Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/ffd1ed-69b1-4932-8fd0-77f9ed1195d5/1/SCQrnzyM4Bx20DPOMtssZk-Wu68.roa
File: SCQrnzyM4Bx20DPOMtssZk-Wu68.roa (raw, json)
Hash identifier: wtLko9TY7/20VtwY2KqfAs6WX/4oN6rpkwycX+Q3z5I=
Subject key identifier: 48:24:2B:9F:3C:8C:E0:1C:76:D0:33:CE:32:DB:2C:66:4F:96:BB:AF
Certificate issuer: /CN=6081fcf9eb70ab0e1fdcac09c7f9bb5e014c9dbd
Certificate serial: 01942823EBEAEE1E7C6230C130BF727BED12
Authority key identifier: 60:81:FC:F9:EB:70:AB:0E:1F:DC:AC:09:C7:F9:BB:5E:01:4C:9D:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YIH8-etwqw4f3KwJx_m7XgFMnb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/ffd1ed-69b1-4932-8fd0-77f9ed1195d5/1/SCQrnzyM4Bx20DPOMtssZk-Wu68.roa
Signing time: Thu 02 Jan 2025 17:50:30 +0000
ROA not before: Thu 02 Jan 2025 17:50:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59500
IP address blocks: 91.200.60.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:eb:ea:ee:1e:7c:62:30:c1:30:bf:72:7b:ed:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6081fcf9eb70ab0e1fdcac09c7f9bb5e014c9dbd
Validity
Not Before: Jan 2 17:50:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=48242b9f3c8ce01c76d033ce32db2c664f96bbaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:18:ca:1d:3a:45:93:fb:60:ba:8a:76:ef:f2:
dc:19:f5:46:98:31:86:2b:63:1b:79:53:30:b6:8a:
c2:72:5f:2f:cd:df:b3:6f:08:3c:a0:aa:a2:97:bb:
50:07:e8:38:58:ff:99:60:80:5b:28:e4:0d:68:cd:
a6:d8:86:74:76:9c:4c:4f:c9:8c:7a:da:d3:25:59:
fe:54:8d:56:52:fc:3e:5b:74:74:fb:af:fe:0f:b9:
cd:4a:fa:a6:30:a3:44:bd:9d:10:71:41:48:31:c7:
0e:92:c4:e1:a2:52:e3:b3:32:8e:97:a4:7e:65:70:
25:b3:1d:29:86:ce:2e:67:95:3e:78:88:3e:05:a6:
1a:b0:b2:03:93:19:14:ac:d4:fd:43:e4:40:8b:37:
d1:6c:54:ce:a1:a7:89:7e:f8:a2:de:d0:b4:1a:1d:
07:92:cd:fb:0a:29:79:0f:c4:bc:a2:4f:9d:50:51:
5d:92:f4:85:38:ce:39:46:5d:e0:94:ae:94:be:0b:
03:bf:85:b3:c7:cb:95:96:6b:1b:28:8f:8d:57:11:
69:e1:8b:71:66:7d:ae:92:0e:01:9a:ab:b0:f3:f0:
aa:4f:b0:68:c3:f7:ed:46:d8:d2:e0:3c:c4:13:b4:
9a:b6:89:46:5e:61:af:28:1a:d1:0e:f1:61:1f:62:
8b:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:24:2B:9F:3C:8C:E0:1C:76:D0:33:CE:32:DB:2C:66:4F:96:BB:AF
X509v3 Authority Key Identifier:
keyid:60:81:FC:F9:EB:70:AB:0E:1F:DC:AC:09:C7:F9:BB:5E:01:4C:9D:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YIH8-etwqw4f3KwJx_m7XgFMnb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/ffd1ed-69b1-4932-8fd0-77f9ed1195d5/1/SCQrnzyM4Bx20DPOMtssZk-Wu68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/ffd1ed-69b1-4932-8fd0-77f9ed1195d5/1/YIH8-etwqw4f3KwJx_m7XgFMnb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.60.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:4e:8e:26:cb:38:29:d1:ba:13:9d:28:03:37:15:a3:20:25:
61:11:af:da:50:60:a1:02:e3:40:fb:0b:7a:eb:a9:b9:5c:84:
45:95:36:79:38:d9:5c:3e:0d:2e:ba:cc:2f:0d:b3:22:ea:cb:
fd:7c:a8:c4:5a:03:fe:e2:27:59:76:d3:44:93:be:80:9b:70:
71:98:c4:5e:62:04:6a:2e:b1:47:22:3e:40:33:af:9e:22:8a:
f7:fd:11:6b:eb:6a:e3:ed:75:ee:95:c4:ac:ae:a6:fc:1d:0a:
b8:6b:36:a5:db:75:5e:bf:09:d0:90:82:d5:9d:73:e9:e4:e1:
c8:48:f3:42:25:31:eb:c3:3d:b5:55:8d:5b:b1:63:51:ef:a7:
37:85:d1:11:fe:8d:fe:98:af:d0:8d:68:8d:fd:d7:7f:cb:f4:
75:94:a6:2c:ab:73:24:ba:a0:bd:17:95:51:b3:b0:17:75:ce:
99:c1:dc:48:94:d3:e0:da:9a:f3:48:5b:87:42:88:e2:8f:09:
af:42:f3:87:8c:92:fa:a4:71:ef:3e:c3:af:4c:47:10:86:33:
d9:ba:4a:01:f9:60:0b:37:eb:d8:1c:65:26:19:97:38:53:06:
c2:82:05:f1:b8:81:2b:3d:ab:7f:df:97:13:ad:de:3e:51:e8:
84:e9:cd:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoI+vq7h58YjDBML9ye+0SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwODFmY2Y5ZWI3MGFiMGUxZmRjYWMwOWM3ZjliYjVlMDE0
YzlkYmQwHhcNMjUwMTAyMTc1MDMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODI0MmI5ZjNjOGNlMDFjNzZkMDMzY2UzMmRiMmM2NjRmOTZiYmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRjKHTpFk/tguop27/LcGfVGmDGG
K2MbeVMwtorCcl8vzd+zbwg8oKqil7tQB+g4WP+ZYIBbKOQNaM2m2IZ0dpxMT8mM
etrTJVn+VI1WUvw+W3R0+6/+D7nNSvqmMKNEvZ0QcUFIMccOksTholLjszKOl6R+
ZXAlsx0phs4uZ5U+eIg+BaYasLIDkxkUrNT9Q+RAizfRbFTOoaeJfvii3tC0Gh0H
ks37Cil5D8S8ok+dUFFdkvSFOM45Rl3glK6UvgsDv4Wzx8uVlmsbKI+NVxFp4Ytx
Zn2ukg4Bmquw8/CqT7Bow/ftRtjS4DzEE7SatolGXmGvKBrRDvFhH2KLOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEgkK588jOAcdtAzzjLbLGZPlruvMB8GA1UdIwQY
MBaAFGCB/PnrcKsOH9ysCcf5u14BTJ29MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUlIOC1ldHdxdzRmM0t3SnhfbTdYZ0ZNbmIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9mZmQxZWQtNjliMS00OTMyLThmZDAt
NzdmOWVkMTE5NWQ1LzEvU0NRcm56eU00QngyMERQT010c3Naay1XdTY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9mZmQxZWQtNjliMS00OTMyLThmZDAtNzdmOWVkMTE5NWQ1
LzEvWUlIOC1ldHdxdzRmM0t3SnhfbTdYZ0ZNbmIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8g8MA0G
CSqGSIb3DQEBCwUAA4IBAQCPTo4myzgp0boTnSgDNxWjICVhEa/aUGChAuNA+wt6
66m5XIRFlTZ5ONlcPg0uuswvDbMi6sv9fKjEWgP+4idZdtNEk76Am3BxmMReYgRq
LrFHIj5AM6+eIor3/RFr62rj7XXulcSsrqb8HQq4azal23VevwnQkILVnXPp5OHI
SPNCJTHrwz21VY1bsWNR76c3hdER/o3+mK/QjWiN/dd/y/R1lKYsq3MkuqC9F5VR
s7AXdc6ZwdxIlNPg2przSFuHQojijwmvQvOHjJL6pHHvPsOvTEcQhjPZukoB+WAL
N+vYHGUmGZc4UwbCggXxuIErPat/35cTrd4+UeiE6c3J
-----END CERTIFICATE-----
Generated at Mon Apr 28 21:44:33 2025 by rpki-client