Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/Y1CJ8gQEZfHleCGAhAaSSFR1x2I.roa
File: Y1CJ8gQEZfHleCGAhAaSSFR1x2I.roa (raw, json)
Hash identifier: rwDRLxU8OCI+s0z0CHOKYx00giDxVe3hy3cA/grmm50=
Subject key identifier: 63:50:89:F2:04:04:65:F1:E5:78:21:80:84:06:92:48:54:75:C7:62
Certificate issuer: /CN=46d713ada8dabcf77681c0ca42d9969e447c8ea7
Certificate serial: 01942825A4EE2C2AE7A7441D1A47247688E3
Authority key identifier: 46:D7:13:AD:A8:DA:BC:F7:76:81:C0:CA:42:D9:96:9E:44:7C:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RtcTrajavPd2gcDKQtmWnkR8jqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/Y1CJ8gQEZfHleCGAhAaSSFR1x2I.roa
Signing time: Thu 02 Jan 2025 17:52:23 +0000
ROA not before: Thu 02 Jan 2025 17:52:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5511
IP address blocks: 91.209.48.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:a4:ee:2c:2a:e7:a7:44:1d:1a:47:24:76:88:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46d713ada8dabcf77681c0ca42d9969e447c8ea7
Validity
Not Before: Jan 2 17:52:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=635089f2040465f1e5782180840692485475c762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:7d:23:ad:b5:26:20:dd:d2:8c:92:8c:9b:a0:
b5:da:ee:eb:09:6b:1a:e7:88:c7:f1:cf:41:7a:67:
e7:44:b2:c9:41:30:60:a9:cd:59:e6:25:84:e9:e5:
aa:ed:fb:3f:89:9b:87:2c:89:ec:b4:6a:3c:b3:4a:
66:dc:3f:bc:7b:30:ed:3c:df:5d:6b:ab:19:68:b9:
bd:07:72:34:77:af:5f:35:8a:cc:bb:46:60:e8:17:
03:3e:a0:e5:64:28:67:eb:b4:2a:78:e7:4d:1d:92:
94:9a:aa:fe:d8:03:1a:b8:da:6e:1b:8e:54:f4:03:
76:b8:5e:e4:8f:2f:0a:78:e6:15:68:df:cb:84:51:
28:dc:36:93:e7:b6:06:84:04:89:a5:4a:a5:81:9d:
94:01:cb:99:29:9c:c5:56:be:1f:8e:d8:b6:f0:37:
d2:64:7f:b3:9e:b9:61:f5:86:69:94:2c:52:ff:74:
47:75:6b:ca:a5:a2:56:d7:b9:35:35:5b:55:b6:0c:
57:1f:05:c6:1f:2c:f8:b3:12:db:c3:57:b6:10:01:
b0:5b:33:5e:f0:ee:56:90:26:56:93:5c:5d:41:ff:
25:68:a9:24:89:d3:7c:e6:aa:15:b0:67:b3:50:29:
75:c9:0d:a7:61:15:5b:ac:b0:f2:1e:20:14:f2:6d:
34:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:50:89:F2:04:04:65:F1:E5:78:21:80:84:06:92:48:54:75:C7:62
X509v3 Authority Key Identifier:
keyid:46:D7:13:AD:A8:DA:BC:F7:76:81:C0:CA:42:D9:96:9E:44:7C:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RtcTrajavPd2gcDKQtmWnkR8jqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/Y1CJ8gQEZfHleCGAhAaSSFR1x2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/RtcTrajavPd2gcDKQtmWnkR8jqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.48.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:2e:80:de:e7:9a:bb:15:12:c5:0c:89:23:f7:64:1e:0b:76:
ba:68:06:bf:83:50:3e:9a:ab:bb:9e:4e:86:c3:e2:b7:7f:bb:
b2:1b:57:de:0c:83:81:3e:3a:01:20:15:03:d4:7a:c8:4f:90:
98:93:7e:ee:78:82:a2:60:39:12:8c:e4:e7:83:c8:d3:eb:8e:
46:56:9c:93:2e:b9:dd:55:aa:45:3d:19:8d:8e:b4:96:9c:fe:
f8:17:11:75:11:b0:36:60:5d:34:c3:b1:4e:4f:9b:0c:70:0e:
64:b8:0e:8f:eb:e3:51:45:83:1f:fd:05:6b:40:14:78:32:4d:
f2:4a:ab:8c:95:37:d9:fd:7e:0f:f8:82:ac:22:29:66:14:bb:
28:d4:f5:44:2a:09:f5:2d:89:5c:eb:d0:aa:a7:59:39:74:98:
1d:cc:13:43:82:23:48:6f:cd:41:50:5e:7d:e1:8c:78:30:45:
64:ad:0b:5f:01:4a:e6:c1:0f:5c:ff:d5:9c:bb:71:ff:51:47:
06:d0:1e:11:0e:73:a8:f4:87:1d:5c:44:f8:79:f0:e7:7e:26:
18:98:ed:7c:df:dd:7e:68:7b:13:41:8c:e4:b4:ae:c5:d4:9d:
ce:cb:97:96:56:a2:7e:72:2a:21:a4:09:5b:f1:21:76:9d:f3:
f1:92:f5:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJaTuLCrnp0QdGkckdojjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZDcxM2FkYThkYWJjZjc3NjgxYzBjYTQyZDk5NjllNDQ3
YzhlYTcwHhcNMjUwMTAyMTc1MjIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzUwODlmMjA0MDQ2NWYxZTU3ODIxODA4NDA2OTI0ODU0NzVjNzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk30jrbUmIN3SjJKMm6C12u7rCWsa
54jH8c9BemfnRLLJQTBgqc1Z5iWE6eWq7fs/iZuHLInstGo8s0pm3D+8ezDtPN9d
a6sZaLm9B3I0d69fNYrMu0Zg6BcDPqDlZChn67QqeOdNHZKUmqr+2AMauNpuG45U
9AN2uF7kjy8KeOYVaN/LhFEo3DaT57YGhASJpUqlgZ2UAcuZKZzFVr4fjti28DfS
ZH+znrlh9YZplCxS/3RHdWvKpaJW17k1NVtVtgxXHwXGHyz4sxLbw1e2EAGwWzNe
8O5WkCZWk1xdQf8laKkkidN85qoVsGezUCl1yQ2nYRVbrLDyHiAU8m00nwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGNQifIEBGXx5XghgIQGkkhUdcdiMB8GA1UdIwQY
MBaAFEbXE62o2rz3doHAykLZlp5EfI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnRjVHJhamF2UGQyZ2NES1F0bVdua1I4anFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS84OWYwZjYtYTVhYy00NjdiLWE0YWQt
YmUyMThjZWY0YTExLzEvWTFDSjhnUUVaZkhsZUNHQWhBYVNTRlIxeDJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS84OWYwZjYtYTVhYy00NjdiLWE0YWQtYmUyMThjZWY0YTEx
LzEvUnRjVHJhamF2UGQyZ2NES1F0bVdua1I4anFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9EwMA0G
CSqGSIb3DQEBCwUAA4IBAQC7LoDe55q7FRLFDIkj92QeC3a6aAa/g1A+mqu7nk6G
w+K3f7uyG1feDIOBPjoBIBUD1HrIT5CYk37ueIKiYDkSjOTng8jT645GVpyTLrnd
VapFPRmNjrSWnP74FxF1EbA2YF00w7FOT5sMcA5kuA6P6+NRRYMf/QVrQBR4Mk3y
SquMlTfZ/X4P+IKsIilmFLso1PVEKgn1LYlc69Cqp1k5dJgdzBNDgiNIb81BUF59
4Yx4MEVkrQtfAUrmwQ9c/9Wcu3H/UUcG0B4RDnOo9IcdXET4efDnfiYYmO18391+
aHsTQYzktK7F1J3Oy5eWVqJ+ciohpAlb8SF2nfPxkvVg
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:21:33 2025 by rpki-client