Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/aFnhQawEO18IQ3GTJ01kkL1iiO8.roa
File: aFnhQawEO18IQ3GTJ01kkL1iiO8.roa (raw, json)
Hash identifier: lmQ4l6Xz/ufxEDRo15j0d1wdcSctSZ/L1+X4hlqiZ0E=
Subject key identifier: 68:59:E1:41:AC:04:3B:5F:08:43:71:93:27:4D:64:90:BD:62:88:EF
Certificate issuer: /CN=0563cb263df50d2d4d073c0f7db6cd2776302c9d
Certificate serial: 01951DCDD1E49EA8645401AA3917CCFD0D0B
Authority key identifier: 05:63:CB:26:3D:F5:0D:2D:4D:07:3C:0F:7D:B6:CD:27:76:30:2C:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/aFnhQawEO18IQ3GTJ01kkL1iiO8.roa
Signing time: Wed 19 Feb 2025 10:43:02 +0000
ROA not before: Wed 19 Feb 2025 10:43:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209428
IP address blocks: 91.206.229.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1d:cd:d1:e4:9e:a8:64:54:01:aa:39:17:cc:fd:0d:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0563cb263df50d2d4d073c0f7db6cd2776302c9d
Validity
Not Before: Feb 19 10:43:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6859e141ac043b5f08437193274d6490bd6288ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:bb:ba:97:8c:d0:3f:d3:89:c4:cf:c2:ce:8d:
2a:c8:68:c1:66:c6:c4:97:22:1a:34:19:68:58:c7:
fe:59:9e:c2:ae:da:43:6f:78:be:86:19:fa:3b:22:
9e:9d:c7:be:32:e6:9a:a2:29:62:59:a7:7d:b9:07:
9e:2c:8a:31:ca:fc:bc:82:5f:09:b9:db:69:9f:09:
b4:3d:49:4d:de:66:37:87:6e:96:0a:42:f4:2d:9c:
2d:95:7f:9a:1f:b2:4c:72:a5:dd:6b:b0:7f:3b:c6:
07:cd:ea:83:b8:49:c7:11:68:7d:89:8c:20:c2:ff:
d5:02:ec:83:ac:25:1d:76:4a:73:d6:eb:a5:8d:a5:
10:e3:d6:8c:d5:61:31:df:2f:6e:96:64:ff:60:7f:
19:fb:21:f7:a4:29:66:ae:90:7f:52:c1:31:79:ec:
0c:49:07:85:80:cd:3a:b5:62:5f:3e:18:38:d0:ea:
a3:3b:b1:5b:01:bd:39:2c:b2:f5:c6:0d:2b:24:50:
0c:32:15:ea:ba:97:28:21:24:37:db:90:57:e3:6c:
5a:4c:c4:6b:60:b0:5a:35:5e:8f:1f:e4:12:aa:60:
bb:a6:57:d6:f4:1d:47:82:76:00:20:8b:81:4c:17:
58:9b:ae:9d:d0:16:2a:95:1e:7b:97:a2:12:27:f5:
d8:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:59:E1:41:AC:04:3B:5F:08:43:71:93:27:4D:64:90:BD:62:88:EF
X509v3 Authority Key Identifier:
keyid:05:63:CB:26:3D:F5:0D:2D:4D:07:3C:0F:7D:B6:CD:27:76:30:2C:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/aFnhQawEO18IQ3GTJ01kkL1iiO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.229.0/24
Signature Algorithm: sha256WithRSAEncryption
13:a3:87:66:ff:fb:53:63:35:bf:29:0f:3f:02:e3:da:28:ea:
98:18:aa:99:99:5c:5d:f2:35:8d:73:2e:08:02:e1:0f:b8:09:
0e:5c:de:2f:1a:c6:29:a8:f5:7f:29:36:2d:cc:88:ee:25:e1:
8b:7f:f8:17:c9:e8:4c:5a:d2:ab:de:c8:63:54:12:b9:dc:d3:
9a:82:ca:9b:2c:e0:29:93:63:d2:18:e8:9e:8b:fb:de:82:5a:
dd:12:2e:24:7d:e5:0e:1d:f2:87:ba:29:b6:42:b8:1b:32:37:
02:07:e6:99:1d:49:2f:fc:c6:99:ff:5d:77:88:a5:8c:a2:89:
f1:80:be:10:86:91:c9:2b:89:b7:d2:c4:82:0d:d0:4f:96:30:
48:5b:aa:8d:4a:50:99:ff:e8:fe:14:2e:d4:6e:6c:c3:1e:2d:
20:69:44:fd:2c:0d:0a:3f:f4:a9:7f:aa:50:ff:82:9f:c1:17:
e8:2d:de:62:62:a4:4b:f3:3f:b6:39:9a:21:d7:a6:35:1b:ea:
7f:f0:05:e2:69:f5:f8:2a:96:27:24:27:a9:15:c6:c4:44:4e:
02:96:01:f4:c2:93:4c:41:c7:9c:86:63:6f:cc:2d:93:3e:65:
de:ea:02:ff:d0:da:7b:3c:e1:74:ab:a9:37:26:a9:d0:d3:57:
76:39:46:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUdzdHknqhkVAGqORfM/Q0LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NjNjYjI2M2RmNTBkMmQ0ZDA3M2MwZjdkYjZjZDI3NzYz
MDJjOWQwHhcNMjUwMjE5MTA0MzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODU5ZTE0MWFjMDQzYjVmMDg0MzcxOTMyNzRkNjQ5MGJkNjI4OGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27u6l4zQP9OJxM/Czo0qyGjBZsbE
lyIaNBloWMf+WZ7CrtpDb3i+hhn6OyKence+MuaaoiliWad9uQeeLIoxyvy8gl8J
udtpnwm0PUlN3mY3h26WCkL0LZwtlX+aH7JMcqXda7B/O8YHzeqDuEnHEWh9iYwg
wv/VAuyDrCUddkpz1uuljaUQ49aM1WEx3y9ulmT/YH8Z+yH3pClmrpB/UsExeewM
SQeFgM06tWJfPhg40OqjO7FbAb05LLL1xg0rJFAMMhXqupcoISQ325BX42xaTMRr
YLBaNV6PH+QSqmC7plfW9B1HgnYAIIuBTBdYm66d0BYqlR57l6ISJ/XY3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGhZ4UGsBDtfCENxkydNZJC9YojvMB8GA1UdIwQY
MBaAFAVjyyY99Q0tTQc8D322zSd2MCydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldQTEpqMzFEUzFOQnp3UGZiYk5KM1l3TEowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi82MmU1ZjItMjViMy00NTU3LWFhOTQt
MTUwMzU0YjAwZTU1LzEvYUZuaFFhd0VPMThJUTNHVEowMWtrTDFpaU84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi82MmU1ZjItMjViMy00NTU3LWFhOTQtMTUwMzU0YjAwZTU1
LzEvQldQTEpqMzFEUzFOQnp3UGZiYk5KM1l3TEowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW87lMA0G
CSqGSIb3DQEBCwUAA4IBAQATo4dm//tTYzW/KQ8/AuPaKOqYGKqZmVxd8jWNcy4I
AuEPuAkOXN4vGsYpqPV/KTYtzIjuJeGLf/gXyehMWtKr3shjVBK53NOagsqbLOAp
k2PSGOiei/veglrdEi4kfeUOHfKHuim2QrgbMjcCB+aZHUkv/MaZ/113iKWMoonx
gL4QhpHJK4m30sSCDdBPljBIW6qNSlCZ/+j+FC7UbmzDHi0gaUT9LA0KP/Spf6pQ
/4KfwRfoLd5iYqRL8z+2OZoh16Y1G+p/8AXiafX4KpYnJCepFcbERE4ClgH0wpNM
QcechmNvzC2TPmXe6gL/0Np7POF0q6k3JqnQ01d2OUYN
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:42:34 2025 by rpki-client