Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/8b3341-f85b-4c15-a989-510cf26bca65/1/0ew3GDGdcko8IEl72SU1gGU7W_k.roa
File: 0ew3GDGdcko8IEl72SU1gGU7W_k.roa (raw, json)
Hash identifier: 9xx5BwMCjSrUJr+68yVrM18oEIPDjZ9uwovBe4fuSRQ=
Subject key identifier: D1:EC:37:18:31:9D:72:4A:3C:20:49:7B:D9:25:35:80:65:3B:5B:F9
Certificate issuer: /CN=292d6b805e11ec38034f07789dcd25d1c17fa01e
Certificate serial: 019423D7FD1F9546E4A346B0613B4A2D4131
Authority key identifier: 29:2D:6B:80:5E:11:EC:38:03:4F:07:78:9D:CD:25:D1:C1:7F:A0:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KS1rgF4R7DgDTwd4nc0l0cF_oB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/8b3341-f85b-4c15-a989-510cf26bca65/1/0ew3GDGdcko8IEl72SU1gGU7W_k.roa
Signing time: Wed 01 Jan 2025 21:49:05 +0000
ROA not before: Wed 01 Jan 2025 21:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209383
IP address blocks: 91.217.30.0/23 maxlen: 23
91.223.140.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:fd:1f:95:46:e4:a3:46:b0:61:3b:4a:2d:41:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=292d6b805e11ec38034f07789dcd25d1c17fa01e
Validity
Not Before: Jan 1 21:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1ec3718319d724a3c20497bd9253580653b5bf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:01:1d:f3:27:70:58:0f:18:8f:55:89:15:b7:
50:c2:f0:4d:44:87:7d:58:ce:ba:9f:60:82:73:88:
52:bc:56:14:e9:fb:0d:5a:46:5c:9b:84:82:a7:13:
1e:e3:5a:42:d4:8f:4b:3c:5a:77:97:b7:36:31:d3:
97:53:33:f8:a3:6e:95:a5:8f:ca:44:db:01:10:47:
3e:fa:24:7f:b9:ed:32:3c:b7:36:02:89:f2:04:2a:
da:33:f3:3f:20:cf:5c:8a:49:ad:30:59:32:02:08:
4e:00:ce:38:cd:f7:77:d0:d9:3c:83:bb:f1:19:01:
d8:60:95:a6:21:8e:ae:c1:27:01:46:c1:9e:06:b0:
a9:e9:3f:6f:a2:da:78:aa:01:7b:36:8c:c5:19:29:
f3:62:1a:1e:39:69:26:cb:d6:d6:e5:13:01:ec:8e:
84:e9:04:39:51:57:42:58:4f:93:27:63:74:fb:c3:
20:79:0d:d1:b8:a4:b1:b9:dc:43:3e:03:89:bb:8c:
f7:59:54:4d:80:7e:9e:8f:fb:08:b6:a3:dc:1f:b5:
16:9f:ff:ff:8b:be:33:88:be:45:79:73:e7:33:c1:
ce:ce:1a:06:4f:a9:50:ef:18:c5:f9:88:d9:6c:00:
8f:ae:96:fe:67:bb:bc:cf:59:ae:40:e9:eb:b1:e4:
cb:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:EC:37:18:31:9D:72:4A:3C:20:49:7B:D9:25:35:80:65:3B:5B:F9
X509v3 Authority Key Identifier:
keyid:29:2D:6B:80:5E:11:EC:38:03:4F:07:78:9D:CD:25:D1:C1:7F:A0:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KS1rgF4R7DgDTwd4nc0l0cF_oB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8b3341-f85b-4c15-a989-510cf26bca65/1/0ew3GDGdcko8IEl72SU1gGU7W_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8b3341-f85b-4c15-a989-510cf26bca65/1/KS1rgF4R7DgDTwd4nc0l0cF_oB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.30.0/23
91.223.140.0/24
Signature Algorithm: sha256WithRSAEncryption
22:ef:36:84:c0:dd:ea:bd:61:d5:ad:fa:2c:01:3a:5b:a5:95:
ca:dd:ab:da:4b:1f:1b:4c:bf:d7:d2:e5:6e:3a:e9:fd:8e:84:
18:a1:14:f6:0e:df:d0:c9:6e:42:d7:09:7c:1f:d1:ca:e1:9c:
7a:2e:f5:1f:13:85:b5:99:b2:14:20:e4:03:ea:7c:bd:ae:19:
94:de:72:f5:9d:4f:9e:f4:0d:50:b4:f9:57:dd:af:e0:2a:60:
0a:cc:3d:7a:fe:ac:26:92:e3:e4:d6:86:7e:10:b8:2e:a6:92:
6e:fa:b0:ee:fa:27:6a:09:1c:88:fa:61:6d:50:c3:2e:f4:05:
50:71:b6:72:f9:ad:0c:28:27:ad:d4:6d:41:ce:62:ed:2b:9c:
40:ea:68:c6:9f:d3:8c:65:cd:6d:e3:96:70:05:f4:e9:01:59:
e6:0b:3e:e3:13:95:b9:66:cd:87:e5:8f:a0:5b:e4:1b:ec:e9:
20:e5:a1:30:dd:a6:0a:66:f2:e1:26:5f:74:f6:f2:6a:03:b8:
dc:c6:61:3d:a7:a5:53:d0:82:43:0d:f2:2b:ed:fb:8b:c9:b1:
66:91:f1:96:23:5a:6f:21:60:7e:e6:8b:3a:a5:29:80:fa:6a:
28:16:9a:ee:a6:67:50:92:43:f0:ba:8c:d0:96:e9:35:c2:9a:
ed:61:91:a1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj1/0flUbko0awYTtKLUExMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MmQ2YjgwNWUxMWVjMzgwMzRmMDc3ODlkY2QyNWQxYzE3
ZmEwMWUwHhcNMjUwMTAxMjE0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWVjMzcxODMxOWQ3MjRhM2MyMDQ5N2JkOTI1MzU4MDY1M2I1YmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygEd8ydwWA8Yj1WJFbdQwvBNRId9
WM66n2CCc4hSvFYU6fsNWkZcm4SCpxMe41pC1I9LPFp3l7c2MdOXUzP4o26VpY/K
RNsBEEc++iR/ue0yPLc2AonyBCraM/M/IM9cikmtMFkyAghOAM44zfd30Nk8g7vx
GQHYYJWmIY6uwScBRsGeBrCp6T9votp4qgF7NozFGSnzYhoeOWkmy9bW5RMB7I6E
6QQ5UVdCWE+TJ2N0+8MgeQ3RuKSxudxDPgOJu4z3WVRNgH6ej/sItqPcH7UWn///
i74ziL5FeXPnM8HOzhoGT6lQ7xjF+YjZbACPrpb+Z7u8z1muQOnrseTLLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNHsNxgxnXJKPCBJe9klNYBlO1v5MB8GA1UdIwQY
MBaAFCkta4BeEew4A08HeJ3NJdHBf6AeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1MxcmdGNFI3RGdEVHdkNG5jMGwwY0Zfb0I0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84YjMzNDEtZjg1Yi00YzE1LWE5ODkt
NTEwY2YyNmJjYTY1LzEvMGV3M0dER2Rja284SUVsNzJTVTFnR1U3V19rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC84YjMzNDEtZjg1Yi00YzE1LWE5ODktNTEwY2YyNmJjYTY1
LzEvS1MxcmdGNFI3RGdEVHdkNG5jMGwwY0Zfb0I0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW9keAwQA
W9+MMA0GCSqGSIb3DQEBCwUAA4IBAQAi7zaEwN3qvWHVrfosATpbpZXK3avaSx8b
TL/X0uVuOun9joQYoRT2Dt/QyW5C1wl8H9HK4Zx6LvUfE4W1mbIUIOQD6ny9rhmU
3nL1nU+e9A1QtPlX3a/gKmAKzD16/qwmkuPk1oZ+ELguppJu+rDu+idqCRyI+mFt
UMMu9AVQcbZy+a0MKCet1G1BzmLtK5xA6mjGn9OMZc1t45ZwBfTpAVnmCz7jE5W5
Zs2H5Y+gW+Qb7Okg5aEw3aYKZvLhJl909vJqA7jcxmE9p6VT0IJDDfIr7fuLybFm
kfGWI1pvIWB+5os6pSmA+mooFprupmdQkkPwuozQluk1wprtYZGh
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:04:57 2025 by rpki-client