Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/i_nP-RMEFWNsq8wmPatyh47z1H4.roa
File: i_nP-RMEFWNsq8wmPatyh47z1H4.roa (raw, json)
Hash identifier: LMMjHpph11n+9N5yAaKIxDwK0rOXqWLUsY4TjiEcrdw=
Subject key identifier: 8B:F9:CF:F9:13:04:15:63:6C:AB:CC:26:3D:AB:72:87:8E:F3:D4:7E
Certificate issuer: /CN=75dcc776b2bf595bf4b3e60bba4245f0120a2176
Certificate serial: 019423D75B624113EFC6D6FB99410C4F0D81
Authority key identifier: 75:DC:C7:76:B2:BF:59:5B:F4:B3:E6:0B:BA:42:45:F0:12:0A:21:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ddzHdrK_WVv0s-YLukJF8BIKIXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/i_nP-RMEFWNsq8wmPatyh47z1H4.roa
Signing time: Wed 01 Jan 2025 21:48:23 +0000
ROA not before: Wed 01 Jan 2025 21:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 91.240.18.0/24 maxlen: 24
91.240.19.0/24 maxlen: 24
193.151.94.0/24 maxlen: 24
195.8.103.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:5b:62:41:13:ef:c6:d6:fb:99:41:0c:4f:0d:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75dcc776b2bf595bf4b3e60bba4245f0120a2176
Validity
Not Before: Jan 1 21:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8bf9cff9130415636cabcc263dab72878ef3d47e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:be:27:94:ca:22:b0:d7:8d:79:fe:79:32:0b:
f0:45:ba:6e:3e:0d:ea:4e:c5:20:0b:c0:88:7c:77:
6c:91:59:e2:b8:51:94:04:ac:24:e6:42:eb:9e:7d:
58:7b:b2:9f:d2:b0:69:96:f2:de:3a:b3:01:71:12:
2c:a9:ac:df:0c:fc:d8:17:fd:e8:cd:a1:44:8b:95:
13:66:0f:d7:5e:46:00:4b:8b:9b:ae:55:5e:05:f0:
50:12:a7:66:cd:d0:35:5a:15:7c:e0:7c:85:36:df:
30:52:be:dd:cb:25:91:e8:0c:5d:dd:43:93:3e:78:
b7:35:fd:69:22:19:56:83:e0:31:77:57:66:97:f9:
61:38:75:8d:68:5c:b7:49:24:68:44:8e:0f:fa:c2:
14:ac:f7:81:60:f7:a5:6b:f5:da:1a:e6:a2:f2:e7:
3d:03:fb:cb:4d:c9:f1:ac:9c:3e:e8:eb:55:b1:9f:
0c:f7:db:40:9c:61:ff:37:76:23:e1:6f:50:90:74:
6b:8a:ac:1e:f7:7d:0b:f1:6c:96:fa:d9:12:18:67:
b5:bc:02:3b:38:ae:e0:0f:67:79:8e:94:bb:a5:82:
cd:2d:c4:75:82:90:54:b8:87:01:87:20:ce:ca:63:
0a:e5:c8:de:c9:22:ea:8a:83:dd:70:6a:e0:bd:0e:
d2:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:F9:CF:F9:13:04:15:63:6C:AB:CC:26:3D:AB:72:87:8E:F3:D4:7E
X509v3 Authority Key Identifier:
keyid:75:DC:C7:76:B2:BF:59:5B:F4:B3:E6:0B:BA:42:45:F0:12:0A:21:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ddzHdrK_WVv0s-YLukJF8BIKIXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/i_nP-RMEFWNsq8wmPatyh47z1H4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/ddzHdrK_WVv0s-YLukJF8BIKIXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.18.0/23
193.151.94.0/24
195.8.103.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:3f:6a:4b:68:d4:95:94:6e:63:4a:e6:c0:1d:76:a7:90:d7:
57:55:97:f0:2c:d1:5f:70:79:e0:6a:9c:ed:42:81:db:b3:4e:
7f:85:fb:99:fb:40:59:90:03:15:42:12:b2:3f:af:b3:ed:50:
f3:74:60:51:e4:67:3a:35:e0:a3:93:f3:a8:56:d2:cd:f0:af:
63:a8:7d:16:a4:3a:2a:54:0e:76:e8:20:e5:50:98:3e:45:07:
f2:c9:3b:6a:99:ef:7f:d3:ef:e8:4d:fe:d4:8e:2e:54:fb:60:
4c:c1:06:02:9b:3a:75:07:d9:2f:03:d1:1a:76:9b:53:9c:d9:
9e:ad:41:dc:8c:de:d2:99:99:cc:54:fc:f1:4e:53:74:f6:a2:
7c:6b:9b:48:93:42:90:a2:37:ff:0c:43:ca:3e:19:24:a5:de:
41:37:a6:45:34:67:39:45:6c:57:e6:51:7b:de:8f:26:2c:c1:
08:fa:8a:c4:27:44:51:65:a0:41:56:c8:07:c9:a3:34:f7:4d:
00:69:70:11:c1:2b:f7:c3:59:fb:c3:01:80:c1:b6:61:2b:b6:
47:cf:cb:21:f4:92:d6:c0:fe:f9:f9:2d:df:c7:df:c0:1f:30:
b6:a0:c9:33:9f:f7:ba:e4:0d:b8:22:f7:f9:8c:08:ff:c8:7f:
58:ca:ce:37
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQj11tiQRPvxtb7mUEMTw2BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZGNjNzc2YjJiZjU5NWJmNGIzZTYwYmJhNDI0NWYwMTIw
YTIxNzYwHhcNMjUwMTAxMjE0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmY5Y2ZmOTEzMDQxNTYzNmNhYmNjMjYzZGFiNzI4NzhlZjNkNDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy74nlMoisNeNef55MgvwRbpuPg3q
TsUgC8CIfHdskVniuFGUBKwk5kLrnn1Ye7Kf0rBplvLeOrMBcRIsqazfDPzYF/3o
zaFEi5UTZg/XXkYAS4ubrlVeBfBQEqdmzdA1WhV84HyFNt8wUr7dyyWR6Axd3UOT
Pni3Nf1pIhlWg+Axd1dml/lhOHWNaFy3SSRoRI4P+sIUrPeBYPela/XaGuai8uc9
A/vLTcnxrJw+6OtVsZ8M99tAnGH/N3Yj4W9QkHRriqwe930L8WyW+tkSGGe1vAI7
OK7gD2d5jpS7pYLNLcR1gpBUuIcBhyDOymMK5cjeySLqioPdcGrgvQ7S+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIv5z/kTBBVjbKvMJj2rcoeO89R+MB8GA1UdIwQY
MBaAFHXcx3ayv1lb9LPmC7pCRfASCiF2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGR6SGRyS19XVnYwcy1ZTHVrSkY4QklLSVhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS81ODFjNWQtYmM5Yi00MGE2LWE1YTQt
NjQ1NDAyMDVlY2Y0LzEvaV9uUC1STUVGV05zcTh3bVBhdHloNDd6MUg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS81ODFjNWQtYmM5Yi00MGE2LWE1YTQtNjQ1NDAyMDVlY2Y0
LzEvZGR6SGRyS19XVnYwcy1ZTHVrSkY4QklLSVhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW/ASAwQA
wZdeAwQAwwhnMA0GCSqGSIb3DQEBCwUAA4IBAQBaP2pLaNSVlG5jSubAHXankNdX
VZfwLNFfcHngapztQoHbs05/hfuZ+0BZkAMVQhKyP6+z7VDzdGBR5Gc6NeCjk/Oo
VtLN8K9jqH0WpDoqVA526CDlUJg+RQfyyTtqme9/0+/oTf7Uji5U+2BMwQYCmzp1
B9kvA9EadptTnNmerUHcjN7SmZnMVPzxTlN09qJ8a5tIk0KQojf/DEPKPhkkpd5B
N6ZFNGc5RWxX5lF73o8mLMEI+orEJ0RRZaBBVsgHyaM0900AaXARwSv3w1n7wwGA
wbZhK7ZHz8sh9JLWwP75+S3fx9/AHzC2oMkzn/e65A24Ivf5jAj/yH9Yys43
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:56:49 2025 by rpki-client