Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/9c091b-f879-43f7-9020-f5b94959c9f7/1/cl3GADBIa5-t9wHD_fNk8JDv5PM.roa
File: cl3GADBIa5-t9wHD_fNk8JDv5PM.roa (raw, json)
Hash identifier: H9R6zlOL/gViduYKRIYyM+avR4L6nr/tioY61On5qcw=
Subject key identifier: 72:5D:C6:00:30:48:6B:9F:AD:F7:01:C3:FD:F3:64:F0:90:EF:E4:F3
Certificate issuer: /CN=d2b11159b72d4015ed867b42b784381e5d955a8f
Certificate serial: 01942823B0DC8702693601056E8B048012C8
Authority key identifier: D2:B1:11:59:B7:2D:40:15:ED:86:7B:42:B7:84:38:1E:5D:95:5A:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0rERWbctQBXthntCt4Q4Hl2VWo8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/9c091b-f879-43f7-9020-f5b94959c9f7/1/cl3GADBIa5-t9wHD_fNk8JDv5PM.roa
Signing time: Thu 02 Jan 2025 17:50:15 +0000
ROA not before: Thu 02 Jan 2025 17:50:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60396
IP address blocks: 91.209.0.0/24 maxlen: 24
2001:67c:2e74::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:b0:dc:87:02:69:36:01:05:6e:8b:04:80:12:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2b11159b72d4015ed867b42b784381e5d955a8f
Validity
Not Before: Jan 2 17:50:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=725dc60030486b9fadf701c3fdf364f090efe4f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a0:f1:14:26:f0:16:23:b8:d3:ae:9f:e8:f9:
32:1a:b4:1d:f3:4d:81:54:0b:94:2b:63:d2:d5:24:
06:fa:01:6d:29:9a:fe:7b:72:63:37:10:39:21:a4:
51:ed:29:1f:90:1a:d9:a4:75:f6:a5:4d:b1:5f:7f:
26:27:7e:45:5c:d5:98:e1:a2:af:cb:ea:0f:5e:7b:
b3:31:6d:e2:e3:52:2c:77:07:f5:ac:af:65:e6:9c:
12:fa:70:40:6e:09:98:f6:b0:24:fb:4e:19:2c:4b:
4c:62:6e:f4:c2:e8:59:1e:8c:85:b3:d0:69:1f:98:
7e:d9:9d:95:b5:27:ac:8c:11:71:1b:f6:0f:f2:42:
8c:56:9f:8a:6b:ad:f8:c0:ea:a0:96:0b:92:30:8f:
dd:0a:17:7d:00:48:2d:67:3b:3c:07:a9:5b:13:34:
38:66:fa:c6:9c:26:79:f0:18:fe:f5:7c:72:98:70:
07:6a:eb:b8:fb:2f:1e:1d:43:e0:cc:88:e4:e8:57:
1f:5f:4b:cc:e8:d8:23:c8:b9:02:7c:e2:9a:ed:4f:
fa:58:68:cb:2a:78:b9:f8:50:47:b3:ac:e8:c3:7a:
a6:e7:8c:83:5e:ae:c8:5b:e9:0c:c9:d3:ff:85:7a:
67:59:cf:f4:af:e5:30:ad:01:bc:2d:2c:b2:1a:e9:
59:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:5D:C6:00:30:48:6B:9F:AD:F7:01:C3:FD:F3:64:F0:90:EF:E4:F3
X509v3 Authority Key Identifier:
keyid:D2:B1:11:59:B7:2D:40:15:ED:86:7B:42:B7:84:38:1E:5D:95:5A:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0rERWbctQBXthntCt4Q4Hl2VWo8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/9c091b-f879-43f7-9020-f5b94959c9f7/1/cl3GADBIa5-t9wHD_fNk8JDv5PM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/9c091b-f879-43f7-9020-f5b94959c9f7/1/0rERWbctQBXthntCt4Q4Hl2VWo8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.0.0/24
IPv6:
2001:67c:2e74::/48
Signature Algorithm: sha256WithRSAEncryption
16:e1:ba:94:5c:27:71:9e:79:01:17:bd:de:ed:a5:26:1e:f7:
5e:02:94:61:4b:8d:a9:4e:69:3f:2e:99:db:c2:5b:7a:b3:5c:
a7:79:df:72:84:c2:e7:83:0a:7c:4e:89:55:50:13:6f:a6:0f:
3a:7f:93:fd:6a:b1:7a:ad:fe:e6:7f:61:c2:53:dc:36:ab:46:
12:43:77:94:82:a6:15:54:70:2f:f1:05:46:6c:7d:17:25:d0:
5f:de:fa:f8:4a:a0:ae:f6:c6:0d:84:52:2e:68:14:ea:4d:86:
18:4b:09:d1:23:ba:13:08:8b:aa:96:68:b9:0a:a3:94:09:c3:
ad:23:07:8b:a4:31:7e:0e:77:32:84:10:29:2e:65:5d:8c:a0:
29:eb:d0:68:1a:58:a2:c6:7c:fb:38:d4:56:f0:3c:48:f7:9d:
b5:91:08:17:97:e7:2c:7f:72:f3:65:89:8d:f7:1d:3f:92:52:
2f:d8:4d:00:b8:ba:60:0f:c0:79:ef:71:95:e6:ff:57:72:94:
8d:e9:41:1a:21:70:83:ed:a6:70:1d:30:9c:1d:79:6e:3f:2c:
ce:8b:37:73:80:a7:34:c9:16:90:29:13:e8:e1:eb:35:87:f6:
bc:7f:b8:91:14:81:78:59:12:f6:f8:d6:64:b3:34:54:a7:9d:
46:01:38:14
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQoI7DchwJpNgEFbosEgBLIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYjExMTU5YjcyZDQwMTVlZDg2N2I0MmI3ODQzODFlNWQ5
NTVhOGYwHhcNMjUwMTAyMTc1MDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjVkYzYwMDMwNDg2YjlmYWRmNzAxYzNmZGYzNjRmMDkwZWZlNGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKDxFCbwFiO4066f6PkyGrQd802B
VAuUK2PS1SQG+gFtKZr+e3JjNxA5IaRR7SkfkBrZpHX2pU2xX38mJ35FXNWY4aKv
y+oPXnuzMW3i41Isdwf1rK9l5pwS+nBAbgmY9rAk+04ZLEtMYm70wuhZHoyFs9Bp
H5h+2Z2VtSesjBFxG/YP8kKMVp+Ka634wOqglguSMI/dChd9AEgtZzs8B6lbEzQ4
ZvrGnCZ58Bj+9XxymHAHauu4+y8eHUPgzIjk6FcfX0vM6NgjyLkCfOKa7U/6WGjL
Kni5+FBHs6zow3qm54yDXq7IW+kMydP/hXpnWc/0r+UwrQG8LSyyGulZtwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHJdxgAwSGufrfcBw/3zZPCQ7+TzMB8GA1UdIwQY
MBaAFNKxEVm3LUAV7YZ7QreEOB5dlVqPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHJFUldiY3RRQlh0aG50Q3Q0UTRIbDJWV284LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy85YzA5MWItZjg3OS00M2Y3LTkwMjAt
ZjViOTQ5NTljOWY3LzEvY2wzR0FEQklhNS10OXdIRF9mTms4SkR2NVBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy85YzA5MWItZjg3OS00M2Y3LTkwMjAtZjViOTQ5NTljOWY3
LzEvMHJFUldiY3RRQlh0aG50Q3Q0UTRIbDJWV284LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9EAMA8E
AgACMAkDBwAgAQZ8LnQwDQYJKoZIhvcNAQELBQADggEBABbhupRcJ3GeeQEXvd7t
pSYe914ClGFLjalOaT8umdvCW3qzXKd533KEwueDCnxOiVVQE2+mDzp/k/1qsXqt
/uZ/YcJT3DarRhJDd5SCphVUcC/xBUZsfRcl0F/e+vhKoK72xg2EUi5oFOpNhhhL
CdEjuhMIi6qWaLkKo5QJw60jB4ukMX4OdzKEECkuZV2MoCnr0GgaWKLGfPs41Fbw
PEj3nbWRCBeX5yx/cvNliY33HT+SUi/YTQC4umAPwHnvcZXm/1dylI3pQRohcIPt
pnAdMJwdeW4/LM6LN3OApzTJFpApE+jh6zWH9rx/uJEUgXhZEvb41mSzNFSnnUYB
OBQ=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:25:44 2025 by rpki-client