Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/0e66e9-cf2d-40df-aaae-cf2d58d0e0ee/1/1UQBMdlNIZpuxIjnKkgzjfvJqNM.roa
File: 1UQBMdlNIZpuxIjnKkgzjfvJqNM.roa (raw, json)
Hash identifier: UTR1XEenqcPOEfPniiaYd7rNcv8miNRFy/ZF8QAlsyg=
Subject key identifier: D5:44:01:31:D9:4D:21:9A:6E:C4:88:E7:2A:48:33:8D:FB:C9:A8:D3
Certificate issuer: /CN=f58acd43c0033b13b88bb397415583aa51d9303a
Certificate serial: 01942067FAEF8C69F754055A250BCC26AB7C
Authority key identifier: F5:8A:CD:43:C0:03:3B:13:B8:8B:B3:97:41:55:83:AA:51:D9:30:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9YrNQ8ADOxO4i7OXQVWDqlHZMDo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/0e66e9-cf2d-40df-aaae-cf2d58d0e0ee/1/1UQBMdlNIZpuxIjnKkgzjfvJqNM.roa
Signing time: Wed 01 Jan 2025 05:47:52 +0000
ROA not before: Wed 01 Jan 2025 05:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201729
IP address blocks: 91.137.84.0/23 maxlen: 23
91.137.124.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:fa:ef:8c:69:f7:54:05:5a:25:0b:cc:26:ab:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f58acd43c0033b13b88bb397415583aa51d9303a
Validity
Not Before: Jan 1 05:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5440131d94d219a6ec488e72a48338dfbc9a8d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ce:3c:fb:d9:8b:2c:b7:1e:c4:a8:d1:65:e3:
4d:33:96:15:14:25:0a:ba:66:fe:89:ce:e1:df:8b:
b3:55:2a:e5:25:9c:c7:da:2e:f2:dc:93:41:f2:10:
f9:ee:76:a5:f8:16:81:96:8d:54:6f:da:07:3e:6b:
d3:e8:fb:ce:5f:c5:87:c0:c9:e8:69:55:c3:d1:e3:
3b:82:03:72:e1:d7:a3:b1:b3:7a:ce:51:bc:93:35:
d4:b9:ab:93:69:81:8a:54:87:6c:6e:79:9c:a0:bc:
0d:9a:75:5d:43:a0:58:35:4d:9e:e2:14:ae:4e:45:
33:f2:b6:15:e5:57:4e:51:8b:24:37:84:e4:65:b9:
fb:c3:36:c2:2d:e7:1e:24:9c:37:41:0d:ec:4c:4a:
ec:82:75:bb:0c:b0:76:c2:cf:f0:00:d1:48:be:74:
c0:6d:6a:f6:ae:72:bf:c3:e6:a8:4b:b2:90:fa:c8:
29:be:03:cc:9f:77:0f:5e:ff:01:03:8b:81:e1:c9:
1a:27:92:4a:0f:03:1b:3f:85:f7:1e:74:45:df:a1:
9f:26:42:6c:7d:7b:1b:9c:74:86:c6:27:fe:14:fb:
47:d2:f5:40:ab:fe:03:fc:84:a5:60:f7:f9:6e:a3:
44:10:08:06:f7:58:19:4b:4b:76:37:46:ae:31:18:
66:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:44:01:31:D9:4D:21:9A:6E:C4:88:E7:2A:48:33:8D:FB:C9:A8:D3
X509v3 Authority Key Identifier:
keyid:F5:8A:CD:43:C0:03:3B:13:B8:8B:B3:97:41:55:83:AA:51:D9:30:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9YrNQ8ADOxO4i7OXQVWDqlHZMDo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/0e66e9-cf2d-40df-aaae-cf2d58d0e0ee/1/1UQBMdlNIZpuxIjnKkgzjfvJqNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/0e66e9-cf2d-40df-aaae-cf2d58d0e0ee/1/9YrNQ8ADOxO4i7OXQVWDqlHZMDo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.137.84.0/23
91.137.124.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:33:3a:ac:13:3c:38:de:4e:52:f1:bf:ab:7a:4f:96:ae:3a:
d8:f2:d7:29:79:ac:13:f2:ea:f8:d1:9c:a1:6b:ba:83:f8:41:
af:cb:38:ad:9f:fa:89:62:f7:92:b5:47:05:e1:e4:5b:a7:33:
f1:e8:67:24:03:61:51:06:e0:d1:b4:de:43:24:9e:4d:15:b3:
5e:7b:5b:5d:85:b0:ac:42:7d:04:e9:ac:8e:7d:14:6f:63:93:
a6:63:1e:c3:9d:72:f8:f9:e6:19:b6:2e:62:c1:b5:41:50:03:
63:a1:52:2d:c6:6c:78:aa:89:d7:87:9c:81:da:e8:1d:01:87:
43:69:b1:38:50:06:be:18:8b:58:3c:3d:c4:6e:d6:df:a0:15:
0d:17:65:a0:10:72:1c:f7:41:8d:34:76:ad:f0:63:23:31:04:
d6:c4:a4:a6:15:5b:13:2f:9a:01:84:34:54:f1:b4:21:ba:74:
b9:d6:2e:10:9c:7d:4c:78:65:a0:e9:ba:6e:41:1a:23:7f:e8:
61:86:b0:21:cb:7c:28:4e:65:92:26:91:66:8a:bb:41:9a:21:
3b:c9:e0:22:2a:bf:2e:8f:a2:f2:17:53:39:84:99:ef:b5:b9:
c9:63:5d:d1:a4:5f:aa:31:58:51:d4:8f:81:2e:38:46:31:e6:
d7:29:e0:92
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQgZ/rvjGn3VAVaJQvMJqt8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1OGFjZDQzYzAwMzNiMTNiODhiYjM5NzQxNTU4M2FhNTFk
OTMwM2EwHhcNMjUwMTAxMDU0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTQ0MDEzMWQ5NGQyMTlhNmVjNDg4ZTcyYTQ4MzM4ZGZiYzlhOGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvc48+9mLLLcexKjRZeNNM5YVFCUK
umb+ic7h34uzVSrlJZzH2i7y3JNB8hD57nal+BaBlo1Ub9oHPmvT6PvOX8WHwMno
aVXD0eM7ggNy4dejsbN6zlG8kzXUuauTaYGKVIdsbnmcoLwNmnVdQ6BYNU2e4hSu
TkUz8rYV5VdOUYskN4TkZbn7wzbCLeceJJw3QQ3sTErsgnW7DLB2ws/wANFIvnTA
bWr2rnK/w+aoS7KQ+sgpvgPMn3cPXv8BA4uB4ckaJ5JKDwMbP4X3HnRF36GfJkJs
fXsbnHSGxif+FPtH0vVAq/4D/ISlYPf5bqNEEAgG91gZS0t2N0auMRhmLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNVEATHZTSGabsSI5ypIM437yajTMB8GA1UdIwQY
MBaAFPWKzUPAAzsTuIuzl0FVg6pR2TA6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVlyTlE4QURPeE80aTdPWFFWV0RxbEhaTURvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8wZTY2ZTktY2YyZC00MGRmLWFhYWUt
Y2YyZDU4ZDBlMGVlLzEvMVVRQk1kbE5JWnB1eElqbktrZ3pqZnZKcU5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8wZTY2ZTktY2YyZC00MGRmLWFhYWUtY2YyZDU4ZDBlMGVl
LzEvOVlyTlE4QURPeE80aTdPWFFWV0RxbEhaTURvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW4lUAwQC
W4l8MA0GCSqGSIb3DQEBCwUAA4IBAQAtMzqsEzw43k5S8b+rek+WrjrY8tcpeawT
8ur40Zyha7qD+EGvyzitn/qJYveStUcF4eRbpzPx6GckA2FRBuDRtN5DJJ5NFbNe
e1tdhbCsQn0E6ayOfRRvY5OmYx7DnXL4+eYZti5iwbVBUANjoVItxmx4qonXh5yB
2ugdAYdDabE4UAa+GItYPD3EbtbfoBUNF2WgEHIc90GNNHat8GMjMQTWxKSmFVsT
L5oBhDRU8bQhunS51i4QnH1MeGWg6bpuQRojf+hhhrAhy3woTmWSJpFmirtBmiE7
yeAiKr8uj6LyF1M5hJnvtbnJY13RpF+qMVhR1I+BLjhGMebXKeCS
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:33:20 2025 by rpki-client