Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/9cfa5f-5d2d-4be4-a80d-7d0ee2e990f5/1/lvOtY--5ta_q9u7-uCq8vanMR-o.roa
File: lvOtY--5ta_q9u7-uCq8vanMR-o.roa (raw, json)
Hash identifier: IsaauvQSGX/KNFnK0CxHU+He7cfzl6r9rUGogp/cJBI=
Subject key identifier: 96:F3:AD:63:EF:B9:B5:AF:EA:F6:EE:FE:B8:2A:BC:BD:A9:CC:47:EA
Certificate issuer: /CN=5c4fc1e4defc471c9fdb7fdadb9895563daf999c
Certificate serial: 0194274865DD7434750A08F18467210DA7E8
Authority key identifier: 5C:4F:C1:E4:DE:FC:47:1C:9F:DB:7F:DA:DB:98:95:56:3D:AF:99:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XE_B5N78Rxyf23_a25iVVj2vmZw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/9cfa5f-5d2d-4be4-a80d-7d0ee2e990f5/1/lvOtY--5ta_q9u7-uCq8vanMR-o.roa
Signing time: Thu 02 Jan 2025 13:50:43 +0000
ROA not before: Thu 02 Jan 2025 13:50:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44352
IP address blocks: 91.199.93.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:65:dd:74:34:75:0a:08:f1:84:67:21:0d:a7:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c4fc1e4defc471c9fdb7fdadb9895563daf999c
Validity
Not Before: Jan 2 13:50:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96f3ad63efb9b5afeaf6eefeb82abcbda9cc47ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:73:6b:ab:72:f0:61:6a:b4:2f:ab:a1:68:a2:
13:aa:f8:8c:cf:30:28:ce:1c:b6:ca:7c:87:8e:8f:
5b:57:46:17:ca:7a:5c:48:1f:c7:c8:f5:ee:f9:cb:
c0:36:d8:62:de:b2:f5:92:74:0f:19:65:c8:e7:8d:
24:ce:f9:24:b8:ed:70:93:af:94:24:81:08:72:5c:
43:bd:97:7e:3b:04:1d:87:44:fa:f3:b3:c5:61:c8:
54:df:54:2a:5d:d5:4c:1f:7c:a2:25:30:23:4c:d4:
25:ae:53:a8:96:09:58:05:34:1b:11:e3:e2:b1:be:
b4:df:9b:e7:b0:e0:fb:d1:8e:7f:af:9b:24:e7:a9:
0b:ef:a7:cd:61:af:26:ae:35:e1:e3:4c:d9:85:2f:
83:ae:dc:24:89:dd:f4:3c:e6:8f:8d:a4:83:41:13:
ba:4d:96:94:21:59:bb:cf:7b:d2:91:24:34:0f:30:
ed:33:1e:7d:5a:71:93:5b:84:c3:62:1d:33:2e:0e:
4d:ac:74:c1:b6:a5:53:88:0e:0f:c6:20:7e:96:a8:
27:ee:ac:c2:aa:d9:28:cb:a4:95:67:48:b7:95:ad:
06:8e:30:b6:a1:39:fe:76:7e:a9:fa:b7:47:de:db:
46:f2:ef:9f:d2:67:4a:7f:28:0d:17:d5:bb:46:9f:
00:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:F3:AD:63:EF:B9:B5:AF:EA:F6:EE:FE:B8:2A:BC:BD:A9:CC:47:EA
X509v3 Authority Key Identifier:
keyid:5C:4F:C1:E4:DE:FC:47:1C:9F:DB:7F:DA:DB:98:95:56:3D:AF:99:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XE_B5N78Rxyf23_a25iVVj2vmZw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9cfa5f-5d2d-4be4-a80d-7d0ee2e990f5/1/lvOtY--5ta_q9u7-uCq8vanMR-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9cfa5f-5d2d-4be4-a80d-7d0ee2e990f5/1/XE_B5N78Rxyf23_a25iVVj2vmZw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.93.0/24
Signature Algorithm: sha256WithRSAEncryption
54:ca:e7:18:b5:ed:64:09:64:7d:71:fa:3e:03:22:35:b6:2d:
93:40:cc:f6:87:0c:64:5a:bb:9c:e1:7b:7b:9b:ab:22:76:ae:
df:1f:e5:fa:7d:1a:e4:40:1d:0c:3f:f6:a3:01:36:e7:1d:73:
94:f3:e4:30:20:c2:d2:f2:c0:8a:d1:f7:85:40:d5:50:b5:a9:
bb:db:89:a3:f0:bb:da:f3:5b:32:aa:c1:50:54:ee:61:9f:e6:
3c:f0:b8:14:93:b3:55:d8:eb:b0:6d:a7:d7:dd:1b:3c:43:7c:
7e:5d:1e:78:e4:c5:1b:a5:68:47:4e:0a:4f:bc:0a:2d:49:70:
60:fa:97:b8:36:12:51:f5:b7:88:2d:94:67:de:a2:bd:f9:12:
2d:ed:94:32:0e:c7:37:2b:ab:b7:c3:7f:43:d2:19:bf:9d:b2:
f6:49:e0:f4:89:ce:ea:21:46:e7:a6:98:d5:94:af:c6:cf:c6:
08:74:81:e0:ba:13:0d:23:1f:78:17:81:00:6d:ba:28:75:ef:
37:ea:1d:9a:03:4f:8e:9c:58:46:58:91:4e:ec:1d:3f:a8:03:
50:b7:51:31:49:4e:d9:02:4f:4e:7e:6f:be:52:a3:e5:6a:bb:
4b:5e:74:de:d2:4a:85:71:0f:c9:77:cb:78:ba:ff:b4:e6:64:
27:da:26:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSGXddDR1CgjxhGchDafoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNGZjMWU0ZGVmYzQ3MWM5ZmRiN2ZkYWRiOTg5NTU2M2Rh
Zjk5OWMwHhcNMjUwMTAyMTM1MDQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmYzYWQ2M2VmYjliNWFmZWFmNmVlZmViODJhYmNiZGE5Y2M0N2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHNrq3LwYWq0L6uhaKITqviMzzAo
zhy2ynyHjo9bV0YXynpcSB/HyPXu+cvANthi3rL1knQPGWXI540kzvkkuO1wk6+U
JIEIclxDvZd+OwQdh0T687PFYchU31QqXdVMH3yiJTAjTNQlrlOolglYBTQbEePi
sb6035vnsOD70Y5/r5sk56kL76fNYa8mrjXh40zZhS+Drtwkid30POaPjaSDQRO6
TZaUIVm7z3vSkSQ0DzDtMx59WnGTW4TDYh0zLg5NrHTBtqVTiA4PxiB+lqgn7qzC
qtkoy6SVZ0i3la0GjjC2oTn+dn6p+rdH3ttG8u+f0mdKfygNF9W7Rp8AUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJbzrWPvubWv6vbu/rgqvL2pzEfqMB8GA1UdIwQY
MBaAFFxPweTe/Eccn9t/2tuYlVY9r5mcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEVfQjVONzhSeHlmMjNfYTI1aVZWajJ2bVp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy85Y2ZhNWYtNWQyZC00YmU0LWE4MGQt
N2QwZWUyZTk5MGY1LzEvbHZPdFktLTV0YV9xOXU3LXVDcTh2YW5NUi1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy85Y2ZhNWYtNWQyZC00YmU0LWE4MGQtN2QwZWUyZTk5MGY1
LzEvWEVfQjVONzhSeHlmMjNfYTI1aVZWajJ2bVp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8ddMA0G
CSqGSIb3DQEBCwUAA4IBAQBUyucYte1kCWR9cfo+AyI1ti2TQMz2hwxkWruc4Xt7
m6sidq7fH+X6fRrkQB0MP/ajATbnHXOU8+QwIMLS8sCK0feFQNVQtam724mj8Lva
81syqsFQVO5hn+Y88LgUk7NV2OuwbafX3Rs8Q3x+XR545MUbpWhHTgpPvAotSXBg
+pe4NhJR9beILZRn3qK9+RIt7ZQyDsc3K6u3w39D0hm/nbL2SeD0ic7qIUbnppjV
lK/Gz8YIdIHguhMNIx94F4EAbboode836h2aA0+OnFhGWJFO7B0/qANQt1ExSU7Z
Ak9Ofm++UqPlartLXnTe0kqFcQ/Jd8t4uv+05mQn2iYJ
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:07 2025 by rpki-client on console.sobornost.net