Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f5b954-65b9-437a-b499-9c28e1cd197e/1/nPal1OrfDzhstqt0PXOgopyom5E.roa
File: nPal1OrfDzhstqt0PXOgopyom5E.roa (raw, json)
Hash identifier: TzihN0dEMD2qoUHlyZDsW+PWn1KeKFjxVu245RQ5HF0=
Subject key identifier: 9C:F6:A5:D4:EA:DF:0F:38:6C:B6:AB:74:3D:73:A0:A2:9C:A8:9B:91
Certificate issuer: /CN=3d3257a4cc2d989b3126d8b2cfdbbc2015e08bb4
Certificate serial: 01856E78D1A902EFA1F76400ADD6C8055AA4
Authority key identifier: 3D:32:57:A4:CC:2D:98:9B:31:26:D8:B2:CF:DB:BC:20:15:E0:8B:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PTJXpMwtmJsxJtiyz9u8IBXgi7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f5b954-65b9-437a-b499-9c28e1cd197e/1/nPal1OrfDzhstqt0PXOgopyom5E.roa
Signing time: Sun 01 Jan 2023 17:54:49 +0000
ROA not before: Sun 01 Jan 2023 17:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 91.230.237.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:d1:a9:02:ef:a1:f7:64:00:ad:d6:c8:05:5a:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d3257a4cc2d989b3126d8b2cfdbbc2015e08bb4
Validity
Not Before: Jan 1 17:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9cf6a5d4eadf0f386cb6ab743d73a0a29ca89b91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:73:58:20:f9:80:e1:60:0d:30:b1:3a:1a:2c:
d5:8d:17:00:00:36:95:19:aa:9b:52:a8:5a:fe:df:
1f:67:af:10:dc:65:ba:93:15:86:02:b7:92:ee:a2:
35:b2:0c:0f:2c:04:c6:e9:80:cf:5f:db:c3:bc:5a:
e7:69:a5:b2:fa:73:f2:08:dd:a5:ba:82:d5:24:22:
4d:5f:6d:f9:9d:81:0b:5a:7e:bb:fe:8c:0b:ce:2f:
f4:a3:63:93:78:11:66:69:d0:a5:7a:55:82:ab:2b:
07:b0:ed:95:e3:3a:b9:26:e8:ea:ad:83:ab:cd:8a:
bd:62:02:a7:97:75:7e:4a:93:18:d8:f1:c9:f2:bd:
e2:49:60:75:6b:3c:cb:dd:1b:d2:86:e5:dc:66:fc:
05:83:59:6a:f0:57:f7:42:20:57:aa:c4:93:43:b3:
36:d2:a3:eb:66:2f:04:b1:ee:e0:db:81:f9:61:51:
83:6f:4f:8e:85:4f:f0:65:b8:ae:75:11:73:ec:18:
77:08:71:9a:81:81:24:94:06:29:1c:4e:ab:34:66:
80:ab:ff:3d:ee:8a:16:e1:f9:b2:84:94:9b:35:8a:
53:ce:50:ff:d4:3f:7c:61:36:b6:9a:5b:4a:17:a7:
b5:fe:06:15:5f:fa:9a:8c:8c:2e:af:d7:8f:92:61:
50:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:F6:A5:D4:EA:DF:0F:38:6C:B6:AB:74:3D:73:A0:A2:9C:A8:9B:91
X509v3 Authority Key Identifier:
keyid:3D:32:57:A4:CC:2D:98:9B:31:26:D8:B2:CF:DB:BC:20:15:E0:8B:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PTJXpMwtmJsxJtiyz9u8IBXgi7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f5b954-65b9-437a-b499-9c28e1cd197e/1/nPal1OrfDzhstqt0PXOgopyom5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f5b954-65b9-437a-b499-9c28e1cd197e/1/PTJXpMwtmJsxJtiyz9u8IBXgi7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.237.0/24
Signature Algorithm: sha256WithRSAEncryption
74:b0:bd:79:0d:e4:93:fe:ed:68:aa:20:91:ad:12:75:4e:9f:
2a:33:25:98:73:83:b5:ef:e4:5c:3b:b8:4c:12:02:b4:24:ad:
37:e3:17:72:da:28:d4:02:7e:34:a2:34:90:47:ac:43:07:c3:
56:c1:bb:a2:d8:54:59:9c:31:2c:06:0c:a5:d8:47:92:34:ce:
b4:f4:4d:0a:ae:0c:fa:68:98:66:06:5f:de:b1:90:64:cf:d6:
92:c7:db:01:1e:73:eb:45:bb:1c:b6:db:c6:bb:0f:46:2b:63:
d3:76:e8:4d:4e:8d:87:fc:8e:45:56:6a:d1:ab:b7:91:bc:c3:
9b:40:fd:4c:98:c6:28:58:f7:c1:32:87:b2:0a:f9:e6:09:3a:
a5:0c:ca:84:ba:dd:c2:29:02:73:0d:12:62:56:97:82:76:81:
44:e0:98:fa:a7:24:50:9d:a2:cc:ae:e5:b6:68:1a:59:12:01:
b0:0e:77:01:77:46:aa:8c:f6:08:02:16:50:06:9f:3f:48:1e:
ce:38:bf:a6:30:08:20:3d:3f:2e:2e:8f:53:da:00:11:ec:0d:
a9:7b:f3:e4:92:0c:43:6b:7d:e0:5f:52:9a:5f:88:c2:4c:37:
31:47:da:50:6e:81:a7:dc:73:ba:8b:fe:f7:7e:35:d9:4c:48:
b8:35:11:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVueNGpAu+h92QArdbIBVqkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMzI1N2E0Y2MyZDk4OWIzMTI2ZDhiMmNmZGJiYzIwMTVl
MDhiYjQwHhcNMjMwMTAxMTc1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2Y2YTVkNGVhZGYwZjM4NmNiNmFiNzQzZDczYTBhMjljYTg5YjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2HNYIPmA4WANMLE6GizVjRcAADaV
GaqbUqha/t8fZ68Q3GW6kxWGAreS7qI1sgwPLATG6YDPX9vDvFrnaaWy+nPyCN2l
uoLVJCJNX235nYELWn67/owLzi/0o2OTeBFmadClelWCqysHsO2V4zq5JujqrYOr
zYq9YgKnl3V+SpMY2PHJ8r3iSWB1azzL3RvShuXcZvwFg1lq8Ff3QiBXqsSTQ7M2
0qPrZi8Ese7g24H5YVGDb0+OhU/wZbiudRFz7Bh3CHGagYEklAYpHE6rNGaAq/89
7ooW4fmyhJSbNYpTzlD/1D98YTa2mltKF6e1/gYVX/qajIwur9ePkmFQ1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJz2pdTq3w84bLardD1zoKKcqJuRMB8GA1UdIwQY
MBaAFD0yV6TMLZibMSbYss/bvCAV4Iu0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFRKWHBNd3RtSnN4SnRpeXo5dThJQlhnaTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mNWI5NTQtNjViOS00MzdhLWI0OTkt
OWMyOGUxY2QxOTdlLzEvblBhbDFPcmZEemhzdHF0MFBYT2dvcHlvbTVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mNWI5NTQtNjViOS00MzdhLWI0OTktOWMyOGUxY2QxOTdl
LzEvUFRKWHBNd3RtSnN4SnRpeXo5dThJQlhnaTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+btMA0G
CSqGSIb3DQEBCwUAA4IBAQB0sL15DeST/u1oqiCRrRJ1Tp8qMyWYc4O17+RcO7hM
EgK0JK034xdy2ijUAn40ojSQR6xDB8NWwbui2FRZnDEsBgyl2EeSNM609E0Krgz6
aJhmBl/esZBkz9aSx9sBHnPrRbscttvGuw9GK2PTduhNTo2H/I5FVmrRq7eRvMOb
QP1MmMYoWPfBMoeyCvnmCTqlDMqEut3CKQJzDRJiVpeCdoFE4Jj6pyRQnaLMruW2
aBpZEgGwDncBd0aqjPYIAhZQBp8/SB7OOL+mMAggPT8uLo9T2gAR7A2pe/PkkgxD
a33gX1KaX4jCTDcxR9pQboGn3HO6i/73fjXZTEi4NREV
-----END CERTIFICATE-----
Generated at Mon Jun 16 22:13:31 2025 by rpki-client