Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/o1EMhVtqeGLgr4zBj4eZpVlziY0.roa
File: o1EMhVtqeGLgr4zBj4eZpVlziY0.roa (raw, json)
Hash identifier: uJNXIU/epB1kQ1JSu/Ya6iTE2mw8PpCNHjY+vGrNTQo=
Subject key identifier: A3:51:0C:85:5B:6A:78:62:E0:AF:8C:C1:8F:87:99:A5:59:73:89:8D
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0194C5DDFBABC84A7CACEB1309CF3FE24BA9
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/o1EMhVtqeGLgr4zBj4eZpVlziY0.roa
Signing time: Sun 02 Feb 2025 08:54:06 +0000
ROA not before: Sun 02 Feb 2025 08:54:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 265627
IP address blocks: 91.109.162.0/24 maxlen: 24
217.76.242.0/23 maxlen: 23
217.76.242.0/24 maxlen: 24
217.76.243.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c5:dd:fb:ab:c8:4a:7c:ac:eb:13:09:cf:3f:e2:4b:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Feb 2 08:54:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3510c855b6a7862e0af8cc18f8799a55973898d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:88:f5:1f:21:ca:dc:ad:a8:c3:bd:64:10:81:
31:71:fb:30:b7:d3:11:b2:0d:fa:75:0f:d3:c2:6c:
16:fe:7a:87:ca:dc:66:e7:6d:00:7c:b8:86:86:a0:
6e:e2:49:a2:e8:79:b7:35:c0:05:b2:5b:42:8b:be:
fb:f1:3f:5b:70:84:b4:91:75:be:86:f8:dc:d2:a5:
64:ca:e8:4f:06:54:f7:58:fb:d5:74:b3:99:86:19:
42:4b:8c:17:9e:7c:06:cd:5f:0b:a8:44:75:38:3b:
f6:96:da:39:05:06:b1:1b:ce:07:d6:73:00:69:6f:
f0:07:71:2b:6b:a6:df:93:87:1d:0e:79:98:c7:11:
8a:84:8e:d3:b2:12:91:c7:e1:cd:a3:99:3e:55:e2:
53:64:9c:e5:20:4d:a3:13:27:d6:bb:3f:df:1c:d1:
5f:a3:2e:eb:53:f5:40:3c:e4:dd:7d:0d:df:24:3d:
c2:dc:74:9d:a9:54:69:1c:4f:32:f9:a2:9e:99:8f:
65:eb:62:0b:60:82:5d:34:28:ec:21:a8:26:ac:34:
14:a8:53:10:7b:4f:67:7f:d4:b8:de:74:ef:46:06:
81:a3:39:28:bc:fd:39:32:ef:c5:a0:f5:ef:69:2d:
63:82:10:ec:50:c3:a0:16:7a:f3:8d:6c:9a:04:33:
0b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:51:0C:85:5B:6A:78:62:E0:AF:8C:C1:8F:87:99:A5:59:73:89:8D
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/o1EMhVtqeGLgr4zBj4eZpVlziY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.109.162.0/24
217.76.242.0/23
Signature Algorithm: sha256WithRSAEncryption
30:04:d2:46:b0:14:8e:5b:06:61:c8:e9:af:3a:06:f3:91:3e:
5d:38:7b:03:3a:ce:5a:f7:ae:06:2b:06:fc:99:f6:95:22:01:
07:12:2e:49:b9:b6:1f:f9:ce:54:74:e3:b7:11:3b:78:8d:6f:
af:da:5c:b7:ec:b9:8c:5d:3a:fd:3b:e6:27:e9:8c:0f:d8:39:
a3:d6:da:07:62:18:24:35:6d:e4:5b:8f:24:f8:9a:16:4f:75:
11:94:19:df:f4:90:02:2b:39:6b:3e:06:d4:cb:84:bf:ad:7b:
d5:37:21:da:a3:d1:2f:55:cb:ef:5d:0b:d4:ce:65:b1:75:2c:
51:df:00:38:b2:22:b2:4e:e6:1b:06:73:f3:ec:22:e4:a1:77:
3c:0c:13:3e:c9:be:32:e1:26:2c:a6:ae:d6:2d:88:10:ec:a6:
f5:38:13:9e:0e:49:dd:7d:62:ab:e4:df:9c:d7:8b:01:36:c2:
b8:6d:95:60:2f:fb:6c:6b:b1:49:ee:cf:29:17:c0:42:e0:a6:
d0:12:cb:ad:17:46:bb:8e:91:1b:52:4d:cb:eb:f4:ff:75:ff:
95:35:cb:a4:fc:66:f5:41:4d:35:a3:bf:26:5d:cc:58:84:a4:
b5:4f:d0:aa:df:af:e3:16:2d:51:71:ba:6c:e3:73:d0:31:7e:
83:72:e7:9e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZTF3furyEp8rOsTCc8/4kupMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwMjAyMDg1NDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzUxMGM4NTViNmE3ODYyZTBhZjhjYzE4Zjg3OTlhNTU5NzM4OThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYj1HyHK3K2ow71kEIExcfswt9MR
sg36dQ/TwmwW/nqHytxm520AfLiGhqBu4kmi6Hm3NcAFsltCi7778T9bcIS0kXW+
hvjc0qVkyuhPBlT3WPvVdLOZhhlCS4wXnnwGzV8LqER1ODv2lto5BQaxG84H1nMA
aW/wB3Era6bfk4cdDnmYxxGKhI7TshKRx+HNo5k+VeJTZJzlIE2jEyfWuz/fHNFf
oy7rU/VAPOTdfQ3fJD3C3HSdqVRpHE8y+aKemY9l62ILYIJdNCjsIagmrDQUqFMQ
e09nf9S43nTvRgaBozkovP05Mu/FoPXvaS1jghDsUMOgFnrzjWyaBDMLXQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKNRDIVbanhi4K+MwY+HmaVZc4mNMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvbzFFTWhWdHFlR0xncjR6Qmo0ZVpwVmx6aVkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW22iAwQB
2UzyMA0GCSqGSIb3DQEBCwUAA4IBAQAwBNJGsBSOWwZhyOmvOgbzkT5dOHsDOs5a
964GKwb8mfaVIgEHEi5JubYf+c5UdOO3ETt4jW+v2ly37LmMXTr9O+Yn6YwP2Dmj
1toHYhgkNW3kW48k+JoWT3URlBnf9JACKzlrPgbUy4S/rXvVNyHao9EvVcvvXQvU
zmWxdSxR3wA4siKyTuYbBnPz7CLkoXc8DBM+yb4y4SYspq7WLYgQ7Kb1OBOeDknd
fWKr5N+c14sBNsK4bZVgL/tsa7FJ7s8pF8BC4KbQEsutF0a7jpEbUk3L6/T/df+V
Ncuk/Gb1QU01o78mXcxYhKS1T9Cq36/jFi1Rcbps43PQMX6Dcuee
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:17:35 2025 by rpki-client