Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/f5ed1c-3797-400d-b72f-804cda5243b3/1/1uWXPJauvtvifVbThumN2raM6U0.roa
File: 1uWXPJauvtvifVbThumN2raM6U0.roa (raw, json)
Hash identifier: Y17nAyKVcY518yw8/uPGoyc32qYJ3ixC6oOmJrlY3aE=
Subject key identifier: D6:E5:97:3C:96:AE:BE:DB:E2:7D:56:D3:86:E9:8D:DA:B6:8C:E9:4D
Certificate issuer: /CN=9f6c98d597b781b7a10c7e0edb1c48f6b81a5f8b
Certificate serial: 019427B3FA4726E6A535E59F871B726507F4
Authority key identifier: 9F:6C:98:D5:97:B7:81:B7:A1:0C:7E:0E:DB:1C:48:F6:B8:1A:5F:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n2yY1Ze3gbehDH4O2xxI9rgaX4s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/f5ed1c-3797-400d-b72f-804cda5243b3/1/1uWXPJauvtvifVbThumN2raM6U0.roa
Signing time: Thu 02 Jan 2025 15:48:13 +0000
ROA not before: Thu 02 Jan 2025 15:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5089
IP address blocks: 91.198.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:fa:47:26:e6:a5:35:e5:9f:87:1b:72:65:07:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f6c98d597b781b7a10c7e0edb1c48f6b81a5f8b
Validity
Not Before: Jan 2 15:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6e5973c96aebedbe27d56d386e98ddab68ce94d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:df:0b:82:dd:b5:28:27:d8:b2:e6:76:50:4d:
e5:3c:1e:26:31:3f:10:fc:74:89:e6:b7:3e:68:7f:
e0:b6:03:13:12:2c:e8:bc:e5:62:9e:e2:5d:e1:2b:
5a:2b:dc:61:5b:a7:21:a9:26:75:89:4d:87:c7:12:
8d:9f:d2:bc:60:fe:92:6b:78:fc:f0:9c:23:6f:24:
a8:2d:67:76:41:5e:88:2f:48:42:79:b0:37:21:5d:
cf:fb:61:5e:bb:4a:b1:f2:b3:e8:70:9e:b0:9b:64:
e7:a1:20:ed:5a:34:8e:0c:52:5c:4e:e1:bc:ea:1d:
e8:44:45:14:2f:5e:76:a9:46:65:31:fa:0a:7b:a1:
ac:b9:4b:ea:ae:91:6f:51:97:c3:9a:d2:b6:1d:fb:
31:27:a5:bb:35:37:32:9a:19:79:61:59:4e:61:84:
89:26:72:1c:a4:82:ff:12:fa:cd:ae:20:5e:e0:ae:
5f:a0:76:a6:98:e3:10:da:bb:02:1f:87:88:66:b5:
b9:3c:15:66:35:ca:b5:2f:c8:4b:41:87:fd:d3:1a:
c0:48:78:c0:2f:2d:f9:41:23:2f:f7:ba:29:80:3b:
9d:e0:04:23:0a:4f:77:a4:d9:28:92:91:f7:85:01:
0c:0e:73:6b:2f:55:50:60:07:ab:4c:f2:e5:3c:71:
8b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:E5:97:3C:96:AE:BE:DB:E2:7D:56:D3:86:E9:8D:DA:B6:8C:E9:4D
X509v3 Authority Key Identifier:
keyid:9F:6C:98:D5:97:B7:81:B7:A1:0C:7E:0E:DB:1C:48:F6:B8:1A:5F:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n2yY1Ze3gbehDH4O2xxI9rgaX4s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/f5ed1c-3797-400d-b72f-804cda5243b3/1/1uWXPJauvtvifVbThumN2raM6U0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/f5ed1c-3797-400d-b72f-804cda5243b3/1/n2yY1Ze3gbehDH4O2xxI9rgaX4s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.255.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:a7:e0:06:e6:28:8b:84:bc:5e:28:86:19:17:04:5c:42:c5:
df:ca:e4:01:89:c0:f3:ec:07:01:c2:c5:17:16:b9:81:b9:9d:
a4:1b:7e:4b:56:cf:1d:40:4b:3e:99:fb:76:61:b7:30:03:cb:
cd:29:f4:01:83:7e:0d:42:66:94:31:d2:86:1b:c8:11:d0:cc:
5a:c6:1e:2b:61:2a:11:a6:cd:88:a6:05:82:d3:1f:79:10:3d:
36:a5:82:09:ff:8d:04:37:90:f8:33:0b:25:3d:5a:1a:b3:5e:
02:39:4d:74:df:3d:2d:ef:3c:df:17:7d:0f:f3:28:6d:f3:40:
4e:54:04:e1:50:76:5d:d5:77:4a:9d:fa:8a:fd:e1:28:9a:98:
70:aa:3c:8e:d3:57:86:82:44:f9:89:bf:0e:3d:95:1f:3e:11:
4e:d2:d3:15:c5:2b:27:a3:35:69:24:83:66:e8:78:32:86:d8:
88:ab:50:e2:69:ca:c2:c6:fb:2d:7e:9e:f1:a8:30:ca:35:5c:
f4:24:52:3d:67:e0:8f:0c:89:9a:69:a1:71:fb:b6:d6:ba:64:
0e:79:14:09:21:f5:9e:69:e6:88:ca:85:aa:5f:95:43:11:d0:
c8:47:6b:70:ce:a6:c2:8e:12:f1:c0:44:8c:86:da:79:d3:0e:
de:5a:3c:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQns/pHJualNeWfhxtyZQf0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNmM5OGQ1OTdiNzgxYjdhMTBjN2UwZWRiMWM0OGY2Yjgx
YTVmOGIwHhcNMjUwMTAyMTU0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmU1OTczYzk2YWViZWRiZTI3ZDU2ZDM4NmU5OGRkYWI2OGNlOTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA898Lgt21KCfYsuZ2UE3lPB4mMT8Q
/HSJ5rc+aH/gtgMTEizovOVinuJd4StaK9xhW6chqSZ1iU2HxxKNn9K8YP6Sa3j8
8JwjbySoLWd2QV6IL0hCebA3IV3P+2Feu0qx8rPocJ6wm2TnoSDtWjSODFJcTuG8
6h3oREUUL152qUZlMfoKe6GsuUvqrpFvUZfDmtK2HfsxJ6W7NTcymhl5YVlOYYSJ
JnIcpIL/EvrNriBe4K5foHammOMQ2rsCH4eIZrW5PBVmNcq1L8hLQYf90xrASHjA
Ly35QSMv97opgDud4AQjCk93pNkokpH3hQEMDnNrL1VQYAerTPLlPHGLdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNbllzyWrr7b4n1W04bpjdq2jOlNMB8GA1UdIwQY
MBaAFJ9smNWXt4G3oQx+DtscSPa4Gl+LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjJ5WTFaZTNnYmVoREg0TzJ4eEk5cmdhWDRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9mNWVkMWMtMzc5Ny00MDBkLWI3MmYt
ODA0Y2RhNTI0M2IzLzEvMXVXWFBKYXV2dHZpZlZiVGh1bU4ycmFNNlUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9mNWVkMWMtMzc5Ny00MDBkLWI3MmYtODA0Y2RhNTI0M2Iz
LzEvbjJ5WTFaZTNnYmVoREg0TzJ4eEk5cmdhWDRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8b/MA0G
CSqGSIb3DQEBCwUAA4IBAQAap+AG5iiLhLxeKIYZFwRcQsXfyuQBicDz7AcBwsUX
FrmBuZ2kG35LVs8dQEs+mft2YbcwA8vNKfQBg34NQmaUMdKGG8gR0Mxaxh4rYSoR
ps2IpgWC0x95ED02pYIJ/40EN5D4MwslPVoas14COU103z0t7zzfF30P8yht80BO
VAThUHZd1XdKnfqK/eEomphwqjyO01eGgkT5ib8OPZUfPhFO0tMVxSsnozVpJINm
6HgyhtiIq1DiacrCxvstfp7xqDDKNVz0JFI9Z+CPDImaaaFx+7bWumQOeRQJIfWe
aeaIyoWqX5VDEdDIR2twzqbCjhLxwESMhtp50w7eWjz2
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:59:22 2025 by rpki-client