Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/Ci2nxFCN2-JFxhCGu2Re4yZAOHs.roa
File: Ci2nxFCN2-JFxhCGu2Re4yZAOHs.roa (raw, json)
Hash identifier: +bhZNarT7FFMkSZsUhSIu2eb8t+79YYtheiLS/N1UY0=
Subject key identifier: 0A:2D:A7:C4:50:8D:DB:E2:45:C6:10:86:BB:64:5E:E3:26:40:38:7B
Certificate issuer: /CN=40aa949d31c66888cb4758f23dd5f312141dec4a
Certificate serial: 0194236A27E05F8D507DD469D64C0E3379D8
Authority key identifier: 40:AA:94:9D:31:C6:68:88:CB:47:58:F2:3D:D5:F3:12:14:1D:EC:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/Ci2nxFCN2-JFxhCGu2Re4yZAOHs.roa
Signing time: Wed 01 Jan 2025 19:49:07 +0000
ROA not before: Wed 01 Jan 2025 19:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47811
IP address blocks: 91.208.154.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:27:e0:5f:8d:50:7d:d4:69:d6:4c:0e:33:79:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40aa949d31c66888cb4758f23dd5f312141dec4a
Validity
Not Before: Jan 1 19:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a2da7c4508ddbe245c61086bb645ee32640387b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:37:f8:36:29:d8:d6:af:12:bc:af:3d:38:d3:
d4:ce:50:47:55:54:64:96:08:36:33:bd:28:03:fa:
fd:c6:5a:c7:f2:a3:4a:f2:61:e9:36:7d:52:5a:cc:
ac:32:0b:a5:f5:c8:d4:bf:c3:6d:6a:a0:f8:26:75:
37:f2:23:c4:59:d2:28:f9:25:ce:c0:26:13:44:a1:
99:d0:cd:98:82:2c:6e:d4:58:62:e4:1c:0d:63:1e:
a1:6e:72:a8:f3:ed:64:ae:9a:35:58:34:d8:91:3e:
c7:14:b4:4b:6c:37:28:77:b6:cd:46:9b:6e:da:70:
84:04:54:a0:23:1f:82:c4:aa:00:87:af:d8:1b:e2:
e5:14:8b:95:3e:1a:3d:91:45:c4:08:aa:42:71:a9:
af:ad:80:bb:2f:ef:91:b9:77:6b:96:73:75:19:b1:
e0:d0:2a:3b:4e:55:98:78:4f:5f:9a:00:ed:f5:b0:
73:f8:f0:93:7f:95:6d:bb:4e:2d:eb:6b:b7:d0:b5:
35:d4:4a:10:ee:38:53:60:86:23:be:20:9d:d3:f2:
55:53:76:70:cc:00:4f:9c:0c:71:50:71:aa:34:54:
12:04:40:32:20:a1:e4:6e:09:4e:1c:cf:b1:96:b9:
09:89:21:25:b9:c3:24:a5:8c:71:fd:0c:e6:59:5e:
05:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:2D:A7:C4:50:8D:DB:E2:45:C6:10:86:BB:64:5E:E3:26:40:38:7B
X509v3 Authority Key Identifier:
keyid:40:AA:94:9D:31:C6:68:88:CB:47:58:F2:3D:D5:F3:12:14:1D:EC:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/Ci2nxFCN2-JFxhCGu2Re4yZAOHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.154.0/24
Signature Algorithm: sha256WithRSAEncryption
22:35:35:95:d2:62:97:ad:e0:b8:3e:b3:49:1d:1e:f5:37:05:
b0:72:eb:5e:3e:8c:da:a0:1e:56:b2:64:c1:f4:78:03:a3:d8:
56:12:40:e5:1e:3b:49:89:f6:41:97:a4:0b:a8:24:ba:84:1a:
7c:d2:b6:78:97:ff:3d:e0:1d:ae:4d:ff:c9:94:ce:3d:1c:ce:
8b:f4:59:df:07:9a:71:8f:21:17:41:f3:a9:67:e5:90:f1:74:
f3:45:d7:aa:49:91:9c:24:31:f9:29:66:4b:13:fa:94:ad:8c:
79:33:22:83:38:a9:0b:b6:32:b2:1b:54:ca:bb:fc:a5:c4:ec:
d8:1f:e3:87:c2:f8:d3:25:16:91:ce:e9:cc:5e:09:ed:40:65:
b0:1d:d6:f1:cb:e5:ad:37:06:88:c6:c8:d6:d4:24:88:63:03:
86:be:bb:66:6f:97:ed:a3:3f:ad:c6:19:94:9e:55:56:c8:8e:
40:59:f0:39:fd:79:54:b5:78:f7:34:02:3d:f3:91:a7:8c:bb:
d0:1b:56:6d:98:b3:75:9b:1e:df:55:46:92:f2:bb:fc:cd:e7:
a6:1c:41:da:ab:8a:39:bd:20:10:fd:c1:bc:52:b9:ab:fa:a3:
e2:0c:42:fa:df:17:20:a5:50:4c:d5:18:17:90:7f:c1:2c:34:
b3:36:d9:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaifgX41QfdRp1kwOM3nYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYWE5NDlkMzFjNjY4ODhjYjQ3NThmMjNkZDVmMzEyMTQx
ZGVjNGEwHhcNMjUwMTAxMTk0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTJkYTdjNDUwOGRkYmUyNDVjNjEwODZiYjY0NWVlMzI2NDAzODdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Tf4NinY1q8SvK89ONPUzlBHVVRk
lgg2M70oA/r9xlrH8qNK8mHpNn1SWsysMgul9cjUv8NtaqD4JnU38iPEWdIo+SXO
wCYTRKGZ0M2Ygixu1Fhi5BwNYx6hbnKo8+1krpo1WDTYkT7HFLRLbDcod7bNRptu
2nCEBFSgIx+CxKoAh6/YG+LlFIuVPho9kUXECKpCcamvrYC7L++RuXdrlnN1GbHg
0Co7TlWYeE9fmgDt9bBz+PCTf5Vtu04t62u30LU11EoQ7jhTYIYjviCd0/JVU3Zw
zABPnAxxUHGqNFQSBEAyIKHkbglOHM+xlrkJiSElucMkpYxx/QzmWV4FFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAotp8RQjdviRcYQhrtkXuMmQDh7MB8GA1UdIwQY
MBaAFECqlJ0xxmiIy0dY8j3V8xIUHexKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUtxVW5USEdhSWpMUjFqeVBkWHpFaFFkN0VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9kZTk0MDEtNTZiYi00ODEzLThmODgt
ZmQxMWJiMWNjODJkLzEvQ2kybnhGQ04yLUpGeGhDR3UyUmU0eVpBT0hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9kZTk0MDEtNTZiYi00ODEzLThmODgtZmQxMWJiMWNjODJk
LzEvUUtxVW5USEdhSWpMUjFqeVBkWHpFaFFkN0VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9CaMA0G
CSqGSIb3DQEBCwUAA4IBAQAiNTWV0mKXreC4PrNJHR71NwWwcutePozaoB5WsmTB
9HgDo9hWEkDlHjtJifZBl6QLqCS6hBp80rZ4l/894B2uTf/JlM49HM6L9FnfB5px
jyEXQfOpZ+WQ8XTzRdeqSZGcJDH5KWZLE/qUrYx5MyKDOKkLtjKyG1TKu/ylxOzY
H+OHwvjTJRaRzunMXgntQGWwHdbxy+WtNwaIxsjW1CSIYwOGvrtmb5ftoz+txhmU
nlVWyI5AWfA5/XlUtXj3NAI985GnjLvQG1ZtmLN1mx7fVUaS8rv8zeemHEHaq4o5
vSAQ/cG8Urmr+qPiDEL63xcgpVBM1RgXkH/BLDSzNtl3
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:42:47 2025 by rpki-client