Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/bd2005-fb7b-4052-b3f2-88fa3b6eb006/1/URATm4jCOgD3H4rtfNMfks3a2e4.roa
File: URATm4jCOgD3H4rtfNMfks3a2e4.roa (raw, json)
Hash identifier: nWiO/SjK1FVtNWytxucXj9X6RnD6dSqkVKhRqQz1kHk=
Subject key identifier: 51:10:13:9B:88:C2:3A:00:F7:1F:8A:ED:7C:D3:1F:92:CD:DA:D9:EE
Certificate issuer: /CN=926587a7c42c261fa254b0b82e7bc0719cc64812
Certificate serial: 0194274788C34513415041EE8CA9C4E3E2FF
Authority key identifier: 92:65:87:A7:C4:2C:26:1F:A2:54:B0:B8:2E:7B:C0:71:9C:C6:48:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kmWHp8QsJh-iVLC4LnvAcZzGSBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/bd2005-fb7b-4052-b3f2-88fa3b6eb006/1/URATm4jCOgD3H4rtfNMfks3a2e4.roa
Signing time: Thu 02 Jan 2025 13:49:46 +0000
ROA not before: Thu 02 Jan 2025 13:49:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207388
IP address blocks: 91.239.216.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:88:c3:45:13:41:50:41:ee:8c:a9:c4:e3:e2:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=926587a7c42c261fa254b0b82e7bc0719cc64812
Validity
Not Before: Jan 2 13:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5110139b88c23a00f71f8aed7cd31f92cddad9ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:48:f3:69:ab:17:6d:dd:db:85:f2:95:07:98:
25:a2:57:2c:86:87:66:df:0d:b5:08:bf:1c:e0:51:
2a:e5:4d:03:b6:45:f2:90:fc:d9:dc:ba:1d:ee:b0:
b8:97:94:16:03:f7:5d:85:9a:e7:b5:88:4d:49:73:
ad:a1:4b:9e:b0:c2:31:3f:46:bf:71:cd:d3:89:d7:
d1:8a:a7:05:d8:43:4b:b6:34:f4:2c:26:b4:3d:d4:
c5:b2:06:12:59:29:9d:cf:97:4c:88:01:f8:39:90:
0f:4f:48:fa:b9:15:7d:28:bf:ec:70:ff:09:a3:f5:
53:1a:7b:04:77:34:7a:62:66:ff:9b:c0:3b:a5:fd:
da:1a:77:6c:e3:eb:d3:95:3a:c5:d7:7c:97:f0:10:
8c:3e:56:ea:f5:39:30:ba:53:3a:38:6f:0f:0b:c6:
c8:e5:8f:db:df:4b:41:75:98:df:c7:05:70:93:8f:
ca:ad:1e:42:18:0b:9f:b7:10:32:f8:71:4e:b2:f4:
bc:a4:a1:6e:3a:b8:fa:95:fe:d7:f4:aa:34:9d:de:
11:80:03:17:3c:f9:bf:28:3d:bf:48:e9:78:fa:51:
94:19:b9:f6:61:ef:22:73:6f:fd:d8:71:14:c1:3a:
6f:45:88:3d:d3:d1:e3:3a:f7:e1:10:6c:da:05:5b:
8d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:10:13:9B:88:C2:3A:00:F7:1F:8A:ED:7C:D3:1F:92:CD:DA:D9:EE
X509v3 Authority Key Identifier:
keyid:92:65:87:A7:C4:2C:26:1F:A2:54:B0:B8:2E:7B:C0:71:9C:C6:48:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmWHp8QsJh-iVLC4LnvAcZzGSBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/bd2005-fb7b-4052-b3f2-88fa3b6eb006/1/URATm4jCOgD3H4rtfNMfks3a2e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/bd2005-fb7b-4052-b3f2-88fa3b6eb006/1/kmWHp8QsJh-iVLC4LnvAcZzGSBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.216.0/24
Signature Algorithm: sha256WithRSAEncryption
51:f2:b7:ed:b8:33:74:c3:3f:54:c4:66:d0:fd:4a:cf:cf:30:
ca:4d:f0:0a:ea:a9:0e:52:2b:fe:15:8b:08:df:51:0f:53:18:
da:8b:55:ee:01:55:dd:38:b0:ab:ed:65:9c:88:30:7c:57:8d:
ea:62:21:97:61:8d:9a:60:3c:06:65:0e:5b:ef:2e:72:01:47:
d3:6e:54:fb:fe:9a:94:75:20:26:32:16:63:dc:e0:7e:1e:0c:
de:45:bb:c7:65:a8:b3:20:50:03:88:62:1b:39:c5:95:f9:af:
62:c8:ff:c3:24:78:4a:22:9d:84:60:41:8e:d3:a0:9b:15:bd:
9e:0e:06:91:c9:c7:77:e9:6c:ad:f4:e0:f2:bd:63:de:79:02:
b5:10:42:80:56:e3:7e:f5:7b:0b:ce:40:86:4f:61:51:3a:ab:
70:3c:44:6f:d0:f1:4a:7c:a3:39:46:70:42:7f:80:cf:7c:b1:
ad:b5:e4:2b:2d:66:8c:01:33:0d:12:6a:19:0a:2a:ac:47:84:
3f:01:37:17:d2:8c:d2:8f:b5:c0:54:c3:61:84:e3:bb:66:c4:
75:8a:f3:6b:25:eb:21:6a:37:9e:c7:23:37:9e:c5:90:a1:a4:
21:62:c8:ee:6e:cc:16:db:0a:49:1b:05:87:49:7c:c3:5b:6b:
07:e2:2e:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR4jDRRNBUEHujKnE4+L/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNjU4N2E3YzQyYzI2MWZhMjU0YjBiODJlN2JjMDcxOWNj
NjQ4MTIwHhcNMjUwMTAyMTM0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTEwMTM5Yjg4YzIzYTAwZjcxZjhhZWQ3Y2QzMWY5MmNkZGFkOWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA30jzaasXbd3bhfKVB5glolcshodm
3w21CL8c4FEq5U0DtkXykPzZ3Lod7rC4l5QWA/ddhZrntYhNSXOtoUuesMIxP0a/
cc3TidfRiqcF2ENLtjT0LCa0PdTFsgYSWSmdz5dMiAH4OZAPT0j6uRV9KL/scP8J
o/VTGnsEdzR6Ymb/m8A7pf3aGnds4+vTlTrF13yX8BCMPlbq9TkwulM6OG8PC8bI
5Y/b30tBdZjfxwVwk4/KrR5CGAuftxAy+HFOsvS8pKFuOrj6lf7X9Ko0nd4RgAMX
PPm/KD2/SOl4+lGUGbn2Ye8ic2/92HEUwTpvRYg909HjOvfhEGzaBVuNpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFEQE5uIwjoA9x+K7XzTH5LN2tnuMB8GA1UdIwQY
MBaAFJJlh6fELCYfolSwuC57wHGcxkgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva21XSHA4UXNKaC1pVkxDNExudkFjWnpHU0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9iZDIwMDUtZmI3Yi00MDUyLWIzZjIt
ODhmYTNiNmViMDA2LzEvVVJBVG00akNPZ0QzSDRydGZOTWZrczNhMmU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9iZDIwMDUtZmI3Yi00MDUyLWIzZjItODhmYTNiNmViMDA2
LzEva21XSHA4UXNKaC1pVkxDNExudkFjWnpHU0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+/YMA0G
CSqGSIb3DQEBCwUAA4IBAQBR8rftuDN0wz9UxGbQ/UrPzzDKTfAK6qkOUiv+FYsI
31EPUxjai1XuAVXdOLCr7WWciDB8V43qYiGXYY2aYDwGZQ5b7y5yAUfTblT7/pqU
dSAmMhZj3OB+HgzeRbvHZaizIFADiGIbOcWV+a9iyP/DJHhKIp2EYEGO06CbFb2e
DgaRycd36Wyt9ODyvWPeeQK1EEKAVuN+9XsLzkCGT2FROqtwPERv0PFKfKM5RnBC
f4DPfLGtteQrLWaMATMNEmoZCiqsR4Q/ATcX0ozSj7XAVMNhhOO7ZsR1ivNrJesh
ajeexyM3nsWQoaQhYsjubswW2wpJGwWHSXzDW2sH4i5U
-----END CERTIFICATE-----
Generated at Mon Apr 7 06:28:53 2025 by rpki-client