Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/be6337-662e-4c3b-812a-3407fca12267/1/1-6mnh_WrGshq4BGNMcahIgl1tdM.roa
File: 1-6mnh_WrGshq4BGNMcahIgl1tdM.roa (raw, json)
Hash identifier: cq1xI/14AhL1drVD8g+gpqIgK6YTCibBOfeJtp72SrQ=
Subject key identifier: FB:A9:A7:87:F5:AB:1A:C8:6A:E0:11:8D:31:C6:A1:22:09:75:B5:D3
Certificate issuer: /CN=cdb150276f55bae455988d3a13e59341074dcd0a
Certificate serial: 01942444BD14BF2F8C9900F08B15EA6C0C02
Authority key identifier: CD:B1:50:27:6F:55:BA:E4:55:98:8D:3A:13:E5:93:41:07:4D:CD:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zbFQJ29VuuRVmI06E-WTQQdNzQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/be6337-662e-4c3b-812a-3407fca12267/1/1-6mnh_WrGshq4BGNMcahIgl1tdM.roa
Signing time: Wed 01 Jan 2025 23:47:52 +0000
ROA not before: Wed 01 Jan 2025 23:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31027
IP address blocks: 91.194.94.0/23 maxlen: 23
91.212.28.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:bd:14:bf:2f:8c:99:00:f0:8b:15:ea:6c:0c:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdb150276f55bae455988d3a13e59341074dcd0a
Validity
Not Before: Jan 1 23:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fba9a787f5ab1ac86ae0118d31c6a1220975b5d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:2c:90:85:4f:b7:15:36:2e:c8:a0:dd:78:e8:
dc:f8:a3:37:be:5a:e0:6f:30:45:87:bc:c6:3e:76:
df:76:b9:58:87:95:e3:6f:2b:f6:91:1e:5a:cf:3c:
14:2a:38:6b:15:f0:2d:fc:5b:23:f9:7b:bd:de:f0:
2d:5c:ac:15:e9:6b:3b:f2:49:0e:1a:be:01:e3:a3:
75:f0:80:3d:ad:3a:3d:1e:24:71:46:d0:46:ab:fb:
f8:be:63:f6:7f:c0:a9:43:7d:7b:91:e3:92:6d:b4:
37:53:44:48:0f:dd:5e:b6:0a:3e:60:a6:ed:63:f1:
d6:dd:50:3a:12:85:cc:f3:54:d4:8b:bb:99:71:c0:
ac:f6:5d:e8:34:b1:28:a8:92:49:24:67:15:f9:f5:
11:98:36:ae:1a:c8:27:03:d5:88:fa:62:82:d5:7d:
90:a4:b7:8a:b8:b7:80:3a:0a:ee:11:c1:f7:8c:ce:
bc:21:6d:16:dd:e5:29:7d:3e:c3:bb:f8:e6:39:af:
9c:c3:d9:9e:2a:30:a7:a9:ed:e3:7b:3d:13:86:61:
be:3a:0f:bb:75:83:75:bd:88:a5:b9:ce:eb:e3:18:
dd:27:ff:4e:02:f5:e4:7f:f3:76:67:74:04:95:7e:
b4:d6:b5:c2:a9:de:7e:cf:2c:d7:38:0e:e4:9c:a5:
0e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:A9:A7:87:F5:AB:1A:C8:6A:E0:11:8D:31:C6:A1:22:09:75:B5:D3
X509v3 Authority Key Identifier:
keyid:CD:B1:50:27:6F:55:BA:E4:55:98:8D:3A:13:E5:93:41:07:4D:CD:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbFQJ29VuuRVmI06E-WTQQdNzQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/be6337-662e-4c3b-812a-3407fca12267/1/1-6mnh_WrGshq4BGNMcahIgl1tdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/be6337-662e-4c3b-812a-3407fca12267/1/zbFQJ29VuuRVmI06E-WTQQdNzQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.94.0/23
91.212.28.0/24
Signature Algorithm: sha256WithRSAEncryption
41:ee:46:60:f9:f8:57:9d:c6:58:ef:4e:31:a3:fa:d6:e5:af:
5e:e4:a4:31:15:91:7b:ea:da:31:13:25:db:8c:46:4d:3c:21:
fd:f7:3c:d6:98:f3:67:a4:ca:6d:7a:c2:e3:c9:5a:ca:01:06:
9c:9c:e4:5f:05:8f:37:66:af:7b:f9:93:bf:ae:87:29:cf:81:
fe:49:67:8a:fa:da:10:b8:af:6f:e6:82:fe:75:3a:2e:a1:b3:
82:d4:d0:19:a5:4f:27:05:cf:ff:bb:22:07:07:3f:5c:e8:a5:
08:f6:85:76:8d:38:58:02:44:6b:64:3c:b3:9c:c3:2a:4b:71:
2a:49:de:41:6c:50:a4:55:c3:d3:e9:42:46:87:09:2b:10:c7:
dd:ac:97:ae:23:bc:eb:a0:da:d6:31:67:e8:ec:43:06:0a:83:
28:06:eb:0c:13:50:74:fc:f7:c2:c3:0a:e2:71:0f:2b:eb:fe:
a4:77:d1:1f:6f:54:b1:2c:d1:d6:44:fa:82:34:1d:ef:80:40:
3b:ce:97:d9:0d:9d:b3:0c:ea:82:03:68:c0:31:fc:d5:ef:a5:
6f:c5:8b:e3:3d:54:ee:97:64:c6:ad:75:37:83:57:42:7c:25:
dd:82:70:7b:87:59:bd:cb:24:cf:8d:dd:d9:c0:80:74:e2:76:
9d:80:d8:d4
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZQkRL0Uvy+MmQDwixXqbAwCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYjE1MDI3NmY1NWJhZTQ1NTk4OGQzYTEzZTU5MzQxMDc0
ZGNkMGEwHhcNMjUwMTAxMjM0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmE5YTc4N2Y1YWIxYWM4NmFlMDExOGQzMWM2YTEyMjA5NzViNWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSyQhU+3FTYuyKDdeOjc+KM3vlrg
bzBFh7zGPnbfdrlYh5Xjbyv2kR5azzwUKjhrFfAt/Fsj+Xu93vAtXKwV6Ws78kkO
Gr4B46N18IA9rTo9HiRxRtBGq/v4vmP2f8CpQ317keOSbbQ3U0RID91etgo+YKbt
Y/HW3VA6EoXM81TUi7uZccCs9l3oNLEoqJJJJGcV+fURmDauGsgnA9WI+mKC1X2Q
pLeKuLeAOgruEcH3jM68IW0W3eUpfT7Du/jmOa+cw9meKjCnqe3jez0ThmG+Og+7
dYN1vYiluc7r4xjdJ/9OAvXkf/N2Z3QElX601rXCqd5+zyzXOA7knKUOQQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPupp4f1qxrIauARjTHGoSIJdbXTMB8GA1UdIwQY
MBaAFM2xUCdvVbrkVZiNOhPlk0EHTc0KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJGUUoyOVZ1dVJWbUkwNkUtV1RRUWROelFvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9iZTYzMzctNjYyZS00YzNiLTgxMmEt
MzQwN2ZjYTEyMjY3LzEvMS02bW5oX1dyR3NocTRCR05NY2FoSWdsMXRkTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzEvYmU2MzM3LTY2MmUtNGMzYi04MTJhLTM0MDdmY2ExMjI2
Ny8xL3piRlFKMjlWdXVSVm1JMDZFLVdUUVFkTnpRby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAVvCXgME
AFvUHDANBgkqhkiG9w0BAQsFAAOCAQEAQe5GYPn4V53GWO9OMaP61uWvXuSkMRWR
e+raMRMl24xGTTwh/fc81pjzZ6TKbXrC48laygEGnJzkXwWPN2ave/mTv66HKc+B
/klnivraELivb+aC/nU6LqGzgtTQGaVPJwXP/7siBwc/XOilCPaFdo04WAJEa2Q8
s5zDKktxKkneQWxQpFXD0+lCRocJKxDH3ayXriO866Da1jFn6OxDBgqDKAbrDBNQ
dPz3wsMK4nEPK+v+pHfRH29UsSzR1kT6gjQd74BAO86X2Q2dswzqggNowDH81e+l
b8WL4z1U7pdkxq11N4NXQnwl3YJwe4dZvcskz43d2cCAdOJ2nYDY1A==
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:46:22 2025 by rpki-client