Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/e7d974-e258-41fe-880a-4ec2d94e2ede/1/tRQVAZPhSI7yY2YBf58wHloNtVk.roa
File: tRQVAZPhSI7yY2YBf58wHloNtVk.roa (raw, json)
Hash identifier: x6U/gqCwfyDYCGrA4HX4YKbEtJbHihcQ4Z9Ks5Bgn58=
Subject key identifier: B5:14:15:01:93:E1:48:8E:F2:63:66:01:7F:9F:30:1E:5A:0D:B5:59
Certificate issuer: /CN=e7c3ab96b74c2ac4f04ae62ab7e82cdf1988ed40
Certificate serial: 0194266BAE095A1F9A5009E22743EE76BA36
Authority key identifier: E7:C3:AB:96:B7:4C:2A:C4:F0:4A:E6:2A:B7:E8:2C:DF:19:88:ED:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/58OrlrdMKsTwSuYqt-gs3xmI7UA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/e7d974-e258-41fe-880a-4ec2d94e2ede/1/tRQVAZPhSI7yY2YBf58wHloNtVk.roa
Signing time: Thu 02 Jan 2025 09:49:38 +0000
ROA not before: Thu 02 Jan 2025 09:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212552
IP address blocks: 91.228.186.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:ae:09:5a:1f:9a:50:09:e2:27:43:ee:76:ba:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7c3ab96b74c2ac4f04ae62ab7e82cdf1988ed40
Validity
Not Before: Jan 2 09:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b514150193e1488ef26366017f9f301e5a0db559
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:55:d6:a4:ea:65:98:4b:7d:a3:af:84:cc:56:
34:86:91:1a:cd:3a:53:f4:df:42:0b:9c:2b:f7:c3:
0b:a2:d5:af:d8:2f:0b:a0:b5:cc:78:af:fa:f1:8b:
56:57:e5:78:a6:7f:fb:d1:d7:2c:25:85:87:68:0d:
cf:79:52:3a:e2:40:95:8a:50:4a:0e:d5:56:23:e2:
fb:77:ef:a9:78:40:c4:cf:3d:42:61:c1:06:97:28:
e6:25:e3:4a:04:4d:04:0e:3f:e6:bb:c3:56:50:48:
3a:2e:1f:6f:cf:1b:52:f6:ea:35:d1:8e:55:0c:93:
6d:38:0a:ae:a1:7c:e1:e5:24:b7:20:7b:23:c8:75:
57:b7:06:28:e2:9b:35:78:5f:21:c9:05:5e:2b:4b:
d2:e8:c8:44:0a:c8:c2:ae:58:4c:7f:b5:bc:5f:eb:
75:cc:99:f7:78:10:32:80:e2:c5:bc:56:9b:a1:8d:
1f:b1:26:41:d5:da:12:f1:88:95:e6:f7:d8:aa:44:
83:ce:10:38:92:d5:50:53:1c:ee:6e:ad:1b:db:18:
61:78:e9:fb:94:e5:65:e0:77:45:9d:44:66:22:9b:
5b:79:57:45:8c:4f:68:6c:4e:b2:57:8a:7d:d6:cc:
be:c0:3f:b1:16:f7:2a:57:1d:9d:4c:66:f4:96:0d:
49:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:14:15:01:93:E1:48:8E:F2:63:66:01:7F:9F:30:1E:5A:0D:B5:59
X509v3 Authority Key Identifier:
keyid:E7:C3:AB:96:B7:4C:2A:C4:F0:4A:E6:2A:B7:E8:2C:DF:19:88:ED:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/58OrlrdMKsTwSuYqt-gs3xmI7UA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/e7d974-e258-41fe-880a-4ec2d94e2ede/1/tRQVAZPhSI7yY2YBf58wHloNtVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/e7d974-e258-41fe-880a-4ec2d94e2ede/1/58OrlrdMKsTwSuYqt-gs3xmI7UA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.186.0/24
Signature Algorithm: sha256WithRSAEncryption
81:07:2c:31:b1:7e:22:63:fe:a3:2c:94:68:29:53:88:26:89:
96:ae:70:25:0a:09:08:69:fe:71:eb:5e:3e:b2:f1:94:4d:5f:
5d:c0:65:fe:7f:1b:4c:96:a5:9a:50:d9:da:e0:3f:12:5e:9c:
57:12:02:26:a5:65:12:00:50:f4:4c:83:ad:50:8b:08:8e:70:
be:cf:56:93:50:7f:96:39:ca:47:5e:1a:9f:fc:a6:b7:e4:aa:
83:fd:ec:37:c6:13:ba:50:e4:c5:0d:30:88:f6:5d:1b:f8:62:
17:74:ef:d5:36:20:07:66:64:7b:76:86:45:70:63:b7:d6:d4:
44:f6:8b:1c:db:fe:8c:9b:29:79:28:76:78:e8:4b:ef:f9:51:
78:89:9b:c1:a3:72:ae:aa:88:7f:93:67:db:54:70:22:5f:b1:
52:14:28:c1:00:7c:2b:2c:91:2d:6b:3e:7c:01:06:84:2a:74:
81:2e:da:de:b6:4c:58:a0:9a:47:2e:54:df:f6:96:6e:4e:af:
6e:94:05:93:fd:13:9e:0a:53:c2:cc:59:34:e9:96:aa:8c:30:
77:f0:8c:b6:80:79:7b:88:5f:d2:5f:31:a2:11:7d:99:2c:ce:
8c:bd:51:71:65:f4:40:18:7a:be:06:a3:c9:55:e6:fd:4d:e6:
26:d6:21:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma64JWh+aUAniJ0Pudro2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3YzNhYjk2Yjc0YzJhYzRmMDRhZTYyYWI3ZTgyY2RmMTk4
OGVkNDAwHhcNMjUwMTAyMDk0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTE0MTUwMTkzZTE0ODhlZjI2MzY2MDE3ZjlmMzAxZTVhMGRiNTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFXWpOplmEt9o6+EzFY0hpEazTpT
9N9CC5wr98MLotWv2C8LoLXMeK/68YtWV+V4pn/70dcsJYWHaA3PeVI64kCVilBK
DtVWI+L7d++peEDEzz1CYcEGlyjmJeNKBE0EDj/mu8NWUEg6Lh9vzxtS9uo10Y5V
DJNtOAquoXzh5SS3IHsjyHVXtwYo4ps1eF8hyQVeK0vS6MhECsjCrlhMf7W8X+t1
zJn3eBAygOLFvFaboY0fsSZB1doS8YiV5vfYqkSDzhA4ktVQUxzubq0b2xhheOn7
lOVl4HdFnURmIptbeVdFjE9obE6yV4p91sy+wD+xFvcqVx2dTGb0lg1JmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLUUFQGT4UiO8mNmAX+fMB5aDbVZMB8GA1UdIwQY
MBaAFOfDq5a3TCrE8ErmKrfoLN8ZiO1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNThPcmxyZE1Lc1R3U3VZcXQtZ3MzeG1JN1VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9lN2Q5NzQtZTI1OC00MWZlLTg4MGEt
NGVjMmQ5NGUyZWRlLzEvdFJRVkFaUGhTSTd5WTJZQmY1OHdIbG9OdFZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9lN2Q5NzQtZTI1OC00MWZlLTg4MGEtNGVjMmQ5NGUyZWRl
LzEvNThPcmxyZE1Lc1R3U3VZcXQtZ3MzeG1JN1VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+S6MA0G
CSqGSIb3DQEBCwUAA4IBAQCBBywxsX4iY/6jLJRoKVOIJomWrnAlCgkIaf5x614+
svGUTV9dwGX+fxtMlqWaUNna4D8SXpxXEgImpWUSAFD0TIOtUIsIjnC+z1aTUH+W
OcpHXhqf/Ka35KqD/ew3xhO6UOTFDTCI9l0b+GIXdO/VNiAHZmR7doZFcGO31tRE
9osc2/6Mmyl5KHZ46Evv+VF4iZvBo3Kuqoh/k2fbVHAiX7FSFCjBAHwrLJEtaz58
AQaEKnSBLtretkxYoJpHLlTf9pZuTq9ulAWT/ROeClPCzFk06ZaqjDB38Iy2gHl7
iF/SXzGiEX2ZLM6MvVFxZfRAGHq+BqPJVeb9TeYm1iET
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:15 2025 by rpki-client