Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/ofhPTdJYyOtReXz73tD2xI7Nenw.roa
File: ofhPTdJYyOtReXz73tD2xI7Nenw.roa (raw, json)
Hash identifier: FCZ0fnzEh8Pc6cPMxzRA6YANmllcrSQpN4x9Jhf/aSk=
Subject key identifier: A1:F8:4F:4D:D2:58:C8:EB:51:79:7C:FB:DE:D0:F6:C4:8E:CD:7A:7C
Certificate issuer: /CN=46d713ada8dabcf77681c0ca42d9969e447c8ea7
Certificate serial: 01942825A61C1DF2E1084DB986ABB681A2DD
Authority key identifier: 46:D7:13:AD:A8:DA:BC:F7:76:81:C0:CA:42:D9:96:9E:44:7C:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RtcTrajavPd2gcDKQtmWnkR8jqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/ofhPTdJYyOtReXz73tD2xI7Nenw.roa
Signing time: Thu 02 Jan 2025 17:52:23 +0000
ROA not before: Thu 02 Jan 2025 17:52:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39673
IP address blocks: 91.209.50.0/24 maxlen: 24
2a0f:5fc0:dead::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:a6:1c:1d:f2:e1:08:4d:b9:86:ab:b6:81:a2:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46d713ada8dabcf77681c0ca42d9969e447c8ea7
Validity
Not Before: Jan 2 17:52:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1f84f4dd258c8eb51797cfbded0f6c48ecd7a7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a8:1e:23:f8:54:96:73:d9:7b:9e:f8:22:eb:
51:ad:f9:67:c1:55:0c:47:cd:74:39:6b:4e:e9:45:
32:7e:ad:cd:0e:72:76:0c:21:1c:de:1b:78:52:96:
31:fa:7d:61:97:02:9c:57:b3:75:ba:ff:54:3d:44:
2e:a4:b6:17:3c:81:48:c6:74:be:90:ba:03:1f:9d:
ad:75:a0:df:93:5a:07:16:aa:e4:d9:8a:dc:dc:dc:
d3:62:be:a5:df:36:d0:b9:8b:e7:88:21:1f:c9:56:
19:a3:39:a5:38:74:bd:70:25:17:6a:93:05:91:4a:
88:f8:cb:a2:f1:5a:9f:b3:1f:31:53:d3:53:26:52:
8c:ae:2c:34:71:05:f4:15:b4:84:11:c2:b7:68:12:
14:d4:35:c5:3e:64:03:4a:e3:4d:73:e0:94:44:29:
9d:be:d3:0e:d8:ce:81:ac:21:0d:e7:8a:9a:55:9e:
58:d9:91:d6:2b:e5:98:87:f0:25:4d:9d:89:61:68:
56:3f:a5:0d:64:b8:5b:9f:a4:27:6c:f2:cc:a3:8f:
4f:42:94:c1:e2:23:07:2b:b0:ee:fe:d9:df:bb:02:
82:d0:70:41:df:3d:9b:e5:d8:e5:ef:b0:57:67:93:
09:a0:7f:15:69:12:f9:83:61:bf:b3:b7:9e:99:4f:
60:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:F8:4F:4D:D2:58:C8:EB:51:79:7C:FB:DE:D0:F6:C4:8E:CD:7A:7C
X509v3 Authority Key Identifier:
keyid:46:D7:13:AD:A8:DA:BC:F7:76:81:C0:CA:42:D9:96:9E:44:7C:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RtcTrajavPd2gcDKQtmWnkR8jqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/ofhPTdJYyOtReXz73tD2xI7Nenw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/RtcTrajavPd2gcDKQtmWnkR8jqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.50.0/24
IPv6:
2a0f:5fc0:dead::/48
Signature Algorithm: sha256WithRSAEncryption
0b:15:af:1c:b7:b7:32:e5:04:5a:4b:db:f2:e6:3a:1e:e9:b2:
92:98:ee:ab:a6:7e:d0:d5:6b:30:e5:9a:88:60:8c:05:35:f2:
5e:25:08:3e:0e:f8:a9:4d:f1:93:9d:2d:46:91:61:1c:1c:1e:
87:be:8d:fe:64:6b:48:87:a2:19:64:90:0b:13:0d:4a:f9:f9:
69:3a:29:ad:c5:3f:1a:37:07:7a:4c:7b:06:71:59:bf:7b:be:
65:60:9b:47:10:7e:e7:d3:9a:b5:75:81:34:a8:83:7b:d9:85:
2a:4d:31:f0:7f:d1:a4:19:83:29:38:e5:32:64:6a:68:c5:25:
ac:9d:6a:5f:65:5e:2a:6e:a8:e0:b1:55:fb:34:87:c2:c9:7b:
9a:04:90:fd:be:89:8f:7e:ed:17:ba:25:ef:04:4a:ff:27:68:
ba:80:0f:8c:76:32:32:e6:c8:a2:a4:66:21:eb:07:40:82:6e:
1d:fc:da:62:7e:87:6a:e6:65:68:75:33:65:5f:60:ad:23:1e:
60:13:d6:df:b0:15:ba:0b:9a:c3:a0:36:69:19:1a:9c:8f:57:
c2:ab:42:77:6a:4a:b3:6b:f6:1e:8c:f8:71:fa:d9:0f:34:99:
a5:45:93:b9:fa:c2:ae:3d:16:60:b2:1f:b0:10:95:42:cf:1d:
7b:9f:e8:04
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQoJaYcHfLhCE25hqu2gaLdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZDcxM2FkYThkYWJjZjc3NjgxYzBjYTQyZDk5NjllNDQ3
YzhlYTcwHhcNMjUwMTAyMTc1MjIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWY4NGY0ZGQyNThjOGViNTE3OTdjZmJkZWQwZjZjNDhlY2Q3YTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyageI/hUlnPZe574IutRrflnwVUM
R810OWtO6UUyfq3NDnJ2DCEc3ht4UpYx+n1hlwKcV7N1uv9UPUQupLYXPIFIxnS+
kLoDH52tdaDfk1oHFqrk2Yrc3NzTYr6l3zbQuYvniCEfyVYZozmlOHS9cCUXapMF
kUqI+Mui8Vqfsx8xU9NTJlKMriw0cQX0FbSEEcK3aBIU1DXFPmQDSuNNc+CURCmd
vtMO2M6BrCEN54qaVZ5Y2ZHWK+WYh/AlTZ2JYWhWP6UNZLhbn6QnbPLMo49PQpTB
4iMHK7Du/tnfuwKC0HBB3z2b5djl77BXZ5MJoH8VaRL5g2G/s7eemU9giwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKH4T03SWMjrUXl8+97Q9sSOzXp8MB8GA1UdIwQY
MBaAFEbXE62o2rz3doHAykLZlp5EfI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnRjVHJhamF2UGQyZ2NES1F0bVdua1I4anFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS84OWYwZjYtYTVhYy00NjdiLWE0YWQt
YmUyMThjZWY0YTExLzEvb2ZoUFRkSll5T3RSZVh6NzN0RDJ4STdOZW53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS84OWYwZjYtYTVhYy00NjdiLWE0YWQtYmUyMThjZWY0YTEx
LzEvUnRjVHJhamF2UGQyZ2NES1F0bVdua1I4anFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9EyMA8E
AgACMAkDBwAqD1/A3q0wDQYJKoZIhvcNAQELBQADggEBAAsVrxy3tzLlBFpL2/Lm
Oh7pspKY7qumftDVazDlmohgjAU18l4lCD4O+KlN8ZOdLUaRYRwcHoe+jf5ka0iH
ohlkkAsTDUr5+Wk6Ka3FPxo3B3pMewZxWb97vmVgm0cQfufTmrV1gTSog3vZhSpN
MfB/0aQZgyk45TJkamjFJaydal9lXipuqOCxVfs0h8LJe5oEkP2+iY9+7Re6Je8E
Sv8naLqAD4x2MjLmyKKkZiHrB0CCbh382mJ+h2rmZWh1M2VfYK0jHmAT1t+wFboL
msOgNmkZGpyPV8KrQndqSrNr9h6M+HH62Q80maVFk7n6wq49FmCyH7AQlULPHXuf
6AQ=
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:18:31 2025 by rpki-client