Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/ffa949-86c4-4984-8557-2c2c5fbda341/1/RI4n8PF4rBIO32JAZiAFIMrum4w.roa
File: RI4n8PF4rBIO32JAZiAFIMrum4w.roa (raw, json)
Hash identifier: 5SmITQJiZpZC1yYBE1LcmqDZ6YGT1Ir0nVy19fwLnlQ=
Subject key identifier: 44:8E:27:F0:F1:78:AC:12:0E:DF:62:40:66:20:05:20:CA:EE:9B:8C
Certificate issuer: /CN=79cd4bd3c9bfe20dccfe2b19de23095ca2474835
Certificate serial: 019427B5BBA05CBA1CD69360D422816910B2
Authority key identifier: 79:CD:4B:D3:C9:BF:E2:0D:CC:FE:2B:19:DE:23:09:5C:A2:47:48:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ec1L08m_4g3M_isZ3iMJXKJHSDU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/ffa949-86c4-4984-8557-2c2c5fbda341/1/RI4n8PF4rBIO32JAZiAFIMrum4w.roa
Signing time: Thu 02 Jan 2025 15:50:08 +0000
ROA not before: Thu 02 Jan 2025 15:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3303
IP address blocks: 91.198.72.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:bb:a0:5c:ba:1c:d6:93:60:d4:22:81:69:10:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79cd4bd3c9bfe20dccfe2b19de23095ca2474835
Validity
Not Before: Jan 2 15:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=448e27f0f178ac120edf624066200520caee9b8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d2:fd:8b:96:ba:67:0c:ad:e6:b1:27:ad:79:
3d:97:5c:af:db:4b:7a:5f:f5:58:96:0a:b4:24:33:
62:d5:5c:f4:81:db:64:ea:97:ba:d7:44:89:b5:04:
5b:4f:d1:49:57:a3:c0:21:04:f1:a7:44:54:fd:30:
ac:cf:89:bc:eb:8f:38:d5:70:18:86:10:6d:5a:bc:
f9:1d:8b:c2:f3:6f:51:48:b3:e9:14:d2:dd:8d:b0:
78:46:2b:19:88:0b:b4:f6:5b:27:44:a0:80:06:94:
91:79:38:45:cc:7c:e1:2c:52:7b:28:d6:05:17:a7:
a4:58:dd:79:20:2a:09:73:6e:89:ad:11:8e:7b:10:
43:57:05:f8:06:dc:12:fc:58:b1:91:7b:ca:2b:4f:
24:b1:c9:71:36:0b:cd:8f:2f:89:1d:03:93:be:60:
84:20:cf:fe:86:86:da:c6:78:c3:1b:db:ab:09:c3:
ca:48:4e:5c:83:31:6f:e8:a0:d9:50:d1:91:e2:c2:
b7:1b:ed:c4:5d:14:cf:06:04:80:ff:1e:3a:20:55:
21:77:32:49:5f:f6:82:b2:e7:43:cc:4b:43:60:3a:
6c:88:df:52:e8:ac:0f:c4:b3:6f:28:84:24:23:4f:
21:44:fd:d9:46:a2:75:8c:89:3e:b1:5f:af:e8:48:
6b:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:8E:27:F0:F1:78:AC:12:0E:DF:62:40:66:20:05:20:CA:EE:9B:8C
X509v3 Authority Key Identifier:
keyid:79:CD:4B:D3:C9:BF:E2:0D:CC:FE:2B:19:DE:23:09:5C:A2:47:48:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec1L08m_4g3M_isZ3iMJXKJHSDU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ffa949-86c4-4984-8557-2c2c5fbda341/1/RI4n8PF4rBIO32JAZiAFIMrum4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ffa949-86c4-4984-8557-2c2c5fbda341/1/ec1L08m_4g3M_isZ3iMJXKJHSDU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.72.0/24
Signature Algorithm: sha256WithRSAEncryption
74:71:30:17:2b:0d:1f:90:b4:39:c0:e8:3b:a7:34:65:a8:0f:
f8:81:b2:12:42:d4:d2:5d:66:c5:5f:d5:ae:65:90:da:25:b7:
f4:93:f9:38:a1:3c:53:5e:4b:1d:bf:30:af:8b:38:f2:e8:8c:
26:37:22:f8:cc:66:e8:48:a2:b9:75:8c:e3:84:65:67:1f:2c:
b4:42:a4:a2:6f:b7:4b:00:07:96:ca:7c:73:e4:c2:d3:1b:ce:
e1:7e:0f:40:4a:5b:1f:0a:db:70:66:c1:89:43:30:68:88:a4:
4d:9d:27:13:f3:79:0e:68:13:1e:f5:be:b3:21:1a:cf:c5:48:
b0:52:39:ad:a4:f4:03:cf:28:e7:3e:34:7d:c4:9d:e3:68:18:
61:ec:86:55:e2:b6:c7:ae:90:98:e8:99:a4:82:ca:26:c7:26:
35:f5:d3:9c:c9:94:77:ac:46:00:8f:4d:b8:5a:a2:bb:14:c9:
26:14:3f:d7:b1:03:97:30:d2:10:7b:90:7f:39:4d:b6:f7:fc:
7c:b3:84:b5:16:d5:a6:4a:1e:62:41:b2:da:b6:c7:af:3c:cb:
b8:60:f0:1a:68:31:c8:c3:46:9e:bf:3c:3c:63:ca:be:e8:ae:
0f:0b:05:bc:1b:c0:af:fc:ef:5f:53:b0:ec:b0:0c:e7:54:bb:
cc:5e:c6:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntbugXLoc1pNg1CKBaRCyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5Y2Q0YmQzYzliZmUyMGRjY2ZlMmIxOWRlMjMwOTVjYTI0
NzQ4MzUwHhcNMjUwMTAyMTU1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDhlMjdmMGYxNzhhYzEyMGVkZjYyNDA2NjIwMDUyMGNhZWU5YjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdL9i5a6Zwyt5rEnrXk9l1yv20t6
X/VYlgq0JDNi1Vz0gdtk6pe610SJtQRbT9FJV6PAIQTxp0RU/TCsz4m864841XAY
hhBtWrz5HYvC829RSLPpFNLdjbB4RisZiAu09lsnRKCABpSReThFzHzhLFJ7KNYF
F6ekWN15ICoJc26JrRGOexBDVwX4BtwS/FixkXvKK08ksclxNgvNjy+JHQOTvmCE
IM/+hobaxnjDG9urCcPKSE5cgzFv6KDZUNGR4sK3G+3EXRTPBgSA/x46IFUhdzJJ
X/aCsudDzEtDYDpsiN9S6KwPxLNvKIQkI08hRP3ZRqJ1jIk+sV+v6EhrgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFESOJ/DxeKwSDt9iQGYgBSDK7puMMB8GA1UdIwQY
MBaAFHnNS9PJv+INzP4rGd4jCVyiR0g1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWMxTDA4bV80ZzNNX2lzWjNpTUpYS0pIU0RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9mZmE5NDktODZjNC00OTg0LTg1NTct
MmMyYzVmYmRhMzQxLzEvUkk0bjhQRjRyQklPMzJKQVppQUZJTXJ1bTR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9mZmE5NDktODZjNC00OTg0LTg1NTctMmMyYzVmYmRhMzQx
LzEvZWMxTDA4bV80ZzNNX2lzWjNpTUpYS0pIU0RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8ZIMA0G
CSqGSIb3DQEBCwUAA4IBAQB0cTAXKw0fkLQ5wOg7pzRlqA/4gbISQtTSXWbFX9Wu
ZZDaJbf0k/k4oTxTXksdvzCvizjy6IwmNyL4zGboSKK5dYzjhGVnHyy0QqSib7dL
AAeWynxz5MLTG87hfg9ASlsfCttwZsGJQzBoiKRNnScT83kOaBMe9b6zIRrPxUiw
UjmtpPQDzyjnPjR9xJ3jaBhh7IZV4rbHrpCY6JmkgsomxyY19dOcyZR3rEYAj024
WqK7FMkmFD/XsQOXMNIQe5B/OU229/x8s4S1FtWmSh5iQbLatsevPMu4YPAaaDHI
w0aevzw8Y8q+6K4PCwW8G8Cv/O9fU7DssAznVLvMXsZ/
-----END CERTIFICATE-----
Generated at Fri Apr 25 17:03:13 2025 by rpki-client