Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/d7f2d8-46cd-41fd-8008-a4296ad98635/1/38mEm2F8Yjh1FOnrSxxmmsrIhfw.roa
File: 38mEm2F8Yjh1FOnrSxxmmsrIhfw.roa (raw, json)
Hash identifier: UA6RTPbLgtEACOSSNTD3WLGlqG06YwLEPzk3fCMKgmQ=
Subject key identifier: DF:C9:84:9B:61:7C:62:38:75:14:E9:EB:4B:1C:66:9A:CA:C8:85:FC
Certificate issuer: /CN=13d8042a28015d27f35b1f1ab73611e8511b6923
Certificate serial: 01941FFA748CEA1FE6027DCDACBF879FB022
Authority key identifier: 13:D8:04:2A:28:01:5D:27:F3:5B:1F:1A:B7:36:11:E8:51:1B:69:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E9gEKigBXSfzWx8atzYR6FEbaSM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/d7f2d8-46cd-41fd-8008-a4296ad98635/1/38mEm2F8Yjh1FOnrSxxmmsrIhfw.roa
Signing time: Wed 01 Jan 2025 03:48:14 +0000
ROA not before: Wed 01 Jan 2025 03:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197522
IP address blocks: 91.221.218.0/24 maxlen: 24
91.221.219.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:74:8c:ea:1f:e6:02:7d:cd:ac:bf:87:9f:b0:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13d8042a28015d27f35b1f1ab73611e8511b6923
Validity
Not Before: Jan 1 03:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dfc9849b617c62387514e9eb4b1c669acac885fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d9:5a:d4:44:4c:d5:f4:7d:c0:45:ce:18:1a:
bd:49:1b:9c:c8:b8:74:f9:0b:87:fe:9f:48:16:3c:
d9:41:57:09:94:28:6e:33:24:ad:ea:28:95:51:04:
0b:19:f8:10:34:cf:eb:a1:63:b9:2c:a9:9e:6a:61:
7e:25:c2:7e:f2:6c:ef:61:0d:d6:60:a6:4c:7d:fc:
99:2e:99:cf:2e:5c:8d:4f:a8:23:8b:e3:34:41:af:
0a:8f:04:98:ad:18:e3:f6:fc:51:72:0e:87:7c:da:
8c:16:f5:14:d7:e8:78:88:ec:e4:83:ec:82:fb:1b:
70:62:a5:55:83:8e:ce:ae:74:a0:60:46:88:56:3e:
9c:c3:fc:d3:b7:0e:1c:18:60:41:8b:5a:6d:42:00:
a0:ed:d9:87:28:b6:8f:00:59:6f:93:f0:8d:88:68:
e7:21:15:99:98:81:fd:ad:34:17:56:2a:3f:b7:07:
80:84:79:38:26:d3:fd:c8:c2:82:64:ad:26:5c:0b:
ec:d6:8c:2d:e0:71:33:5b:ac:2b:cb:c2:6a:e0:54:
17:82:db:82:0f:3b:e6:2a:14:c4:64:ee:56:34:1f:
b1:87:88:5a:0f:c8:e8:4b:56:e6:46:5a:d5:b3:18:
70:c2:8e:b3:71:f9:f4:ca:19:4f:69:cb:cd:90:4c:
22:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:C9:84:9B:61:7C:62:38:75:14:E9:EB:4B:1C:66:9A:CA:C8:85:FC
X509v3 Authority Key Identifier:
keyid:13:D8:04:2A:28:01:5D:27:F3:5B:1F:1A:B7:36:11:E8:51:1B:69:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E9gEKigBXSfzWx8atzYR6FEbaSM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/d7f2d8-46cd-41fd-8008-a4296ad98635/1/38mEm2F8Yjh1FOnrSxxmmsrIhfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/d7f2d8-46cd-41fd-8008-a4296ad98635/1/E9gEKigBXSfzWx8atzYR6FEbaSM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.218.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:24:7f:b4:8a:f0:bf:82:d4:7d:1b:5e:6b:9c:60:a0:22:2c:
18:df:38:e8:82:b0:7a:d0:cb:97:13:07:20:7d:53:9a:2e:a3:
e8:4a:b1:91:61:81:1e:e9:ec:f6:17:55:90:7b:af:75:f2:30:
48:39:b1:97:ad:01:d1:47:97:36:15:42:08:27:a7:41:1c:c9:
45:2a:a5:be:e9:4f:de:ff:c8:ff:fb:f3:6e:1d:c2:ab:b4:d3:
42:a2:90:eb:92:25:48:bd:a8:25:f0:3d:74:76:29:66:26:50:
3c:42:74:57:62:41:86:47:b5:72:2c:70:17:1f:24:f1:d1:03:
36:e7:bc:b7:57:e0:b4:a6:7f:49:03:3c:1f:d0:cb:78:be:55:
8a:95:ab:3a:fa:6c:48:e4:b7:1e:4b:b8:50:d5:8d:a6:b4:78:
9f:d9:ec:a9:af:61:10:bd:22:34:f9:07:54:9e:04:80:02:b2:
1a:66:a1:e1:65:69:63:c0:86:17:ae:fc:4c:1a:bf:48:02:d0:
6c:ca:a1:4a:65:08:52:de:6f:89:01:f6:56:cc:e1:9e:5c:04:
38:f7:6d:5e:5e:b8:fa:c3:b2:ae:c8:98:6a:f6:5f:09:16:f1:
87:a5:fd:5a:8b:d5:0c:de:5c:bd:e9:14:6c:8a:cf:e3:76:4a:
91:6e:62:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+nSM6h/mAn3NrL+Hn7AiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzZDgwNDJhMjgwMTVkMjdmMzViMWYxYWI3MzYxMWU4NTEx
YjY5MjMwHhcNMjUwMTAxMDM0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmM5ODQ5YjYxN2M2MjM4NzUxNGU5ZWI0YjFjNjY5YWNhYzg4NWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNla1ERM1fR9wEXOGBq9SRucyLh0
+QuH/p9IFjzZQVcJlChuMySt6iiVUQQLGfgQNM/roWO5LKmeamF+JcJ+8mzvYQ3W
YKZMffyZLpnPLlyNT6gji+M0Qa8KjwSYrRjj9vxRcg6HfNqMFvUU1+h4iOzkg+yC
+xtwYqVVg47OrnSgYEaIVj6cw/zTtw4cGGBBi1ptQgCg7dmHKLaPAFlvk/CNiGjn
IRWZmIH9rTQXVio/tweAhHk4JtP9yMKCZK0mXAvs1owt4HEzW6wry8Jq4FQXgtuC
DzvmKhTEZO5WNB+xh4haD8joS1bmRlrVsxhwwo6zcfn0yhlPacvNkEwiSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN/JhJthfGI4dRTp60scZprKyIX8MB8GA1UdIwQY
MBaAFBPYBCooAV0n81sfGrc2EehRG2kjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTlnRUtpZ0JYU2Z6V3g4YXR6WVI2RkViYVNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9kN2YyZDgtNDZjZC00MWZkLTgwMDgt
YTQyOTZhZDk4NjM1LzEvMzhtRW0yRjhZamgxRk9uclN4eG1tc3JJaGZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9kN2YyZDgtNDZjZC00MWZkLTgwMDgtYTQyOTZhZDk4NjM1
LzEvRTlnRUtpZ0JYU2Z6V3g4YXR6WVI2RkViYVNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW93aMA0G
CSqGSIb3DQEBCwUAA4IBAQBcJH+0ivC/gtR9G15rnGCgIiwY3zjogrB60MuXEwcg
fVOaLqPoSrGRYYEe6ez2F1WQe6918jBIObGXrQHRR5c2FUIIJ6dBHMlFKqW+6U/e
/8j/+/NuHcKrtNNCopDrkiVIvagl8D10dilmJlA8QnRXYkGGR7VyLHAXHyTx0QM2
57y3V+C0pn9JAzwf0Mt4vlWKlas6+mxI5LceS7hQ1Y2mtHif2eypr2EQvSI0+QdU
ngSAArIaZqHhZWljwIYXrvxMGr9IAtBsyqFKZQhS3m+JAfZWzOGeXAQ4921eXrj6
w7KuyJhq9l8JFvGHpf1ai9UM3ly96RRsis/jdkqRbmK0
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:11:39 2025 by rpki-client