Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/db6231-3a7a-484d-8bee-3b8d8b76b7f6/1/Pt5jCGzvovgNs5CdDynFwkh2QzQ.roa
File: Pt5jCGzvovgNs5CdDynFwkh2QzQ.roa (raw, json)
Hash identifier: nVdxdKNGSJEZ6402xd/EQ5NSj2OrYk/HxmlnqTUvP6Y=
Subject key identifier: 3E:DE:63:08:6C:EF:A2:F8:0D:B3:90:9D:0F:29:C5:C2:48:76:43:34
Certificate issuer: /CN=29ff15581bb904f1b90538742118b01f9efaa662
Certificate serial: 019423D6CC3AA1F379879BBD85E1583F88A0
Authority key identifier: 29:FF:15:58:1B:B9:04:F1:B9:05:38:74:21:18:B0:1F:9E:FA:A6:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kf8VWBu5BPG5BTh0IRiwH576pmI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/db6231-3a7a-484d-8bee-3b8d8b76b7f6/1/Pt5jCGzvovgNs5CdDynFwkh2QzQ.roa
Signing time: Wed 01 Jan 2025 21:47:46 +0000
ROA not before: Wed 01 Jan 2025 21:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50931
IP address blocks: 91.223.91.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:cc:3a:a1:f3:79:87:9b:bd:85:e1:58:3f:88:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29ff15581bb904f1b90538742118b01f9efaa662
Validity
Not Before: Jan 1 21:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ede63086cefa2f80db3909d0f29c5c248764334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:36:76:0d:50:f9:b1:9c:ac:30:89:f5:cc:56:
f3:d5:4f:63:11:fa:9e:2f:47:7d:59:bf:fe:00:8b:
d2:4e:76:db:d2:39:52:24:5a:01:43:36:7a:66:bd:
5f:6d:2b:fb:12:13:b3:1e:fe:a1:db:88:8b:59:3c:
49:94:f6:ed:26:96:fd:73:0f:40:de:e6:66:74:2e:
e9:40:54:97:7b:8a:a0:5e:f4:9b:b6:34:b5:54:ea:
cb:81:4d:b4:e4:9f:7c:89:18:29:ea:23:52:93:ec:
56:2e:9c:86:f4:69:99:39:48:fb:dc:c3:c9:67:0c:
18:07:7a:13:02:33:df:cb:67:6b:42:5b:98:40:bc:
4b:42:a7:a8:94:a5:76:47:d1:79:81:ff:0d:49:ba:
b1:b5:9c:47:6a:0b:d6:a0:c9:03:51:ab:c8:99:a1:
14:8a:ed:4e:d7:13:b2:69:39:45:6d:e0:55:dd:86:
a1:e7:d1:32:49:cf:15:a7:10:47:89:0f:f0:dc:48:
f6:9c:21:e4:97:fa:3a:62:99:66:c4:a9:85:b1:9b:
c2:51:f1:84:0a:ec:c6:f1:d8:1c:59:4d:9d:fd:43:
7e:54:ad:8b:0a:51:d4:7b:3a:ca:ca:43:5d:93:a7:
4e:9f:59:ed:55:87:2d:c2:60:b8:83:8c:b4:32:96:
ad:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:DE:63:08:6C:EF:A2:F8:0D:B3:90:9D:0F:29:C5:C2:48:76:43:34
X509v3 Authority Key Identifier:
keyid:29:FF:15:58:1B:B9:04:F1:B9:05:38:74:21:18:B0:1F:9E:FA:A6:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kf8VWBu5BPG5BTh0IRiwH576pmI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/db6231-3a7a-484d-8bee-3b8d8b76b7f6/1/Pt5jCGzvovgNs5CdDynFwkh2QzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/db6231-3a7a-484d-8bee-3b8d8b76b7f6/1/Kf8VWBu5BPG5BTh0IRiwH576pmI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.91.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:cc:a0:e2:b0:8c:4d:a2:9c:dc:d4:73:89:94:e4:9f:70:0e:
cf:67:b2:df:10:cc:5f:3f:af:d1:48:cd:a2:f4:4a:db:c1:ef:
b0:98:7c:bf:60:f3:6e:1b:61:81:7a:d0:2d:4d:09:57:51:74:
67:fa:ad:99:e0:bb:4a:12:f5:82:92:7f:b7:d2:68:21:f0:db:
94:03:54:ee:31:6c:58:b4:cd:93:b7:4b:fd:b6:00:92:d9:c7:
78:aa:5a:13:eb:bb:3e:1d:67:48:5e:36:1d:61:89:62:7a:bc:
35:24:e4:41:1c:81:81:0c:8f:0e:3f:b7:d4:cd:a8:3a:db:85:
bd:b0:a7:ea:00:b8:2e:36:ec:84:11:83:a3:f0:72:b6:4a:6e:
44:56:76:3e:0c:e9:c6:5d:ab:71:10:ab:ff:99:3a:9f:e4:60:
81:b2:a1:96:bf:14:8d:0f:84:a8:0d:e5:6f:cd:0c:ee:c0:bd:
83:a8:d4:26:fd:77:03:77:84:77:1b:f2:18:d6:d9:28:0f:6b:
dc:22:66:51:b6:c6:4a:d6:3d:70:a9:b3:4c:a0:89:67:70:c7:
71:a4:ab:9a:18:e1:5a:71:35:d5:31:c4:8c:5b:ea:3a:58:cb:
32:94:81:05:1f:8a:c5:b3:13:e8:b7:c4:17:6e:78:19:b2:7c:
ae:15:c8:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1sw6ofN5h5u9heFYP4igMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZmYxNTU4MWJiOTA0ZjFiOTA1Mzg3NDIxMThiMDFmOWVm
YWE2NjIwHhcNMjUwMTAxMjE0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWRlNjMwODZjZWZhMmY4MGRiMzkwOWQwZjI5YzVjMjQ4NzY0MzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDZ2DVD5sZysMIn1zFbz1U9jEfqe
L0d9Wb/+AIvSTnbb0jlSJFoBQzZ6Zr1fbSv7EhOzHv6h24iLWTxJlPbtJpb9cw9A
3uZmdC7pQFSXe4qgXvSbtjS1VOrLgU205J98iRgp6iNSk+xWLpyG9GmZOUj73MPJ
ZwwYB3oTAjPfy2drQluYQLxLQqeolKV2R9F5gf8NSbqxtZxHagvWoMkDUavImaEU
iu1O1xOyaTlFbeBV3Yah59EySc8VpxBHiQ/w3Ej2nCHkl/o6YplmxKmFsZvCUfGE
CuzG8dgcWU2d/UN+VK2LClHUezrKykNdk6dOn1ntVYctwmC4g4y0MpatawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD7eYwhs76L4DbOQnQ8pxcJIdkM0MB8GA1UdIwQY
MBaAFCn/FVgbuQTxuQU4dCEYsB+e+qZiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2Y4VldCdTVCUEc1QlRoMElSaXdINTc2cG1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9kYjYyMzEtM2E3YS00ODRkLThiZWUt
M2I4ZDhiNzZiN2Y2LzEvUHQ1akNHenZvdmdOczVDZER5bkZ3a2gyUXpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9kYjYyMzEtM2E3YS00ODRkLThiZWUtM2I4ZDhiNzZiN2Y2
LzEvS2Y4VldCdTVCUEc1QlRoMElSaXdINTc2cG1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW99bMA0G
CSqGSIb3DQEBCwUAA4IBAQA9zKDisIxNopzc1HOJlOSfcA7PZ7LfEMxfP6/RSM2i
9Erbwe+wmHy/YPNuG2GBetAtTQlXUXRn+q2Z4LtKEvWCkn+30mgh8NuUA1TuMWxY
tM2Tt0v9tgCS2cd4qloT67s+HWdIXjYdYYlierw1JORBHIGBDI8OP7fUzag624W9
sKfqALguNuyEEYOj8HK2Sm5EVnY+DOnGXatxEKv/mTqf5GCBsqGWvxSND4SoDeVv
zQzuwL2DqNQm/XcDd4R3G/IY1tkoD2vcImZRtsZK1j1wqbNMoIlncMdxpKuaGOFa
cTXVMcSMW+o6WMsylIEFH4rFsxPot8QXbngZsnyuFcjM
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:32:51 2025 by rpki-client