Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/d74420-6425-4272-93a2-3586164a7f44/1/vdHTEb2gTWFnAUlb8EFFzZFOAyk.roa
File: vdHTEb2gTWFnAUlb8EFFzZFOAyk.roa (raw, json)
Hash identifier: 7sUvaXCmkwC5CKTFltnkxSzQliSsm8MxQWVCiowpXtQ=
Subject key identifier: BD:D1:D3:11:BD:A0:4D:61:67:01:49:5B:F0:41:45:CD:91:4E:03:29
Certificate issuer: /CN=58131e8f9a485040d9fcae7167a428b8a12f49ea
Certificate serial: 0194206846D1D6E3A40C1C1370FF671DD591
Authority key identifier: 58:13:1E:8F:9A:48:50:40:D9:FC:AE:71:67:A4:28:B8:A1:2F:49:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WBMej5pIUEDZ_K5xZ6QouKEvSeo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/d74420-6425-4272-93a2-3586164a7f44/1/vdHTEb2gTWFnAUlb8EFFzZFOAyk.roa
Signing time: Wed 01 Jan 2025 05:48:12 +0000
ROA not before: Wed 01 Jan 2025 05:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29075
IP address blocks: 91.208.40.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:46:d1:d6:e3:a4:0c:1c:13:70:ff:67:1d:d5:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58131e8f9a485040d9fcae7167a428b8a12f49ea
Validity
Not Before: Jan 1 05:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bdd1d311bda04d616701495bf04145cd914e0329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:7b:89:33:69:a9:38:2e:ba:9f:ba:86:62:8f:
db:8c:95:b0:44:75:69:1a:01:30:5b:f7:a1:3d:07:
9a:61:e6:64:bc:bd:b9:da:f6:45:e5:50:98:37:4e:
e7:f2:7b:80:66:26:fa:ac:46:e1:a2:de:c8:c0:fd:
a8:8e:75:36:01:37:b0:f7:ca:03:9d:f5:4d:0f:76:
89:b0:03:54:e9:49:5a:2f:c4:44:e5:6a:58:c6:c3:
e4:eb:af:4f:6b:28:59:31:a1:0c:30:61:c0:4f:51:
ad:8e:12:fd:c8:4e:22:ae:aa:43:e0:5b:1e:96:79:
92:3a:99:93:27:59:29:2a:17:25:00:c9:00:4f:e1:
b6:19:3f:18:de:74:bd:29:b9:58:a9:ed:4e:93:bd:
cb:37:0d:7b:aa:0b:f5:7b:2d:8a:15:dc:7c:21:d8:
02:a7:4e:97:60:f7:55:28:7c:42:8c:d3:1d:02:8a:
85:24:8b:d5:ac:2e:8f:62:29:f3:ae:25:a7:6d:c0:
3b:ab:4d:b5:ff:41:42:c5:74:bf:bb:d5:ca:c5:f4:
81:46:e9:c0:84:17:b3:69:2c:f8:8d:37:c3:1c:66:
86:c3:87:1b:e3:37:3c:cc:53:a1:71:1d:bc:35:35:
bf:8a:70:06:96:c5:51:8e:1e:ab:a6:6b:fc:41:46:
21:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:D1:D3:11:BD:A0:4D:61:67:01:49:5B:F0:41:45:CD:91:4E:03:29
X509v3 Authority Key Identifier:
keyid:58:13:1E:8F:9A:48:50:40:D9:FC:AE:71:67:A4:28:B8:A1:2F:49:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WBMej5pIUEDZ_K5xZ6QouKEvSeo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/d74420-6425-4272-93a2-3586164a7f44/1/vdHTEb2gTWFnAUlb8EFFzZFOAyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/d74420-6425-4272-93a2-3586164a7f44/1/WBMej5pIUEDZ_K5xZ6QouKEvSeo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.40.0/24
Signature Algorithm: sha256WithRSAEncryption
52:72:11:f8:d8:f5:d1:7a:fb:b8:d5:11:ff:15:c4:5d:4a:13:
01:1a:86:76:b0:8d:ef:d1:16:cd:7f:71:0f:fa:48:44:15:ae:
0f:e9:7d:03:de:1f:6d:4a:af:c9:b7:09:3d:97:4d:d5:cd:c4:
42:ab:09:8a:73:4d:a4:44:fb:ad:c6:5f:c4:57:3d:8c:8a:f2:
6d:6a:59:a9:4f:d7:81:0e:1d:d5:6e:ff:a5:a6:2d:ac:90:f0:
9d:94:2c:00:dd:41:3f:78:2c:64:8b:c9:92:15:a4:24:ab:36:
42:94:bb:b9:35:79:48:e1:aa:58:e2:fe:bd:85:0a:a0:f1:00:
fc:f1:df:68:50:fe:5c:48:2c:db:5b:15:d4:8b:a6:90:28:8b:
5b:fc:fc:5d:87:b5:92:ec:f2:89:b9:1b:fb:ec:b2:ad:e5:7d:
53:4e:1d:e0:f3:01:27:7c:9d:73:57:fc:4e:c7:91:79:a2:18:
bc:83:52:96:76:5f:d0:1c:27:34:13:91:e6:d2:e6:6a:44:c9:
c7:ba:eb:f1:6d:80:f9:83:e7:5a:32:68:17:e2:ea:dc:2b:2c:
8c:9e:6f:56:e6:e7:ed:18:5b:19:6d:15:16:aa:c2:d3:14:8a:
d9:93:00:dc:ce:18:a6:1e:09:be:b6:e7:58:3c:2e:f5:70:35:
fc:90:c2:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaEbR1uOkDBwTcP9nHdWRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MTMxZThmOWE0ODUwNDBkOWZjYWU3MTY3YTQyOGI4YTEy
ZjQ5ZWEwHhcNMjUwMTAxMDU0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGQxZDMxMWJkYTA0ZDYxNjcwMTQ5NWJmMDQxNDVjZDkxNGUwMzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HuJM2mpOC66n7qGYo/bjJWwRHVp
GgEwW/ehPQeaYeZkvL252vZF5VCYN07n8nuAZib6rEbhot7IwP2ojnU2ATew98oD
nfVND3aJsANU6UlaL8RE5WpYxsPk669PayhZMaEMMGHAT1GtjhL9yE4irqpD4Fse
lnmSOpmTJ1kpKhclAMkAT+G2GT8Y3nS9KblYqe1Ok73LNw17qgv1ey2KFdx8IdgC
p06XYPdVKHxCjNMdAoqFJIvVrC6PYinzriWnbcA7q021/0FCxXS/u9XKxfSBRunA
hBezaSz4jTfDHGaGw4cb4zc8zFOhcR28NTW/inAGlsVRjh6rpmv8QUYhKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL3R0xG9oE1hZwFJW/BBRc2RTgMpMB8GA1UdIwQY
MBaAFFgTHo+aSFBA2fyucWekKLihL0nqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0JNZWo1cElVRURaX0s1eFo2UW91S0V2U2VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9kNzQ0MjAtNjQyNS00MjcyLTkzYTIt
MzU4NjE2NGE3ZjQ0LzEvdmRIVEViMmdUV0ZuQVVsYjhFRkZ6WkZPQXlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9kNzQ0MjAtNjQyNS00MjcyLTkzYTItMzU4NjE2NGE3ZjQ0
LzEvV0JNZWo1cElVRURaX0s1eFo2UW91S0V2U2VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9AoMA0G
CSqGSIb3DQEBCwUAA4IBAQBSchH42PXRevu41RH/FcRdShMBGoZ2sI3v0RbNf3EP
+khEFa4P6X0D3h9tSq/Jtwk9l03VzcRCqwmKc02kRPutxl/EVz2MivJtalmpT9eB
Dh3Vbv+lpi2skPCdlCwA3UE/eCxki8mSFaQkqzZClLu5NXlI4apY4v69hQqg8QD8
8d9oUP5cSCzbWxXUi6aQKItb/Pxdh7WS7PKJuRv77LKt5X1TTh3g8wEnfJ1zV/xO
x5F5ohi8g1KWdl/QHCc0E5Hm0uZqRMnHuuvxbYD5g+daMmgX4urcKyyMnm9W5uft
GFsZbRUWqsLTFIrZkwDczhimHgm+tudYPC71cDX8kMIb
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:11:23 2025 by rpki-client