Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/74d876-05a8-4b10-90e2-c9da030af326/1/cHx9sYkuiAFAjOWcBOb5TDvNls8.roa
File: cHx9sYkuiAFAjOWcBOb5TDvNls8.roa (raw, json)
Hash identifier: ShwHq89MA2jwo160RZTKkKFkHAW0OiQLJH4eT6G+deQ=
Subject key identifier: 70:7C:7D:B1:89:2E:88:01:40:8C:E5:9C:04:E6:F9:4C:3B:CD:96:CF
Certificate issuer: /CN=6bcbdb6fd39e76f00484012e13146b218755c3fb
Certificate serial: 019425FC59AD853B84AFB67146B6F17A85D2
Authority key identifier: 6B:CB:DB:6F:D3:9E:76:F0:04:84:01:2E:13:14:6B:21:87:55:C3:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8vbb9OedvAEhAEuExRrIYdVw_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/74d876-05a8-4b10-90e2-c9da030af326/1/cHx9sYkuiAFAjOWcBOb5TDvNls8.roa
Signing time: Thu 02 Jan 2025 07:48:02 +0000
ROA not before: Thu 02 Jan 2025 07:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57136
IP address blocks: 91.212.192.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:59:ad:85:3b:84:af:b6:71:46:b6:f1:7a:85:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bcbdb6fd39e76f00484012e13146b218755c3fb
Validity
Not Before: Jan 2 07:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=707c7db1892e8801408ce59c04e6f94c3bcd96cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a3:8f:0b:eb:e0:55:86:8e:6f:d2:ad:14:f7:
17:90:fb:91:95:69:d7:fb:de:b5:ed:46:3d:da:57:
83:29:de:15:60:45:b4:17:21:c8:50:71:3f:12:4c:
fb:07:eb:15:7e:69:63:a6:43:da:8e:20:6a:40:c4:
ce:6b:50:75:9f:72:a2:91:3b:53:d6:8d:7b:f1:74:
0e:ef:b0:bc:b1:0a:39:9d:81:d6:f6:92:34:93:a8:
d6:11:ba:a9:3d:e0:08:0d:78:c2:dc:54:fd:8c:65:
a6:7b:1b:61:20:1e:83:2b:59:ea:a0:d1:fa:89:c1:
33:11:cc:9b:f2:da:77:ad:b3:04:82:f6:b1:5b:50:
ed:ee:7d:84:eb:ea:6e:56:8c:e3:50:57:e6:bc:02:
ce:76:b6:93:16:92:cd:db:5f:a7:e5:25:63:b4:a6:
3f:38:4a:a4:99:bb:d0:ab:5d:51:48:62:35:2a:4a:
cc:eb:fd:de:cb:b9:b7:54:ee:c9:ca:85:aa:a1:5f:
e8:41:9c:36:50:f0:5c:07:59:6f:42:8d:1a:16:8a:
35:b0:48:af:aa:ea:8e:6e:42:b1:31:19:62:e9:39:
1c:da:96:95:3d:a4:1d:19:b2:7c:06:3a:cc:af:c0:
e7:fe:a2:e6:8f:1e:b9:6a:2f:3d:4b:9c:b8:0b:95:
27:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:7C:7D:B1:89:2E:88:01:40:8C:E5:9C:04:E6:F9:4C:3B:CD:96:CF
X509v3 Authority Key Identifier:
keyid:6B:CB:DB:6F:D3:9E:76:F0:04:84:01:2E:13:14:6B:21:87:55:C3:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8vbb9OedvAEhAEuExRrIYdVw_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/74d876-05a8-4b10-90e2-c9da030af326/1/cHx9sYkuiAFAjOWcBOb5TDvNls8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/74d876-05a8-4b10-90e2-c9da030af326/1/a8vbb9OedvAEhAEuExRrIYdVw_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.192.0/24
Signature Algorithm: sha256WithRSAEncryption
58:60:64:7c:9a:95:93:f3:2d:f1:f5:db:78:3f:d8:2a:41:21:
9f:ea:a1:d9:0b:8b:f4:46:f8:b0:dd:98:a0:63:52:4c:b8:63:
0b:ab:2d:51:bc:bb:1d:18:23:03:a5:81:e5:cc:b2:12:34:6d:
d7:ac:0d:19:fc:de:44:a0:e8:02:4a:c6:e3:3e:c3:d0:fd:de:
24:ad:23:64:7f:a7:7f:56:bc:42:2a:32:17:b3:ed:41:45:ea:
1c:7b:d7:5d:62:15:79:eb:f2:50:c1:aa:76:fa:2d:fc:7f:55:
e7:bc:f1:84:5e:a2:ba:05:a9:38:e9:17:eb:cd:82:0e:8a:05:
4b:8e:9b:3e:31:46:70:bd:cb:07:f3:c5:23:60:c6:75:df:3e:
05:0f:99:bf:f9:0f:93:55:61:dd:dd:43:3f:e1:8b:a6:9c:14:
e0:bb:ae:de:a1:6f:2a:fa:fe:41:99:b7:8a:60:c3:8e:40:cc:
3e:4b:0b:e7:b1:55:a1:bb:f8:4d:ab:e8:c0:eb:18:57:2b:b5:
25:f2:49:d9:6c:47:5d:5e:f2:30:e2:f0:ac:96:c0:aa:b5:9e:
01:d4:a0:2e:2d:ab:24:12:a1:c0:52:c8:77:d7:ea:72:35:c5:
d2:22:d6:a7:c1:6b:4f:14:a2:97:4d:ba:24:fa:d1:a5:a6:44:
e9:4a:76:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/FmthTuEr7ZxRrbxeoXSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiY2JkYjZmZDM5ZTc2ZjAwNDg0MDEyZTEzMTQ2YjIxODc1
NWMzZmIwHhcNMjUwMTAyMDc0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDdjN2RiMTg5MmU4ODAxNDA4Y2U1OWMwNGU2Zjk0YzNiY2Q5NmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1aOPC+vgVYaOb9KtFPcXkPuRlWnX
+9617UY92leDKd4VYEW0FyHIUHE/Ekz7B+sVfmljpkPajiBqQMTOa1B1n3KikTtT
1o178XQO77C8sQo5nYHW9pI0k6jWEbqpPeAIDXjC3FT9jGWmexthIB6DK1nqoNH6
icEzEcyb8tp3rbMEgvaxW1Dt7n2E6+puVozjUFfmvALOdraTFpLN21+n5SVjtKY/
OEqkmbvQq11RSGI1KkrM6/3ey7m3VO7JyoWqoV/oQZw2UPBcB1lvQo0aFoo1sEiv
quqObkKxMRli6Tkc2paVPaQdGbJ8BjrMr8Dn/qLmjx65ai89S5y4C5UnnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHB8fbGJLogBQIzlnATm+Uw7zZbPMB8GA1UdIwQY
MBaAFGvL22/TnnbwBIQBLhMUayGHVcP7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTh2YmI5T2VkdkFFaEFFdUV4UnJJWWRWd19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83NGQ4NzYtMDVhOC00YjEwLTkwZTIt
YzlkYTAzMGFmMzI2LzEvY0h4OXNZa3VpQUZBak9XY0JPYjVURHZObHM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83NGQ4NzYtMDVhOC00YjEwLTkwZTItYzlkYTAzMGFmMzI2
LzEvYTh2YmI5T2VkdkFFaEFFdUV4UnJJWWRWd19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9TAMA0G
CSqGSIb3DQEBCwUAA4IBAQBYYGR8mpWT8y3x9dt4P9gqQSGf6qHZC4v0Rviw3Zig
Y1JMuGMLqy1RvLsdGCMDpYHlzLISNG3XrA0Z/N5EoOgCSsbjPsPQ/d4krSNkf6d/
VrxCKjIXs+1BReoce9ddYhV56/JQwap2+i38f1XnvPGEXqK6Bak46RfrzYIOigVL
jps+MUZwvcsH88UjYMZ13z4FD5m/+Q+TVWHd3UM/4YumnBTgu67eoW8q+v5BmbeK
YMOOQMw+SwvnsVWhu/hNq+jA6xhXK7Ul8knZbEddXvIw4vCslsCqtZ4B1KAuLask
EqHAUsh31+pyNcXSItanwWtPFKKXTbok+tGlpkTpSnZn
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:57:31 2025 by rpki-client