Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/ffd6bf-3857-403a-9459-27c9fd0eb80a/1/VPF38YS6rLimkM4zY183xfoNoGE.roa
File: VPF38YS6rLimkM4zY183xfoNoGE.roa (raw, json)
Hash identifier: phKw+oC85PdAtFx6EDFn4WZQNpPP6gScqEepQbo17Ck=
Subject key identifier: 54:F1:77:F1:84:BA:AC:B8:A6:90:CE:33:63:5F:37:C5:FA:0D:A0:61
Certificate issuer: /CN=8cc872f2c17827d0b170a21b953923f01e1ffa37
Certificate serial: 018572031A5AF0E79BD195C63CD40DC8F466
Authority key identifier: 8C:C8:72:F2:C1:78:27:D0:B1:70:A2:1B:95:39:23:F0:1E:1F:FA:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jMhy8sF4J9CxcKIblTkj8B4f-jc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/ffd6bf-3857-403a-9459-27c9fd0eb80a/1/VPF38YS6rLimkM4zY183xfoNoGE.roa
Signing time: Mon 02 Jan 2023 10:24:43 +0000
ROA not before: Mon 02 Jan 2023 10:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12672
IP address blocks: 91.216.152.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:1a:5a:f0:e7:9b:d1:95:c6:3c:d4:0d:c8:f4:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cc872f2c17827d0b170a21b953923f01e1ffa37
Validity
Not Before: Jan 2 10:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54f177f184baacb8a690ce33635f37c5fa0da061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:63:c1:f7:6a:ea:77:e1:88:c6:5b:fe:a2:f8:
ba:e3:82:fc:1a:ed:63:66:9b:ee:1f:0a:f5:9a:5b:
e0:21:7d:f3:47:f9:cc:50:65:e4:08:56:82:ed:37:
84:2d:54:1a:ea:73:94:b5:01:21:97:0a:b1:de:29:
82:a3:22:8b:d5:8f:80:c6:70:e2:31:28:f4:8e:29:
94:f5:3d:e4:ab:ad:f4:24:34:81:51:23:82:80:89:
fc:bc:df:b9:14:d8:7c:a6:3b:be:5f:8e:91:f4:92:
8f:41:b2:1c:8c:81:9e:eb:e1:4a:4e:56:91:4b:b3:
52:c7:45:0e:a9:c1:11:7c:f1:95:0a:17:a5:1e:9b:
0a:c1:e1:ac:0f:13:f1:9b:30:56:fa:08:40:68:5d:
b5:6b:6a:ee:10:0f:19:48:31:b4:b4:60:f4:ba:58:
cd:ae:e1:00:1a:c7:08:de:c7:b4:0d:47:a4:15:65:
79:65:51:ec:9b:0c:54:39:77:26:c3:5c:d7:0a:f1:
3f:0a:13:f7:3f:ce:f7:e2:48:54:81:fe:09:19:e0:
b7:68:52:1c:1c:fc:12:39:6f:4c:1f:a0:b3:c4:32:
7b:f6:62:8a:7a:d4:67:8e:2b:c2:cf:2d:90:51:28:
f2:f4:3f:7d:88:b1:f0:b6:4c:09:88:71:ec:37:ed:
64:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:F1:77:F1:84:BA:AC:B8:A6:90:CE:33:63:5F:37:C5:FA:0D:A0:61
X509v3 Authority Key Identifier:
keyid:8C:C8:72:F2:C1:78:27:D0:B1:70:A2:1B:95:39:23:F0:1E:1F:FA:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jMhy8sF4J9CxcKIblTkj8B4f-jc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/ffd6bf-3857-403a-9459-27c9fd0eb80a/1/VPF38YS6rLimkM4zY183xfoNoGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/ffd6bf-3857-403a-9459-27c9fd0eb80a/1/jMhy8sF4J9CxcKIblTkj8B4f-jc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.152.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:81:92:6e:e7:64:19:09:51:a6:58:53:bb:27:ec:8c:da:10:
b4:b4:ee:53:74:89:b4:3f:cc:33:65:d1:7b:a9:62:fa:72:dc:
a9:c4:66:64:81:9c:fd:78:16:6e:6b:79:1c:9f:53:c1:dc:49:
77:2b:38:4a:d5:7f:4a:cd:bc:a5:84:1f:8c:51:98:30:d3:23:
1c:79:1f:ce:38:d5:03:34:9d:6a:97:d4:da:5b:2e:f8:80:93:
c0:70:71:85:75:74:03:77:e2:56:3e:c4:d0:b1:10:d6:e9:32:
42:22:b3:47:f0:9f:6a:f0:56:03:5c:ab:5f:bc:cd:11:4a:87:
cd:35:fe:5d:a7:5d:59:bb:bd:b4:e2:03:ff:81:e3:4c:ce:c2:
83:ef:f1:82:7e:cd:7c:7b:af:ae:c0:6e:af:d3:ea:ad:7c:fe:
aa:35:74:76:43:81:9e:46:d7:ec:d9:70:19:08:c0:4c:ae:2e:
52:f5:e1:bc:10:8b:39:65:1c:51:23:33:be:63:b8:66:2f:c9:
8d:e7:dd:c2:c3:27:3c:37:83:74:9e:e3:76:d6:31:71:42:b6:
bc:3c:39:38:ab:5b:b4:4b:17:27:18:e1:2b:0f:ce:7c:ad:67:
e3:05:a7:fb:94:2d:24:86:0c:1b:45:08:59:7e:97:a6:17:9a:
7b:ca:88:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyAxpa8Oeb0ZXGPNQNyPRmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjYzg3MmYyYzE3ODI3ZDBiMTcwYTIxYjk1MzkyM2YwMWUx
ZmZhMzcwHhcNMjMwMTAyMTAyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGYxNzdmMTg0YmFhY2I4YTY5MGNlMzM2MzVmMzdjNWZhMGRhMDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2PB92rqd+GIxlv+ovi644L8Gu1j
ZpvuHwr1mlvgIX3zR/nMUGXkCFaC7TeELVQa6nOUtQEhlwqx3imCoyKL1Y+AxnDi
MSj0jimU9T3kq630JDSBUSOCgIn8vN+5FNh8pju+X46R9JKPQbIcjIGe6+FKTlaR
S7NSx0UOqcERfPGVChelHpsKweGsDxPxmzBW+ghAaF21a2ruEA8ZSDG0tGD0uljN
ruEAGscI3se0DUekFWV5ZVHsmwxUOXcmw1zXCvE/ChP3P8734khUgf4JGeC3aFIc
HPwSOW9MH6CzxDJ79mKKetRnjivCzy2QUSjy9D99iLHwtkwJiHHsN+1kDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFTxd/GEuqy4ppDOM2NfN8X6DaBhMB8GA1UdIwQY
MBaAFIzIcvLBeCfQsXCiG5U5I/AeH/o3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak1oeThzRjRKOUN4Y0tJYmxUa2o4QjRmLWpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9mZmQ2YmYtMzg1Ny00MDNhLTk0NTkt
MjdjOWZkMGViODBhLzEvVlBGMzhZUzZyTGlta000elkxODN4Zm9Ob0dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9mZmQ2YmYtMzg1Ny00MDNhLTk0NTktMjdjOWZkMGViODBh
LzEvak1oeThzRjRKOUN4Y0tJYmxUa2o4QjRmLWpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9iYMA0G
CSqGSIb3DQEBCwUAA4IBAQBbgZJu52QZCVGmWFO7J+yM2hC0tO5TdIm0P8wzZdF7
qWL6ctypxGZkgZz9eBZua3kcn1PB3El3KzhK1X9KzbylhB+MUZgw0yMceR/OONUD
NJ1ql9TaWy74gJPAcHGFdXQDd+JWPsTQsRDW6TJCIrNH8J9q8FYDXKtfvM0RSofN
Nf5dp11Zu7204gP/geNMzsKD7/GCfs18e6+uwG6v0+qtfP6qNXR2Q4GeRtfs2XAZ
CMBMri5S9eG8EIs5ZRxRIzO+Y7hmL8mN593Cwyc8N4N0nuN21jFxQra8PDk4q1u0
SxcnGOErD858rWfjBaf7lC0khgwbRQhZfpemF5p7yogu
-----END CERTIFICATE-----
Generated at Fri May 2 17:50:42 2025 by rpki-client