Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/45fcd5-8812-432d-b537-76982f03ea0c/1/gi2nB3ojIWFvbp9ceI5eykRUnBQ.roa
File: gi2nB3ojIWFvbp9ceI5eykRUnBQ.roa (raw, json)
Hash identifier: SdF/4kUgrmuoBf7uz2K1ONEXYqOeDgBsypfMdmo+6rY=
Subject key identifier: 82:2D:A7:07:7A:23:21:61:6F:6E:9F:5C:78:8E:5E:CA:44:54:9C:14
Certificate issuer: /CN=f83ccaef9c91120ec6fb14ff4c4c5745a0239b77
Certificate serial: 0194252221612A3A52B7D97EF040A1F9BC24
Authority key identifier: F8:3C:CA:EF:9C:91:12:0E:C6:FB:14:FF:4C:4C:57:45:A0:23:9B:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-DzK75yREg7G-xT_TExXRaAjm3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/45fcd5-8812-432d-b537-76982f03ea0c/1/gi2nB3ojIWFvbp9ceI5eykRUnBQ.roa
Signing time: Thu 02 Jan 2025 03:49:41 +0000
ROA not before: Thu 02 Jan 2025 03:49:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207869
IP address blocks: 91.230.82.0/24 maxlen: 24
91.230.134.0/24 maxlen: 24
91.230.143.0/24 maxlen: 24
91.230.147.0/24 maxlen: 24
2a0f:70c0:100::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:21:61:2a:3a:52:b7:d9:7e:f0:40:a1:f9:bc:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f83ccaef9c91120ec6fb14ff4c4c5745a0239b77
Validity
Not Before: Jan 2 03:49:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=822da7077a2321616f6e9f5c788e5eca44549c14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:6a:6d:0d:78:6b:8d:dd:80:55:41:37:d7:e5:
5d:41:f6:64:a7:6d:1d:dc:13:6a:50:2f:03:ac:da:
4e:bd:39:0b:9e:17:8d:a3:8d:59:6f:8d:45:53:69:
dc:39:7e:c8:d9:31:a8:7d:d9:06:48:9c:28:3d:8f:
8c:3a:90:04:4a:82:74:7c:a4:31:b9:51:89:3d:e1:
53:31:ed:66:e5:e7:e9:4f:17:5f:36:17:38:6a:ab:
a4:12:e7:8a:b1:eb:f3:16:cf:37:87:88:d0:71:0c:
fb:1e:66:01:2f:7c:51:85:a4:22:54:d9:7b:7c:9e:
79:66:0f:18:e3:f4:a7:7e:27:1a:cb:6c:70:fc:da:
87:6e:6e:8d:95:23:9d:02:e0:5d:d6:4c:79:2f:c7:
3c:3a:3c:af:a7:ff:91:46:a0:1b:a6:bc:36:d2:7e:
8c:74:6f:68:18:24:2a:1e:af:ec:6b:ed:40:ac:ba:
72:d4:4d:dc:b0:7c:60:df:ab:b4:fd:18:14:62:2e:
4f:ce:36:af:d4:d9:4c:66:f5:ab:74:dd:81:45:72:
f8:f7:6c:3c:01:4e:64:60:7c:dc:98:b5:67:5f:05:
07:fb:eb:43:30:66:84:56:c7:b1:0e:60:11:0b:e6:
14:45:c8:6e:09:74:ad:e5:59:72:d6:04:c5:f5:76:
e5:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:2D:A7:07:7A:23:21:61:6F:6E:9F:5C:78:8E:5E:CA:44:54:9C:14
X509v3 Authority Key Identifier:
keyid:F8:3C:CA:EF:9C:91:12:0E:C6:FB:14:FF:4C:4C:57:45:A0:23:9B:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-DzK75yREg7G-xT_TExXRaAjm3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/45fcd5-8812-432d-b537-76982f03ea0c/1/gi2nB3ojIWFvbp9ceI5eykRUnBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/45fcd5-8812-432d-b537-76982f03ea0c/1/1-DzK75yREg7G-xT_TExXRaAjm3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.82.0/24
91.230.134.0/24
91.230.143.0/24
91.230.147.0/24
IPv6:
2a0f:70c0:100::/48
Signature Algorithm: sha256WithRSAEncryption
31:63:86:33:1f:9f:e4:ac:d2:9d:c5:e2:d2:70:49:18:89:a5:
21:a0:67:81:1d:66:0d:5b:52:2b:9e:19:c5:c4:8b:dd:94:62:
8d:c8:24:a9:5f:03:27:8d:0f:6d:bf:4a:46:de:d8:c0:fc:a0:
53:99:88:b9:2a:06:a2:1e:7d:37:34:5c:cf:fa:1b:28:68:4b:
d1:6f:ff:e3:33:10:35:70:4c:08:66:97:db:eb:36:e0:54:a2:
ca:2d:22:b3:3b:d4:a0:d4:5e:1d:8d:60:53:f1:b3:11:a5:74:
13:92:c7:a4:8b:7c:d1:91:84:94:ee:30:57:06:bf:13:36:a6:
ba:9b:31:64:ff:3a:f6:52:db:47:53:e0:13:c6:5b:06:81:ae:
ac:e4:ae:09:05:dd:0d:41:4e:01:c8:8b:e5:8c:85:90:a6:1a:
e0:67:b7:92:42:a1:5c:ae:8c:bb:a5:0a:4a:b1:e7:5c:d0:e8:
07:0c:96:3a:50:bb:78:97:94:b7:3a:56:ea:d8:6f:57:09:71:
e2:44:68:52:1f:5c:7e:6e:52:0f:60:f0:75:a0:f1:c6:da:22:
fa:d1:cc:b9:29:8e:c3:20:7e:65:77:4f:c6:7c:2f:72:ac:55:
57:3a:53:7f:87:49:e6:2b:e2:ce:88:54:bb:6c:65:a2:fa:d5:
59:39:98:c3
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZQlIiFhKjpSt9l+8ECh+bwkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4M2NjYWVmOWM5MTEyMGVjNmZiMTRmZjRjNGM1NzQ1YTAy
MzliNzcwHhcNMjUwMTAyMDM0OTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjJkYTcwNzdhMjMyMTYxNmY2ZTlmNWM3ODhlNWVjYTQ0NTQ5YzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWptDXhrjd2AVUE31+VdQfZkp20d
3BNqUC8DrNpOvTkLnheNo41Zb41FU2ncOX7I2TGofdkGSJwoPY+MOpAESoJ0fKQx
uVGJPeFTMe1m5efpTxdfNhc4aqukEueKsevzFs83h4jQcQz7HmYBL3xRhaQiVNl7
fJ55Zg8Y4/Snficay2xw/NqHbm6NlSOdAuBd1kx5L8c8Ojyvp/+RRqAbprw20n6M
dG9oGCQqHq/sa+1ArLpy1E3csHxg36u0/RgUYi5Pzjav1NlMZvWrdN2BRXL492w8
AU5kYHzcmLVnXwUH++tDMGaEVsexDmARC+YURchuCXSt5Vly1gTF9XblzwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFIItpwd6IyFhb26fXHiOXspEVJwUMB8GA1UdIwQY
MBaAFPg8yu+ckRIOxvsU/0xMV0WgI5t3MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Eeks3NXlSRWc3Ry14VF9URXhYUmFBam0zYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmYvNDVmY2Q1LTg4MTItNDMyZC1iNTM3
LTc2OTgyZjAzZWEwYy8xL2dpMm5CM29qSVdGdmJwOWNlSTVleWtSVW5CUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmYvNDVmY2Q1LTg4MTItNDMyZC1iNTM3LTc2OTgyZjAzZWEw
Yy8xLzEtRHpLNzV5UkVnN0cteFRfVEV4WFJhQWptM2MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQgYIKwYBBQUHAQcBAf8EMzAxMB4EAgABMBgDBABb5lID
BABb5oYDBABb5o8DBABb5pMwDwQCAAIwCQMHACoPcMABADANBgkqhkiG9w0BAQsF
AAOCAQEAMWOGMx+f5KzSncXi0nBJGImlIaBngR1mDVtSK54ZxcSL3ZRijcgkqV8D
J40Pbb9KRt7YwPygU5mIuSoGoh59NzRcz/obKGhL0W//4zMQNXBMCGaX2+s24FSi
yi0iszvUoNReHY1gU/GzEaV0E5LHpIt80ZGElO4wVwa/EzamupsxZP869lLbR1Pg
E8ZbBoGurOSuCQXdDUFOAciL5YyFkKYa4Ge3kkKhXK6Mu6UKSrHnXNDoBwyWOlC7
eJeUtzpW6thvVwlx4kRoUh9cfm5SD2DwdaDxxtoi+tHMuSmOwyB+ZXdPxnwvcqxV
VzpTf4dJ5ivizohUu2xlovrVWTmYww==
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:53:07 2025 by rpki-client