Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/9f79f9-3fde-45b5-9203-4f7f263cfaa0/1/1-2_B9Ogc8_x7nBs1jdqDYo3SFDQ.roa
File: 1-2_B9Ogc8_x7nBs1jdqDYo3SFDQ.roa (raw, json)
Hash identifier: ZY8ZMErSrWlcbHGhfdUXbnzcBBOjC4a82DQaY7L6wwY=
Subject key identifier: FB:6F:C1:F4:E8:1C:F3:FC:7B:9C:1B:35:8D:DA:83:62:8D:D2:14:34
Certificate issuer: /CN=21ae8e675e2ed20095983cbb72084f9740281b74
Certificate serial: 019421438EE05C98446961BE6D916CD9B911
Authority key identifier: 21:AE:8E:67:5E:2E:D2:00:95:98:3C:BB:72:08:4F:97:40:28:1B:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ia6OZ14u0gCVmDy7cghPl0AoG3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/9f79f9-3fde-45b5-9203-4f7f263cfaa0/1/1-2_B9Ogc8_x7nBs1jdqDYo3SFDQ.roa
Signing time: Wed 01 Jan 2025 09:47:43 +0000
ROA not before: Wed 01 Jan 2025 09:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21245
IP address blocks: 91.208.32.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:8e:e0:5c:98:44:69:61:be:6d:91:6c:d9:b9:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21ae8e675e2ed20095983cbb72084f9740281b74
Validity
Not Before: Jan 1 09:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fb6fc1f4e81cf3fc7b9c1b358dda83628dd21434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:cd:2b:0b:97:7f:77:8b:51:74:fe:c0:ec:19:
fb:7d:89:b3:d6:0d:dc:d6:c3:de:83:4b:7a:66:90:
e1:2e:0e:47:d0:07:70:34:0a:ed:f6:d6:15:40:9f:
53:d5:9e:c4:a8:12:50:3f:0c:41:14:12:f0:d2:68:
cd:cb:04:0f:c4:05:bb:64:79:2a:d7:18:49:d2:f2:
3a:a2:83:da:48:98:99:cb:b8:94:02:0b:ce:11:d3:
d1:0b:a5:6c:d5:29:ee:20:25:01:1f:fa:ee:ad:67:
5a:bc:da:5e:d1:37:61:c0:d7:a4:03:fb:2b:19:28:
d2:4b:64:31:4a:da:32:13:a3:f7:16:a2:8c:a6:7d:
17:db:ea:b8:20:c0:1b:7a:f2:a8:7d:3f:39:2d:f9:
8d:81:09:c4:ed:8b:5c:54:63:14:e7:68:6a:22:0f:
d1:87:1a:bc:ca:31:bf:28:f6:61:2a:c0:6a:ef:65:
44:27:6d:35:65:1a:bd:1d:ac:db:00:9f:35:02:60:
65:88:39:71:06:a4:f2:51:5d:e9:a5:28:e0:9f:06:
c3:07:1d:95:c3:79:ec:bb:67:66:40:b3:f0:b1:4c:
e8:e9:a2:08:aa:aa:e8:68:ea:17:de:1c:c1:48:5d:
35:0a:01:84:6a:c0:f4:82:46:96:06:14:3f:bc:3e:
a0:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:6F:C1:F4:E8:1C:F3:FC:7B:9C:1B:35:8D:DA:83:62:8D:D2:14:34
X509v3 Authority Key Identifier:
keyid:21:AE:8E:67:5E:2E:D2:00:95:98:3C:BB:72:08:4F:97:40:28:1B:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ia6OZ14u0gCVmDy7cghPl0AoG3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9f79f9-3fde-45b5-9203-4f7f263cfaa0/1/1-2_B9Ogc8_x7nBs1jdqDYo3SFDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9f79f9-3fde-45b5-9203-4f7f263cfaa0/1/Ia6OZ14u0gCVmDy7cghPl0AoG3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.32.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:ce:fc:03:6a:a3:b6:43:6a:8b:cb:a4:e0:c9:e6:07:f0:48:
9b:7d:97:17:ad:f4:4c:d8:d9:2b:8e:74:fa:12:f6:3f:3c:f8:
df:2a:3e:7e:84:74:55:48:a7:c9:7a:42:d4:7f:3a:e9:1d:fd:
2b:81:79:9d:59:f5:be:f6:20:ab:c6:f0:b6:6e:83:66:43:c6:
a3:08:ef:c5:24:2c:e2:09:ac:ed:66:63:09:37:6b:5c:34:91:
01:f6:a3:35:71:05:d1:e7:4e:6b:2e:db:3a:34:49:68:6a:e6:
b6:0f:6d:c1:9e:eb:d2:6b:17:70:74:f1:a6:a7:5b:93:fd:f0:
45:1d:44:76:4e:da:fd:ba:d7:c5:65:4a:da:09:70:bc:8f:06:
d4:60:59:1c:78:ca:4e:32:01:2c:9b:66:5a:bf:11:b4:ea:26:
6e:85:09:b0:d3:52:f5:44:7d:57:b4:cb:c7:72:a3:2d:e1:14:
5b:13:d2:aa:ae:dc:dd:6a:f3:45:a7:66:c3:3b:d1:90:f4:5d:
06:6a:33:25:b9:85:5a:df:36:32:12:8b:c5:79:6b:83:35:4c:
e8:d8:ad:c9:57:8b:c7:c5:eb:8f:7b:48:82:25:67:dd:57:20:
cd:e9:f8:48:ca:e6:1d:eb:9b:72:1a:34:90:58:7d:dd:57:41:
d1:fc:9d:d0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQhQ47gXJhEaWG+bZFs2bkRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYWU4ZTY3NWUyZWQyMDA5NTk4M2NiYjcyMDg0Zjk3NDAy
ODFiNzQwHhcNMjUwMTAxMDk0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjZmYzFmNGU4MWNmM2ZjN2I5YzFiMzU4ZGRhODM2MjhkZDIxNDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArs0rC5d/d4tRdP7A7Bn7fYmz1g3c
1sPeg0t6ZpDhLg5H0AdwNArt9tYVQJ9T1Z7EqBJQPwxBFBLw0mjNywQPxAW7ZHkq
1xhJ0vI6ooPaSJiZy7iUAgvOEdPRC6Vs1SnuICUBH/rurWdavNpe0TdhwNekA/sr
GSjSS2QxStoyE6P3FqKMpn0X2+q4IMAbevKofT85LfmNgQnE7YtcVGMU52hqIg/R
hxq8yjG/KPZhKsBq72VEJ201ZRq9HazbAJ81AmBliDlxBqTyUV3ppSjgnwbDBx2V
w3nsu2dmQLPwsUzo6aIIqqroaOoX3hzBSF01CgGEasD0gkaWBhQ/vD6gPwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPtvwfToHPP8e5wbNY3ag2KN0hQ0MB8GA1UdIwQY
MBaAFCGujmdeLtIAlZg8u3IIT5dAKBt0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWE2T1oxNHUwZ0NWbUR5N2NnaFBsMEFvRzNRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS85Zjc5ZjktM2ZkZS00NWI1LTkyMDMt
NGY3ZjI2M2NmYWEwLzEvMS0yX0I5T2djOF94N25CczFqZHFEWW8zU0ZEUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZGUvOWY3OWY5LTNmZGUtNDViNS05MjAzLTRmN2YyNjNjZmFh
MC8xL0lhNk9aMTR1MGdDVm1EeTdjZ2hQbDBBb0czUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvQIDAN
BgkqhkiG9w0BAQsFAAOCAQEAnM78A2qjtkNqi8uk4MnmB/BIm32XF630TNjZK450
+hL2Pzz43yo+foR0VUinyXpC1H866R39K4F5nVn1vvYgq8bwtm6DZkPGowjvxSQs
4gms7WZjCTdrXDSRAfajNXEF0edOay7bOjRJaGrmtg9twZ7r0msXcHTxpqdbk/3w
RR1Edk7a/brXxWVK2glwvI8G1GBZHHjKTjIBLJtmWr8RtOomboUJsNNS9UR9V7TL
x3KjLeEUWxPSqq7c3WrzRadmwzvRkPRdBmozJbmFWt82MhKLxXlrgzVM6NityVeL
x8Xrj3tIgiVn3Vcgzen4SMrmHeubcho0kFh93VdB0fyd0A==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:47:37 2025 by rpki-client