Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/7OFNNdiNXDQz7AIlghSlACPJUG0.roa
File: 7OFNNdiNXDQz7AIlghSlACPJUG0.roa (raw, json)
Hash identifier: DtUszi/FPNHXSmlP2ldXK4EtgVt4btB7T2/R1Z7FiuE=
Subject key identifier: EC:E1:4D:35:D8:8D:5C:34:33:EC:02:25:82:14:A5:00:23:C9:50:6D
Certificate issuer: /CN=59a06c187953cfc8133b2beee5f01a15e45da078
Certificate serial: 01942444AAB2165D5C754F32F256D182243E
Authority key identifier: 59:A0:6C:18:79:53:CF:C8:13:3B:2B:EE:E5:F0:1A:15:E4:5D:A0:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WaBsGHlTz8gTOyvu5fAaFeRdoHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/7OFNNdiNXDQz7AIlghSlACPJUG0.roa
Signing time: Wed 01 Jan 2025 23:47:47 +0000
ROA not before: Wed 01 Jan 2025 23:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 91.233.120.0/24 maxlen: 24
2a11:6740::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:aa:b2:16:5d:5c:75:4f:32:f2:56:d1:82:24:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59a06c187953cfc8133b2beee5f01a15e45da078
Validity
Not Before: Jan 1 23:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ece14d35d88d5c3433ec02258214a50023c9506d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0e:98:8f:ea:6b:ab:b3:af:25:ba:50:5c:5f:
37:bb:a2:21:0e:98:86:fd:23:88:61:92:ed:75:5a:
cf:66:fe:35:a4:7b:7d:b7:4e:8d:7f:e4:88:ec:c3:
23:97:90:c7:d6:71:a3:77:d6:f7:fd:b8:f5:e6:e8:
57:e8:60:f6:10:e8:35:83:d7:46:db:a7:33:33:19:
3c:88:58:7a:aa:a9:13:68:c9:02:56:02:53:f2:ad:
7d:9a:19:d6:b7:b3:e9:c1:2d:6a:aa:f3:9e:69:02:
0e:58:61:43:cc:69:96:42:c2:a1:e3:fd:db:14:6b:
f5:f4:b3:61:3d:a5:ab:be:48:89:b3:a2:6c:f6:15:
77:ba:29:a4:c6:39:7b:63:00:dc:50:55:c5:bf:5c:
76:b6:a3:e2:fe:40:da:e6:bb:34:fc:58:9e:f4:d8:
d8:13:8f:5b:82:af:33:37:a8:a7:44:71:b7:88:8d:
f6:56:d6:18:a9:c9:53:a7:c6:2d:3a:b2:14:f0:df:
bf:41:4c:1c:18:2a:3b:53:0e:3b:d9:fe:6d:4d:12:
69:51:c3:d6:a0:71:c3:00:13:11:ca:58:68:4a:23:
4e:c5:13:e0:67:00:51:8d:f0:66:e5:89:57:14:e6:
37:d8:99:c3:14:68:6e:ed:05:b6:fc:c3:e0:b0:26:
bd:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:E1:4D:35:D8:8D:5C:34:33:EC:02:25:82:14:A5:00:23:C9:50:6D
X509v3 Authority Key Identifier:
keyid:59:A0:6C:18:79:53:CF:C8:13:3B:2B:EE:E5:F0:1A:15:E4:5D:A0:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WaBsGHlTz8gTOyvu5fAaFeRdoHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/7OFNNdiNXDQz7AIlghSlACPJUG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/WaBsGHlTz8gTOyvu5fAaFeRdoHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.120.0/24
IPv6:
2a11:6740::/29
Signature Algorithm: sha256WithRSAEncryption
66:7e:81:d5:02:19:95:c3:57:21:30:9a:5f:eb:16:b4:11:a5:
ab:8e:33:ac:54:55:3f:1f:61:86:d7:59:eb:69:93:c4:51:6b:
74:b8:f2:5a:cb:78:dd:e7:45:e4:5f:1f:82:40:3d:e6:3b:9d:
c6:c5:f3:b7:16:a9:5d:5e:a2:57:72:d7:a5:55:f0:cc:5d:1b:
53:30:b7:13:6b:71:41:d4:e0:9b:e2:fd:8e:9e:bb:1e:58:fc:
1c:54:92:b8:46:5d:4d:02:3d:6a:af:ce:de:cd:d0:3c:d6:e1:
ea:94:e4:53:d5:d8:e5:30:4d:9f:5f:54:fb:ee:86:02:36:3e:
6a:bf:b8:57:13:7c:a7:a5:25:9e:ca:69:c6:c5:2e:95:53:6e:
da:d4:bb:13:a0:80:ce:f1:a1:99:9a:65:e0:1b:23:d6:62:87:
5d:e9:9b:ca:40:26:e9:9f:56:d8:a9:26:56:8e:04:b3:12:73:
70:73:02:eb:e3:39:39:8d:a0:09:b1:a5:83:ca:8d:f8:95:95:
d1:f9:0a:7f:a4:b7:85:7c:58:1c:7d:4a:8d:e8:7d:1f:a0:0c:
ad:00:94:01:c5:d2:e7:99:48:75:c8:91:a6:de:1b:6a:66:9e:
3b:5f:a8:c5:60:e3:02:3b:74:57:70:71:44:37:4d:5c:50:0c:
57:9b:75:62
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRKqyFl1cdU8y8lbRgiQ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5YTA2YzE4Nzk1M2NmYzgxMzNiMmJlZWU1ZjAxYTE1ZTQ1
ZGEwNzgwHhcNMjUwMTAxMjM0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2UxNGQzNWQ4OGQ1YzM0MzNlYzAyMjU4MjE0YTUwMDIzYzk1MDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Q6Yj+prq7OvJbpQXF83u6IhDpiG
/SOIYZLtdVrPZv41pHt9t06Nf+SI7MMjl5DH1nGjd9b3/bj15uhX6GD2EOg1g9dG
26czMxk8iFh6qqkTaMkCVgJT8q19mhnWt7PpwS1qqvOeaQIOWGFDzGmWQsKh4/3b
FGv19LNhPaWrvkiJs6Js9hV3uimkxjl7YwDcUFXFv1x2tqPi/kDa5rs0/Fie9NjY
E49bgq8zN6inRHG3iI32VtYYqclTp8YtOrIU8N+/QUwcGCo7Uw472f5tTRJpUcPW
oHHDABMRylhoSiNOxRPgZwBRjfBm5YlXFOY32JnDFGhu7QW2/MPgsCa9FwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOzhTTXYjVw0M+wCJYIUpQAjyVBtMB8GA1UdIwQY
MBaAFFmgbBh5U8/IEzsr7uXwGhXkXaB4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2FCc0dIbFR6OGdUT3l2dTVmQWFGZVJkb0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi85MTcwZTMtZTliMy00ZDZkLTg3ODct
ZTQ2ZWE4OWJmODQ5LzEvN09GTk5kaU5YRFF6N0FJbGdoU2xBQ1BKVUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi85MTcwZTMtZTliMy00ZDZkLTg3ODctZTQ2ZWE4OWJmODQ5
LzEvV2FCc0dIbFR6OGdUT3l2dTVmQWFGZVJkb0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW+l4MA0E
AgACMAcDBQMqEWdAMA0GCSqGSIb3DQEBCwUAA4IBAQBmfoHVAhmVw1chMJpf6xa0
EaWrjjOsVFU/H2GG11nraZPEUWt0uPJay3jd50XkXx+CQD3mO53GxfO3FqldXqJX
ctelVfDMXRtTMLcTa3FB1OCb4v2OnrseWPwcVJK4Rl1NAj1qr87ezdA81uHqlORT
1djlME2fX1T77oYCNj5qv7hXE3ynpSWeymnGxS6VU27a1LsToIDO8aGZmmXgGyPW
Yodd6ZvKQCbpn1bYqSZWjgSzEnNwcwLr4zk5jaAJsaWDyo34lZXR+Qp/pLeFfFgc
fUqN6H0foAytAJQBxdLnmUh1yJGm3htqZp47X6jFYOMCO3RXcHFEN01cUAxXm3Vi
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:33:35 2025 by rpki-client