Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/rQMc8tlbD24MLedawDrFjbFwrbU.roa
File: rQMc8tlbD24MLedawDrFjbFwrbU.roa (raw, json)
Hash identifier: 96Ec+H4X1QQDrOAwkuHuDNv0NdIpnRkAMRD5A4fFZtA=
Subject key identifier: AD:03:1C:F2:D9:5B:0F:6E:0C:2D:E7:5A:C0:3A:C5:8D:B1:70:AD:B5
Certificate issuer: /CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Certificate serial: 0194282706F520310A4CE045015C4AB9C679
Authority key identifier: 6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/rQMc8tlbD24MLedawDrFjbFwrbU.roa
Signing time: Thu 02 Jan 2025 17:53:53 +0000
ROA not before: Thu 02 Jan 2025 17:53:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199785
IP address blocks: 91.209.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:06:f5:20:31:0a:4c:e0:45:01:5c:4a:b9:c6:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Validity
Not Before: Jan 2 17:53:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad031cf2d95b0f6e0c2de75ac03ac58db170adb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:28:39:00:c8:66:32:22:8f:a8:2b:23:e7:86:
5c:21:33:a2:87:f0:c3:cb:3a:69:e3:bf:c3:39:ab:
41:80:e5:72:f5:8a:44:55:9f:aa:25:46:65:09:59:
99:25:64:7f:d7:63:ca:dd:14:0e:69:4f:1f:49:b2:
45:b3:84:8f:c0:07:2d:d8:86:e5:1e:9f:8d:16:b1:
bb:d9:6a:51:c0:4b:19:c1:03:79:49:d5:63:f7:1a:
11:03:2d:5f:34:91:18:8b:d3:a7:64:ff:aa:61:a8:
20:42:51:99:72:c5:2d:3f:dd:6b:71:5b:64:fd:b0:
8b:f4:88:55:8d:0c:b3:4f:bc:1c:48:ee:15:ed:61:
1e:f5:00:1a:fc:da:7c:5e:12:2d:b8:5c:63:4a:49:
d8:db:ae:eb:f4:2c:dc:b4:84:ee:bc:71:ad:64:f9:
34:0e:5f:06:e3:d5:28:e2:7b:ff:29:11:7c:d0:ec:
83:8e:b1:65:67:42:6d:bf:23:e5:a1:2c:fc:29:45:
2d:66:fa:11:e6:07:36:6b:8a:ae:48:a9:78:f4:67:
31:8e:44:94:8b:1b:16:87:67:b4:d5:7c:c3:ed:06:
78:35:a0:86:b9:4e:2c:f7:e9:f1:89:75:37:0c:2a:
2e:b9:3d:96:44:cf:38:b8:19:12:92:f0:49:e2:5c:
63:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:03:1C:F2:D9:5B:0F:6E:0C:2D:E7:5A:C0:3A:C5:8D:B1:70:AD:B5
X509v3 Authority Key Identifier:
keyid:6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/rQMc8tlbD24MLedawDrFjbFwrbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/bQiM7yjgKvfQDyl4FsVfjjxD1TU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.135.0/24
Signature Algorithm: sha256WithRSAEncryption
16:c8:73:ee:60:9e:86:71:dd:7d:dc:d4:26:ec:2f:fb:59:47:
7c:20:04:cf:e5:cf:40:86:e5:02:4d:25:61:d1:8b:94:a7:41:
34:7d:fe:0e:0c:cd:88:84:a1:97:4d:90:a5:0e:42:d7:85:61:
4b:30:8b:92:92:01:2a:3e:4a:c7:25:be:02:7b:01:71:76:43:
f8:f0:ad:ae:e1:3b:d2:17:c1:d0:d1:e1:10:3c:35:ff:2e:5f:
d5:23:1a:1f:da:3d:d1:d6:55:3f:99:d1:16:e7:bf:d6:ef:f9:
2c:8b:fc:e2:94:ea:a8:fd:99:3c:ea:b1:64:13:6d:06:93:a5:
da:55:09:be:a2:cc:6d:a9:c5:66:1c:01:d3:ed:88:6a:01:ab:
ec:b5:65:ad:a0:32:0a:f4:3a:d9:4c:6f:50:77:a3:e3:f7:a5:
f3:f9:59:3b:f0:a9:b7:dd:e0:2f:18:10:24:41:33:b8:18:06:
1e:a2:25:de:6d:a3:17:98:79:57:3c:da:a3:ac:11:65:0a:3b:
80:39:fe:34:b8:cc:7a:7f:42:49:37:e2:af:7f:4c:c9:aa:38:
6c:9d:8c:79:df:e4:d4:89:4a:14:1d:e0:06:fd:5f:e8:bd:ad:
5a:83:8a:01:65:69:eb:d0:2a:ec:46:5f:95:89:89:d5:b2:27:
c5:47:f7:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJwb1IDEKTOBFAVxKucZ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDg4Y2VmMjhlMDJhZjdkMDBmMjk3ODE2YzU1ZjhlM2M0
M2Q1MzUwHhcNMjUwMTAyMTc1MzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDAzMWNmMmQ5NWIwZjZlMGMyZGU3NWFjMDNhYzU4ZGIxNzBhZGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyg5AMhmMiKPqCsj54ZcITOih/DD
yzpp47/DOatBgOVy9YpEVZ+qJUZlCVmZJWR/12PK3RQOaU8fSbJFs4SPwAct2Ibl
Hp+NFrG72WpRwEsZwQN5SdVj9xoRAy1fNJEYi9OnZP+qYaggQlGZcsUtP91rcVtk
/bCL9IhVjQyzT7wcSO4V7WEe9QAa/Np8XhItuFxjSknY267r9CzctITuvHGtZPk0
Dl8G49Uo4nv/KRF80OyDjrFlZ0JtvyPloSz8KUUtZvoR5gc2a4quSKl49GcxjkSU
ixsWh2e01XzD7QZ4NaCGuU4s9+nxiXU3DCouuT2WRM84uBkSkvBJ4lxjTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK0DHPLZWw9uDC3nWsA6xY2xcK21MB8GA1UdIwQY
MBaAFG0IjO8o4Cr30A8peBbFX448Q9U1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYt
ZmVlOGVhZjczYjBkLzEvclFNYzh0bGJEMjRNTGVkYXdEckZqYkZ3cmJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYtZmVlOGVhZjczYjBk
LzEvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9GHMA0G
CSqGSIb3DQEBCwUAA4IBAQAWyHPuYJ6Gcd193NQm7C/7WUd8IATP5c9AhuUCTSVh
0YuUp0E0ff4ODM2IhKGXTZClDkLXhWFLMIuSkgEqPkrHJb4CewFxdkP48K2u4TvS
F8HQ0eEQPDX/Ll/VIxof2j3R1lU/mdEW57/W7/ksi/zilOqo/Zk86rFkE20Gk6Xa
VQm+osxtqcVmHAHT7YhqAavstWWtoDIK9DrZTG9Qd6Pj96Xz+Vk78Km33eAvGBAk
QTO4GAYeoiXebaMXmHlXPNqjrBFlCjuAOf40uMx6f0JJN+Kvf0zJqjhsnYx53+TU
iUoUHeAG/V/ova1ag4oBZWnr0CrsRl+ViYnVsifFR/dT
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:18:44 2025 by rpki-client