Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/pLK7-mZXJstNxcxjt9sS_pyvO7E.roa
File: pLK7-mZXJstNxcxjt9sS_pyvO7E.roa (raw, json)
Hash identifier: l2czXwxJ/GmxKDcG6MEQVwlIdyFg6kzSfJH9MRzPVAY=
Subject key identifier: A4:B2:BB:FA:66:57:26:CB:4D:C5:CC:63:B7:DB:12:FE:9C:AF:3B:B1
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 019427B67DEBBA6E19342537F9C38C8D1495
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/pLK7-mZXJstNxcxjt9sS_pyvO7E.roa
Signing time: Thu 02 Jan 2025 15:50:58 +0000
ROA not before: Thu 02 Jan 2025 15:50:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58000
IP address blocks: 91.237.182.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:7d:eb:ba:6e:19:34:25:37:f9:c3:8c:8d:14:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Jan 2 15:50:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4b2bbfa665726cb4dc5cc63b7db12fe9caf3bb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:3a:1c:69:64:a0:16:34:e7:55:5e:fb:e2:55:
08:d9:81:ba:9d:bf:c6:55:b0:7b:3b:93:d8:38:21:
54:8e:85:41:1f:35:36:bc:c1:66:e2:98:71:4b:24:
12:cc:fd:96:6a:9e:6a:d5:76:35:bd:e3:fd:15:c5:
7e:40:60:64:ad:eb:f8:f1:d3:2e:f8:3e:17:41:03:
40:45:3f:06:5b:0c:a0:28:31:a0:ef:48:00:74:3b:
ef:3d:d0:b4:45:46:cf:34:fe:0d:3d:a4:2c:69:b9:
9d:34:c2:6c:38:79:a8:e7:1e:2f:2e:f1:89:69:bc:
ff:77:01:5b:5b:45:90:20:0c:90:18:c5:75:ce:5c:
fb:03:89:79:d7:84:cc:69:8a:27:06:20:42:be:88:
ac:e7:f2:29:9e:63:c7:a1:47:1c:0a:18:23:9a:16:
19:a0:8d:a7:6b:a3:46:d2:cc:26:19:71:2d:88:9e:
fa:ff:a8:7a:6b:b7:2e:f3:b4:ef:e7:61:dd:63:88:
7b:51:ba:ff:1b:81:71:6f:4b:5a:a2:10:1f:46:44:
65:52:64:4f:e6:78:59:a0:82:96:5b:15:96:d8:70:
c8:e6:28:eb:5b:27:b5:c2:8c:6b:18:2d:a0:25:f4:
e3:b5:20:bb:f2:0f:65:75:79:15:70:ca:5f:01:7e:
f2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:B2:BB:FA:66:57:26:CB:4D:C5:CC:63:B7:DB:12:FE:9C:AF:3B:B1
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/pLK7-mZXJstNxcxjt9sS_pyvO7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.182.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:29:5f:ac:9b:88:68:fd:39:63:80:20:e5:6d:7d:f7:0d:14:
cc:42:78:9e:2b:cc:ad:3c:a1:f6:d0:3a:c7:cf:0a:12:43:25:
91:37:24:b3:5b:24:db:5a:02:81:39:26:c0:b5:9f:77:b1:39:
14:f8:95:94:c2:91:a2:b0:6e:2b:95:1f:10:38:1c:8d:73:69:
4c:8f:bc:d1:70:5c:7f:58:bf:5f:76:f8:99:49:dd:b1:07:2a:
4e:fe:5a:af:2f:00:29:6b:a8:7b:d0:0e:22:af:4e:de:f4:aa:
b9:52:ca:fd:fa:48:5d:62:2a:20:09:ec:1e:cf:ab:27:8c:44:
bf:a8:ba:db:5b:8f:b5:77:b9:5c:2b:70:05:b1:44:8f:ce:15:
11:c4:ed:2e:63:1d:f1:20:59:39:b4:4b:c1:d5:c0:aa:a8:b2:
c4:5d:e6:4b:7a:7c:f0:1e:ce:3a:dc:e0:bd:ac:61:77:a8:55:
b7:bd:38:74:8b:ee:31:5d:bb:6a:de:bc:b3:48:bd:2e:38:db:
20:70:0b:2b:27:44:4a:6c:fc:a9:ee:01:fa:bc:ba:bf:e9:72:
f9:34:c4:4b:85:d8:42:b8:02:4b:cd:62:b1:52:8f:da:21:27:
f5:2f:1a:74:f9:74:b8:4a:47:cc:f8:ba:f2:bd:82:b5:c8:7b:
dc:8f:02:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntn3rum4ZNCU3+cOMjRSVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjUwMTAyMTU1MDU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGIyYmJmYTY2NTcyNmNiNGRjNWNjNjNiN2RiMTJmZTljYWYzYmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzocaWSgFjTnVV774lUI2YG6nb/G
VbB7O5PYOCFUjoVBHzU2vMFm4phxSyQSzP2Wap5q1XY1veP9FcV+QGBkrev48dMu
+D4XQQNART8GWwygKDGg70gAdDvvPdC0RUbPNP4NPaQsabmdNMJsOHmo5x4vLvGJ
abz/dwFbW0WQIAyQGMV1zlz7A4l514TMaYonBiBCvois5/IpnmPHoUccChgjmhYZ
oI2na6NG0swmGXEtiJ76/6h6a7cu87Tv52HdY4h7Ubr/G4Fxb0taohAfRkRlUmRP
5nhZoIKWWxWW2HDI5ijrWye1woxrGC2gJfTjtSC78g9ldXkVcMpfAX7ySwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKSyu/pmVybLTcXMY7fbEv6crzuxMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvcExLNy1tWlhKc3ROeGN4anQ5c1NfcHl2TzdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+22MA0G
CSqGSIb3DQEBCwUAA4IBAQB6KV+sm4ho/TljgCDlbX33DRTMQnieK8ytPKH20DrH
zwoSQyWRNySzWyTbWgKBOSbAtZ93sTkU+JWUwpGisG4rlR8QOByNc2lMj7zRcFx/
WL9fdviZSd2xBypO/lqvLwApa6h70A4ir07e9Kq5Usr9+khdYiogCewez6snjES/
qLrbW4+1d7lcK3AFsUSPzhURxO0uYx3xIFk5tEvB1cCqqLLEXeZLenzwHs463OC9
rGF3qFW3vTh0i+4xXbtq3ryzSL0uONsgcAsrJ0RKbPyp7gH6vLq/6XL5NMRLhdhC
uAJLzWKxUo/aISf1Lxp0+XS4SkfM+LryvYK1yHvcjwJF
-----END CERTIFICATE-----
Generated at Fri Apr 25 21:16:27 2025 by rpki-client