Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/68b1bf-8f48-4169-a9a2-5dac720223ab/1/0rDYOCiVnQy1wBfGsCwgf4uCy6M.roa
File: 0rDYOCiVnQy1wBfGsCwgf4uCy6M.roa (raw, json)
Hash identifier: dtebcZBA/CIRFXc0hvNHRfZk/QfKnBn3jDoKUNxXxXo=
Subject key identifier: D2:B0:D8:38:28:95:9D:0C:B5:C0:17:C6:B0:2C:20:7F:8B:82:CB:A3
Certificate issuer: /CN=f816865928eeeee5cbc92f4c4d38ae5c601dee0a
Certificate serial: 01942068771A8ACD2790CA372B6A18C4F105
Authority key identifier: F8:16:86:59:28:EE:EE:E5:CB:C9:2F:4C:4D:38:AE:5C:60:1D:EE:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-BaGWSju7uXLyS9MTTiuXGAd7go.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/68b1bf-8f48-4169-a9a2-5dac720223ab/1/0rDYOCiVnQy1wBfGsCwgf4uCy6M.roa
Signing time: Wed 01 Jan 2025 05:48:24 +0000
ROA not before: Wed 01 Jan 2025 05:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50399
IP address blocks: 91.209.213.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:77:1a:8a:cd:27:90:ca:37:2b:6a:18:c4:f1:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f816865928eeeee5cbc92f4c4d38ae5c601dee0a
Validity
Not Before: Jan 1 05:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2b0d83828959d0cb5c017c6b02c207f8b82cba3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d6:38:82:cc:cb:74:95:e7:ec:37:dd:e1:95:
30:e1:df:7d:dd:83:aa:1d:d4:77:4a:e5:7c:7e:64:
27:4f:1e:74:06:1f:81:07:e9:20:54:21:ab:17:de:
13:d4:57:c2:90:05:74:49:b3:5b:a0:0e:1a:9f:b2:
20:76:d5:13:f7:fd:48:37:b5:74:f6:a6:54:0b:ef:
73:20:85:5c:0e:5a:ff:dd:e9:55:99:fa:61:67:60:
0f:10:cf:c1:60:c6:e1:47:2e:1a:2d:bf:c5:b3:83:
75:4a:3b:96:ff:d2:19:96:8c:a1:77:15:1c:79:a0:
ac:53:0b:ba:90:ed:c5:89:0d:02:d4:99:65:be:cc:
5f:79:30:0b:1b:68:98:59:a1:7e:27:bb:9c:a7:96:
16:fe:a2:bc:0f:d8:a1:e1:90:c8:c7:e5:f3:e0:ee:
38:47:62:cb:e0:58:b3:04:c7:a5:50:b0:eb:cc:88:
41:e1:d3:de:c0:10:d9:43:27:bf:56:ba:5d:41:b6:
0a:4d:31:eb:af:08:fa:5b:c9:b6:1c:dc:fa:72:12:
e2:08:6d:85:24:8d:1d:9b:d0:a7:68:d1:66:6b:50:
a6:f9:0f:ea:3b:34:0c:9b:4f:2f:20:1e:af:d5:3f:
78:06:48:a2:e8:14:d5:69:a4:af:57:0b:4c:c1:2e:
e3:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:B0:D8:38:28:95:9D:0C:B5:C0:17:C6:B0:2C:20:7F:8B:82:CB:A3
X509v3 Authority Key Identifier:
keyid:F8:16:86:59:28:EE:EE:E5:CB:C9:2F:4C:4D:38:AE:5C:60:1D:EE:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-BaGWSju7uXLyS9MTTiuXGAd7go.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/68b1bf-8f48-4169-a9a2-5dac720223ab/1/0rDYOCiVnQy1wBfGsCwgf4uCy6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/68b1bf-8f48-4169-a9a2-5dac720223ab/1/1-BaGWSju7uXLyS9MTTiuXGAd7go.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.213.0/24
Signature Algorithm: sha256WithRSAEncryption
18:81:03:da:f4:fe:bb:90:99:42:ea:be:37:26:36:a5:ae:70:
f1:c4:82:c0:06:b1:73:02:ab:88:2c:45:d6:a7:8f:bd:26:62:
a3:19:a2:56:38:98:3b:92:20:56:bf:63:5b:db:dd:7f:c7:f8:
f2:03:85:d6:f7:64:56:86:03:82:71:15:0c:ec:20:a4:a2:05:
be:5a:3c:c5:31:57:8a:cf:f9:68:4e:1c:70:83:96:79:0e:90:
e0:60:05:b2:79:0b:30:18:61:c2:17:37:9f:f5:5e:34:b0:2c:
6d:4f:10:2e:81:88:45:d7:7c:46:74:1b:b6:b2:9d:93:e7:88:
7d:42:cb:0b:31:48:93:74:6f:25:53:c0:df:7e:04:31:ea:55:
cd:c4:71:b5:13:0a:2c:37:37:d4:aa:10:14:bc:7d:3f:10:cf:
a5:4b:82:38:f3:9a:7e:e2:d9:fc:fd:48:cc:95:c8:45:d4:6c:
30:e5:d0:d2:30:ba:55:1f:f5:11:3f:18:03:ad:51:79:85:91:
f2:db:3e:21:e5:c7:81:e5:fc:77:bf:28:9d:c7:06:c4:09:b9:
2e:d0:fa:40:b3:e2:11:96:13:51:f8:da:db:ef:1b:f7:9c:03:
60:97:53:d4:63:80:d6:0f:f2:87:06:c6:20:2d:03:69:26:19:
57:75:e4:7f
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQgaHcais0nkMo3K2oYxPEFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MTY4NjU5MjhlZWVlZTVjYmM5MmY0YzRkMzhhZTVjNjAx
ZGVlMGEwHhcNMjUwMTAxMDU0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmIwZDgzODI4OTU5ZDBjYjVjMDE3YzZiMDJjMjA3ZjhiODJjYmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9Y4gszLdJXn7Dfd4ZUw4d993YOq
HdR3SuV8fmQnTx50Bh+BB+kgVCGrF94T1FfCkAV0SbNboA4an7IgdtUT9/1IN7V0
9qZUC+9zIIVcDlr/3elVmfphZ2APEM/BYMbhRy4aLb/Fs4N1SjuW/9IZloyhdxUc
eaCsUwu6kO3FiQ0C1JllvsxfeTALG2iYWaF+J7ucp5YW/qK8D9ih4ZDIx+Xz4O44
R2LL4FizBMelULDrzIhB4dPewBDZQye/VrpdQbYKTTHrrwj6W8m2HNz6chLiCG2F
JI0dm9CnaNFma1Cm+Q/qOzQMm08vIB6v1T94Bkii6BTVaaSvVwtMwS7jGQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNKw2DgolZ0MtcAXxrAsIH+LgsujMB8GA1UdIwQY
MBaAFPgWhlko7u7ly8kvTE04rlxgHe4KMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1CYUdXU2p1N3VYTHlTOU1UVGl1WEdBZDdnby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYvNjhiMWJmLThmNDgtNDE2OS1hOWEy
LTVkYWM3MjAyMjNhYi8xLzByRFlPQ2lWblF5MXdCZkdzQ3dnZjR1Q3k2TS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZGYvNjhiMWJmLThmNDgtNDE2OS1hOWEyLTVkYWM3MjAyMjNh
Yi8xLzEtQmFHV1NqdTd1WEx5UzlNVFRpdVhHQWQ3Z28uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABb0dUw
DQYJKoZIhvcNAQELBQADggEBABiBA9r0/ruQmULqvjcmNqWucPHEgsAGsXMCq4gs
Rdanj70mYqMZolY4mDuSIFa/Y1vb3X/H+PIDhdb3ZFaGA4JxFQzsIKSiBb5aPMUx
V4rP+WhOHHCDlnkOkOBgBbJ5CzAYYcIXN5/1XjSwLG1PEC6BiEXXfEZ0G7aynZPn
iH1CywsxSJN0byVTwN9+BDHqVc3EcbUTCiw3N9SqEBS8fT8Qz6VLgjjzmn7i2fz9
SMyVyEXUbDDl0NIwulUf9RE/GAOtUXmFkfLbPiHlx4Hl/He/KJ3HBsQJuS7Q+kCz
4hGWE1H42tvvG/ecA2CXU9RjgNYP8ocGxiAtA2kmGVd15H8=
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:03:08 2025 by rpki-client