Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/IwlbmFExD2G5c49HgZqQSHA1wZk.roa
File: IwlbmFExD2G5c49HgZqQSHA1wZk.roa (raw, json)
Hash identifier: 45pPUt5QNz8dN0ylQGV0BCVZpBwOOv2uaieuY/tEzHc=
Subject key identifier: 23:09:5B:98:51:31:0F:61:B9:73:8F:47:81:9A:90:48:70:35:C1:99
Certificate issuer: /CN=2ec121e1545df3e5bb86e9188f2825fad7477f75
Certificate serial: 01941FFA9524E39D780869BA92B52E23705E
Authority key identifier: 2E:C1:21:E1:54:5D:F3:E5:BB:86:E9:18:8F:28:25:FA:D7:47:7F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LsEh4VRd8-W7hukYjygl-tdHf3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/IwlbmFExD2G5c49HgZqQSHA1wZk.roa
Signing time: Wed 01 Jan 2025 03:48:23 +0000
ROA not before: Wed 01 Jan 2025 03:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57103
IP address blocks: 91.229.172.0/24 maxlen: 24
185.119.200.0/22 maxlen: 24
2a06:8bc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:95:24:e3:9d:78:08:69:ba:92:b5:2e:23:70:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ec121e1545df3e5bb86e9188f2825fad7477f75
Validity
Not Before: Jan 1 03:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=23095b9851310f61b9738f47819a90487035c199
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3b:00:2f:83:a2:70:29:4e:99:01:3a:83:93:
ed:86:86:1c:56:be:89:ac:fc:85:67:b4:e2:ac:19:
90:b6:64:0a:d7:b2:7f:04:1e:71:e6:bd:7d:70:a3:
17:9c:5c:5a:0c:b2:d2:5f:e0:28:84:5c:7b:88:6b:
51:09:8e:03:66:5f:af:90:5b:c8:03:dd:0e:10:ab:
6f:81:48:e2:d7:9a:58:95:e3:0d:cf:ae:2d:26:43:
73:76:91:84:e6:c7:17:be:0c:98:58:04:65:9a:59:
a7:b9:00:3d:18:ce:5e:8c:06:e1:ce:63:7d:35:b8:
c4:cd:94:29:2b:53:65:1a:7c:66:05:68:fd:b1:9a:
e6:22:52:99:61:84:d3:1e:19:02:b4:e8:42:f2:60:
7e:0e:98:33:05:fb:70:fe:31:58:1c:28:b0:e7:a0:
23:17:0d:97:11:76:4c:92:4a:ab:6e:37:d2:e8:bc:
87:98:02:8f:22:e5:7e:06:9c:75:2f:d7:b9:9a:64:
37:78:5e:00:7c:ce:99:89:ff:1d:2f:fd:7e:4d:57:
02:73:00:d9:c7:32:3a:32:8b:89:05:6d:01:16:18:
2d:85:65:e6:ac:e9:06:b8:92:57:d0:cb:11:f9:db:
be:1b:3b:d1:09:5b:ae:46:40:57:8c:41:0b:17:57:
5c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:09:5B:98:51:31:0F:61:B9:73:8F:47:81:9A:90:48:70:35:C1:99
X509v3 Authority Key Identifier:
keyid:2E:C1:21:E1:54:5D:F3:E5:BB:86:E9:18:8F:28:25:FA:D7:47:7F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LsEh4VRd8-W7hukYjygl-tdHf3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/IwlbmFExD2G5c49HgZqQSHA1wZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/LsEh4VRd8-W7hukYjygl-tdHf3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.172.0/24
185.119.200.0/22
IPv6:
2a06:8bc0::/29
Signature Algorithm: sha256WithRSAEncryption
39:d2:66:f7:cc:04:b7:f1:00:d9:79:f7:59:62:ac:10:67:e0:
4c:13:fa:da:de:f5:30:15:7f:ac:89:11:4e:25:2f:a1:6b:77:
cd:62:ca:22:54:36:7b:3d:00:87:ba:a7:ef:b7:43:d5:55:ba:
b8:11:0e:1c:8c:21:0d:b6:55:f7:9d:b6:75:df:7e:44:2b:cc:
44:96:fc:c7:b4:24:02:b5:4b:aa:aa:4a:16:d6:20:36:33:7c:
a4:44:bb:9b:e1:0a:66:3b:d7:93:87:90:87:f2:15:d9:ad:cc:
60:e4:aa:24:7e:46:d2:09:b6:01:f4:c2:ce:41:8e:1d:ca:64:
e5:39:d1:27:e3:2f:3c:4f:9f:6f:d6:8e:68:f9:17:4c:10:87:
96:c5:10:ac:ab:5e:7d:35:9f:54:80:05:1d:ed:7f:bb:0b:dd:
d6:dd:a6:0a:27:9f:44:4b:d9:dc:1b:40:d6:0b:99:1f:c3:18:
97:b1:67:8b:d0:06:57:29:25:15:f3:0e:60:01:26:0c:e3:1d:
49:3e:55:88:da:ef:cc:83:3d:1d:3a:3e:f1:25:cc:14:a4:82:
75:e2:15:2b:fc:5a:6f:fc:0e:72:11:26:4f:0e:ce:bd:16:f7:
42:02:47:9e:33:94:ea:b7:00:4c:b4:71:ae:6b:8a:14:61:2b:
c5:93:ea:ec
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQf+pUk4514CGm6krUuI3BeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYzEyMWUxNTQ1ZGYzZTViYjg2ZTkxODhmMjgyNWZhZDc0
NzdmNzUwHhcNMjUwMTAxMDM0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzA5NWI5ODUxMzEwZjYxYjk3MzhmNDc4MTlhOTA0ODcwMzVjMTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjsAL4OicClOmQE6g5PthoYcVr6J
rPyFZ7TirBmQtmQK17J/BB5x5r19cKMXnFxaDLLSX+AohFx7iGtRCY4DZl+vkFvI
A90OEKtvgUji15pYleMNz64tJkNzdpGE5scXvgyYWARlmlmnuQA9GM5ejAbhzmN9
NbjEzZQpK1NlGnxmBWj9sZrmIlKZYYTTHhkCtOhC8mB+DpgzBftw/jFYHCiw56Aj
Fw2XEXZMkkqrbjfS6LyHmAKPIuV+Bpx1L9e5mmQ3eF4AfM6Zif8dL/1+TVcCcwDZ
xzI6MouJBW0BFhgthWXmrOkGuJJX0MsR+du+GzvRCVuuRkBXjEELF1dc/wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCMJW5hRMQ9huXOPR4GakEhwNcGZMB8GA1UdIwQY
MBaAFC7BIeFUXfPlu4bpGI8oJfrXR391MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHNFaDRWUmQ4LVc3aHVrWWp5Z2wtdGRIZjNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xZWQyN2MtMmQ4Yy00MDgwLWE0NTgt
OWY1MjJhMjg0NTk1LzEvSXdsYm1GRXhEMkc1YzQ5SGdacVFTSEExd1prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8xZWQyN2MtMmQ4Yy00MDgwLWE0NTgtOWY1MjJhMjg0NTk1
LzEvTHNFaDRWUmQ4LVc3aHVrWWp5Z2wtdGRIZjNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW+WsAwQC
uXfIMA0EAgACMAcDBQMqBovAMA0GCSqGSIb3DQEBCwUAA4IBAQA50mb3zAS38QDZ
efdZYqwQZ+BME/ra3vUwFX+siRFOJS+ha3fNYsoiVDZ7PQCHuqfvt0PVVbq4EQ4c
jCENtlX3nbZ1335EK8xElvzHtCQCtUuqqkoW1iA2M3ykRLub4QpmO9eTh5CH8hXZ
rcxg5KokfkbSCbYB9MLOQY4dymTlOdEn4y88T59v1o5o+RdMEIeWxRCsq159NZ9U
gAUd7X+7C93W3aYKJ59ES9ncG0DWC5kfwxiXsWeL0AZXKSUV8w5gASYM4x1JPlWI
2u/Mgz0dOj7xJcwUpIJ14hUr/Fpv/A5yESZPDs69FvdCAkeeM5TqtwBMtHGua4oU
YSvFk+rs
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:02 2025 by rpki-client