Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/d6yNgv0BxU_UzpItBknvXif_uOM.roa
File: d6yNgv0BxU_UzpItBknvXif_uOM.roa (raw, json)
Hash identifier: MrPkpwBN64QMipyBZrYt+iEpiojkHNt4RyGJpPLKwx0=
Subject key identifier: 77:AC:8D:82:FD:01:C5:4F:D4:CE:92:2D:06:49:EF:5E:27:FF:B8:E3
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 0194282821B52C24ADF212B85449F1636EB1
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/d6yNgv0BxU_UzpItBknvXif_uOM.roa
Signing time: Thu 02 Jan 2025 17:55:06 +0000
ROA not before: Thu 02 Jan 2025 17:55:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197050
IP address blocks: 85.118.91.0/24 maxlen: 24
151.251.56.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:28:21:b5:2c:24:ad:f2:12:b8:54:49:f1:63:6e:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Jan 2 17:55:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77ac8d82fd01c54fd4ce922d0649ef5e27ffb8e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:33:28:65:81:db:aa:51:a8:35:40:13:0c:75:
d8:3e:dd:f0:24:7a:db:a8:52:47:55:88:e4:ee:de:
99:b8:1c:ae:4d:e6:d7:e9:6b:d0:98:2f:14:89:61:
52:c0:cd:a9:93:4c:82:da:85:c3:a1:69:b3:f2:0a:
c7:55:20:49:24:b1:05:03:ef:8b:9c:0c:20:43:c0:
2f:97:15:2c:a4:34:12:64:df:59:49:01:78:05:9e:
de:4b:3c:c5:77:57:2f:59:56:97:2d:54:f4:77:3f:
a0:dc:7e:ca:6e:ef:b7:b7:ca:b3:7f:06:8e:30:50:
a1:51:2a:4b:6f:b4:07:07:42:17:d1:4f:45:42:c1:
8f:24:73:12:19:41:c6:ef:d5:1e:ce:cb:61:9e:4d:
12:1e:2b:2d:70:32:e9:7c:46:3c:82:44:d8:5f:99:
d2:67:46:2c:70:b6:03:c2:f8:34:bb:c8:b8:ee:49:
34:68:97:14:b3:16:21:74:76:ed:48:7b:34:0f:28:
25:c4:5f:03:90:76:96:0d:f6:50:37:aa:35:d7:46:
6f:5c:fa:7b:75:7a:37:06:b3:d1:22:ee:d3:83:d4:
56:1e:77:e2:fc:cf:74:bb:27:4e:57:83:1e:07:1a:
be:9e:eb:e0:ab:08:18:ab:06:14:68:b2:4d:c2:5b:
d6:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:AC:8D:82:FD:01:C5:4F:D4:CE:92:2D:06:49:EF:5E:27:FF:B8:E3
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/d6yNgv0BxU_UzpItBknvXif_uOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.118.91.0/24
151.251.56.0/22
Signature Algorithm: sha256WithRSAEncryption
32:19:85:c5:59:a8:b6:f0:49:5d:58:36:82:0e:75:91:75:46:
4e:2c:ec:dd:51:76:3e:89:2a:00:53:20:de:22:65:4b:a3:13:
1d:f0:1a:1b:63:7f:37:3d:e0:3f:1e:ec:67:86:dd:68:87:36:
4c:c4:97:51:d9:01:c7:dc:35:d0:aa:8a:9a:13:79:13:45:a6:
3e:a2:60:c6:b4:3d:e9:49:ca:4d:2a:94:24:a3:d6:87:ec:64:
c8:90:96:fc:48:71:3d:e9:77:2c:82:af:e1:47:cd:ec:b7:b1:
3e:0d:70:58:9b:35:ea:8d:40:39:65:25:bd:f2:a8:56:88:1a:
a4:ba:53:02:56:24:10:a7:89:92:7c:da:38:35:09:23:48:27:
5a:14:41:fa:19:48:f9:ad:35:4c:b3:58:f5:7b:e2:e2:21:fe:
c9:36:68:ea:88:b7:fa:49:e0:ba:02:37:c2:ec:45:8b:07:44:
c3:84:61:38:44:71:ae:f4:6a:37:c8:8e:12:89:10:b5:2b:4a:
15:3f:30:e1:26:e8:00:b8:4f:e8:e2:e7:f2:46:61:fb:0f:c3:
77:e0:bc:1d:b8:4e:fe:3a:22:cf:35:90:01:c1:50:61:02:7b:
9b:f8:16:cc:68:20:ad:fe:b1:6a:cc:b4:66:5f:24:2e:a9:e3:
e0:69:d0:10
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoKCG1LCSt8hK4VEnxY26xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjUwMTAyMTc1NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2FjOGQ4MmZkMDFjNTRmZDRjZTkyMmQwNjQ5ZWY1ZTI3ZmZiOGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzMoZYHbqlGoNUATDHXYPt3wJHrb
qFJHVYjk7t6ZuByuTebX6WvQmC8UiWFSwM2pk0yC2oXDoWmz8grHVSBJJLEFA++L
nAwgQ8AvlxUspDQSZN9ZSQF4BZ7eSzzFd1cvWVaXLVT0dz+g3H7Kbu+3t8qzfwaO
MFChUSpLb7QHB0IX0U9FQsGPJHMSGUHG79Uezsthnk0SHistcDLpfEY8gkTYX5nS
Z0YscLYDwvg0u8i47kk0aJcUsxYhdHbtSHs0DyglxF8DkHaWDfZQN6o110ZvXPp7
dXo3BrPRIu7Tg9RWHnfi/M90uydOV4MeBxq+nuvgqwgYqwYUaLJNwlvWxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHesjYL9AcVP1M6SLQZJ714n/7jjMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvZDZ5Tmd2MEJ4VV9VenBJdEJrbnZYaWZfdU9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVXZbAwQC
l/s4MA0GCSqGSIb3DQEBCwUAA4IBAQAyGYXFWai28EldWDaCDnWRdUZOLOzdUXY+
iSoAUyDeImVLoxMd8BobY383PeA/Huxnht1ohzZMxJdR2QHH3DXQqoqaE3kTRaY+
omDGtD3pScpNKpQko9aH7GTIkJb8SHE96Xcsgq/hR83st7E+DXBYmzXqjUA5ZSW9
8qhWiBqkulMCViQQp4mSfNo4NQkjSCdaFEH6GUj5rTVMs1j1e+LiIf7JNmjqiLf6
SeC6AjfC7EWLB0TDhGE4RHGu9Go3yI4SiRC1K0oVPzDhJugAuE/o4ufyRmH7D8N3
4LwduE7+OiLPNZABwVBhAnub+BbMaCCt/rFqzLRmXyQuqePgadAQ
-----END CERTIFICATE-----
Generated at Sat Apr 12 01:16:31 2025 by rpki-client