Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a4ee0b-46eb-4e1f-87ab-9049bcadb64b/1/v7HN1z-hIgMA1JNadgPizSrJJ8k.roa
File: v7HN1z-hIgMA1JNadgPizSrJJ8k.roa (raw, json)
Hash identifier: D2dlwsBojyjnhUUBcM6gmSASwHH0fMP571DfVs0x/SM=
Subject key identifier: BF:B1:CD:D7:3F:A1:22:03:00:D4:93:5A:76:03:E2:CD:2A:C9:27:C9
Certificate issuer: /CN=669edbfae8650adbd6af207b6ea22565439b499c
Certificate serial: 019427B620CCD291C557BA301DBF13F232DA
Authority key identifier: 66:9E:DB:FA:E8:65:0A:DB:D6:AF:20:7B:6E:A2:25:65:43:9B:49:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zp7b-uhlCtvWryB7bqIlZUObSZw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a4ee0b-46eb-4e1f-87ab-9049bcadb64b/1/v7HN1z-hIgMA1JNadgPizSrJJ8k.roa
Signing time: Thu 02 Jan 2025 15:50:34 +0000
ROA not before: Thu 02 Jan 2025 15:50:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62068
IP address blocks: 91.217.200.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:20:cc:d2:91:c5:57:ba:30:1d:bf:13:f2:32:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=669edbfae8650adbd6af207b6ea22565439b499c
Validity
Not Before: Jan 2 15:50:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bfb1cdd73fa1220300d4935a7603e2cd2ac927c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:9f:8c:17:3b:26:63:cb:df:f6:3e:62:98:f1:
6c:1b:2c:2e:92:d7:72:13:d9:2a:35:91:67:23:63:
e6:7c:a7:82:b9:25:9e:81:18:12:67:06:01:e7:14:
01:17:62:95:3c:a1:c5:df:9e:62:bc:c8:82:8e:45:
64:63:21:87:90:fc:07:32:f2:4e:e5:4e:f3:f5:38:
32:49:a9:4b:0e:1d:21:55:3e:bd:5d:8d:df:ad:37:
31:d6:eb:d1:02:f9:a9:e1:80:48:ba:6f:6b:62:8a:
a0:b8:88:80:98:9a:ad:ec:1a:37:97:53:79:f0:11:
d0:ca:c5:dd:c4:da:5d:26:b2:62:a6:4f:f1:cc:ae:
f6:9f:b8:71:dc:57:d9:79:43:4b:20:25:5f:6e:95:
d5:58:05:d9:71:c5:dd:39:fb:89:f4:8b:e4:e8:00:
f5:84:1c:db:67:0d:30:8f:ad:d5:4e:df:eb:38:81:
8f:08:55:aa:75:a8:27:3a:43:08:79:2d:fa:61:75:
9e:80:4f:c5:06:cc:71:c6:70:7f:3d:34:a6:30:93:
1d:52:be:b1:7c:cc:f3:b0:8a:8e:83:08:66:7a:eb:
e7:d3:ef:a6:7b:09:7b:ff:2d:94:8b:22:f1:d4:6a:
3a:44:02:33:66:8d:cd:b8:52:8b:8c:1b:e7:14:30:
cb:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:B1:CD:D7:3F:A1:22:03:00:D4:93:5A:76:03:E2:CD:2A:C9:27:C9
X509v3 Authority Key Identifier:
keyid:66:9E:DB:FA:E8:65:0A:DB:D6:AF:20:7B:6E:A2:25:65:43:9B:49:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zp7b-uhlCtvWryB7bqIlZUObSZw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a4ee0b-46eb-4e1f-87ab-9049bcadb64b/1/v7HN1z-hIgMA1JNadgPizSrJJ8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a4ee0b-46eb-4e1f-87ab-9049bcadb64b/1/Zp7b-uhlCtvWryB7bqIlZUObSZw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.200.0/24
Signature Algorithm: sha256WithRSAEncryption
16:44:8e:3c:5f:53:ba:f0:b6:b1:48:e6:ba:cd:a0:c6:60:83:
47:bf:8f:a4:32:0a:b5:08:1f:66:a9:db:61:eb:84:98:8c:5b:
6a:af:3f:ff:9b:a9:8b:fa:f2:a1:e7:6e:36:63:ae:17:50:2a:
11:36:f8:e3:65:97:59:ca:7b:04:66:d0:9f:49:f6:42:4a:49:
9b:5e:43:48:d9:48:55:a1:3c:90:9b:6f:5e:87:8b:ea:c9:41:
5b:43:d6:43:0e:36:47:17:52:6c:c2:76:42:f5:2b:21:d2:0e:
6c:18:9b:7d:70:32:6b:12:60:c4:33:3d:60:0f:11:87:1a:85:
85:cf:ab:a9:18:2b:9d:df:38:93:a2:d2:e3:e1:d6:ef:8a:ec:
71:0f:9a:81:12:6c:f0:a4:6a:25:0b:8c:cd:ee:82:0f:b0:88:
2f:cc:e2:a3:80:8f:12:24:26:0a:24:55:0e:8e:6f:8b:72:70:
01:77:22:26:57:3b:fd:e8:6c:b9:af:37:28:ba:1a:a6:28:3c:
3e:52:04:6b:88:63:d8:c1:1d:e2:da:6c:42:9f:f7:48:cb:f5:
88:bc:ea:1a:b3:43:6a:ae:57:0d:60:e0:39:5d:07:0d:70:49:
53:dd:15:46:3b:c3:57:01:34:b4:cf:35:2c:27:94:42:5d:10:
11:f7:08:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntiDM0pHFV7owHb8T8jLaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OWVkYmZhZTg2NTBhZGJkNmFmMjA3YjZlYTIyNTY1NDM5
YjQ5OWMwHhcNMjUwMTAyMTU1MDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmIxY2RkNzNmYTEyMjAzMDBkNDkzNWE3NjAzZTJjZDJhYzkyN2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5+MFzsmY8vf9j5imPFsGywuktdy
E9kqNZFnI2PmfKeCuSWegRgSZwYB5xQBF2KVPKHF355ivMiCjkVkYyGHkPwHMvJO
5U7z9TgySalLDh0hVT69XY3frTcx1uvRAvmp4YBIum9rYoqguIiAmJqt7Bo3l1N5
8BHQysXdxNpdJrJipk/xzK72n7hx3FfZeUNLICVfbpXVWAXZccXdOfuJ9Ivk6AD1
hBzbZw0wj63VTt/rOIGPCFWqdagnOkMIeS36YXWegE/FBsxxxnB/PTSmMJMdUr6x
fMzzsIqOgwhmeuvn0++mewl7/y2UiyLx1Go6RAIzZo3NuFKLjBvnFDDLHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL+xzdc/oSIDANSTWnYD4s0qySfJMB8GA1UdIwQY
MBaAFGae2/roZQrb1q8ge26iJWVDm0mcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnA3Yi11aGxDdHZXcnlCN2JxSWxaVU9iU1p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hNGVlMGItNDZlYi00ZTFmLTg3YWIt
OTA0OWJjYWRiNjRiLzEvdjdITjF6LWhJZ01BMUpOYWRnUGl6U3JKSjhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hNGVlMGItNDZlYi00ZTFmLTg3YWItOTA0OWJjYWRiNjRi
LzEvWnA3Yi11aGxDdHZXcnlCN2JxSWxaVU9iU1p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9nIMA0G
CSqGSIb3DQEBCwUAA4IBAQAWRI48X1O68LaxSOa6zaDGYINHv4+kMgq1CB9mqdth
64SYjFtqrz//m6mL+vKh5242Y64XUCoRNvjjZZdZynsEZtCfSfZCSkmbXkNI2UhV
oTyQm29eh4vqyUFbQ9ZDDjZHF1JswnZC9Ssh0g5sGJt9cDJrEmDEMz1gDxGHGoWF
z6upGCud3ziTotLj4dbviuxxD5qBEmzwpGolC4zN7oIPsIgvzOKjgI8SJCYKJFUO
jm+LcnABdyImVzv96Gy5rzcouhqmKDw+UgRriGPYwR3i2mxCn/dIy/WIvOoas0Nq
rlcNYOA5XQcNcElT3RVGO8NXATS0zzUsJ5RCXRAR9wjM
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:07:59 2025 by rpki-client