Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/f86013-fe1d-41be-afe8-c8fc6163942b/1/ICVbUtHfbHYJwV7ucXI2K_14ylU.roa
File: ICVbUtHfbHYJwV7ucXI2K_14ylU.roa (raw, json)
Hash identifier: d0or5/9y3dY5/PzUShTK41fVXw4MjWFCN4HTk7PqBCg=
Subject key identifier: 20:25:5B:52:D1:DF:6C:76:09:C1:5E:EE:71:72:36:2B:FD:78:CA:55
Certificate issuer: /CN=2046367390224a07684d7977f9165a0950f03d54
Certificate serial: 019424B3C0112C6A1ADD8055F4710E0AD761
Authority key identifier: 20:46:36:73:90:22:4A:07:68:4D:79:77:F9:16:5A:09:50:F0:3D:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IEY2c5AiSgdoTXl3-RZaCVDwPVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/f86013-fe1d-41be-afe8-c8fc6163942b/1/ICVbUtHfbHYJwV7ucXI2K_14ylU.roa
Signing time: Thu 02 Jan 2025 01:49:07 +0000
ROA not before: Thu 02 Jan 2025 01:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48342
IP address blocks: 91.209.106.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:c0:11:2c:6a:1a:dd:80:55:f4:71:0e:0a:d7:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2046367390224a07684d7977f9165a0950f03d54
Validity
Not Before: Jan 2 01:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20255b52d1df6c7609c15eee7172362bfd78ca55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:fa:35:9d:cf:7d:95:2c:92:34:eb:e8:1b:49:
0d:ce:a7:9e:63:29:39:fc:0f:53:ca:50:73:9c:9b:
32:c8:2d:9b:01:2c:4a:46:9a:f9:78:1a:cc:46:5a:
f1:01:80:18:55:68:c3:63:d1:d7:3c:49:ee:60:2b:
87:3d:87:2c:ec:3c:e7:e2:b4:3a:25:66:e8:58:56:
33:09:1c:18:61:db:95:60:38:12:21:5b:ae:3f:63:
2a:f0:5f:3a:08:5a:65:cc:85:67:25:6e:90:f0:74:
92:62:d9:75:a7:c5:5b:f8:e4:9b:94:2b:27:4b:d0:
bf:29:2c:2d:9e:ed:82:3a:78:9b:21:aa:be:8e:43:
63:36:50:3e:c4:3e:42:9a:fd:ba:b5:30:23:90:90:
f4:0b:4a:d7:28:73:b5:12:3f:9a:b3:38:4c:ef:87:
2b:6c:d1:a0:9e:65:d7:bc:bf:36:07:63:49:e2:1b:
d7:cc:58:f6:47:b3:65:83:a9:15:11:eb:59:51:cf:
7a:4a:0c:98:1f:8e:f5:53:b3:f2:e5:3f:6a:b5:82:
2e:7e:3a:11:db:50:8f:50:75:71:bd:38:cc:d3:d2:
da:0c:d6:41:14:53:eb:58:83:77:c3:d4:38:a1:59:
37:35:cf:d0:4d:c2:b9:bf:ed:8f:2d:bd:31:30:5b:
24:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:25:5B:52:D1:DF:6C:76:09:C1:5E:EE:71:72:36:2B:FD:78:CA:55
X509v3 Authority Key Identifier:
keyid:20:46:36:73:90:22:4A:07:68:4D:79:77:F9:16:5A:09:50:F0:3D:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IEY2c5AiSgdoTXl3-RZaCVDwPVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/f86013-fe1d-41be-afe8-c8fc6163942b/1/ICVbUtHfbHYJwV7ucXI2K_14ylU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/f86013-fe1d-41be-afe8-c8fc6163942b/1/IEY2c5AiSgdoTXl3-RZaCVDwPVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.106.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:a4:e4:74:fd:b9:f4:f9:ef:84:7d:8b:b1:ea:61:43:0a:17:
a3:eb:06:21:52:04:91:42:3e:a6:dc:6a:0d:55:73:f7:67:8e:
9f:25:d6:d0:62:01:48:7b:9e:0f:14:c3:d9:60:c4:12:50:9c:
a5:3b:4a:95:60:ab:ca:3b:95:db:e8:b0:6b:12:1f:9b:e5:59:
38:00:46:c1:28:1f:25:1c:a3:42:41:eb:84:18:36:e1:82:62:
e2:41:aa:45:2c:97:b8:aa:c2:a9:64:6b:4a:3a:e4:18:0d:e5:
dd:ad:b2:3c:16:fd:09:6b:4b:d9:4d:30:46:d3:0f:bb:01:b0:
90:bd:d5:6b:9a:8b:e6:7e:b9:a2:18:96:6c:60:d3:e2:d6:43:
54:01:cb:0c:9a:5e:d3:37:01:19:a0:4b:32:88:92:be:99:5b:
67:c8:22:65:b6:4d:3f:97:c4:4e:d3:57:4d:c5:39:0d:09:11:
60:8b:5d:37:b0:eb:56:98:19:2a:2f:68:8d:fc:2a:6d:0e:69:
15:60:8e:09:10:50:ac:fc:6c:32:b2:59:65:b8:06:cb:0d:54:
1b:03:b5:90:ea:13:53:d8:69:96:89:03:f2:58:dc:fc:03:d1:
59:58:de:78:d4:e7:6c:87:a3:86:d3:ad:7f:1e:05:e1:0d:c8:
33:61:94:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks8ARLGoa3YBV9HEOCtdhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNDYzNjczOTAyMjRhMDc2ODRkNzk3N2Y5MTY1YTA5NTBm
MDNkNTQwHhcNMjUwMTAyMDE0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDI1NWI1MmQxZGY2Yzc2MDljMTVlZWU3MTcyMzYyYmZkNzhjYTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/o1nc99lSySNOvoG0kNzqeeYyk5
/A9TylBznJsyyC2bASxKRpr5eBrMRlrxAYAYVWjDY9HXPEnuYCuHPYcs7Dzn4rQ6
JWboWFYzCRwYYduVYDgSIVuuP2Mq8F86CFplzIVnJW6Q8HSSYtl1p8Vb+OSblCsn
S9C/KSwtnu2COnibIaq+jkNjNlA+xD5Cmv26tTAjkJD0C0rXKHO1Ej+aszhM74cr
bNGgnmXXvL82B2NJ4hvXzFj2R7Nlg6kVEetZUc96SgyYH471U7Py5T9qtYIufjoR
21CPUHVxvTjM09LaDNZBFFPrWIN3w9Q4oVk3Nc/QTcK5v+2PLb0xMFskOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCAlW1LR32x2CcFe7nFyNiv9eMpVMB8GA1UdIwQY
MBaAFCBGNnOQIkoHaE15d/kWWglQ8D1UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUVZMmM1QWlTZ2RvVFhsMy1SWmFDVkR3UFZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9mODYwMTMtZmUxZC00MWJlLWFmZTgt
YzhmYzYxNjM5NDJiLzEvSUNWYlV0SGZiSFlKd1Y3dWNYSTJLXzE0eWxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9mODYwMTMtZmUxZC00MWJlLWFmZTgtYzhmYzYxNjM5NDJi
LzEvSUVZMmM1QWlTZ2RvVFhsMy1SWmFDVkR3UFZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9FqMA0G
CSqGSIb3DQEBCwUAA4IBAQA7pOR0/bn0+e+EfYux6mFDChej6wYhUgSRQj6m3GoN
VXP3Z46fJdbQYgFIe54PFMPZYMQSUJylO0qVYKvKO5Xb6LBrEh+b5Vk4AEbBKB8l
HKNCQeuEGDbhgmLiQapFLJe4qsKpZGtKOuQYDeXdrbI8Fv0Ja0vZTTBG0w+7AbCQ
vdVrmovmfrmiGJZsYNPi1kNUAcsMml7TNwEZoEsyiJK+mVtnyCJltk0/l8RO01dN
xTkNCRFgi103sOtWmBkqL2iN/CptDmkVYI4JEFCs/GwysllluAbLDVQbA7WQ6hNT
2GmWiQPyWNz8A9FZWN541Odsh6OG061/HgXhDcgzYZSA
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:40:05 2025 by rpki-client