Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/9825a0-1fdc-4162-8372-b9dbdc8b439c/1/PPUYZlg6H0XwL9T7p9j25_C1QJ0.roa
File: PPUYZlg6H0XwL9T7p9j25_C1QJ0.roa (raw, json)
Hash identifier: ocscl0Gbeg5aCVZzJomKYL7Dzdpg0U688ymNmvZ0gWI=
Subject key identifier: 3C:F5:18:66:58:3A:1F:45:F0:2F:D4:FB:A7:D8:F6:E7:F0:B5:40:9D
Certificate issuer: /CN=16979d37da016abd13279270ba55d6b3c2960578
Certificate serial: 0194236A50DFD899E45C7A41E37A3146A905
Authority key identifier: 16:97:9D:37:DA:01:6A:BD:13:27:92:70:BA:55:D6:B3:C2:96:05:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FpedN9oBar0TJ5JwulXWs8KWBXg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/9825a0-1fdc-4162-8372-b9dbdc8b439c/1/PPUYZlg6H0XwL9T7p9j25_C1QJ0.roa
Signing time: Wed 01 Jan 2025 19:49:17 +0000
ROA not before: Wed 01 Jan 2025 19:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43906
IP address blocks: 91.198.229.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:50:df:d8:99:e4:5c:7a:41:e3:7a:31:46:a9:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16979d37da016abd13279270ba55d6b3c2960578
Validity
Not Before: Jan 1 19:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3cf51866583a1f45f02fd4fba7d8f6e7f0b5409d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9a:08:0b:01:3b:03:30:30:8b:9e:88:a7:9c:
96:31:92:ee:50:52:4a:92:39:72:03:ba:58:bf:9e:
cc:19:89:3d:87:22:86:25:0a:1e:be:e1:d1:eb:3a:
c6:ed:18:3e:12:b3:d6:59:64:d9:ea:f0:bb:1a:9d:
72:36:6a:19:43:1c:01:da:e9:e6:ec:8e:b5:de:43:
2e:a7:87:99:82:3f:2e:f3:37:87:49:0e:99:66:ec:
8c:af:d9:95:30:65:ed:72:7a:4f:58:a6:81:c2:e2:
fb:85:0a:90:61:c4:89:34:ac:32:c1:8e:b9:38:09:
21:98:65:3e:8c:53:52:d7:e9:d9:ce:9c:df:f8:f7:
bd:77:b6:05:6d:15:aa:b4:45:1b:70:89:bc:12:83:
f2:60:15:98:97:e2:7a:12:42:b8:2b:0c:b7:4e:c0:
8d:50:5c:b7:67:b4:44:9f:42:e8:0f:36:77:1e:98:
3e:a1:8a:c7:98:45:fd:ee:b7:7a:0e:79:e9:5d:a0:
44:53:27:45:24:53:f1:b5:1e:4f:4b:45:28:4b:cd:
0e:67:77:e4:78:0d:de:26:e6:3b:88:9d:1c:94:fb:
bc:ea:77:35:89:33:2c:2f:d4:41:eb:fc:3e:7f:4a:
c3:cd:67:16:4b:85:cc:1d:30:09:11:33:59:15:b4:
e3:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:F5:18:66:58:3A:1F:45:F0:2F:D4:FB:A7:D8:F6:E7:F0:B5:40:9D
X509v3 Authority Key Identifier:
keyid:16:97:9D:37:DA:01:6A:BD:13:27:92:70:BA:55:D6:B3:C2:96:05:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FpedN9oBar0TJ5JwulXWs8KWBXg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9825a0-1fdc-4162-8372-b9dbdc8b439c/1/PPUYZlg6H0XwL9T7p9j25_C1QJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9825a0-1fdc-4162-8372-b9dbdc8b439c/1/FpedN9oBar0TJ5JwulXWs8KWBXg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.229.0/24
Signature Algorithm: sha256WithRSAEncryption
77:8a:20:ce:ff:dd:00:4a:d1:08:f5:6c:83:0f:d4:41:b2:4c:
e6:eb:e0:58:b3:1a:d8:99:02:18:32:fa:3c:df:8a:32:2a:ed:
6a:54:98:54:d6:f7:16:a7:35:1b:f7:97:41:c9:9b:ce:98:a4:
c2:0e:89:4d:d6:e3:94:3b:66:74:c8:e2:97:a7:6f:4a:dc:8d:
fd:5f:56:eb:a7:66:70:eb:58:bd:0d:fe:2f:7e:03:2a:66:95:
2c:5a:be:61:87:e0:0d:2f:0b:df:b6:c8:68:0c:c9:c5:9f:88:
d9:f6:6a:92:52:8d:fa:a3:65:c0:35:5e:d2:6a:2b:c4:b2:12:
f6:a8:85:0e:2d:e2:77:cd:ed:e6:68:f5:d9:dc:cd:de:5a:a5:
2c:91:eb:3b:bf:fb:a7:46:f2:8f:60:e2:b2:f3:d1:6f:73:ab:
19:66:99:00:9d:00:18:99:eb:75:50:14:56:59:6e:38:75:ad:
e8:a0:90:4f:35:0a:22:37:d9:ea:3e:c6:e1:2e:4b:a1:80:4b:
72:5d:f9:ea:58:ce:3d:c3:a0:d9:4b:c5:01:90:39:1a:f9:79:
e9:10:fc:f7:18:2b:27:c1:dc:ab:a1:24:f5:79:6d:d2:72:67:
a2:87:e3:40:2c:f7:16:16:9a:48:08:24:8c:32:26:ee:af:ba:
ff:fe:fd:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjalDf2JnkXHpB43oxRqkFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2OTc5ZDM3ZGEwMTZhYmQxMzI3OTI3MGJhNTVkNmIzYzI5
NjA1NzgwHhcNMjUwMTAxMTk0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2Y1MTg2NjU4M2ExZjQ1ZjAyZmQ0ZmJhN2Q4ZjZlN2YwYjU0MDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5oICwE7AzAwi56Ip5yWMZLuUFJK
kjlyA7pYv57MGYk9hyKGJQoevuHR6zrG7Rg+ErPWWWTZ6vC7Gp1yNmoZQxwB2unm
7I613kMup4eZgj8u8zeHSQ6ZZuyMr9mVMGXtcnpPWKaBwuL7hQqQYcSJNKwywY65
OAkhmGU+jFNS1+nZzpzf+Pe9d7YFbRWqtEUbcIm8EoPyYBWYl+J6EkK4Kwy3TsCN
UFy3Z7REn0LoDzZ3Hpg+oYrHmEX97rd6DnnpXaBEUydFJFPxtR5PS0UoS80OZ3fk
eA3eJuY7iJ0clPu86nc1iTMsL9RB6/w+f0rDzWcWS4XMHTAJETNZFbTjzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDz1GGZYOh9F8C/U+6fY9ufwtUCdMB8GA1UdIwQY
MBaAFBaXnTfaAWq9EyeScLpV1rPClgV4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnBlZE45b0JhcjBUSjVKd3VsWFdzOEtXQlhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS85ODI1YTAtMWZkYy00MTYyLTgzNzIt
YjlkYmRjOGI0MzljLzEvUFBVWVpsZzZIMFh3TDlUN3A5ajI1X0MxUUowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS85ODI1YTAtMWZkYy00MTYyLTgzNzItYjlkYmRjOGI0Mzlj
LzEvRnBlZE45b0JhcjBUSjVKd3VsWFdzOEtXQlhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8blMA0G
CSqGSIb3DQEBCwUAA4IBAQB3iiDO/90AStEI9WyDD9RBskzm6+BYsxrYmQIYMvo8
34oyKu1qVJhU1vcWpzUb95dByZvOmKTCDolN1uOUO2Z0yOKXp29K3I39X1brp2Zw
61i9Df4vfgMqZpUsWr5hh+ANLwvftshoDMnFn4jZ9mqSUo36o2XANV7SaivEshL2
qIUOLeJ3ze3maPXZ3M3eWqUskes7v/unRvKPYOKy89Fvc6sZZpkAnQAYmet1UBRW
WW44da3ooJBPNQoiN9nqPsbhLkuhgEtyXfnqWM49w6DZS8UBkDka+XnpEPz3GCsn
wdyroST1eW3Scmeih+NALPcWFppICCSMMibur7r//v3N
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:36:07 2025 by rpki-client