Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/9BKbZIRd9-X7DwnbmN0tiFBfwDk.roa
File: 9BKbZIRd9-X7DwnbmN0tiFBfwDk.roa (raw, json)
Hash identifier: sc6ZIVElHs/p3IrdFGLfeuXuK5hZseBYNoiFQsWbBIY=
Subject key identifier: F4:12:9B:64:84:5D:F7:E5:FB:0F:09:DB:98:DD:2D:88:50:5F:C0:39
Certificate issuer: /CN=3e424e245a64324a68731dd26f30c685baa8a678
Certificate serial: 0194258FC002B961C25C83589DB587248665
Authority key identifier: 3E:42:4E:24:5A:64:32:4A:68:73:1D:D2:6F:30:C6:85:BA:A8:A6:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PkJOJFpkMkpocx3SbzDGhbqopng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/9BKbZIRd9-X7DwnbmN0tiFBfwDk.roa
Signing time: Thu 02 Jan 2025 05:49:25 +0000
ROA not before: Thu 02 Jan 2025 05:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 38970
IP address blocks: 91.213.178.0/24 maxlen: 24
2001:67c:50::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:c0:02:b9:61:c2:5c:83:58:9d:b5:87:24:86:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e424e245a64324a68731dd26f30c685baa8a678
Validity
Not Before: Jan 2 05:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4129b64845df7e5fb0f09db98dd2d88505fc039
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:2a:57:f2:bd:ef:62:96:c3:2d:7a:a4:35:08:
7f:d1:d1:61:97:78:ea:65:94:bb:55:79:f9:74:d2:
74:2d:72:a1:cd:73:88:ed:90:a2:46:ad:6d:3f:5b:
0e:d1:62:44:be:16:65:c4:c2:fa:9c:d7:64:60:cb:
c3:d2:85:10:b3:1b:1b:e0:ce:c4:72:ba:6d:9d:d3:
ff:a1:47:3d:36:67:4e:ba:10:22:86:4c:53:57:1f:
5f:4f:db:b3:b4:18:6a:ad:1a:ca:51:10:5a:b7:97:
01:b8:3b:44:0c:6d:54:1a:8a:b2:b2:d0:c8:38:f0:
61:f6:e3:55:e3:57:89:54:aa:9c:a9:9e:c3:0c:11:
e3:a5:e0:a3:21:8c:8b:91:75:1a:3b:ac:b4:21:e7:
1d:3a:72:20:ee:03:6f:10:d6:ed:41:e8:c1:4a:6d:
e8:b4:07:18:66:da:6e:3e:f2:fc:60:94:cc:45:13:
b8:14:8a:a3:66:40:bd:40:45:4f:a5:93:4a:35:af:
96:cb:83:24:ac:aa:8b:7a:ec:dc:28:22:c7:11:25:
94:8e:c8:27:5a:0a:0b:8a:99:7c:40:65:01:ce:c5:
55:4c:4d:aa:91:7e:f1:36:4c:ee:5f:9f:01:7c:6c:
be:c3:78:2c:de:3b:9e:c2:f0:9f:11:9d:2b:4b:a5:
b6:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:12:9B:64:84:5D:F7:E5:FB:0F:09:DB:98:DD:2D:88:50:5F:C0:39
X509v3 Authority Key Identifier:
keyid:3E:42:4E:24:5A:64:32:4A:68:73:1D:D2:6F:30:C6:85:BA:A8:A6:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PkJOJFpkMkpocx3SbzDGhbqopng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/9BKbZIRd9-X7DwnbmN0tiFBfwDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.178.0/24
IPv6:
2001:67c:50::/48
Signature Algorithm: sha256WithRSAEncryption
4b:a5:47:3f:07:9e:ea:d4:c2:a3:b4:36:09:f1:88:e3:df:d5:
10:a8:af:72:14:23:78:f7:64:f1:c7:eb:05:71:7a:cb:57:4c:
a6:9d:77:7f:74:bc:b0:32:f3:a1:3c:31:a7:4e:49:17:5b:d4:
a4:ac:9a:4b:73:3c:81:07:7f:86:de:91:a6:9f:78:53:c5:a5:
b8:75:0e:0b:b1:6f:e3:c6:cc:99:43:5b:f4:bb:30:ac:28:33:
09:09:a8:cc:65:06:55:f5:35:8d:38:c6:3f:ce:1e:3f:00:85:
16:50:95:06:aa:c9:f8:73:07:a6:ed:6c:bd:ce:fa:8b:3e:f9:
9d:32:38:1c:08:cf:6b:d5:b1:56:85:d0:c3:1e:cb:a2:c0:5e:
d9:03:75:56:7e:87:6f:87:8b:51:4e:29:e0:41:8f:ce:15:bf:
59:10:43:0c:2c:ea:92:4f:f8:83:6f:1f:7c:44:13:0b:16:33:
fb:35:96:48:52:e2:fe:61:c8:e9:af:40:28:89:2e:32:04:9a:
03:e6:2a:ba:ac:11:ad:aa:a1:06:8b:db:a1:14:30:e5:cd:b8:
a8:51:00:39:0d:22:c4:6b:00:ab:22:e3:79:89:b1:a7:a0:ce:
bd:6b:7e:90:26:dc:ec:b2:64:0c:8e:f5:98:dc:e0:39:bf:5e:
7d:67:7c:50
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQlj8ACuWHCXINYnbWHJIZlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNDI0ZTI0NWE2NDMyNGE2ODczMWRkMjZmMzBjNjg1YmFh
OGE2NzgwHhcNMjUwMTAyMDU0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDEyOWI2NDg0NWRmN2U1ZmIwZjA5ZGI5OGRkMmQ4ODUwNWZjMDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1CpX8r3vYpbDLXqkNQh/0dFhl3jq
ZZS7VXn5dNJ0LXKhzXOI7ZCiRq1tP1sO0WJEvhZlxML6nNdkYMvD0oUQsxsb4M7E
crptndP/oUc9NmdOuhAihkxTVx9fT9uztBhqrRrKURBat5cBuDtEDG1UGoqystDI
OPBh9uNV41eJVKqcqZ7DDBHjpeCjIYyLkXUaO6y0IecdOnIg7gNvENbtQejBSm3o
tAcYZtpuPvL8YJTMRRO4FIqjZkC9QEVPpZNKNa+Wy4MkrKqLeuzcKCLHESWUjsgn
WgoLipl8QGUBzsVVTE2qkX7xNkzuX58BfGy+w3gs3juewvCfEZ0rS6W28wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPQSm2SEXffl+w8J25jdLYhQX8A5MB8GA1UdIwQY
MBaAFD5CTiRaZDJKaHMd0m8wxoW6qKZ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGtKT0pGcGtNa3BvY3gzU2J6REdoYnFvcG5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8xMDAyYzEtMDBiYy00MzA4LWI1NWQt
NTRkYTA0NjhmZGFkLzEvOUJLYlpJUmQ5LVg3RHduYm1OMHRpRkJmd0RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8xMDAyYzEtMDBiYy00MzA4LWI1NWQtNTRkYTA0NjhmZGFk
LzEvUGtKT0pGcGtNa3BvY3gzU2J6REdoYnFvcG5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9WyMA8E
AgACMAkDBwAgAQZ8AFAwDQYJKoZIhvcNAQELBQADggEBAEulRz8HnurUwqO0Ngnx
iOPf1RCor3IUI3j3ZPHH6wVxestXTKadd390vLAy86E8MadOSRdb1KSsmktzPIEH
f4bekaafeFPFpbh1Dguxb+PGzJlDW/S7MKwoMwkJqMxlBlX1NY04xj/OHj8AhRZQ
lQaqyfhzB6btbL3O+os++Z0yOBwIz2vVsVaF0MMey6LAXtkDdVZ+h2+Hi1FOKeBB
j84Vv1kQQwws6pJP+INvH3xEEwsWM/s1lkhS4v5hyOmvQCiJLjIEmgPmKrqsEa2q
oQaL26EUMOXNuKhRADkNIsRrAKsi43mJsaegzr1rfpAm3OyyZAyO9Zjc4Dm/Xn1n
fFA=
-----END CERTIFICATE-----
Generated at Tue Apr 29 22:38:50 2025 by rpki-client