Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/RLQ2xMmRZoZiAtZFS_YRcySPvAc.roa
File: RLQ2xMmRZoZiAtZFS_YRcySPvAc.roa (raw, json)
Hash identifier: P8RbzLYf4UK0GuClJazmarq7imv/ewysF1Ivpx0otS4=
Subject key identifier: 44:B4:36:C4:C9:91:66:86:62:02:D6:45:4B:F6:11:73:24:8F:BC:07
Certificate issuer: /CN=b194f0304eedd363c6622fd91c59b10871aa3044
Certificate serial: 0194221F75998E463E43C7DB1DBC1597D1C3
Authority key identifier: B1:94:F0:30:4E:ED:D3:63:C6:62:2F:D9:1C:59:B1:08:71:AA:30:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sZTwME7t02PGYi_ZHFmxCHGqMEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/RLQ2xMmRZoZiAtZFS_YRcySPvAc.roa
Signing time: Wed 01 Jan 2025 13:47:54 +0000
ROA not before: Wed 01 Jan 2025 13:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198058
IP address blocks: 91.199.219.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:75:99:8e:46:3e:43:c7:db:1d:bc:15:97:d1:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b194f0304eedd363c6622fd91c59b10871aa3044
Validity
Not Before: Jan 1 13:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=44b436c4c99166866202d6454bf61173248fbc07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:2e:62:7f:86:05:4c:2b:d2:34:1a:56:3a:ba:
cd:d3:02:2a:3e:7b:26:c3:c7:a4:5c:31:d4:e2:61:
a8:ee:aa:53:d3:cb:1f:86:d3:af:48:50:2b:df:6a:
2a:b2:fc:ea:b7:47:7a:e1:0e:d3:eb:95:bc:d1:0b:
9b:69:04:70:16:24:1b:de:be:46:43:bc:40:4e:30:
ca:80:05:40:35:b6:c9:4c:45:e8:c8:04:63:c2:5e:
52:e7:51:6d:ce:b9:af:5f:86:b3:08:90:93:75:76:
df:fa:99:3d:6b:39:b4:da:31:2d:aa:78:d5:22:0d:
1d:6b:0a:65:58:c1:cd:92:19:5f:53:93:7e:3f:25:
cc:51:68:8b:2d:10:26:17:0c:b9:18:90:f5:93:e0:
97:65:7d:af:87:4e:a2:19:0e:0f:9d:d6:88:67:f4:
f4:e0:30:ed:31:17:0b:4d:47:cc:0f:87:65:f3:c0:
d9:16:17:d1:75:5d:5c:b5:6c:b2:7a:ec:73:81:c3:
f6:b4:7f:0e:97:9c:3a:da:dd:a3:c2:17:6a:10:0a:
ba:ca:32:3d:48:09:1c:24:fc:a4:62:a3:a4:0b:0b:
73:b7:04:5c:4a:80:fe:21:04:09:e3:ff:c1:3c:c0:
5b:b5:39:7c:96:eb:af:71:67:dd:f9:eb:70:43:99:
f4:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:B4:36:C4:C9:91:66:86:62:02:D6:45:4B:F6:11:73:24:8F:BC:07
X509v3 Authority Key Identifier:
keyid:B1:94:F0:30:4E:ED:D3:63:C6:62:2F:D9:1C:59:B1:08:71:AA:30:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sZTwME7t02PGYi_ZHFmxCHGqMEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/RLQ2xMmRZoZiAtZFS_YRcySPvAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/sZTwME7t02PGYi_ZHFmxCHGqMEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.219.0/24
Signature Algorithm: sha256WithRSAEncryption
34:21:29:f7:60:59:45:77:0f:c7:c5:f8:e8:61:80:af:12:0c:
5e:ca:c7:49:29:74:53:98:d3:3b:4a:48:a2:d1:5c:8b:93:94:
a3:cc:c5:49:df:19:ce:cd:68:87:c7:d9:25:88:41:10:a9:8a:
5d:e0:ed:25:24:dd:76:28:11:d5:0a:2e:1e:fc:d9:9d:8b:68:
88:23:e5:af:1c:a7:dc:60:73:06:34:63:fe:c8:0d:30:6b:60:
59:d1:cd:bc:ee:bc:e2:56:67:42:7f:0b:9b:c7:1b:4a:d2:2a:
98:47:f2:3e:b4:25:7c:ec:ec:c1:bc:50:08:7f:f1:cc:88:3c:
7e:44:21:15:27:2b:13:5d:a7:7d:70:e3:38:ac:36:73:c9:ff:
e7:78:be:33:db:f0:fe:83:b1:cf:f3:45:05:3b:36:79:96:8c:
40:e6:e8:74:1b:a1:56:96:54:82:4d:95:7f:12:9b:a5:bd:50:
ba:cf:e7:11:a1:38:c1:cc:d1:e0:7a:ea:4a:df:9f:f4:d2:21:
fa:45:2c:db:0e:3a:6a:3c:83:80:ec:36:f8:bd:50:7c:a1:de:
e0:68:a8:f4:e4:d5:59:44:fe:35:07:96:6d:b8:1d:14:88:ee:
85:41:a7:40:90:d0:b4:88:c1:51:82:9b:0e:af:53:ac:fb:66:
a7:3a:53:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH3WZjkY+Q8fbHbwVl9HDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxOTRmMDMwNGVlZGQzNjNjNjYyMmZkOTFjNTliMTA4NzFh
YTMwNDQwHhcNMjUwMTAxMTM0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGI0MzZjNGM5OTE2Njg2NjIwMmQ2NDU0YmY2MTE3MzI0OGZiYzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAny5if4YFTCvSNBpWOrrN0wIqPnsm
w8ekXDHU4mGo7qpT08sfhtOvSFAr32oqsvzqt0d64Q7T65W80QubaQRwFiQb3r5G
Q7xATjDKgAVANbbJTEXoyARjwl5S51FtzrmvX4azCJCTdXbf+pk9azm02jEtqnjV
Ig0dawplWMHNkhlfU5N+PyXMUWiLLRAmFwy5GJD1k+CXZX2vh06iGQ4PndaIZ/T0
4DDtMRcLTUfMD4dl88DZFhfRdV1ctWyyeuxzgcP2tH8Ol5w62t2jwhdqEAq6yjI9
SAkcJPykYqOkCwtztwRcSoD+IQQJ4//BPMBbtTl8luuvcWfd+etwQ5n07QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFES0NsTJkWaGYgLWRUv2EXMkj7wHMB8GA1UdIwQY
MBaAFLGU8DBO7dNjxmIv2RxZsQhxqjBEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1pUd01FN3QwMlBHWWlfWkhGbXhDSEdxTUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9kZjg0YTctNzJjOS00YTJmLTgxMTUt
YWZiZGJkYWQ1OGE1LzEvUkxRMnhNbVJab1ppQXRaRlNfWVJjeVNQdkFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9kZjg0YTctNzJjOS00YTJmLTgxMTUtYWZiZGJkYWQ1OGE1
LzEvc1pUd01FN3QwMlBHWWlfWkhGbXhDSEdxTUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8fbMA0G
CSqGSIb3DQEBCwUAA4IBAQA0ISn3YFlFdw/HxfjoYYCvEgxeysdJKXRTmNM7Skii
0VyLk5SjzMVJ3xnOzWiHx9kliEEQqYpd4O0lJN12KBHVCi4e/Nmdi2iII+WvHKfc
YHMGNGP+yA0wa2BZ0c287rziVmdCfwubxxtK0iqYR/I+tCV87OzBvFAIf/HMiDx+
RCEVJysTXad9cOM4rDZzyf/neL4z2/D+g7HP80UFOzZ5loxA5uh0G6FWllSCTZV/
EpulvVC6z+cRoTjBzNHgeupK35/00iH6RSzbDjpqPIOA7Db4vVB8od7gaKj05NVZ
RP41B5ZtuB0UiO6FQadAkNC0iMFRgpsOr1Os+2anOlNq
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:17:56 2025 by rpki-client