Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/6959c2-ee0b-42bd-b42d-bf7fdc29be6d/1/iuVnZoHRlpka7mUI3Ga_xWu9wAI.roa
File: iuVnZoHRlpka7mUI3Ga_xWu9wAI.roa (raw, json)
Hash identifier: C6Oc4Bk7j7y8ciioznqbwOlreRpQUzxPqgkBwJnLoJw=
Subject key identifier: 8A:E5:67:66:81:D1:96:99:1A:EE:65:08:DC:66:BF:C5:6B:BD:C0:02
Certificate issuer: /CN=9caf9a0d78a6811cd1686deb117788af866c8091
Certificate serial: 01958B6420BFECFB98F0D09B38AA2CD6778A
Authority key identifier: 9C:AF:9A:0D:78:A6:81:1C:D1:68:6D:EB:11:77:88:AF:86:6C:80:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nK-aDXimgRzRaG3rEXeIr4ZsgJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/6959c2-ee0b-42bd-b42d-bf7fdc29be6d/1/iuVnZoHRlpka7mUI3Ga_xWu9wAI.roa
Signing time: Wed 12 Mar 2025 17:25:49 +0000
ROA not before: Wed 12 Mar 2025 17:25:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 91.218.139.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8b:64:20:bf:ec:fb:98:f0:d0:9b:38:aa:2c:d6:77:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9caf9a0d78a6811cd1686deb117788af866c8091
Validity
Not Before: Mar 12 17:25:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ae5676681d196991aee6508dc66bfc56bbdc002
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e2:d0:cf:e7:91:66:f6:48:ce:1e:78:b4:f5:
93:39:9b:13:0e:aa:72:fc:6b:18:29:88:c3:10:20:
9d:f5:f5:28:81:a6:0a:53:43:c3:81:46:9a:18:40:
87:18:d9:9b:dd:d6:34:93:1f:69:8f:e4:2e:1f:c9:
1a:c1:1b:2c:39:6f:54:52:75:77:fb:54:19:95:3f:
9c:ab:ff:ca:1d:dc:ad:cd:fa:24:ae:6e:7f:13:24:
f4:b8:7b:40:67:7a:4a:8a:ce:75:eb:fa:49:fd:94:
68:af:50:ee:a4:33:56:bc:b1:d2:f0:ca:ba:fd:26:
05:75:ee:b8:dc:85:d9:50:07:66:6c:f3:9e:cb:00:
d9:07:ed:83:63:14:41:c2:b7:d3:70:d2:3b:bd:a9:
07:fc:d7:44:95:c7:de:c7:b2:3e:2c:1d:60:4c:84:
07:40:83:60:33:24:ee:64:9a:ad:ff:aa:58:05:82:
73:97:b3:0d:7c:f8:40:28:b8:4e:a4:29:cb:ca:22:
49:25:5c:d4:46:3f:c6:c1:f0:58:c8:1d:6f:58:b1:
98:e8:2a:aa:36:55:87:55:b3:fc:d3:00:1d:6f:ee:
70:18:ca:94:eb:09:93:f6:22:59:c5:27:81:31:3b:
7e:e9:41:24:7c:45:90:2c:39:69:25:48:e1:9a:0e:
18:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:E5:67:66:81:D1:96:99:1A:EE:65:08:DC:66:BF:C5:6B:BD:C0:02
X509v3 Authority Key Identifier:
keyid:9C:AF:9A:0D:78:A6:81:1C:D1:68:6D:EB:11:77:88:AF:86:6C:80:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nK-aDXimgRzRaG3rEXeIr4ZsgJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/6959c2-ee0b-42bd-b42d-bf7fdc29be6d/1/iuVnZoHRlpka7mUI3Ga_xWu9wAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/6959c2-ee0b-42bd-b42d-bf7fdc29be6d/1/nK-aDXimgRzRaG3rEXeIr4ZsgJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.139.0/24
Signature Algorithm: sha256WithRSAEncryption
85:88:14:b8:44:e6:a7:00:32:d1:7f:41:f1:80:b2:8a:7f:80:
59:16:93:5e:5c:f3:86:e4:2d:39:f7:1c:a5:3a:47:3a:8d:7b:
98:02:81:06:5e:ab:31:d8:d1:b9:5e:75:ee:e3:2a:c7:11:d4:
8c:98:5b:6d:19:7d:6c:ba:2e:47:02:b2:a4:d8:d7:7c:a3:8d:
f5:0d:bd:41:7f:40:ba:63:f1:bb:0a:5f:95:36:d3:0e:58:c0:
fd:16:3b:6e:46:23:66:49:52:c2:4d:67:18:a5:73:ed:0a:5b:
cc:bc:a5:d2:8e:ec:5a:b7:3d:3a:f1:0a:8b:37:5f:89:a7:1a:
fd:ab:0e:b0:75:d1:3b:2d:5c:97:40:1f:11:9b:25:f4:b6:25:
60:3f:98:99:ec:1e:d8:26:0f:7c:52:3d:e4:0a:89:4c:73:be:
01:81:b4:15:a4:c9:63:60:8f:26:2a:e1:9b:d5:18:06:ad:f7:
ec:f9:69:68:b2:53:6f:16:d1:7f:df:72:f3:49:56:0f:54:b1:
6b:40:cf:2c:a6:79:11:50:14:1e:73:62:24:1c:46:c4:ae:2b:
98:fd:65:b6:59:6b:99:d3:c7:6b:72:a8:6b:4d:34:b0:18:43:
0f:ad:f0:a1:e8:1e:01:b3:7d:04:87:6d:27:55:97:63:63:e3:
26:fb:ae:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWLZCC/7PuY8NCbOKos1neKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYWY5YTBkNzhhNjgxMWNkMTY4NmRlYjExNzc4OGFmODY2
YzgwOTEwHhcNMjUwMzEyMTcyNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWU1Njc2NjgxZDE5Njk5MWFlZTY1MDhkYzY2YmZjNTZiYmRjMDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruLQz+eRZvZIzh54tPWTOZsTDqpy
/GsYKYjDECCd9fUogaYKU0PDgUaaGECHGNmb3dY0kx9pj+QuH8kawRssOW9UUnV3
+1QZlT+cq//KHdytzfokrm5/EyT0uHtAZ3pKis516/pJ/ZRor1DupDNWvLHS8Mq6
/SYFde643IXZUAdmbPOeywDZB+2DYxRBwrfTcNI7vakH/NdElcfex7I+LB1gTIQH
QINgMyTuZJqt/6pYBYJzl7MNfPhAKLhOpCnLyiJJJVzURj/GwfBYyB1vWLGY6Cqq
NlWHVbP80wAdb+5wGMqU6wmT9iJZxSeBMTt+6UEkfEWQLDlpJUjhmg4YHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIrlZ2aB0ZaZGu5lCNxmv8VrvcACMB8GA1UdIwQY
MBaAFJyvmg14poEc0Wht6xF3iK+GbICRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkstYURYaW1nUnpSYUczckVYZUlyNFpzZ0pFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC82OTU5YzItZWUwYi00MmJkLWI0MmQt
YmY3ZmRjMjliZTZkLzEvaXVWblpvSFJscGthN21VSTNHYV94V3U5d0FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC82OTU5YzItZWUwYi00MmJkLWI0MmQtYmY3ZmRjMjliZTZk
LzEvbkstYURYaW1nUnpSYUczckVYZUlyNFpzZ0pFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9qLMA0G
CSqGSIb3DQEBCwUAA4IBAQCFiBS4ROanADLRf0HxgLKKf4BZFpNeXPOG5C059xyl
Okc6jXuYAoEGXqsx2NG5XnXu4yrHEdSMmFttGX1sui5HArKk2Nd8o431Db1Bf0C6
Y/G7Cl+VNtMOWMD9FjtuRiNmSVLCTWcYpXPtClvMvKXSjuxatz068QqLN1+Jpxr9
qw6wddE7LVyXQB8RmyX0tiVgP5iZ7B7YJg98Uj3kColMc74BgbQVpMljYI8mKuGb
1RgGrffs+WloslNvFtF/33LzSVYPVLFrQM8spnkRUBQec2IkHEbEriuY/WW2WWuZ
08drcqhrTTSwGEMPrfCh6B4Bs30Eh20nVZdjY+Mm+67r
-----END CERTIFICATE-----
Generated at Sat Apr 19 05:44:27 2025 by rpki-client