Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f12029-6758-4233-9dfc-c654356b07c4/1/iUMe2JOAJNlxZXEaHwJwVAIN3WA.roa
File: iUMe2JOAJNlxZXEaHwJwVAIN3WA.roa (raw, json)
Hash identifier: ZvIlGSaMCDAbt70045McSuBEc2GtkECp8D75xEWNHU8=
Subject key identifier: 89:43:1E:D8:93:80:24:D9:71:65:71:1A:1F:02:70:54:02:0D:DD:60
Certificate issuer: /CN=dbd382274b457662ba72d1886573a2c7dcc35486
Certificate serial: 019427484C35F4EA67015FBBCF8411875D31
Authority key identifier: DB:D3:82:27:4B:45:76:62:BA:72:D1:88:65:73:A2:C7:DC:C3:54:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/29OCJ0tFdmK6ctGIZXOix9zDVIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/f12029-6758-4233-9dfc-c654356b07c4/1/iUMe2JOAJNlxZXEaHwJwVAIN3WA.roa
Signing time: Thu 02 Jan 2025 13:50:36 +0000
ROA not before: Thu 02 Jan 2025 13:50:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57780
IP address blocks: 91.210.153.0/24 maxlen: 24
2a06:5f80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:4c:35:f4:ea:67:01:5f:bb:cf:84:11:87:5d:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbd382274b457662ba72d1886573a2c7dcc35486
Validity
Not Before: Jan 2 13:50:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89431ed8938024d97165711a1f027054020ddd60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:74:f3:90:5c:fb:7b:36:dd:24:4a:67:72:dd:
74:72:2a:c6:aa:2b:a8:1f:94:e4:af:89:6d:eb:6b:
d5:96:00:e5:8a:37:bb:22:06:d3:a9:0b:4d:f8:7b:
b6:9f:85:7e:d8:6f:56:6e:95:11:72:dc:f7:74:bd:
d6:2c:3b:8a:aa:64:f3:ee:1f:fe:ea:05:c3:e3:0e:
fc:ae:05:01:00:de:ca:2e:ec:a7:87:53:7e:d3:d7:
3f:24:a8:ba:0d:10:23:39:85:00:82:7b:61:5f:4f:
92:3c:60:82:72:12:18:94:ca:6c:1f:ec:b3:28:44:
ee:f7:8b:26:51:88:6f:6d:07:e9:f4:0b:45:18:30:
ea:a8:7d:c4:e0:f5:be:5c:77:df:e3:c4:33:4f:ce:
26:f7:bf:77:42:ea:d0:93:03:02:39:b5:54:b0:d5:
35:0c:69:27:01:1b:9c:46:7c:59:18:e0:41:b3:c4:
fa:bc:f5:65:52:ac:2b:49:63:c0:af:58:09:33:43:
e4:54:b3:f1:8f:d9:52:e0:af:40:ed:7b:1c:d6:ec:
43:2c:95:f0:f9:51:04:ed:5f:c7:01:51:5c:60:29:
f8:05:be:3b:9c:0c:15:3e:c8:3f:63:12:3d:5f:5c:
64:ca:ed:af:7b:19:6f:91:af:6b:cd:ba:20:9c:d5:
3e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:43:1E:D8:93:80:24:D9:71:65:71:1A:1F:02:70:54:02:0D:DD:60
X509v3 Authority Key Identifier:
keyid:DB:D3:82:27:4B:45:76:62:BA:72:D1:88:65:73:A2:C7:DC:C3:54:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29OCJ0tFdmK6ctGIZXOix9zDVIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f12029-6758-4233-9dfc-c654356b07c4/1/iUMe2JOAJNlxZXEaHwJwVAIN3WA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f12029-6758-4233-9dfc-c654356b07c4/1/29OCJ0tFdmK6ctGIZXOix9zDVIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.153.0/24
IPv6:
2a06:5f80::/32
Signature Algorithm: sha256WithRSAEncryption
52:11:39:66:ec:82:05:44:56:85:3f:da:f0:f7:01:fb:08:69:
65:4a:f3:96:8e:bb:4b:4a:f2:59:f1:43:8b:fb:7f:21:d0:38:
56:8b:7a:ae:5e:6c:ad:d8:1e:22:de:63:60:66:1f:3d:a8:b5:
58:dd:90:e9:89:e7:d2:13:36:1c:9f:a3:62:9c:2e:2e:ad:fd:
1b:b6:01:c0:d5:b9:c0:a1:e9:c1:2d:40:d4:41:3a:a1:9d:1a:
8e:4f:06:6c:ee:05:ad:ea:1f:40:8e:c4:b8:1d:92:13:86:82:
25:ea:cb:44:21:d2:46:05:bb:79:55:95:56:f6:2b:47:c1:a2:
b9:f6:ca:52:25:b5:c3:ef:6e:f0:b2:1a:25:cc:1f:a4:29:08:
24:1e:ea:14:65:fd:80:4a:ca:87:cb:5c:39:3e:e5:20:27:9a:
a1:f1:8d:d0:fa:54:d6:79:92:e4:20:b9:52:43:6d:09:3a:4b:
53:3e:10:0f:34:db:5b:4e:c3:20:64:33:7b:6b:d7:bf:89:4a:
4f:f3:fa:29:af:0a:11:2b:68:72:31:69:1f:d4:98:d7:bd:3c:
06:ab:d3:d1:3e:e0:a4:8e:a0:7c:dc:b3:d3:08:be:2f:d8:3e:
ab:17:70:10:8b:02:bc:a0:47:84:c0:18:51:6c:f5:c0:38:ef:
c8:c4:3f:2d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnSEw19OpnAV+7z4QRh10xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDM4MjI3NGI0NTc2NjJiYTcyZDE4ODY1NzNhMmM3ZGNj
MzU0ODYwHhcNMjUwMTAyMTM1MDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTQzMWVkODkzODAyNGQ5NzE2NTcxMWExZjAyNzA1NDAyMGRkZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5HTzkFz7ezbdJEpnct10cirGqiuo
H5Tkr4lt62vVlgDlije7IgbTqQtN+Hu2n4V+2G9WbpURctz3dL3WLDuKqmTz7h/+
6gXD4w78rgUBAN7KLuynh1N+09c/JKi6DRAjOYUAgnthX0+SPGCCchIYlMpsH+yz
KETu94smUYhvbQfp9AtFGDDqqH3E4PW+XHff48QzT84m9793QurQkwMCObVUsNU1
DGknARucRnxZGOBBs8T6vPVlUqwrSWPAr1gJM0PkVLPxj9lS4K9A7Xsc1uxDLJXw
+VEE7V/HAVFcYCn4Bb47nAwVPsg/YxI9X1xkyu2vexlvka9rzbognNU+ZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIlDHtiTgCTZcWVxGh8CcFQCDd1gMB8GA1UdIwQY
MBaAFNvTgidLRXZiunLRiGVzosfcw1SGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlPQ0owdEZkbUs2Y3RHSVpYT2l4OXpEVklZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mMTIwMjktNjc1OC00MjMzLTlkZmMt
YzY1NDM1NmIwN2M0LzEvaVVNZTJKT0FKTmx4WlhFYUh3SndWQUlOM1dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mMTIwMjktNjc1OC00MjMzLTlkZmMtYzY1NDM1NmIwN2M0
LzEvMjlPQ0owdEZkbUs2Y3RHSVpYT2l4OXpEVklZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9KZMA0E
AgACMAcDBQAqBl+AMA0GCSqGSIb3DQEBCwUAA4IBAQBSETlm7IIFRFaFP9rw9wH7
CGllSvOWjrtLSvJZ8UOL+38h0DhWi3quXmyt2B4i3mNgZh89qLVY3ZDpiefSEzYc
n6NinC4urf0btgHA1bnAoenBLUDUQTqhnRqOTwZs7gWt6h9AjsS4HZIThoIl6stE
IdJGBbt5VZVW9itHwaK59spSJbXD727wsholzB+kKQgkHuoUZf2ASsqHy1w5PuUg
J5qh8Y3Q+lTWeZLkILlSQ20JOktTPhAPNNtbTsMgZDN7a9e/iUpP8/oprwoRK2hy
MWkf1JjXvTwGq9PRPuCkjqB83LPTCL4v2D6rF3AQiwK8oEeEwBhRbPXAOO/IxD8t
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:54 2025 by rpki-client