Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/18d955-e992-4fa0-bba0-ac58b287fb64/1/R7JjHxkLaRMAq-eNFDHFR56Dyhw.roa
File: R7JjHxkLaRMAq-eNFDHFR56Dyhw.roa (raw, json)
Hash identifier: QknjqXJUcPnKm7YDFtc8WvDMm5i4FQMrmsy86E9cK0o=
Subject key identifier: 47:B2:63:1F:19:0B:69:13:00:AB:E7:8D:14:31:C5:47:9E:83:CA:1C
Certificate issuer: /CN=cd398f7f3d5b3b82dcfdec902b03f733d895dae7
Certificate serial: 019426D9D05C517C89F862333C728E2D0BFC
Authority key identifier: CD:39:8F:7F:3D:5B:3B:82:DC:FD:EC:90:2B:03:F7:33:D8:95:DA:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zTmPfz1bO4Lc_eyQKwP3M9iV2uc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/18d955-e992-4fa0-bba0-ac58b287fb64/1/R7JjHxkLaRMAq-eNFDHFR56Dyhw.roa
Signing time: Thu 02 Jan 2025 11:49:56 +0000
ROA not before: Thu 02 Jan 2025 11:49:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21221
IP address blocks: 91.235.83.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:d0:5c:51:7c:89:f8:62:33:3c:72:8e:2d:0b:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd398f7f3d5b3b82dcfdec902b03f733d895dae7
Validity
Not Before: Jan 2 11:49:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=47b2631f190b691300abe78d1431c5479e83ca1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:76:0c:02:74:1a:d6:77:9a:84:b6:5f:0f:05:
6b:c6:f2:aa:38:d9:69:c6:2f:73:70:42:7c:ae:93:
9d:fe:98:89:aa:cb:67:86:6e:0d:ba:a2:32:cd:fa:
15:b0:d1:a0:fa:90:1f:9b:4a:59:43:81:1e:fe:e9:
f3:97:6d:d3:64:6f:14:61:43:a2:05:89:af:1a:02:
e5:6f:0e:47:f1:d3:25:c0:3b:f2:5d:2d:10:f4:20:
52:c7:6c:49:c2:fc:36:99:4e:61:1a:ae:68:da:5b:
dd:ca:34:51:f4:26:6d:e3:4a:56:f6:bc:da:4f:3d:
24:b3:81:35:c3:49:15:3c:37:fd:b4:48:53:53:f0:
48:6b:aa:35:a4:a3:21:16:d9:56:9a:29:10:23:8c:
f4:12:60:5e:8c:c4:e7:b4:37:da:5e:b3:17:5d:16:
2e:5e:6a:c3:29:61:dd:e4:d2:40:ea:4b:b6:c1:54:
f3:e2:d8:42:99:93:63:08:22:3e:95:c5:3c:9e:a2:
a3:6a:b2:47:0b:d7:17:d0:f8:80:aa:4f:41:29:8c:
f2:82:ec:38:a5:6b:46:21:d0:ef:86:1c:ce:9a:9d:
7a:11:37:7e:3d:e9:5a:df:75:a3:d1:6f:98:b3:c5:
76:aa:6e:6a:9a:d1:01:7e:8e:89:ac:b9:bb:58:84:
17:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:B2:63:1F:19:0B:69:13:00:AB:E7:8D:14:31:C5:47:9E:83:CA:1C
X509v3 Authority Key Identifier:
keyid:CD:39:8F:7F:3D:5B:3B:82:DC:FD:EC:90:2B:03:F7:33:D8:95:DA:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTmPfz1bO4Lc_eyQKwP3M9iV2uc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/18d955-e992-4fa0-bba0-ac58b287fb64/1/R7JjHxkLaRMAq-eNFDHFR56Dyhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/18d955-e992-4fa0-bba0-ac58b287fb64/1/zTmPfz1bO4Lc_eyQKwP3M9iV2uc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.83.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:73:1a:63:27:2f:ab:97:42:56:d0:7c:5f:64:65:39:1d:81:
d8:4e:cf:c6:b4:c4:94:5f:53:46:63:3f:74:bf:e1:33:01:22:
1d:86:da:b1:48:86:f8:8e:b9:66:ab:f4:c4:0c:3d:d7:bc:bd:
39:4b:3a:45:a8:56:b6:ad:55:36:6b:32:4f:6a:45:2e:5f:76:
12:56:29:91:af:7f:38:af:4b:86:ef:1b:0d:fe:4a:8e:6a:67:
42:c7:70:ee:a8:5b:98:3b:48:8c:65:97:81:0e:3c:a6:6c:4c:
94:80:1a:43:3f:46:23:f9:29:b1:14:59:54:ee:80:af:91:95:
42:39:63:55:2f:5d:c4:dd:49:cb:0d:63:64:bd:ca:b7:72:56:
4b:d8:cb:a4:9f:4a:54:72:4b:82:68:ad:df:61:5f:bb:bc:01:
f5:4d:b5:48:3d:6b:8c:30:62:86:33:ad:e7:7b:a3:64:4c:6b:
d3:d0:33:be:5b:7f:1b:41:1a:46:78:0d:83:9e:47:6b:7a:cf:
f4:a2:7a:23:72:fb:0e:52:eb:ef:d2:d0:10:5a:a3:1c:9e:57:
94:ce:e5:a3:84:9a:d1:33:cb:43:05:54:ae:a5:86:38:f7:11:
25:6a:4b:96:ad:96:88:86:2b:c3:e9:ee:b9:af:55:e6:7f:b4:
40:4b:58:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2dBcUXyJ+GIzPHKOLQv8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMzk4ZjdmM2Q1YjNiODJkY2ZkZWM5MDJiMDNmNzMzZDg5
NWRhZTcwHhcNMjUwMTAyMTE0OTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2IyNjMxZjE5MGI2OTEzMDBhYmU3OGQxNDMxYzU0NzllODNjYTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznYMAnQa1neahLZfDwVrxvKqONlp
xi9zcEJ8rpOd/piJqstnhm4NuqIyzfoVsNGg+pAfm0pZQ4Ee/unzl23TZG8UYUOi
BYmvGgLlbw5H8dMlwDvyXS0Q9CBSx2xJwvw2mU5hGq5o2lvdyjRR9CZt40pW9rza
Tz0ks4E1w0kVPDf9tEhTU/BIa6o1pKMhFtlWmikQI4z0EmBejMTntDfaXrMXXRYu
XmrDKWHd5NJA6ku2wVTz4thCmZNjCCI+lcU8nqKjarJHC9cX0PiAqk9BKYzyguw4
pWtGIdDvhhzOmp16ETd+Pela33Wj0W+Ys8V2qm5qmtEBfo6JrLm7WIQXOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEeyYx8ZC2kTAKvnjRQxxUeeg8ocMB8GA1UdIwQY
MBaAFM05j389WzuC3P3skCsD9zPYldrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelRtUGZ6MWJPNExjX2V5UUt3UDNNOWlWMnVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi8xOGQ5NTUtZTk5Mi00ZmEwLWJiYTAt
YWM1OGIyODdmYjY0LzEvUjdKakh4a0xhUk1BcS1lTkZESEZSNTZEeWh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi8xOGQ5NTUtZTk5Mi00ZmEwLWJiYTAtYWM1OGIyODdmYjY0
LzEvelRtUGZ6MWJPNExjX2V5UUt3UDNNOWlWMnVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+tTMA0G
CSqGSIb3DQEBCwUAA4IBAQClcxpjJy+rl0JW0HxfZGU5HYHYTs/GtMSUX1NGYz90
v+EzASIdhtqxSIb4jrlmq/TEDD3XvL05SzpFqFa2rVU2azJPakUuX3YSVimRr384
r0uG7xsN/kqOamdCx3DuqFuYO0iMZZeBDjymbEyUgBpDP0Yj+SmxFFlU7oCvkZVC
OWNVL13E3UnLDWNkvcq3clZL2Mukn0pUckuCaK3fYV+7vAH1TbVIPWuMMGKGM63n
e6NkTGvT0DO+W38bQRpGeA2Dnkdres/0onojcvsOUuvv0tAQWqMcnleUzuWjhJrR
M8tDBVSupYY49xElakuWrZaIhivD6e65r1Xmf7RAS1hY
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:13:59 2025 by rpki-client