Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/25tYslZGbXZsP7m7iJZii2v5ey4.roa
File: 25tYslZGbXZsP7m7iJZii2v5ey4.roa (raw, json)
Hash identifier: vtOBHrOqdzcOkdqKhOo4UDrWaWvCXZEDyGLo0Ex/wY0=
Subject key identifier: DB:9B:58:B2:56:46:6D:76:6C:3F:B9:BB:88:96:62:8B:6B:F9:7B:2E
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019424B2F2A942708B6F6910D6998D20FEAA
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/25tYslZGbXZsP7m7iJZii2v5ey4.roa
Signing time: Thu 02 Jan 2025 01:48:14 +0000
ROA not before: Thu 02 Jan 2025 01:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54339
IP address blocks: 91.190.63.0/24 maxlen: 24
159.148.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:f2:a9:42:70:8b:6f:69:10:d6:99:8d:20:fe:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 01:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db9b58b256466d766c3fb9bb8896628b6bf97b2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:8f:e0:8d:cf:89:44:34:87:e1:b2:62:fb:ce:
36:3f:12:c1:8d:2d:ba:51:c7:dc:ae:bf:cc:91:f3:
35:08:ac:35:f4:94:2a:dc:64:17:b3:cd:0d:88:9e:
72:43:d0:b5:a5:76:d9:89:b0:5a:5e:c6:19:7b:e7:
42:28:ba:26:06:45:f1:33:78:39:e5:2d:96:cf:23:
f0:ff:c0:04:6e:40:78:b0:96:1e:a4:5f:4d:75:85:
e8:c1:59:e8:b7:fa:14:13:19:18:e2:ad:c6:16:03:
5e:f3:76:23:c1:03:20:ac:00:27:13:98:9f:2e:76:
3e:15:ee:ec:7a:c9:aa:e6:b4:1d:44:b7:cf:16:37:
d9:d8:d7:f4:1a:0b:8d:3c:34:c6:17:ee:4f:d8:51:
0b:ef:e5:3b:d3:71:92:f9:1c:23:cd:8d:36:56:ed:
86:92:c5:18:12:d3:0a:d7:f6:83:ac:17:90:b9:21:
93:2c:6f:cc:fd:bb:7a:e7:b4:4d:34:33:df:76:44:
fa:45:b0:a3:70:9b:d4:8c:45:95:b8:a1:c9:6b:d6:
09:4c:f9:1a:8c:27:f6:8f:d9:2f:9c:21:2d:dd:fc:
0a:cc:f2:eb:44:39:52:a0:2e:c2:10:3d:82:07:91:
b2:78:a3:d8:60:20:89:3f:f9:d8:45:c4:13:6a:58:
0f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:9B:58:B2:56:46:6D:76:6C:3F:B9:BB:88:96:62:8B:6B:F9:7B:2E
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/25tYslZGbXZsP7m7iJZii2v5ey4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.190.63.0/24
159.148.255.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:f7:a7:e4:8f:8e:d2:33:2e:f5:dc:7c:3e:de:87:21:0e:0e:
31:e0:de:ae:e0:77:ee:dc:cb:34:a4:b4:fc:7f:82:51:f4:ec:
2e:8a:10:2f:fc:ae:c6:cb:8d:0b:e6:82:c0:dd:5d:20:9b:23:
58:db:96:7a:78:57:f6:62:76:c5:86:58:26:95:ed:df:35:80:
20:d9:b3:b8:9a:6f:0a:1d:df:c4:dc:72:c7:ed:f1:de:e6:7d:
17:12:90:5f:ec:db:dd:5b:c3:f7:ce:be:9e:8c:c6:e7:de:86:
2b:62:44:9c:d8:ca:80:b2:62:07:7d:80:fc:3f:7c:cb:c5:b6:
9e:4f:fc:93:98:5d:7a:a1:28:a0:58:ad:d4:64:81:e0:44:24:
54:2e:ac:63:04:9c:4e:e3:28:f0:60:6e:e0:be:43:d1:dd:bf:
86:53:0b:e1:6d:ed:34:f3:98:b1:1b:29:98:73:6f:ee:7f:71:
1a:27:cb:bf:41:87:62:85:1d:f3:32:7b:13:89:71:38:32:c6:
3b:85:87:b6:72:ba:03:35:92:e1:0e:4a:3a:f2:d8:d3:fe:f8:
6b:bc:01:7c:a0:2f:d3:a5:a9:f7:6b:9e:ed:2c:c4:96:34:a0:
2f:11:b5:4a:16:87:2b:d8:91:6f:99:dc:d3:c3:61:4e:99:4b:
3e:6d:df:b5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQksvKpQnCLb2kQ1pmNIP6qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwMTAyMDE0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjliNThiMjU2NDY2ZDc2NmMzZmI5YmI4ODk2NjI4YjZiZjk3YjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyY/gjc+JRDSH4bJi+842PxLBjS26
Ucfcrr/MkfM1CKw19JQq3GQXs80NiJ5yQ9C1pXbZibBaXsYZe+dCKLomBkXxM3g5
5S2WzyPw/8AEbkB4sJYepF9NdYXowVnot/oUExkY4q3GFgNe83YjwQMgrAAnE5if
LnY+Fe7sesmq5rQdRLfPFjfZ2Nf0GguNPDTGF+5P2FEL7+U703GS+RwjzY02Vu2G
ksUYEtMK1/aDrBeQuSGTLG/M/bt657RNNDPfdkT6RbCjcJvUjEWVuKHJa9YJTPka
jCf2j9kvnCEt3fwKzPLrRDlSoC7CED2CB5GyeKPYYCCJP/nYRcQTalgPeQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNubWLJWRm12bD+5u4iWYotr+XsuMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvMjV0WXNsWkdiWFpzUDdtN2lKWmlpMnY1ZXk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW74/AwQA
n5T/MA0GCSqGSIb3DQEBCwUAA4IBAQAd96fkj47SMy713Hw+3ochDg4x4N6u4Hfu
3Ms0pLT8f4JR9OwuihAv/K7Gy40L5oLA3V0gmyNY25Z6eFf2YnbFhlgmle3fNYAg
2bO4mm8KHd/E3HLH7fHe5n0XEpBf7NvdW8P3zr6ejMbn3oYrYkSc2MqAsmIHfYD8
P3zLxbaeT/yTmF16oSigWK3UZIHgRCRULqxjBJxO4yjwYG7gvkPR3b+GUwvhbe00
85ixGymYc2/uf3EaJ8u/QYdihR3zMnsTiXE4MsY7hYe2croDNZLhDko68tjT/vhr
vAF8oC/Tpan3a57tLMSWNKAvEbVKFocr2JFvmdzTw2FOmUs+bd+1
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:22:58 2025 by rpki-client