Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/b75b92-f1c7-4b56-9a9f-9a2f796c9477/1/NOTlqU2dG5SZUtFWrRvKPCIYT_I.roa
File: NOTlqU2dG5SZUtFWrRvKPCIYT_I.roa (raw, json)
Hash identifier: fMBaaIac4pSZ5FYQhcUdq0rjdRPBorC9IDyKulvOrp0=
Subject key identifier: 34:E4:E5:A9:4D:9D:1B:94:99:52:D1:56:AD:1B:CA:3C:22:18:4F:F2
Certificate issuer: /CN=88d5c80b358732cf1eceecf2f5bdc8ab3dc181ae
Certificate serial: 019427B6409683C63C5B38A0CE735A45EF88
Authority key identifier: 88:D5:C8:0B:35:87:32:CF:1E:CE:EC:F2:F5:BD:C8:AB:3D:C1:81:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iNXICzWHMs8ezuzy9b3Iqz3Bga4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/b75b92-f1c7-4b56-9a9f-9a2f796c9477/1/NOTlqU2dG5SZUtFWrRvKPCIYT_I.roa
Signing time: Thu 02 Jan 2025 15:50:42 +0000
ROA not before: Thu 02 Jan 2025 15:50:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3330
IP address blocks: 91.208.80.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:40:96:83:c6:3c:5b:38:a0:ce:73:5a:45:ef:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88d5c80b358732cf1eceecf2f5bdc8ab3dc181ae
Validity
Not Before: Jan 2 15:50:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34e4e5a94d9d1b949952d156ad1bca3c22184ff2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:6f:b2:36:63:35:6b:d4:0d:67:15:74:45:c7:
30:5f:7b:31:64:a0:5a:36:85:cb:6f:13:20:2c:cd:
0f:67:f0:19:98:94:78:a7:2f:77:61:95:97:9b:b5:
77:23:07:54:de:37:46:51:a4:7a:37:40:9d:49:39:
d2:d8:d5:9d:05:b9:e6:59:b0:14:6d:03:59:58:df:
02:8d:aa:d0:23:2d:ea:a4:08:a5:b1:c6:a9:2d:eb:
31:21:e4:cd:0e:45:05:12:23:bf:f2:92:58:ac:d4:
c0:dc:95:43:97:07:a8:ed:c1:53:8a:24:33:3c:a2:
25:4b:70:44:d5:ea:5b:e3:1a:10:0b:89:bf:12:73:
70:a2:29:b9:6c:4c:24:5d:b1:1d:2f:a4:17:d6:6a:
10:ad:d6:b6:96:57:b9:63:07:44:98:9b:f3:5e:9f:
45:e7:0e:61:48:3f:2d:d0:6f:94:d1:5a:cb:b4:b6:
33:2e:82:24:df:ed:a7:ed:1f:fc:25:ba:a0:16:64:
5c:d4:9b:33:15:e8:a6:4a:7a:bc:17:a7:2a:46:24:
be:78:c8:d3:b3:23:a4:43:61:7e:ab:05:43:a2:fc:
05:aa:42:41:92:75:f3:62:4d:f9:8d:a0:73:92:7a:
63:f8:83:0e:20:08:62:ac:e2:56:8b:0b:38:15:f3:
79:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:E4:E5:A9:4D:9D:1B:94:99:52:D1:56:AD:1B:CA:3C:22:18:4F:F2
X509v3 Authority Key Identifier:
keyid:88:D5:C8:0B:35:87:32:CF:1E:CE:EC:F2:F5:BD:C8:AB:3D:C1:81:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iNXICzWHMs8ezuzy9b3Iqz3Bga4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/b75b92-f1c7-4b56-9a9f-9a2f796c9477/1/NOTlqU2dG5SZUtFWrRvKPCIYT_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/b75b92-f1c7-4b56-9a9f-9a2f796c9477/1/iNXICzWHMs8ezuzy9b3Iqz3Bga4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.80.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:57:5e:3b:36:12:1b:76:a0:b5:80:42:58:ad:90:58:56:92:
e4:fd:c1:d2:a7:75:ca:35:c7:49:2c:24:5e:be:42:6a:a2:7a:
1e:75:99:6d:c6:2f:28:3d:69:91:e6:a3:73:97:d4:97:77:ee:
13:69:3c:c7:60:81:bf:20:67:10:31:3e:b2:19:7f:9d:13:c7:
fe:14:9c:9b:c4:0a:8c:70:3a:28:18:5c:a2:1b:83:cd:0f:76:
10:f4:b7:3b:7d:2e:36:8f:10:e9:00:a1:a0:8c:ba:fd:80:59:
ad:5a:68:ba:3f:a5:3f:09:8c:ea:9e:d0:52:90:fe:df:cf:73:
56:e6:bb:d2:f8:fd:6e:cb:c7:39:97:f1:42:f4:b9:b5:c5:01:
1f:77:68:de:00:5d:a7:97:87:62:00:9f:64:7c:7e:93:36:9a:
b1:7a:9d:41:95:c4:c3:5d:0c:23:2d:7b:24:93:57:72:d9:8b:
2d:8b:ce:d8:ec:ec:c0:09:d1:e1:2e:5f:18:ff:d5:b9:42:27:
29:32:32:f9:28:cd:78:6a:c4:75:27:23:35:c5:70:8c:86:17:
0d:0d:ba:d5:87:4f:e4:55:97:85:af:77:c8:92:58:67:0f:ad:
51:cd:b8:ab:7e:38:6f:28:00:36:af:28:a8:4b:8b:88:0c:12:
21:cd:c7:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntkCWg8Y8WzigznNaRe+IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZDVjODBiMzU4NzMyY2YxZWNlZWNmMmY1YmRjOGFiM2Rj
MTgxYWUwHhcNMjUwMTAyMTU1MDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGU0ZTVhOTRkOWQxYjk0OTk1MmQxNTZhZDFiY2EzYzIyMTg0ZmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhG+yNmM1a9QNZxV0RccwX3sxZKBa
NoXLbxMgLM0PZ/AZmJR4py93YZWXm7V3IwdU3jdGUaR6N0CdSTnS2NWdBbnmWbAU
bQNZWN8CjarQIy3qpAilscapLesxIeTNDkUFEiO/8pJYrNTA3JVDlweo7cFTiiQz
PKIlS3BE1epb4xoQC4m/EnNwoim5bEwkXbEdL6QX1moQrda2lle5YwdEmJvzXp9F
5w5hSD8t0G+U0VrLtLYzLoIk3+2n7R/8JbqgFmRc1JszFeimSnq8F6cqRiS+eMjT
syOkQ2F+qwVDovwFqkJBknXzYk35jaBzknpj+IMOIAhirOJWiws4FfN5uwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDTk5alNnRuUmVLRVq0byjwiGE/yMB8GA1UdIwQY
MBaAFIjVyAs1hzLPHs7s8vW9yKs9wYGuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaU5YSUN6V0hNczhlenV6eTliM0lxejNCZ2E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9iNzViOTItZjFjNy00YjU2LTlhOWYt
OWEyZjc5NmM5NDc3LzEvTk9UbHFVMmRHNVNaVXRGV3JSdktQQ0lZVF9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9iNzViOTItZjFjNy00YjU2LTlhOWYtOWEyZjc5NmM5NDc3
LzEvaU5YSUN6V0hNczhlenV6eTliM0lxejNCZ2E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9BQMA0G
CSqGSIb3DQEBCwUAA4IBAQB9V147NhIbdqC1gEJYrZBYVpLk/cHSp3XKNcdJLCRe
vkJqonoedZltxi8oPWmR5qNzl9SXd+4TaTzHYIG/IGcQMT6yGX+dE8f+FJybxAqM
cDooGFyiG4PND3YQ9Lc7fS42jxDpAKGgjLr9gFmtWmi6P6U/CYzqntBSkP7fz3NW
5rvS+P1uy8c5l/FC9Lm1xQEfd2jeAF2nl4diAJ9kfH6TNpqxep1BlcTDXQwjLXsk
k1dy2Ysti87Y7OzACdHhLl8Y/9W5QicpMjL5KM14asR1JyM1xXCMhhcNDbrVh0/k
VZeFr3fIklhnD61RzbirfjhvKAA2ryioS4uIDBIhzcdD
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:28:39 2025 by rpki-client