Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/94d5a1-1cc3-48fc-99cc-830b22dd2dea/1/JnNHu3mBlI4S34lBG5gMe1SKldU.roa
File: JnNHu3mBlI4S34lBG5gMe1SKldU.roa (raw, json)
Hash identifier: kmsxUGCHTVtHjCmc68XKFbTUU312Q88Sy/CYV55BiQs=
Subject key identifier: 26:73:47:BB:79:81:94:8E:12:DF:89:41:1B:98:0C:7B:54:8A:95:D5
Certificate issuer: /CN=2fae412cffa8cb5cfb93bb31ab5e989038784d7f
Certificate serial: 0194236A54E3E100C5112D7FDCC895651B63
Authority key identifier: 2F:AE:41:2C:FF:A8:CB:5C:FB:93:BB:31:AB:5E:98:90:38:78:4D:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L65BLP-oy1z7k7sxq16YkDh4TX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/94d5a1-1cc3-48fc-99cc-830b22dd2dea/1/JnNHu3mBlI4S34lBG5gMe1SKldU.roa
Signing time: Wed 01 Jan 2025 19:49:18 +0000
ROA not before: Wed 01 Jan 2025 19:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210220
IP address blocks: 91.213.96.0/24 maxlen: 24
2001:67c:da4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:54:e3:e1:00:c5:11:2d:7f:dc:c8:95:65:1b:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fae412cffa8cb5cfb93bb31ab5e989038784d7f
Validity
Not Before: Jan 1 19:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=267347bb7981948e12df89411b980c7b548a95d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fd:7d:a4:d7:83:87:b7:ab:7a:3f:ca:dd:5e:
04:fe:2b:4c:b1:cf:36:bc:b6:98:91:60:f7:2e:91:
f6:d4:6a:17:28:e1:07:e4:99:d7:10:4a:25:ab:76:
d6:85:ef:d6:29:ba:3c:ab:45:77:8f:67:b2:06:ce:
87:7d:20:8e:7c:28:6f:33:fa:fb:75:7d:52:50:0e:
09:6e:c8:1b:f3:d4:6f:94:bb:f6:fd:bc:0e:a7:64:
91:0a:84:0e:93:79:16:86:a6:b4:e7:6b:30:5a:17:
2a:39:5c:e3:1f:18:cb:33:76:29:b1:18:a1:2e:dd:
8f:ef:1c:5e:c1:82:d7:a9:cf:9c:8a:53:b9:f4:9a:
79:01:03:28:41:2d:a0:cf:ab:a8:1a:a9:59:27:3a:
ad:d4:60:df:9e:23:86:7f:f1:4a:70:36:91:55:77:
1a:ec:0c:e8:74:28:8a:52:ad:ff:95:ae:21:df:71:
36:cd:98:f1:74:bf:2a:13:d8:11:68:ce:ab:35:4d:
6f:b3:a3:d6:c6:a6:9e:db:73:d4:85:2e:ee:70:59:
10:c4:12:5f:1b:08:12:1b:29:38:77:14:87:f7:26:
b5:d7:7a:a7:e0:d8:43:71:31:65:d9:66:27:8a:62:
9a:8c:a6:e1:fa:f1:fe:b6:6c:0f:f1:8d:21:4f:d2:
df:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:73:47:BB:79:81:94:8E:12:DF:89:41:1B:98:0C:7B:54:8A:95:D5
X509v3 Authority Key Identifier:
keyid:2F:AE:41:2C:FF:A8:CB:5C:FB:93:BB:31:AB:5E:98:90:38:78:4D:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L65BLP-oy1z7k7sxq16YkDh4TX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/94d5a1-1cc3-48fc-99cc-830b22dd2dea/1/JnNHu3mBlI4S34lBG5gMe1SKldU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/94d5a1-1cc3-48fc-99cc-830b22dd2dea/1/L65BLP-oy1z7k7sxq16YkDh4TX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.96.0/24
IPv6:
2001:67c:da4::/48
Signature Algorithm: sha256WithRSAEncryption
a5:c8:09:62:6c:b3:bc:b8:18:b3:f1:cc:9a:9f:17:2a:08:12:
22:7d:d6:79:25:b3:f0:87:d8:4f:64:f6:43:9d:97:8c:e0:fd:
f8:af:92:c2:d4:71:39:e5:27:c3:66:2d:80:32:c5:8c:06:90:
c4:e9:a6:84:a5:32:a1:0d:b5:48:a8:36:82:79:fa:f9:43:50:
bd:4b:b4:e7:f3:fc:c6:7f:fe:9e:07:1a:b0:b8:99:34:ee:e8:
29:10:36:3b:24:a8:77:e5:b3:da:d3:50:57:03:57:ca:a6:14:
df:e9:d2:b8:5e:d7:42:b6:35:cf:25:ce:f7:a4:a3:1e:f7:ea:
c6:f2:51:26:63:cb:07:be:18:ae:6d:42:fa:7c:20:54:54:22:
b9:ca:4e:d8:11:e2:d2:e6:b4:57:f8:c4:c6:c5:56:cc:18:36:
12:19:ca:92:fa:20:8e:d3:4a:d8:72:b3:ae:29:f0:c0:2f:6a:
c0:38:ef:84:6d:d2:09:2f:b9:f8:51:e3:6e:d0:55:b6:dd:23:
06:63:42:9f:a6:05:9c:b5:b1:ad:af:c7:ee:91:e5:4e:ef:7a:
fa:1f:f5:01:cd:7b:9f:fa:d2:98:02:df:43:eb:6a:40:df:cd:
0e:bb:f8:bb:33:cc:e0:f3:75:26:e2:63:c4:72:0a:da:40:38:
b4:bd:81:2f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQjalTj4QDFES1/3MiVZRtjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYWU0MTJjZmZhOGNiNWNmYjkzYmIzMWFiNWU5ODkwMzg3
ODRkN2YwHhcNMjUwMTAxMTk0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjczNDdiYjc5ODE5NDhlMTJkZjg5NDExYjk4MGM3YjU0OGE5NWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/19pNeDh7erej/K3V4E/itMsc82
vLaYkWD3LpH21GoXKOEH5JnXEEolq3bWhe/WKbo8q0V3j2eyBs6HfSCOfChvM/r7
dX1SUA4Jbsgb89RvlLv2/bwOp2SRCoQOk3kWhqa052swWhcqOVzjHxjLM3YpsRih
Lt2P7xxewYLXqc+cilO59Jp5AQMoQS2gz6uoGqlZJzqt1GDfniOGf/FKcDaRVXca
7AzodCiKUq3/la4h33E2zZjxdL8qE9gRaM6rNU1vs6PWxqae23PUhS7ucFkQxBJf
GwgSGyk4dxSH9ya113qn4NhDcTFl2WYnimKajKbh+vH+tmwP8Y0hT9Lf1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCZzR7t5gZSOEt+JQRuYDHtUipXVMB8GA1UdIwQY
MBaAFC+uQSz/qMtc+5O7MatemJA4eE1/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDY1QkxQLW95MXo3azdzeHExNllrRGg0VFg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi85NGQ1YTEtMWNjMy00OGZjLTk5Y2Mt
ODMwYjIyZGQyZGVhLzEvSm5OSHUzbUJsSTRTMzRsQkc1Z01lMVNLbGRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi85NGQ1YTEtMWNjMy00OGZjLTk5Y2MtODMwYjIyZGQyZGVh
LzEvTDY1QkxQLW95MXo3azdzeHExNllrRGg0VFg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9VgMA8E
AgACMAkDBwAgAQZ8DaQwDQYJKoZIhvcNAQELBQADggEBAKXICWJss7y4GLPxzJqf
FyoIEiJ91nkls/CH2E9k9kOdl4zg/fivksLUcTnlJ8NmLYAyxYwGkMTppoSlMqEN
tUioNoJ5+vlDUL1LtOfz/MZ//p4HGrC4mTTu6CkQNjskqHfls9rTUFcDV8qmFN/p
0rhe10K2Nc8lzvekox736sbyUSZjywe+GK5tQvp8IFRUIrnKTtgR4tLmtFf4xMbF
VswYNhIZypL6II7TSthys64p8MAvasA474Rt0gkvufhR427QVbbdIwZjQp+mBZy1
sa2vx+6R5U7vevof9QHNe5/60pgC30PrakDfzQ67+LszzODzdSbiY8RyCtpAOLS9
gS8=
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:36:53 2025 by rpki-client