Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/9b893e-7b0c-41aa-a951-90c3afc7c947/1/Ke8e1NAYZzQiPtwwM3L4rP1yhWQ.roa
File: Ke8e1NAYZzQiPtwwM3L4rP1yhWQ.roa (raw, json)
Hash identifier: 4CTO9kGNxwlbcy52jny+xyVS9xLBGZQ5MXz3PD+4Smo=
Subject key identifier: 29:EF:1E:D4:D0:18:67:34:22:3E:DC:30:33:72:F8:AC:FD:72:85:64
Certificate issuer: /CN=5ed99d49c4b0e46b2786842731e153485c8ac48b
Certificate serial: 01941F8C273AAC28FE45F26AB990633DA521
Authority key identifier: 5E:D9:9D:49:C4:B0:E4:6B:27:86:84:27:31:E1:53:48:5C:8A:C4:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XtmdScSw5GsnhoQnMeFTSFyKxIs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/9b893e-7b0c-41aa-a951-90c3afc7c947/1/Ke8e1NAYZzQiPtwwM3L4rP1yhWQ.roa
Signing time: Wed 01 Jan 2025 01:47:46 +0000
ROA not before: Wed 01 Jan 2025 01:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3303
IP address blocks: 91.209.170.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:27:3a:ac:28:fe:45:f2:6a:b9:90:63:3d:a5:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ed99d49c4b0e46b2786842731e153485c8ac48b
Validity
Not Before: Jan 1 01:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29ef1ed4d0186734223edc303372f8acfd728564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a8:c3:c1:96:fc:88:d9:dc:96:f9:1f:a9:81:
39:de:cf:88:73:c8:6d:f2:d0:3f:bf:df:88:f9:d7:
57:52:40:e3:c6:7d:ed:f2:59:1d:e1:8b:2e:58:01:
82:e2:a7:77:93:e8:5b:22:ac:3c:c6:ff:26:84:57:
5d:11:09:2b:35:08:5b:4e:37:b8:f6:1d:59:18:04:
36:ba:ed:23:6b:22:54:9e:56:10:60:d8:14:3e:99:
b4:3a:e0:60:97:3c:9a:e9:75:61:c7:64:47:a2:f2:
50:a2:8d:ed:f9:26:30:51:d2:1a:74:5b:3a:42:b3:
5b:a8:98:45:47:8f:e5:fe:41:a5:44:f7:db:4d:3a:
26:64:f9:00:14:35:0a:1b:65:c5:43:6c:fb:84:1a:
4e:b6:b6:b4:a1:91:40:10:4c:ac:08:96:14:67:a6:
39:b7:c0:8c:ad:88:69:b8:9a:19:9e:1c:10:50:ac:
cd:0e:d7:bc:46:eb:27:52:ec:a1:a2:5f:6b:8d:cd:
91:0a:d7:9a:08:3e:f7:ae:25:c3:d0:1f:ea:13:ae:
c4:67:bb:b5:57:fc:28:13:7e:ff:de:f0:da:cc:3b:
87:89:1e:5b:a8:02:95:ee:c4:c3:21:ad:fa:7f:32:
2f:a8:ab:71:8b:67:ca:86:2e:d7:7f:e9:1a:f4:d4:
b9:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:EF:1E:D4:D0:18:67:34:22:3E:DC:30:33:72:F8:AC:FD:72:85:64
X509v3 Authority Key Identifier:
keyid:5E:D9:9D:49:C4:B0:E4:6B:27:86:84:27:31:E1:53:48:5C:8A:C4:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XtmdScSw5GsnhoQnMeFTSFyKxIs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/9b893e-7b0c-41aa-a951-90c3afc7c947/1/Ke8e1NAYZzQiPtwwM3L4rP1yhWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/9b893e-7b0c-41aa-a951-90c3afc7c947/1/XtmdScSw5GsnhoQnMeFTSFyKxIs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.170.0/24
Signature Algorithm: sha256WithRSAEncryption
11:d5:58:db:f2:d4:91:38:e4:27:09:26:47:b4:15:ff:73:c9:
5f:43:df:3d:14:7a:a4:87:61:78:b9:a1:89:3a:a3:06:9e:7d:
aa:fd:ee:8a:88:6a:6f:e9:c3:3e:68:b1:37:54:de:42:c8:65:
ce:78:c0:bf:bb:a3:2d:2d:a7:11:b3:43:55:47:18:0a:4f:2a:
ad:cd:e0:10:88:5b:08:81:34:87:2d:c1:c6:74:ac:c7:41:f8:
bb:1d:4c:d4:b5:b9:78:5e:95:88:57:7b:82:77:1b:ac:0c:27:
6a:73:51:22:b6:da:64:27:83:89:3f:3e:de:ef:a4:1e:63:5b:
7e:43:30:1e:35:6f:59:47:bc:32:a9:f3:40:08:d7:07:dc:c2:
1b:92:b7:2d:d7:62:9c:e8:1e:93:19:26:37:de:be:3a:a1:51:
dd:32:c5:67:f6:0f:4b:2b:4a:a3:33:78:b1:18:4b:1c:42:b7:
49:c6:60:ac:9b:da:fb:49:e8:7b:ce:c5:b9:32:16:24:62:42:
ce:9e:5f:39:7e:ac:51:92:45:6d:1a:46:ce:4b:fe:ee:72:67:
ad:11:79:ef:2f:fb:d4:52:c0:50:04:23:fd:1d:9c:6c:a7:9c:
03:23:d1:f9:8a:ba:e7:bb:09:99:11:ff:a8:d3:33:e9:dc:29:
e1:7f:bb:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjCc6rCj+RfJquZBjPaUhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZDk5ZDQ5YzRiMGU0NmIyNzg2ODQyNzMxZTE1MzQ4NWM4
YWM0OGIwHhcNMjUwMTAxMDE0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWVmMWVkNGQwMTg2NzM0MjIzZWRjMzAzMzcyZjhhY2ZkNzI4NTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6jDwZb8iNnclvkfqYE53s+Ic8ht
8tA/v9+I+ddXUkDjxn3t8lkd4YsuWAGC4qd3k+hbIqw8xv8mhFddEQkrNQhbTje4
9h1ZGAQ2uu0jayJUnlYQYNgUPpm0OuBglzya6XVhx2RHovJQoo3t+SYwUdIadFs6
QrNbqJhFR4/l/kGlRPfbTTomZPkAFDUKG2XFQ2z7hBpOtra0oZFAEEysCJYUZ6Y5
t8CMrYhpuJoZnhwQUKzNDte8RusnUuyhol9rjc2RCteaCD73riXD0B/qE67EZ7u1
V/woE37/3vDazDuHiR5bqAKV7sTDIa36fzIvqKtxi2fKhi7Xf+ka9NS5rQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCnvHtTQGGc0Ij7cMDNy+Kz9coVkMB8GA1UdIwQY
MBaAFF7ZnUnEsORrJ4aEJzHhU0hcisSLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHRtZFNjU3c1R3NuaG9Rbk1lRlRTRnlLeElzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS85Yjg5M2UtN2IwYy00MWFhLWE5NTEt
OTBjM2FmYzdjOTQ3LzEvS2U4ZTFOQVlaelFpUHR3d00zTDRyUDF5aFdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS85Yjg5M2UtN2IwYy00MWFhLWE5NTEtOTBjM2FmYzdjOTQ3
LzEvWHRtZFNjU3c1R3NuaG9Rbk1lRlRTRnlLeElzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9GqMA0G
CSqGSIb3DQEBCwUAA4IBAQAR1Vjb8tSROOQnCSZHtBX/c8lfQ989FHqkh2F4uaGJ
OqMGnn2q/e6KiGpv6cM+aLE3VN5CyGXOeMC/u6MtLacRs0NVRxgKTyqtzeAQiFsI
gTSHLcHGdKzHQfi7HUzUtbl4XpWIV3uCdxusDCdqc1EittpkJ4OJPz7e76QeY1t+
QzAeNW9ZR7wyqfNACNcH3MIbkrct12Kc6B6TGSY33r46oVHdMsVn9g9LK0qjM3ix
GEscQrdJxmCsm9r7Seh7zsW5MhYkYkLOnl85fqxRkkVtGkbOS/7ucmetEXnvL/vU
UsBQBCP9HZxsp5wDI9H5irrnuwmZEf+o0zPp3Cnhf7vV
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:18:28 2025 by rpki-client