Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/d1130e-e07f-49ba-bef4-6c767b92c9a5/1/TfZHjmYknRwU6ErUe_wYUlK2dPk.roa
File: TfZHjmYknRwU6ErUe_wYUlK2dPk.roa (raw, json)
Hash identifier: c7WP6wJfnnCXs2t+4y61hzS0o/WHpIcUL2rUoYBlMZ4=
Subject key identifier: 4D:F6:47:8E:66:24:9D:1C:14:E8:4A:D4:7B:FC:18:52:52:B6:74:F9
Certificate issuer: /CN=db7e1770a3804c74b9f12cb9b6fa70396de9329f
Certificate serial: 019425219F53F0C415923BF77DD86AE7CFCB
Authority key identifier: DB:7E:17:70:A3:80:4C:74:B9:F1:2C:B9:B6:FA:70:39:6D:E9:32:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/234XcKOATHS58Sy5tvpwOW3pMp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/d1130e-e07f-49ba-bef4-6c767b92c9a5/1/TfZHjmYknRwU6ErUe_wYUlK2dPk.roa
Signing time: Thu 02 Jan 2025 03:49:08 +0000
ROA not before: Thu 02 Jan 2025 03:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48882
IP address blocks: 91.242.208.0/24 maxlen: 24
91.242.209.0/24 maxlen: 24
91.242.210.0/24 maxlen: 24
91.242.211.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:9f:53:f0:c4:15:92:3b:f7:7d:d8:6a:e7:cf:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db7e1770a3804c74b9f12cb9b6fa70396de9329f
Validity
Not Before: Jan 2 03:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4df6478e66249d1c14e84ad47bfc185252b674f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:00:9b:d6:3a:5a:5c:37:8e:26:cd:18:e7:a1:
e3:b0:4a:89:0f:2f:66:07:4d:e2:e0:34:db:a0:a9:
cd:d8:45:dd:23:bb:09:1c:21:26:1d:c3:e1:de:c5:
a8:43:0e:67:f2:ef:ba:24:7c:4e:56:a2:d6:35:26:
b2:54:2e:51:c2:04:16:82:66:bc:cd:fe:0a:26:45:
ca:fa:f9:e2:8f:31:3c:2b:06:60:73:65:c1:33:78:
70:be:e8:41:4e:07:b1:fa:2a:d0:ad:98:ca:a4:81:
41:b4:d6:cb:65:66:62:7c:e1:4f:f8:3c:46:7d:e3:
5d:ec:28:11:a8:7d:36:87:18:86:d0:bc:c0:9e:05:
f2:ba:1a:b9:e7:72:66:70:c6:33:14:35:1e:51:aa:
75:b7:5b:b7:b6:d0:c0:33:f7:39:fa:e9:70:f8:52:
e7:4e:a9:21:9f:71:9a:20:d0:0d:e2:f1:f0:a0:07:
9f:e8:1a:8f:d8:00:7c:5e:42:74:25:3d:2a:03:d1:
67:7c:98:07:68:8a:71:ba:d3:6c:94:e6:1f:cd:27:
dc:b8:cc:f5:93:9d:0a:35:82:23:17:52:0b:a0:57:
99:23:3f:71:4a:4b:2b:eb:37:16:98:24:08:cc:2d:
42:72:ab:cb:75:4f:70:de:eb:8f:d3:66:ed:7e:14:
bf:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:F6:47:8E:66:24:9D:1C:14:E8:4A:D4:7B:FC:18:52:52:B6:74:F9
X509v3 Authority Key Identifier:
keyid:DB:7E:17:70:A3:80:4C:74:B9:F1:2C:B9:B6:FA:70:39:6D:E9:32:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/234XcKOATHS58Sy5tvpwOW3pMp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d1130e-e07f-49ba-bef4-6c767b92c9a5/1/TfZHjmYknRwU6ErUe_wYUlK2dPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d1130e-e07f-49ba-bef4-6c767b92c9a5/1/234XcKOATHS58Sy5tvpwOW3pMp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.208.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:5b:14:1f:19:4d:eb:58:0f:7b:56:30:ca:ef:fb:b5:81:89:
e2:cd:26:38:90:ea:19:ab:e1:bb:6f:a1:ff:63:4b:59:85:16:
b4:cf:83:d1:a5:2d:f6:22:a5:b1:c4:25:63:de:42:fe:fc:93:
91:2f:c8:fe:65:b2:b3:4e:d5:14:24:1e:68:72:3d:25:28:3f:
fc:7e:d6:fd:7a:f5:36:93:a3:60:5d:d7:3b:05:e2:dd:57:2f:
05:a2:62:cb:f5:72:79:68:07:1d:7e:f6:b4:69:06:e3:76:3b:
28:25:01:ec:f2:54:49:39:e8:a1:ae:20:bd:1c:63:3d:66:1b:
29:3c:73:75:93:c2:e5:6e:6f:bd:e3:5f:a6:45:e1:51:51:6c:
af:11:1d:ad:a3:23:4b:1c:71:65:2f:86:5c:8c:cc:80:c0:71:
1c:fd:25:a6:71:8e:1d:91:ba:0f:3e:ba:fc:48:95:37:34:8f:
f2:cd:cb:52:77:69:bb:c0:cd:f4:e7:3c:dc:50:1a:48:6c:19:
ef:02:0e:70:65:86:1f:de:c9:f5:0c:6c:b8:62:62:ec:fa:94:
73:0e:ce:2c:02:38:7c:ec:c1:ec:2d:e2:7f:32:8e:7c:aa:f7:
2e:56:5c:72:3d:e5:01:86:16:38:fa:16:e7:70:4e:c9:60:11:
a7:67:0a:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIZ9T8MQVkjv3fdhq58/LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiN2UxNzcwYTM4MDRjNzRiOWYxMmNiOWI2ZmE3MDM5NmRl
OTMyOWYwHhcNMjUwMTAyMDM0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGY2NDc4ZTY2MjQ5ZDFjMTRlODRhZDQ3YmZjMTg1MjUyYjY3NGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgCb1jpaXDeOJs0Y56HjsEqJDy9m
B03i4DTboKnN2EXdI7sJHCEmHcPh3sWoQw5n8u+6JHxOVqLWNSayVC5RwgQWgma8
zf4KJkXK+vnijzE8KwZgc2XBM3hwvuhBTgex+irQrZjKpIFBtNbLZWZifOFP+DxG
feNd7CgRqH02hxiG0LzAngXyuhq553JmcMYzFDUeUap1t1u3ttDAM/c5+ulw+FLn
Tqkhn3GaINAN4vHwoAef6BqP2AB8XkJ0JT0qA9FnfJgHaIpxutNslOYfzSfcuMz1
k50KNYIjF1ILoFeZIz9xSksr6zcWmCQIzC1CcqvLdU9w3uuP02btfhS/6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE32R45mJJ0cFOhK1Hv8GFJStnT5MB8GA1UdIwQY
MBaAFNt+F3CjgEx0ufEsubb6cDlt6TKfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjM0WGNLT0FUSFM1OFN5NXR2cHdPVzNwTXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9kMTEzMGUtZTA3Zi00OWJhLWJlZjQt
NmM3NjdiOTJjOWE1LzEvVGZaSGptWWtuUndVNkVyVWVfd1lVbEsyZFBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9kMTEzMGUtZTA3Zi00OWJhLWJlZjQtNmM3NjdiOTJjOWE1
LzEvMjM0WGNLT0FUSFM1OFN5NXR2cHdPVzNwTXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW/LQMA0G
CSqGSIb3DQEBCwUAA4IBAQCiWxQfGU3rWA97VjDK7/u1gYnizSY4kOoZq+G7b6H/
Y0tZhRa0z4PRpS32IqWxxCVj3kL+/JORL8j+ZbKzTtUUJB5ocj0lKD/8ftb9evU2
k6NgXdc7BeLdVy8FomLL9XJ5aAcdfva0aQbjdjsoJQHs8lRJOeihriC9HGM9Zhsp
PHN1k8Llbm+941+mReFRUWyvER2toyNLHHFlL4ZcjMyAwHEc/SWmcY4dkboPPrr8
SJU3NI/yzctSd2m7wM305zzcUBpIbBnvAg5wZYYf3sn1DGy4YmLs+pRzDs4sAjh8
7MHsLeJ/Mo58qvcuVlxyPeUBhhY4+hbncE7JYBGnZwo2
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:50:01 2025 by rpki-client