Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/c23b96-aeb4-4934-a550-4db984e1c831/1/B0Hd0utXPhNTqlbRxXDwmF9KHjs.roa
File: B0Hd0utXPhNTqlbRxXDwmF9KHjs.roa (raw, json)
Hash identifier: 1ceb7F8O/NW3RMAYN486oZsriG91e3FFu7flF4b5QpM=
Subject key identifier: 07:41:DD:D2:EB:57:3E:13:53:AA:56:D1:C5:70:F0:98:5F:4A:1E:3B
Certificate issuer: /CN=02324e6aa588329eac7a938fb9878d132f2a85af
Certificate serial: 0194266B2B3DC8A783E4E0CEA3F754FE521D
Authority key identifier: 02:32:4E:6A:A5:88:32:9E:AC:7A:93:8F:B9:87:8D:13:2F:2A:85:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AjJOaqWIMp6sepOPuYeNEy8qha8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/c23b96-aeb4-4934-a550-4db984e1c831/1/B0Hd0utXPhNTqlbRxXDwmF9KHjs.roa
Signing time: Thu 02 Jan 2025 09:49:05 +0000
ROA not before: Thu 02 Jan 2025 09:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41249
IP address blocks: 91.227.128.0/24 maxlen: 24
91.227.129.0/24 maxlen: 24
2001:67c:2260::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:2b:3d:c8:a7:83:e4:e0:ce:a3:f7:54:fe:52:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02324e6aa588329eac7a938fb9878d132f2a85af
Validity
Not Before: Jan 2 09:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0741ddd2eb573e1353aa56d1c570f0985f4a1e3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f3:6c:dc:25:e4:93:64:0e:a0:1d:14:e2:1a:
83:1f:d6:85:16:f6:53:01:f5:13:a9:2c:85:83:57:
6f:c5:28:55:7c:d4:6b:3a:15:e1:be:20:5e:e7:36:
21:b9:3e:e2:2b:7d:1e:9e:af:25:a4:3f:b4:79:7c:
da:ba:c7:b9:59:2c:18:f0:fc:2b:25:6e:21:12:ef:
c0:0f:78:77:a6:5e:46:f6:e3:0b:e7:67:50:95:48:
fc:02:82:02:b8:76:20:57:5f:41:b2:c3:c1:4a:e1:
af:e4:84:ae:a8:cc:3e:65:da:86:16:4b:f6:ad:7b:
85:d8:c9:5d:92:90:cc:4f:56:cc:3c:5b:ae:73:69:
34:40:0a:3a:7b:10:41:04:4d:dd:ad:c8:2e:dd:b2:
3d:71:bb:c1:cd:ce:be:0f:e4:ff:2e:87:0c:b2:24:
f4:20:53:58:e6:8d:aa:04:79:0a:bd:8b:af:a2:80:
b5:7b:fb:83:0e:63:3b:7d:28:ed:21:dc:18:31:aa:
d7:9d:f4:36:48:fb:13:db:d2:e1:19:8c:e1:b0:a7:
e8:3d:17:6f:9c:0c:d0:d6:73:d2:82:78:3f:f0:15:
eb:ee:f0:a9:28:44:72:83:58:40:26:8b:bd:5f:8c:
b2:d5:3e:4e:e5:16:e8:7f:c2:56:41:fd:ac:aa:72:
d7:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:41:DD:D2:EB:57:3E:13:53:AA:56:D1:C5:70:F0:98:5F:4A:1E:3B
X509v3 Authority Key Identifier:
keyid:02:32:4E:6A:A5:88:32:9E:AC:7A:93:8F:B9:87:8D:13:2F:2A:85:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AjJOaqWIMp6sepOPuYeNEy8qha8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/c23b96-aeb4-4934-a550-4db984e1c831/1/B0Hd0utXPhNTqlbRxXDwmF9KHjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/c23b96-aeb4-4934-a550-4db984e1c831/1/AjJOaqWIMp6sepOPuYeNEy8qha8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.128.0/23
IPv6:
2001:67c:2260::/48
Signature Algorithm: sha256WithRSAEncryption
4a:22:25:7b:46:29:10:91:3b:91:a0:2b:ed:46:03:de:fc:26:
8b:36:1d:f9:73:b2:8d:7d:e4:6c:d2:7f:43:5f:09:b1:5d:e7:
74:23:b2:de:39:8f:da:88:c3:de:d2:e8:12:99:a9:74:10:94:
c9:97:3f:3d:eb:d4:21:96:39:49:7a:87:6a:55:07:3c:fc:06:
fc:b9:a7:79:f5:b0:56:36:e7:42:00:e1:4e:78:b8:62:c7:b0:
aa:39:ab:f2:0b:d7:2b:0a:f5:d9:f3:41:83:e4:6b:c0:63:71:
cc:49:6f:7c:5c:84:e9:ec:32:a8:c2:e9:09:f2:61:03:3d:a2:
3b:14:1f:43:7a:2f:60:65:69:81:15:18:ae:dd:0c:27:61:8d:
66:b7:d8:83:f7:94:f2:53:43:94:08:41:f5:9e:ae:dc:88:b0:
69:39:b4:00:22:f4:aa:b5:d0:1b:10:be:ca:cf:6c:e3:28:4e:
9f:96:e3:69:55:0c:e3:eb:ed:ac:cc:ab:70:01:f8:3e:d5:7a:
3d:dc:d5:bb:c6:20:fe:73:48:9e:df:f8:b9:c2:22:d6:79:7f:
bd:63:cc:9c:77:8a:7f:30:4d:77:98:21:02:85:cf:98:4c:34:
ee:3c:56:b8:cf:ac:0e:f1:b3:ca:32:b0:92:e1:bd:8e:f2:42:
6f:11:62:9f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQmays9yKeD5ODOo/dU/lIdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMzI0ZTZhYTU4ODMyOWVhYzdhOTM4ZmI5ODc4ZDEzMmYy
YTg1YWYwHhcNMjUwMTAyMDk0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzQxZGRkMmViNTczZTEzNTNhYTU2ZDFjNTcwZjA5ODVmNGExZTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/Ns3CXkk2QOoB0U4hqDH9aFFvZT
AfUTqSyFg1dvxShVfNRrOhXhviBe5zYhuT7iK30enq8lpD+0eXzause5WSwY8Pwr
JW4hEu/AD3h3pl5G9uML52dQlUj8AoICuHYgV19BssPBSuGv5ISuqMw+ZdqGFkv2
rXuF2MldkpDMT1bMPFuuc2k0QAo6exBBBE3drcgu3bI9cbvBzc6+D+T/LocMsiT0
IFNY5o2qBHkKvYuvooC1e/uDDmM7fSjtIdwYMarXnfQ2SPsT29LhGYzhsKfoPRdv
nAzQ1nPSgng/8BXr7vCpKERyg1hAJou9X4yy1T5O5Rbof8JWQf2sqnLXJwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAdB3dLrVz4TU6pW0cVw8JhfSh47MB8GA1UdIwQY
MBaAFAIyTmqliDKerHqTj7mHjRMvKoWvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWpKT2FxV0lNcDZzZXBPUHVZZU5FeThxaGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9jMjNiOTYtYWViNC00OTM0LWE1NTAt
NGRiOTg0ZTFjODMxLzEvQjBIZDB1dFhQaE5UcWxiUnhYRHdtRjlLSGpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9jMjNiOTYtYWViNC00OTM0LWE1NTAtNGRiOTg0ZTFjODMx
LzEvQWpKT2FxV0lNcDZzZXBPUHVZZU5FeThxaGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW+OAMA8E
AgACMAkDBwAgAQZ8ImAwDQYJKoZIhvcNAQELBQADggEBAEoiJXtGKRCRO5GgK+1G
A978Jos2Hflzso195GzSf0NfCbFd53Qjst45j9qIw97S6BKZqXQQlMmXPz3r1CGW
OUl6h2pVBzz8Bvy5p3n1sFY250IA4U54uGLHsKo5q/IL1ysK9dnzQYPka8BjccxJ
b3xchOnsMqjC6QnyYQM9ojsUH0N6L2BlaYEVGK7dDCdhjWa32IP3lPJTQ5QIQfWe
rtyIsGk5tAAi9Kq10BsQvsrPbOMoTp+W42lVDOPr7azMq3AB+D7Vej3c1bvGIP5z
SJ7f+LnCItZ5f71jzJx3in8wTXeYIQKFz5hMNO48VrjPrA7xs8oysJLhvY7yQm8R
Yp8=
-----END CERTIFICATE-----
Generated at Fri Apr 25 19:58:36 2025 by rpki-client