Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/52d0fe-cc6e-41d9-9643-c5d360fcdf0e/1/PFeNJh8bIvJJwrVhFdjbJ_6nA0g.roa
File: PFeNJh8bIvJJwrVhFdjbJ_6nA0g.roa (raw, json)
Hash identifier: W4rdrOFBoEPSrsA/68rwM1dn+xMkx/R5IFg9Z22sqH4=
Subject key identifier: 3C:57:8D:26:1F:1B:22:F2:49:C2:B5:61:15:D8:DB:27:FE:A7:03:48
Certificate issuer: /CN=a7f66522f403d8c994a484682870799417ce1e81
Certificate serial: 019422FC3A662DE98F17CB49AA792364AEBD
Authority key identifier: A7:F6:65:22:F4:03:D8:C9:94:A4:84:68:28:70:79:94:17:CE:1E:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_ZlIvQD2MmUpIRoKHB5lBfOHoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/52d0fe-cc6e-41d9-9643-c5d360fcdf0e/1/PFeNJh8bIvJJwrVhFdjbJ_6nA0g.roa
Signing time: Wed 01 Jan 2025 17:49:02 +0000
ROA not before: Wed 01 Jan 2025 17:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43905
IP address blocks: 185.89.91.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:3a:66:2d:e9:8f:17:cb:49:aa:79:23:64:ae:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7f66522f403d8c994a484682870799417ce1e81
Validity
Not Before: Jan 1 17:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c578d261f1b22f249c2b56115d8db27fea70348
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:68:97:f2:c2:04:51:3f:9b:21:d3:11:55:1f:
8b:f0:59:c0:51:18:67:62:21:1c:d5:a5:44:0d:de:
da:17:27:a4:bc:bc:a4:30:a9:4d:c1:49:23:86:5b:
b0:d5:39:ad:0e:11:42:05:7b:97:7f:6a:94:8b:84:
25:b4:ea:99:5a:32:a5:de:e6:49:8f:19:97:e2:54:
1b:aa:35:e9:eb:dc:ac:89:2b:7b:e9:d0:09:9f:6c:
ec:4e:c7:60:3f:76:fe:1e:56:3d:c6:7a:53:20:4c:
d8:82:33:1e:66:72:21:31:7b:b3:ec:59:a9:03:60:
95:26:89:cb:46:84:71:bb:7c:fb:b9:65:fd:97:89:
14:31:b3:5d:9b:ce:18:aa:de:15:0b:b4:74:ba:59:
ea:b4:35:a9:0c:9e:f2:23:f3:9c:f1:88:38:19:b3:
43:c3:71:b6:6e:28:55:e9:6c:1b:4b:7f:bf:2e:13:
c9:86:21:8f:62:5d:c3:ab:b5:26:e0:3c:21:23:0c:
cb:fc:cd:13:33:01:76:30:c8:2c:31:3c:57:9d:6e:
14:e7:d9:6f:10:1e:0c:6e:87:20:5f:c8:83:32:91:
8e:3b:37:a0:0f:4b:32:b2:75:6a:c0:bd:e2:a8:8f:
5a:03:ac:bf:38:93:39:01:59:55:23:5b:61:56:57:
55:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:57:8D:26:1F:1B:22:F2:49:C2:B5:61:15:D8:DB:27:FE:A7:03:48
X509v3 Authority Key Identifier:
keyid:A7:F6:65:22:F4:03:D8:C9:94:A4:84:68:28:70:79:94:17:CE:1E:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_ZlIvQD2MmUpIRoKHB5lBfOHoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/52d0fe-cc6e-41d9-9643-c5d360fcdf0e/1/PFeNJh8bIvJJwrVhFdjbJ_6nA0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/52d0fe-cc6e-41d9-9643-c5d360fcdf0e/1/p_ZlIvQD2MmUpIRoKHB5lBfOHoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.91.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:c4:be:bb:16:d8:35:01:43:53:36:38:94:cf:a3:b4:d9:e9:
e5:18:9e:6c:d5:32:c9:20:78:74:06:ad:de:1d:75:c6:b2:ee:
52:96:54:fb:d2:bf:55:b6:1b:5a:a2:ab:c4:15:04:97:10:de:
83:44:42:e2:a4:1d:24:6e:08:5d:2d:16:66:fb:35:13:b0:3b:
48:8f:42:a1:bb:5f:6d:cf:f8:e5:9d:e1:7d:40:41:56:15:7d:
4a:ab:32:9d:dd:48:6d:73:9e:48:a8:b4:73:f6:97:70:42:e2:
b3:79:ef:70:1d:21:55:ce:7a:8f:34:6f:01:e6:a8:f2:08:de:
b0:77:59:18:d2:64:d3:73:33:36:79:91:65:32:c2:47:c7:98:
04:b3:28:ee:f9:c8:e7:8d:50:4f:e2:57:33:5c:20:91:1f:85:
33:06:ee:5b:00:2e:44:12:cf:2e:5c:6f:53:1b:74:f5:cd:06:
15:6d:4a:c8:2f:8b:35:ce:84:ae:b3:97:64:67:f3:9c:2f:3f:
3b:42:a5:b5:b1:64:ab:fa:9d:67:11:42:10:7a:39:fe:d2:f9:
91:a3:ba:6b:1b:e4:93:2c:f5:c6:8e:1d:18:2e:41:33:d7:d6:
2d:67:a9:2f:17:09:0c:55:4a:33:e3:ee:ca:0a:39:a6:74:c6:
fe:02:13:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/DpmLemPF8tJqnkjZK69MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZjY2NTIyZjQwM2Q4Yzk5NGE0ODQ2ODI4NzA3OTk0MTdj
ZTFlODEwHhcNMjUwMTAxMTc0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzU3OGQyNjFmMWIyMmYyNDljMmI1NjExNWQ4ZGIyN2ZlYTcwMzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGiX8sIEUT+bIdMRVR+L8FnAURhn
YiEc1aVEDd7aFyekvLykMKlNwUkjhluw1TmtDhFCBXuXf2qUi4QltOqZWjKl3uZJ
jxmX4lQbqjXp69ysiSt76dAJn2zsTsdgP3b+HlY9xnpTIEzYgjMeZnIhMXuz7Fmp
A2CVJonLRoRxu3z7uWX9l4kUMbNdm84Yqt4VC7R0ulnqtDWpDJ7yI/Oc8Yg4GbND
w3G2bihV6WwbS3+/LhPJhiGPYl3Dq7Um4DwhIwzL/M0TMwF2MMgsMTxXnW4U59lv
EB4MbocgX8iDMpGOOzegD0sysnVqwL3iqI9aA6y/OJM5AVlVI1thVldV2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDxXjSYfGyLyScK1YRXY2yf+pwNIMB8GA1UdIwQY
MBaAFKf2ZSL0A9jJlKSEaChweZQXzh6BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF9abEl2UUQyTW1VcElSb0tIQjVsQmZPSG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81MmQwZmUtY2M2ZS00MWQ5LTk2NDMt
YzVkMzYwZmNkZjBlLzEvUEZlTkpoOGJJdkpKd3JWaEZkamJKXzZuQTBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81MmQwZmUtY2M2ZS00MWQ5LTk2NDMtYzVkMzYwZmNkZjBl
LzEvcF9abEl2UUQyTW1VcElSb0tIQjVsQmZPSG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVlbMA0G
CSqGSIb3DQEBCwUAA4IBAQBLxL67Ftg1AUNTNjiUz6O02enlGJ5s1TLJIHh0Bq3e
HXXGsu5SllT70r9VthtaoqvEFQSXEN6DRELipB0kbghdLRZm+zUTsDtIj0Khu19t
z/jlneF9QEFWFX1KqzKd3Uhtc55IqLRz9pdwQuKzee9wHSFVznqPNG8B5qjyCN6w
d1kY0mTTczM2eZFlMsJHx5gEsyju+cjnjVBP4lczXCCRH4UzBu5bAC5EEs8uXG9T
G3T1zQYVbUrIL4s1zoSus5dkZ/OcLz87QqW1sWSr+p1nEUIQejn+0vmRo7prG+ST
LPXGjh0YLkEz19YtZ6kvFwkMVUoz4+7KCjmmdMb+AhNb
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:53:48 2025 by rpki-client