Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/cfeb07-66f7-4b51-bea6-dadbee1e2c2c/1/MODcJVbQ7tIyULkAi32tBDPkIQ0.roa
File: MODcJVbQ7tIyULkAi32tBDPkIQ0.roa (raw, json)
Hash identifier: b4XxIhCxRBgha/DwCew59vKJiKvbCmMkhqVHdTGJTgY=
Subject key identifier: 30:E0:DC:25:56:D0:EE:D2:32:50:B9:00:8B:7D:AD:04:33:E4:21:0D
Certificate issuer: /CN=d2308dd11206fa52db004e455ac8d995af4c3b08
Certificate serial: 01942826643AD190E98EA86D2B503A52E286
Authority key identifier: D2:30:8D:D1:12:06:FA:52:DB:00:4E:45:5A:C8:D9:95:AF:4C:3B:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0jCN0RIG-lLbAE5FWsjZla9MOwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/cfeb07-66f7-4b51-bea6-dadbee1e2c2c/1/MODcJVbQ7tIyULkAi32tBDPkIQ0.roa
Signing time: Thu 02 Jan 2025 17:53:12 +0000
ROA not before: Thu 02 Jan 2025 17:53:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51096
IP address blocks: 91.216.150.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:64:3a:d1:90:e9:8e:a8:6d:2b:50:3a:52:e2:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2308dd11206fa52db004e455ac8d995af4c3b08
Validity
Not Before: Jan 2 17:53:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30e0dc2556d0eed23250b9008b7dad0433e4210d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:03:a6:95:1f:e8:2e:c6:cc:60:73:92:2f:0c:
b1:35:c7:7a:ce:37:68:f1:f0:69:e7:31:c9:62:e8:
3d:07:db:ad:4a:e9:f6:25:78:5c:6f:f3:01:1c:77:
98:b1:56:ce:e1:6b:28:e4:b5:f3:fa:49:99:d4:be:
1d:fd:58:aa:ce:d3:76:be:28:8e:33:be:1c:1d:78:
bb:42:7f:26:78:ca:15:e4:c5:12:d8:1a:9a:56:93:
2a:1e:ea:d6:10:68:90:bc:09:e7:74:1f:31:2b:a8:
dc:dc:48:c0:63:d1:d4:2f:6d:e0:27:5f:a2:d5:6b:
5c:ca:c1:bd:ef:ca:fb:a6:9c:e4:66:27:98:66:8b:
b5:e4:09:49:4a:0c:49:db:57:ae:d1:a8:5f:40:f8:
81:30:03:8c:c6:b5:9c:52:28:67:19:d1:ff:88:b4:
53:1e:b8:d1:f5:6c:16:0f:5b:fe:43:02:db:a8:7d:
95:df:6f:37:68:1a:c2:79:38:3b:c0:2c:c4:b6:25:
dc:3c:db:66:d9:76:e3:ad:e2:49:58:b0:44:71:1c:
04:02:a3:33:e2:1a:40:95:d6:1b:32:ff:ad:8c:cb:
47:7c:d9:7f:03:57:e4:57:f9:01:7a:7f:99:b6:51:
d3:a4:51:b7:1c:e3:c0:d0:c8:88:42:b3:31:b9:61:
5c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:E0:DC:25:56:D0:EE:D2:32:50:B9:00:8B:7D:AD:04:33:E4:21:0D
X509v3 Authority Key Identifier:
keyid:D2:30:8D:D1:12:06:FA:52:DB:00:4E:45:5A:C8:D9:95:AF:4C:3B:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0jCN0RIG-lLbAE5FWsjZla9MOwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/cfeb07-66f7-4b51-bea6-dadbee1e2c2c/1/MODcJVbQ7tIyULkAi32tBDPkIQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/cfeb07-66f7-4b51-bea6-dadbee1e2c2c/1/0jCN0RIG-lLbAE5FWsjZla9MOwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.150.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:f3:24:ad:a3:ed:78:6d:29:4e:eb:74:d6:00:f2:f3:6c:52:
50:18:dc:f1:cd:ec:44:50:5c:bf:2b:27:5f:26:ff:94:61:95:
9c:88:ac:c8:5b:34:b9:9e:13:83:4a:8b:07:b3:0d:15:a5:95:
90:ff:94:64:b6:60:95:3e:1c:6e:8d:fe:74:ff:3b:4e:99:16:
e0:36:7a:b8:84:26:75:29:88:25:cd:d1:a0:e2:ca:a8:83:55:
53:c0:d7:49:24:eb:3a:7a:5e:29:6c:6f:02:12:65:a6:c0:a9:
48:ad:7c:4d:73:f2:91:1e:3a:f5:21:46:38:f1:b5:f7:15:22:
77:97:a0:30:e9:cf:a4:bb:4e:a4:6f:1e:63:ea:f5:38:18:f1:
18:a5:2d:88:89:79:38:45:f4:a3:30:96:e9:45:59:4a:7e:f9:
07:fa:a8:99:12:48:8b:58:9e:07:fa:c5:eb:47:18:d3:63:c9:
a1:a6:40:fa:a4:1e:25:07:ab:83:af:41:6a:14:eb:a3:af:fa:
82:00:9b:b5:9e:18:e1:a3:18:a8:e2:a8:62:dc:ce:68:73:a3:
5e:3b:75:9d:c4:61:a3:b0:9a:70:8e:df:a1:83:65:df:30:44:
02:ad:75:c0:cf:60:ec:53:d6:f9:4d:1f:51:06:55:d3:4b:b7:
c2:f3:96:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJmQ60ZDpjqhtK1A6UuKGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMzA4ZGQxMTIwNmZhNTJkYjAwNGU0NTVhYzhkOTk1YWY0
YzNiMDgwHhcNMjUwMTAyMTc1MzEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGUwZGMyNTU2ZDBlZWQyMzI1MGI5MDA4YjdkYWQwNDMzZTQyMTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQOmlR/oLsbMYHOSLwyxNcd6zjdo
8fBp5zHJYug9B9utSun2JXhcb/MBHHeYsVbO4Wso5LXz+kmZ1L4d/ViqztN2viiO
M74cHXi7Qn8meMoV5MUS2BqaVpMqHurWEGiQvAnndB8xK6jc3EjAY9HUL23gJ1+i
1WtcysG978r7ppzkZieYZou15AlJSgxJ21eu0ahfQPiBMAOMxrWcUihnGdH/iLRT
HrjR9WwWD1v+QwLbqH2V3283aBrCeTg7wCzEtiXcPNtm2XbjreJJWLBEcRwEAqMz
4hpAldYbMv+tjMtHfNl/A1fkV/kBen+ZtlHTpFG3HOPA0MiIQrMxuWFcTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDDg3CVW0O7SMlC5AIt9rQQz5CENMB8GA1UdIwQY
MBaAFNIwjdESBvpS2wBORVrI2ZWvTDsIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGpDTjBSSUctbExiQUU1RldzalpsYTlNT3dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9jZmViMDctNjZmNy00YjUxLWJlYTYt
ZGFkYmVlMWUyYzJjLzEvTU9EY0pWYlE3dEl5VUxrQWkzMnRCRFBrSVEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9jZmViMDctNjZmNy00YjUxLWJlYTYtZGFkYmVlMWUyYzJj
LzEvMGpDTjBSSUctbExiQUU1RldzalpsYTlNT3dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9iWMA0G
CSqGSIb3DQEBCwUAA4IBAQCz8ySto+14bSlO63TWAPLzbFJQGNzxzexEUFy/Kydf
Jv+UYZWciKzIWzS5nhODSosHsw0VpZWQ/5RktmCVPhxujf50/ztOmRbgNnq4hCZ1
KYglzdGg4sqog1VTwNdJJOs6el4pbG8CEmWmwKlIrXxNc/KRHjr1IUY48bX3FSJ3
l6Aw6c+ku06kbx5j6vU4GPEYpS2IiXk4RfSjMJbpRVlKfvkH+qiZEkiLWJ4H+sXr
RxjTY8mhpkD6pB4lB6uDr0FqFOujr/qCAJu1nhjhoxio4qhi3M5oc6NeO3WdxGGj
sJpwjt+hg2XfMEQCrXXAz2DsU9b5TR9RBlXTS7fC85ZU
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:15:57 2025 by rpki-client