Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/A2SRbfNrU8B4ai8UGoneE5W51zs.roa
File: A2SRbfNrU8B4ai8UGoneE5W51zs.roa (raw, json)
Hash identifier: EzY/4IHWy/k7kN6GkUrXtZaze8vNIV8jnAVLFnGNaQA=
Subject key identifier: 03:64:91:6D:F3:6B:53:C0:78:6A:2F:14:1A:89:DE:13:95:B9:D7:3B
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0195D8B4EA82AB766D3DB4DC2F91E579376C
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/A2SRbfNrU8B4ai8UGoneE5W51zs.roa
Signing time: Thu 27 Mar 2025 17:44:49 +0000
ROA not before: Thu 27 Mar 2025 17:44:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 273069
IP address blocks: 91.109.161.0/24 maxlen: 24
91.109.163.0/24 maxlen: 24
217.76.248.0/24 maxlen: 24
217.76.249.0/24 maxlen: 24
217.76.250.0/24 maxlen: 24
217.76.251.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d8:b4:ea:82:ab:76:6d:3d:b4:dc:2f:91:e5:79:37:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Mar 27 17:44:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0364916df36b53c0786a2f141a89de1395b9d73b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:84:5e:60:c6:0c:ec:5c:48:3b:79:ce:ff:f3:
65:74:af:26:c0:c3:88:e2:24:74:0d:3c:f1:e8:32:
a7:d0:8b:bc:1f:a6:38:53:f9:f0:19:26:32:c0:49:
34:62:95:3c:61:ea:fd:04:20:2b:dd:9d:27:86:ed:
64:ab:01:13:01:b1:09:9f:49:73:be:02:95:3e:03:
51:12:98:95:43:31:6a:10:f2:df:a3:47:c7:b7:61:
28:b5:e5:01:8c:55:3a:90:30:19:7b:ab:5d:17:b1:
c0:3c:0c:5d:90:98:0d:94:76:e3:13:fa:fd:b1:c2:
fd:21:a3:57:bf:75:50:ec:c0:9a:c6:30:7d:9d:3b:
19:03:68:dd:b3:16:ca:e6:47:cc:0e:0a:d3:27:f9:
be:e9:a4:b5:c7:90:2a:b9:ef:f7:97:cd:92:aa:c9:
2b:fb:d0:7e:32:0e:5e:8c:db:d3:6b:6a:5f:f8:9b:
74:10:7d:00:22:74:b2:35:d1:46:2d:da:e1:fa:c4:
d6:b4:5f:fd:a1:e1:30:24:9a:d3:d4:bb:81:e1:61:
ec:54:46:bf:a5:6a:1e:a0:f0:50:51:d3:6c:9c:ea:
d4:78:18:81:c7:f3:b5:5a:98:a9:47:4b:91:3b:52:
9e:9f:96:18:b7:3d:65:ec:ac:ae:4a:cf:8d:86:e0:
18:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:64:91:6D:F3:6B:53:C0:78:6A:2F:14:1A:89:DE:13:95:B9:D7:3B
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/A2SRbfNrU8B4ai8UGoneE5W51zs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.109.161.0/24
91.109.163.0/24
217.76.248.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:17:c9:11:d5:dd:3e:4f:7f:61:3c:21:30:d6:b3:33:8f:81:
4c:64:78:87:3a:5e:9d:58:06:2a:55:64:7a:a8:2d:e9:48:b4:
0c:5e:a1:66:1b:e9:cb:df:a7:0f:76:0b:3d:e8:69:d8:8a:2d:
54:a0:b7:c8:11:a2:27:8c:8c:e6:1d:61:12:e9:82:76:c4:e9:
6a:00:39:bf:02:fc:c7:7a:eb:92:bb:a8:d1:23:0e:83:8d:53:
48:b6:b0:f7:88:ed:6a:04:69:ad:76:d2:48:48:24:7a:68:52:
c0:f2:c5:b8:3e:4b:d4:47:21:eb:96:aa:59:0f:3d:12:b2:5d:
36:9b:4f:cc:a7:f7:d7:0f:45:87:a5:70:55:1a:b7:30:0e:14:
26:30:5f:b9:aa:55:29:f1:ff:0f:dc:20:c3:8f:69:ce:4d:f1:
e1:aa:2f:2b:2e:30:f5:c5:5b:ee:4c:8c:2c:a2:14:75:97:a1:
78:4f:c0:b9:68:2c:cc:a4:ac:6d:06:19:1d:7c:fe:bb:87:ee:
f2:ba:0f:4c:b2:96:70:a1:3b:9e:35:63:22:c6:82:e3:7c:7c:
d2:ec:31:37:1a:1e:e7:02:a7:bf:3b:73:d5:d4:50:69:9c:27:
ef:37:48:cd:df:dc:3b:a9:44:08:88:d8:e8:56:88:d7:3f:34:
66:e9:2b:f9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZXYtOqCq3ZtPbTcL5HleTdsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwMzI3MTc0NDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzY0OTE2ZGYzNmI1M2MwNzg2YTJmMTQxYTg5ZGUxMzk1YjlkNzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4ReYMYM7FxIO3nO//NldK8mwMOI
4iR0DTzx6DKn0Iu8H6Y4U/nwGSYywEk0YpU8Yer9BCAr3Z0nhu1kqwETAbEJn0lz
vgKVPgNREpiVQzFqEPLfo0fHt2EoteUBjFU6kDAZe6tdF7HAPAxdkJgNlHbjE/r9
scL9IaNXv3VQ7MCaxjB9nTsZA2jdsxbK5kfMDgrTJ/m+6aS1x5Aque/3l82Sqskr
+9B+Mg5ejNvTa2pf+Jt0EH0AInSyNdFGLdrh+sTWtF/9oeEwJJrT1LuB4WHsVEa/
pWoeoPBQUdNsnOrUeBiBx/O1WpipR0uRO1Ken5YYtz1l7KyuSs+NhuAYhwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFANkkW3za1PAeGovFBqJ3hOVudc7MB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvQTJTUmJmTnJVOEI0YWk4VUdvbmVFNVc1MXpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW22hAwQA
W22jAwQC2Uz4MA0GCSqGSIb3DQEBCwUAA4IBAQCtF8kR1d0+T39hPCEw1rMzj4FM
ZHiHOl6dWAYqVWR6qC3pSLQMXqFmG+nL36cPdgs96GnYii1UoLfIEaInjIzmHWES
6YJ2xOlqADm/AvzHeuuSu6jRIw6DjVNItrD3iO1qBGmtdtJISCR6aFLA8sW4PkvU
RyHrlqpZDz0Ssl02m0/Mp/fXD0WHpXBVGrcwDhQmMF+5qlUp8f8P3CDDj2nOTfHh
qi8rLjD1xVvuTIwsohR1l6F4T8C5aCzMpKxtBhkdfP67h+7yug9MspZwoTueNWMi
xoLjfHzS7DE3Gh7nAqe/O3PV1FBpnCfvN0jN39w7qUQIiNjoVojXPzRm6Sv5
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:42:02 2025 by rpki-client