Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/f09a7f-5761-45a7-9ccb-1f3ed6d881b8/1/5_9mocxdNZ9MQ0g3lwcXXvM4yBI.roa
File: 5_9mocxdNZ9MQ0g3lwcXXvM4yBI.roa (raw, json)
Hash identifier: QFa9yzo72h2sHM5VVVFbluHjiQ4dadLFT4v/+o9O32g=
Subject key identifier: E7:FF:66:A1:CC:5D:35:9F:4C:43:48:37:97:07:17:5E:F3:38:C8:12
Certificate issuer: /CN=9520bf8c77226a3fa88ebe11cc8f1169cc560a79
Certificate serial: 019421B1B87BEAF27036C7E2E1F402A5204D
Authority key identifier: 95:20:BF:8C:77:22:6A:3F:A8:8E:BE:11:CC:8F:11:69:CC:56:0A:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lSC_jHciaj-ojr4RzI8RacxWCnk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/f09a7f-5761-45a7-9ccb-1f3ed6d881b8/1/5_9mocxdNZ9MQ0g3lwcXXvM4yBI.roa
Signing time: Wed 01 Jan 2025 11:48:02 +0000
ROA not before: Wed 01 Jan 2025 11:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57265
IP address blocks: 91.216.41.0/24 maxlen: 24
2001:678:71c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:b8:7b:ea:f2:70:36:c7:e2:e1:f4:02:a5:20:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9520bf8c77226a3fa88ebe11cc8f1169cc560a79
Validity
Not Before: Jan 1 11:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7ff66a1cc5d359f4c4348379707175ef338c812
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:8d:f2:0b:48:e7:86:4b:ed:39:d3:13:eb:1a:
fe:74:de:f6:0d:81:7e:c1:e3:28:98:60:d1:81:79:
df:04:6a:aa:65:a9:a9:b1:de:f6:d7:d8:db:4d:b6:
4c:ca:e4:21:11:60:8d:02:92:4a:5a:93:1f:17:ae:
72:d9:5f:6a:a3:4d:38:f4:49:0a:da:7d:54:61:91:
93:21:a5:5d:43:5a:f7:91:46:ab:97:14:92:1b:55:
7b:b9:11:32:4b:ee:65:c3:94:bc:67:11:9d:f3:c8:
e7:09:5f:cb:d4:1f:e4:b3:79:b5:0f:58:78:4f:f2:
dc:5d:35:03:40:ff:2b:51:26:18:81:41:5b:49:b1:
9b:f7:04:db:61:fb:a7:eb:1e:f4:1c:f0:34:2b:ce:
01:d2:3e:bf:66:5b:35:42:20:29:05:cc:ff:83:49:
4d:bc:b1:7a:e9:3e:0a:5b:26:bc:a6:90:79:68:df:
67:33:f8:21:9f:eb:74:25:64:b3:f8:ee:b2:d2:bf:
29:32:f4:4e:1a:9d:7f:0d:0c:4d:24:fa:7e:eb:e1:
db:83:56:5d:03:63:cb:d6:73:c6:69:6e:de:e8:25:
52:8c:28:7f:bf:3d:1f:07:a2:64:96:5b:fb:93:15:
5e:46:f4:26:62:7e:83:29:92:6d:06:87:2b:07:5a:
61:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:FF:66:A1:CC:5D:35:9F:4C:43:48:37:97:07:17:5E:F3:38:C8:12
X509v3 Authority Key Identifier:
keyid:95:20:BF:8C:77:22:6A:3F:A8:8E:BE:11:CC:8F:11:69:CC:56:0A:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lSC_jHciaj-ojr4RzI8RacxWCnk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/f09a7f-5761-45a7-9ccb-1f3ed6d881b8/1/5_9mocxdNZ9MQ0g3lwcXXvM4yBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/f09a7f-5761-45a7-9ccb-1f3ed6d881b8/1/lSC_jHciaj-ojr4RzI8RacxWCnk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.41.0/24
IPv6:
2001:678:71c::/48
Signature Algorithm: sha256WithRSAEncryption
80:f6:ba:a6:1c:16:0b:a4:0d:7d:b9:32:30:ae:04:1e:4e:d0:
82:bf:88:97:ec:bd:55:d6:59:f1:f8:45:5c:99:52:26:f9:b4:
5f:bd:b8:b4:b4:03:74:6c:56:37:97:59:52:6d:0b:b8:f5:ba:
6d:3f:bc:5f:90:b6:59:5d:94:e5:b8:19:c1:c6:20:22:f8:96:
70:2a:6b:6f:0e:db:1c:35:0e:7c:f2:5a:44:04:58:9c:a3:b4:
06:c6:82:c9:2e:df:c1:46:5e:69:32:bf:cd:6d:eb:2d:ed:e6:
e4:65:3c:99:1e:71:7f:41:b2:5d:9b:f1:d8:f4:2a:73:ee:58:
12:1e:5e:19:fa:f1:d7:47:f6:f2:d9:65:c9:9b:67:07:08:03:
f8:94:51:53:65:dc:ed:5e:60:76:a5:8c:a8:1e:c4:2d:a1:48:
a3:2f:74:d1:e2:31:e3:fc:c7:7b:da:89:7e:9d:7e:a1:9e:c5:
50:77:7e:89:02:19:d1:1b:a0:14:88:ef:68:e1:09:31:c8:78:
2b:d6:05:2d:16:40:23:86:9b:39:8b:56:37:8e:71:d6:d7:92:
0a:73:c6:a9:39:29:06:cb:b3:91:cd:51:30:aa:d3:a6:fb:d3:
f2:c2:dd:dc:d2:b6:c6:f3:28:8a:cd:61:f3:8d:39:14:0a:75:
68:60:af:0b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQhsbh76vJwNsfi4fQCpSBNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MjBiZjhjNzcyMjZhM2ZhODhlYmUxMWNjOGYxMTY5Y2M1
NjBhNzkwHhcNMjUwMTAxMTE0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2ZmNjZhMWNjNWQzNTlmNGM0MzQ4Mzc5NzA3MTc1ZWYzMzhjODEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApY3yC0jnhkvtOdMT6xr+dN72DYF+
weMomGDRgXnfBGqqZampsd7219jbTbZMyuQhEWCNApJKWpMfF65y2V9qo0049EkK
2n1UYZGTIaVdQ1r3kUarlxSSG1V7uREyS+5lw5S8ZxGd88jnCV/L1B/ks3m1D1h4
T/LcXTUDQP8rUSYYgUFbSbGb9wTbYfun6x70HPA0K84B0j6/Zls1QiApBcz/g0lN
vLF66T4KWya8ppB5aN9nM/ghn+t0JWSz+O6y0r8pMvROGp1/DQxNJPp+6+Hbg1Zd
A2PL1nPGaW7e6CVSjCh/vz0fB6Jkllv7kxVeRvQmYn6DKZJtBocrB1phTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOf/ZqHMXTWfTENIN5cHF17zOMgSMB8GA1UdIwQY
MBaAFJUgv4x3Imo/qI6+EcyPEWnMVgp5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFNDX2pIY2lhai1vanI0UnpJOFJhY3hXQ25rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9mMDlhN2YtNTc2MS00NWE3LTljY2It
MWYzZWQ2ZDg4MWI4LzEvNV85bW9jeGROWjlNUTBnM2x3Y1hYdk00eUJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9mMDlhN2YtNTc2MS00NWE3LTljY2ItMWYzZWQ2ZDg4MWI4
LzEvbFNDX2pIY2lhai1vanI0UnpJOFJhY3hXQ25rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9gpMA8E
AgACMAkDBwAgAQZ4BxwwDQYJKoZIhvcNAQELBQADggEBAID2uqYcFgukDX25MjCu
BB5O0IK/iJfsvVXWWfH4RVyZUib5tF+9uLS0A3RsVjeXWVJtC7j1um0/vF+Qtlld
lOW4GcHGICL4lnAqa28O2xw1DnzyWkQEWJyjtAbGgsku38FGXmkyv81t6y3t5uRl
PJkecX9Bsl2b8dj0KnPuWBIeXhn68ddH9vLZZcmbZwcIA/iUUVNl3O1eYHaljKge
xC2hSKMvdNHiMeP8x3vaiX6dfqGexVB3fokCGdEboBSI72jhCTHIeCvWBS0WQCOG
mzmLVjeOcdbXkgpzxqk5KQbLs5HNUTCq06b70/LC3dzStsbzKIrNYfONORQKdWhg
rws=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:18:14 2025 by rpki-client