Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/Yw4yz2qvg4rQujrK-dIx_KPixQM.roa
File: Yw4yz2qvg4rQujrK-dIx_KPixQM.roa (raw, json)
Hash identifier: rPOdhOXTd0LJkvjvgXHjpfcSX15w4WKfBaBl0s4PykM=
Subject key identifier: 63:0E:32:CF:6A:AF:83:8A:D0:BA:3A:CA:F9:D2:31:FC:A3:E2:C5:03
Certificate issuer: /CN=b27261d715348bfd73ce9dbb72488656993ba2f1
Certificate serial: 0194221FBBC9561DEADCF3B5D7AC89F43C4D
Authority key identifier: B2:72:61:D7:15:34:8B:FD:73:CE:9D:BB:72:48:86:56:99:3B:A2:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/snJh1xU0i_1zzp27ckiGVpk7ovE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/Yw4yz2qvg4rQujrK-dIx_KPixQM.roa
Signing time: Wed 01 Jan 2025 13:48:12 +0000
ROA not before: Wed 01 Jan 2025 13:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35297
IP address blocks: 91.184.224.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:bb:c9:56:1d:ea:dc:f3:b5:d7:ac:89:f4:3c:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b27261d715348bfd73ce9dbb72488656993ba2f1
Validity
Not Before: Jan 1 13:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=630e32cf6aaf838ad0ba3acaf9d231fca3e2c503
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:78:07:8a:9d:b3:38:18:2b:d1:46:2c:82:02:
31:d3:d3:93:f7:f0:f1:e4:2b:d6:35:43:7d:b9:d2:
c5:3f:ea:88:13:e5:8b:8f:4d:56:9f:22:64:5e:41:
0d:1d:ec:86:eb:bb:cf:4b:c1:df:b9:82:68:85:40:
44:8c:cf:22:53:81:0d:07:9d:b7:81:2d:98:bf:39:
5e:ba:97:df:3d:52:cf:89:9e:21:dc:92:d7:ea:90:
6a:de:7f:c7:52:e9:95:a7:c4:57:7d:08:33:9b:f3:
fc:94:e7:b4:7b:fd:6b:af:37:b6:ba:ab:9a:68:32:
10:e4:6d:b4:9f:2d:85:70:55:25:42:eb:67:3b:5a:
a3:19:14:ec:4f:b7:1f:8f:64:fc:6f:64:d0:fe:12:
7b:12:70:bd:68:8e:34:b7:fc:c6:c8:c5:cf:9f:f7:
24:fe:0b:fb:66:75:2c:40:ad:72:d7:8c:50:d4:42:
80:58:94:d2:35:24:ed:67:11:5e:3e:79:b8:33:4c:
e9:b8:e6:1d:6e:c5:ef:3e:8b:07:0e:2c:c8:c0:07:
fa:de:7a:f8:1e:7a:07:e4:e6:da:aa:bb:b2:3e:5b:
0c:aa:1a:27:75:8c:31:68:f3:7c:bd:e9:43:0f:23:
23:b4:a9:b9:a9:53:5e:f9:4a:28:74:0b:07:e6:af:
4c:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:0E:32:CF:6A:AF:83:8A:D0:BA:3A:CA:F9:D2:31:FC:A3:E2:C5:03
X509v3 Authority Key Identifier:
keyid:B2:72:61:D7:15:34:8B:FD:73:CE:9D:BB:72:48:86:56:99:3B:A2:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/snJh1xU0i_1zzp27ckiGVpk7ovE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/Yw4yz2qvg4rQujrK-dIx_KPixQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/snJh1xU0i_1zzp27ckiGVpk7ovE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.184.224.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:6d:9f:16:11:2b:d7:d6:e1:0f:7c:6a:dd:0a:98:c0:bd:8e:
b0:ce:eb:1f:4d:37:3a:c5:e5:7e:0c:66:19:d8:7a:02:43:c3:
5b:10:bd:02:06:8e:74:90:e2:7e:97:eb:18:c8:79:ba:1d:87:
b8:ae:76:5f:c6:c9:1c:e1:63:67:43:34:60:b2:18:5c:db:27:
cf:b3:3b:1e:7b:f0:7d:d4:47:2f:02:4b:5f:12:24:6c:52:f2:
cf:ed:f0:3a:31:b4:6e:5a:d7:91:da:71:c4:a8:0d:c5:b5:7a:
3d:92:60:cc:1f:50:8e:05:49:af:b7:2d:f5:33:a2:69:82:94:
d0:04:44:8a:be:8c:71:85:73:27:45:7c:b6:eb:60:a7:83:91:
30:29:c0:a2:b4:b1:54:e6:f4:ff:d6:72:0e:ec:15:de:86:88:
5f:6c:1a:1f:57:54:65:c7:d1:84:e0:99:ab:36:11:f9:a4:c0:
f6:25:f8:d6:1c:2b:83:23:5d:c6:18:e0:f7:18:76:3b:eb:f8:
45:86:f3:fd:4f:69:c0:16:0a:9f:ac:6f:3b:b2:b1:2b:7a:c4:
72:a6:7b:c3:36:05:71:3b:47:1f:96:8a:b9:6c:f8:e6:cf:5b:
f9:41:f3:80:d0:06:13:e7:66:9c:f4:4c:ab:cf:bc:b0:54:91:
c2:60:12:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH7vJVh3q3PO116yJ9DxNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNzI2MWQ3MTUzNDhiZmQ3M2NlOWRiYjcyNDg4NjU2OTkz
YmEyZjEwHhcNMjUwMTAxMTM0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzBlMzJjZjZhYWY4MzhhZDBiYTNhY2FmOWQyMzFmY2EzZTJjNTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXgHip2zOBgr0UYsggIx09OT9/Dx
5CvWNUN9udLFP+qIE+WLj01WnyJkXkENHeyG67vPS8HfuYJohUBEjM8iU4ENB523
gS2YvzleupffPVLPiZ4h3JLX6pBq3n/HUumVp8RXfQgzm/P8lOe0e/1rrze2uqua
aDIQ5G20ny2FcFUlQutnO1qjGRTsT7cfj2T8b2TQ/hJ7EnC9aI40t/zGyMXPn/ck
/gv7ZnUsQK1y14xQ1EKAWJTSNSTtZxFePnm4M0zpuOYdbsXvPosHDizIwAf63nr4
HnoH5ObaqruyPlsMqhondYwxaPN8velDDyMjtKm5qVNe+UoodAsH5q9MXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGMOMs9qr4OK0Lo6yvnSMfyj4sUDMB8GA1UdIwQY
MBaAFLJyYdcVNIv9c86du3JIhlaZO6LxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc25KaDF4VTBpXzF6enAyN2NraUdWcGs3b3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hYmE1MDItZDE5MS00ZmQ3LWE3Y2Yt
NTA0ZjI3NjY3NjBmLzEvWXc0eXoycXZnNHJRdWpySy1kSXhfS1BpeFFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hYmE1MDItZDE5MS00ZmQ3LWE3Y2YtNTA0ZjI3NjY3NjBm
LzEvc25KaDF4VTBpXzF6enAyN2NraUdWcGs3b3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW7jgMA0G
CSqGSIb3DQEBCwUAA4IBAQANbZ8WESvX1uEPfGrdCpjAvY6wzusfTTc6xeV+DGYZ
2HoCQ8NbEL0CBo50kOJ+l+sYyHm6HYe4rnZfxskc4WNnQzRgshhc2yfPszsee/B9
1EcvAktfEiRsUvLP7fA6MbRuWteR2nHEqA3FtXo9kmDMH1COBUmvty31M6JpgpTQ
BESKvoxxhXMnRXy262Cng5EwKcCitLFU5vT/1nIO7BXehohfbBofV1Rlx9GE4Jmr
NhH5pMD2JfjWHCuDI13GGOD3GHY76/hFhvP9T2nAFgqfrG87srEresRypnvDNgVx
O0cfloq5bPjmz1v5QfOA0AYT52ac9Eyrz7ywVJHCYBLy
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:16:27 2025 by rpki-client