd:c3:76:4c:5a:ed:6e:69:d0:7c:5d:a8:79:23:08:
9b:0a:0f:92:dc:94:81:22:09:5c:06:f2:c7:79:26:
6d:b8:fb:16:95:a3:39:4f:2e:2d:32:1f:2d:45:fc:
ae:06:bf:43:96:1b:1a:ec:a3:e9:4e:c7:c7:da:0f:
53:4d:a4:59:05:54:89:c9:30:42:27:3f:5e:e4:bc:
39:bb:8e:f7:ab:5c:8e:4b:e9:3a:17:c3:99:a2:c0:
2e:9f:4e:f0:a2:ed:ee:77:1a:84:f7:32:2e:6d:3e:
28:47:7b:85:40:96:9b:e8:8a:98:e7:95:c8:b3:41:
16:42:97:d6:e9:34:92:bf:2f:6a:2a:4e:42:0d:3d:
f3:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:C7:C5:75:63:5E:DD:CE:5F:86:62:66:EC:71:B6:17:A6:C8:65:69
X509v3 Authority Key Identifier:
keyid:D4:1F:8E:FD:CF:6E:26:6A:82:C6:13:02:52:6F:6B:CF:C4:65:E5:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1B-O_c9uJmqCxhMCUm9rz8Rl5XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/591600-8b26-4286-9ec2-77002f70fb4a/1/ysfFdWNe3c5fhmJm7HG2F6bIZWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/591600-8b26-4286-9ec2-77002f70fb4a/1/1B-O_c9uJmqCxhMCUm9rz8Rl5XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.172.0/24
IPv6:
2001:678:29c::/48
Signature Algorithm: sha256WithRSAEncryption
b6:66:48:30:b2:2d:6f:fb:5d:47:48:84:19:b6:1f:47:e5:bc:
57:cc:12:50:55:15:50:b1:4d:1d:e2:13:10:d3:ac:1f:96:16:
d0:ab:45:68:fa:c0:86:b8:ae:16:54:65:5f:ce:7c:ba:88:05:
36:8c:96:29:ba:ec:d6:3a:15:78:94:d9:0c:20:ee:af:c1:cc:
f1:3a:ee:97:3a:1d:64:c9:7f:ab:6d:b1:a0:f2:b1:7b:ec:0b:
ed:fb:47:05:cc:4f:e5:f6:24:16:19:66:ef:79:85:8c:2b:a0:
b1:22:e4:46:23:21:11:54:b4:f0:f7:35:ec:a5:b0:35:e8:10:
15:f9:36:52:ba:a4:bd:99:22:b6:67:22:d8:c5:6a:6f:0b:db:
33:05:69:a6:f6:cc:3c:58:e8:fb:62:eb:0c:0b:b0:e8:10:3e:
68:21:78:d0:55:2d:ab:59:53:e1:03:35:1f:0c:d7:68:24:5d:
03:f3:74:4f:ac:88:29:e5:ae:4b:54:16:c8:ec:ef:d8:c9:11:
1b:04:45:ac:53:e5:a5:8f:e9:db:c8:0e:cb:36:fc:d2:56:86:
1c:a2:be:56:40:1c:cb:dc:0d:51:c1:1d:7c:16:f0:a0:2f:97:
9f:45:a2:fc:08:ec:1c:2c:20:9b:6a:75:66:d8:94:28:38:7c:
fa:90:62:fe
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQlIi+Zubjvp59TzjBx7butMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MWY4ZWZkY2Y2ZTI2NmE4MmM2MTMwMjUyNmY2YmNmYzQ2
NWU1NzEwHhcNMjUwMTAyMDM0OTQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWM3YzU3NTYzNWVkZGNlNWY4NjYyNjZlYzcxYjYxN2E2Yzg2NTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZ6coPHfZsHOunIjgIvNhGBgzucb
cUC+KlU52TCKimeCb3LXDDPgZZgaPo6O3RC1OQoZl1vUNSsSjFbfTYAvweh7y8Y3
eynJ0KY83dxIi6YqBUZTkhUpf3zoP4n5eouJKrpp1kOYzWSK44J4Jpg6Ywbh6Nob
Lu29w3ZMWu1uadB8Xah5IwibCg+S3JSBIglcBvLHeSZtuPsWlaM5Ty4tMh8tRfyu
Br9Dlhsa7KPpTsfH2g9TTaRZBVSJyTBCJz9e5Lw5u473q1yOS+k6F8OZosAun07w
ou3udxqE9zIubT4oR3uFQJab6IqY55XIs0EWQpfW6TSSvy9qKk5CDT3z8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMrHxXVjXt3OX4ZiZuxxthemyGVpMB8GA1UdIwQY
MBaAFNQfjv3PbiZqgsYTAlJva8/EZeVxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUItT19jOXVKbXFDeGhNQ1VtOXJ6OFJsNVhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi81OTE2MDAtOGIyNi00Mjg2LTllYzIt
NzcwMDJmNzBmYjRhLzEveXNmRmRXTmUzYzVmaG1KbTdIRzJGNmJJWldrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi81OTE2MDAtOGIyNi00Mjg2LTllYzItNzcwMDJmNzBmYjRh
LzEvMUItT19jOXVKbXFDeGhNQ1VtOXJ6OFJsNVhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9isMA8E
AgACMAkDBwAgAQZ4ApwwDQYJKoZIhvcNAQELBQADggEBALZmSDCyLW/7XUdIhBm2
H0flvFfMElBVFVCxTR3iExDTrB+WFtCrRWj6wIa4rhZUZV/OfLqIBTaMlim67NY6
FXiU2Qwg7q/BzPE67pc6HWTJf6ttsaDysXvsC+37RwXMT+X2JBYZZu95hYwroLEi
5EYjIRFUtPD3NeylsDXoEBX5NlK6pL2ZIrZnItjFam8L2zMFaab2zDxY6Pti6wwL
sOgQPmgheNBVLatZU+EDNR8M12gkXQPzdE+siCnlrktUFsjs79jJERsERaxT5aWP
6dvIDss2/NJWhhyivlZAHMvcDVHBHXwW8KAvl59FovwI7BwsIJtqdWbYlCg4fPqQ
Yv4=
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:17:02 2025 by rpki-client