Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/25GdIX8pGRrdAAaubJO0FxbYG-s.roa
File: 25GdIX8pGRrdAAaubJO0FxbYG-s.roa (raw, json)
Hash identifier: J7SjJPVMXuJzyuyQBNTx3E62SBRqK9gpWeifxFumUs0=
Subject key identifier: DB:91:9D:21:7F:29:19:1A:DD:00:06:AE:6C:93:B4:17:16:D8:1B:EB
Certificate issuer: /CN=21e86ff9973c93abe6398f031966c29d75a3ba86
Certificate serial: 019420D65F281AF07E131DAB1352E7BA3BA3
Authority key identifier: 21:E8:6F:F9:97:3C:93:AB:E6:39:8F:03:19:66:C2:9D:75:A3:BA:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iehv-Zc8k6vmOY8DGWbCnXWjuoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/25GdIX8pGRrdAAaubJO0FxbYG-s.roa
Signing time: Wed 01 Jan 2025 07:48:27 +0000
ROA not before: Wed 01 Jan 2025 07:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197612
IP address blocks: 91.225.248.0/24 maxlen: 24
91.225.249.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:5f:28:1a:f0:7e:13:1d:ab:13:52:e7:ba:3b:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21e86ff9973c93abe6398f031966c29d75a3ba86
Validity
Not Before: Jan 1 07:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db919d217f29191add0006ae6c93b41716d81beb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3a:4b:fd:7b:a2:c5:19:23:46:d3:00:40:76:
ed:e6:cd:45:c1:a0:fd:87:3d:91:62:76:52:f2:be:
b8:07:25:3e:10:55:1c:0a:82:23:66:20:d7:82:98:
2f:46:99:ec:fe:a2:05:03:c1:91:38:54:23:7e:73:
2a:f3:ce:87:de:c2:7a:27:4e:a0:02:5c:06:e3:61:
92:e5:15:66:9b:1f:09:5d:24:a7:f1:9a:ed:10:9c:
d8:28:31:bd:0f:6b:b7:96:4d:8b:25:ea:6d:f1:86:
27:b4:03:1c:e0:73:6f:7c:0a:cc:82:b1:bf:24:0e:
9d:60:de:3b:99:9e:13:73:a8:b1:c3:6d:3f:c8:6d:
34:7e:9e:57:09:bb:ca:60:58:bb:62:0c:db:e7:5f:
cf:09:c3:fe:88:57:b2:91:d0:47:f4:29:67:e0:12:
62:87:33:8e:1e:b7:6c:69:88:a7:e4:24:e7:7c:36:
62:c4:8a:43:18:11:57:63:36:47:1a:20:49:22:af:
03:34:25:2b:64:ac:3e:9b:c7:49:5a:cf:94:f6:3d:
1e:03:c2:76:bc:a6:06:a3:89:5c:21:b4:65:74:5d:
c6:2b:82:53:c0:fe:23:2e:1b:ec:43:cf:9e:85:ae:
00:42:f0:ea:d2:d3:43:fe:62:f7:2c:b8:ba:a8:81:
5b:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:91:9D:21:7F:29:19:1A:DD:00:06:AE:6C:93:B4:17:16:D8:1B:EB
X509v3 Authority Key Identifier:
keyid:21:E8:6F:F9:97:3C:93:AB:E6:39:8F:03:19:66:C2:9D:75:A3:BA:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iehv-Zc8k6vmOY8DGWbCnXWjuoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/25GdIX8pGRrdAAaubJO0FxbYG-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/Iehv-Zc8k6vmOY8DGWbCnXWjuoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.248.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:7e:c2:ad:88:28:ec:ac:e8:07:03:66:0a:02:77:5c:77:69:
6e:04:b9:31:ea:d6:59:8b:24:4d:24:b4:e9:88:78:dd:db:c6:
76:f4:f6:bb:d4:87:7d:32:fb:a8:1d:12:cb:0b:2d:33:ac:36:
dd:57:a9:35:03:83:67:60:e3:d0:fc:77:b9:52:ba:46:a2:b8:
6d:b3:01:54:a7:b5:5e:69:04:2b:5e:07:e3:41:1b:d7:12:33:
40:eb:c2:d2:9e:45:a4:5f:86:07:cb:c5:94:1d:5e:1a:d1:6d:
d0:6b:b7:ea:3d:c9:cf:96:bc:80:68:c7:f1:4c:62:7f:22:ff:
af:2e:95:14:fb:ab:61:32:5e:88:f5:fc:df:91:13:ea:71:fb:
87:3a:d9:07:e3:c6:2b:51:29:93:82:a0:36:0d:d6:d3:25:e8:
3e:d5:f4:a9:cf:99:90:34:ed:1f:5f:45:30:7f:4d:7a:98:07:
e6:ec:58:7e:d4:8b:ec:d6:60:ba:af:8d:13:84:49:de:7f:9a:
46:45:f4:ad:22:f9:93:ee:b5:79:27:0e:4f:11:5e:19:ae:10:
d3:63:99:cb:60:e8:24:7f:ab:b8:58:df:a2:d3:ad:21:9d:6c:
fc:2b:05:20:9a:e2:99:60:dd:40:35:3d:ef:bf:5f:80:1d:7e:
e0:a1:6b:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1l8oGvB+Ex2rE1LnujujMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxZTg2ZmY5OTczYzkzYWJlNjM5OGYwMzE5NjZjMjlkNzVh
M2JhODYwHhcNMjUwMTAxMDc0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjkxOWQyMTdmMjkxOTFhZGQwMDA2YWU2YzkzYjQxNzE2ZDgxYmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTpL/XuixRkjRtMAQHbt5s1FwaD9
hz2RYnZS8r64ByU+EFUcCoIjZiDXgpgvRpns/qIFA8GROFQjfnMq886H3sJ6J06g
AlwG42GS5RVmmx8JXSSn8ZrtEJzYKDG9D2u3lk2LJept8YYntAMc4HNvfArMgrG/
JA6dYN47mZ4Tc6ixw20/yG00fp5XCbvKYFi7Ygzb51/PCcP+iFeykdBH9Cln4BJi
hzOOHrdsaYin5CTnfDZixIpDGBFXYzZHGiBJIq8DNCUrZKw+m8dJWs+U9j0eA8J2
vKYGo4lcIbRldF3GK4JTwP4jLhvsQ8+eha4AQvDq0tND/mL3LLi6qIFbowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNuRnSF/KRka3QAGrmyTtBcW2BvrMB8GA1UdIwQY
MBaAFCHob/mXPJOr5jmPAxlmwp11o7qGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWVodi1aYzhrNnZtT1k4REdXYkNuWFdqdW9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yZjZkZDAtYjc2Zi00N2Q1LWE0YWIt
MzJmZWViNTY2ZWU2LzEvMjVHZElYOHBHUnJkQUFhdWJKTzBGeGJZRy1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yZjZkZDAtYjc2Zi00N2Q1LWE0YWItMzJmZWViNTY2ZWU2
LzEvSWVodi1aYzhrNnZtT1k4REdXYkNuWFdqdW9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+H4MA0G
CSqGSIb3DQEBCwUAA4IBAQBrfsKtiCjsrOgHA2YKAndcd2luBLkx6tZZiyRNJLTp
iHjd28Z29Pa71Id9MvuoHRLLCy0zrDbdV6k1A4NnYOPQ/He5UrpGorhtswFUp7Ve
aQQrXgfjQRvXEjNA68LSnkWkX4YHy8WUHV4a0W3Qa7fqPcnPlryAaMfxTGJ/Iv+v
LpUU+6thMl6I9fzfkRPqcfuHOtkH48YrUSmTgqA2DdbTJeg+1fSpz5mQNO0fX0Uw
f016mAfm7Fh+1Ivs1mC6r40ThEnef5pGRfStIvmT7rV5Jw5PEV4ZrhDTY5nLYOgk
f6u4WN+i060hnWz8KwUgmuKZYN1ANT3vv1+AHX7goWvO
-----END CERTIFICATE-----
Generated at Tue Apr 8 13:23:29 2025 by rpki-client