Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/4b6354-a7a3-4351-a7de-aeac5d9cdc7b/1/RLvDrK9Icwtsn0-UEJyGztaVYr4.roa
File: RLvDrK9Icwtsn0-UEJyGztaVYr4.roa (raw, json)
Hash identifier: sOv+1479fgLJ5PTa3FjO5dyIsDN63KZWKnOL+8WQdFo=
Subject key identifier: 44:BB:C3:AC:AF:48:73:0B:6C:9F:4F:94:10:9C:86:CE:D6:95:62:BE
Certificate issuer: /CN=048eefb5b26483561711c990f20ff552ac4e2c9c
Certificate serial: 019427B5A9059D32A323A6BDBD9E56DD5818
Authority key identifier: 04:8E:EF:B5:B2:64:83:56:17:11:C9:90:F2:0F:F5:52:AC:4E:2C:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BI7vtbJkg1YXEcmQ8g_1UqxOLJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/4b6354-a7a3-4351-a7de-aeac5d9cdc7b/1/RLvDrK9Icwtsn0-UEJyGztaVYr4.roa
Signing time: Thu 02 Jan 2025 15:50:04 +0000
ROA not before: Thu 02 Jan 2025 15:50:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42082
IP address blocks: 91.151.128.0/20 maxlen: 24
185.146.176.0/22 maxlen: 24
2a03:3580::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:a9:05:9d:32:a3:23:a6:bd:bd:9e:56:dd:58:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048eefb5b26483561711c990f20ff552ac4e2c9c
Validity
Not Before: Jan 2 15:50:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=44bbc3acaf48730b6c9f4f94109c86ced69562be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1c:cb:d4:b4:42:b4:a1:1b:2d:57:5b:6a:c5:
23:a1:ba:95:20:dd:02:33:d1:52:67:87:69:34:cb:
09:5c:d4:2e:a4:85:58:bb:13:6f:2d:b8:6e:1a:de:
cf:be:ac:32:a9:b9:6b:fb:ad:0b:dd:9f:d9:3e:97:
3b:44:7d:e1:ef:4e:81:f5:3d:cd:b9:3d:6e:9f:a4:
90:1f:58:f7:a7:66:02:79:f3:09:ab:ce:cf:22:a3:
dd:a5:50:d2:32:6f:9e:25:ce:9c:3c:c8:9f:1e:33:
d9:4f:80:d3:2c:96:a2:ef:88:2b:f3:3f:26:ba:36:
e8:ea:1d:d5:5f:3b:4b:d2:f2:43:73:8e:24:1b:ec:
8b:14:0b:ea:de:ea:67:8d:4f:b9:c4:3e:e9:24:cf:
d6:f2:74:34:0b:27:72:bd:1a:73:ac:a8:dd:26:45:
97:d1:ef:e0:87:b7:a7:68:3c:c8:d5:8f:47:0d:90:
17:4d:de:39:97:88:e5:42:fe:67:0e:55:4d:f1:0b:
76:5a:ee:1b:c2:08:96:ad:21:7c:ec:23:57:35:e6:
ce:9f:af:17:48:cb:88:81:ee:23:86:dc:bd:9e:79:
b4:11:c4:27:6b:83:36:79:02:36:bf:6d:84:33:d0:
c4:13:b4:44:9b:72:32:22:70:a1:05:d6:1b:d6:ff:
0b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:BB:C3:AC:AF:48:73:0B:6C:9F:4F:94:10:9C:86:CE:D6:95:62:BE
X509v3 Authority Key Identifier:
keyid:04:8E:EF:B5:B2:64:83:56:17:11:C9:90:F2:0F:F5:52:AC:4E:2C:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BI7vtbJkg1YXEcmQ8g_1UqxOLJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4b6354-a7a3-4351-a7de-aeac5d9cdc7b/1/RLvDrK9Icwtsn0-UEJyGztaVYr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4b6354-a7a3-4351-a7de-aeac5d9cdc7b/1/BI7vtbJkg1YXEcmQ8g_1UqxOLJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.151.128.0/20
185.146.176.0/22
IPv6:
2a03:3580::/32
Signature Algorithm: sha256WithRSAEncryption
7a:0e:21:1a:c3:c2:05:bc:f5:47:aa:1a:ba:dc:df:71:8e:af:
de:51:30:3d:bb:24:c0:1f:72:0a:f3:6a:1f:e7:10:70:ea:4c:
3d:69:65:80:d2:c7:27:e6:fc:8d:e7:7c:df:8c:c3:e8:63:5d:
0d:e3:b5:ec:05:02:7d:26:21:f7:f9:0a:8d:92:6c:c1:a2:83:
35:61:68:34:fd:27:32:f0:9f:44:23:8a:84:0a:c9:ac:92:74:
90:4e:c6:7b:07:aa:43:17:13:3e:b0:95:26:88:e0:32:24:4b:
ce:42:04:e2:21:85:b6:26:ec:eb:54:af:23:ad:2a:d3:d4:ba:
95:7c:66:ef:fe:40:75:01:75:79:d9:c7:03:5c:1a:3d:f0:49:
f5:b5:ec:9e:0a:8b:37:d5:6d:1a:eb:33:63:7b:7c:6a:42:dc:
71:cc:5e:55:53:46:f2:91:b8:57:35:0c:7c:db:5b:64:3b:49:
a3:4a:8d:87:9d:8e:51:fc:f2:20:2a:cb:9f:55:82:3d:80:d8:
70:34:15:7d:d1:63:bb:74:57:a7:5c:86:5a:6a:51:92:c4:3d:
ea:11:9d:dd:07:84:81:d4:e9:7d:90:53:d1:3c:ca:98:46:9f:
eb:24:84:23:74:84:09:1e:4e:7c:4d:e3:a7:7c:21:e3:de:92:
05:91:8a:3b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQntakFnTKjI6a9vZ5W3VgYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0OGVlZmI1YjI2NDgzNTYxNzExYzk5MGYyMGZmNTUyYWM0
ZTJjOWMwHhcNMjUwMTAyMTU1MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGJiYzNhY2FmNDg3MzBiNmM5ZjRmOTQxMDljODZjZWQ2OTU2MmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxzL1LRCtKEbLVdbasUjobqVIN0C
M9FSZ4dpNMsJXNQupIVYuxNvLbhuGt7Pvqwyqblr+60L3Z/ZPpc7RH3h706B9T3N
uT1un6SQH1j3p2YCefMJq87PIqPdpVDSMm+eJc6cPMifHjPZT4DTLJai74gr8z8m
ujbo6h3VXztL0vJDc44kG+yLFAvq3upnjU+5xD7pJM/W8nQ0CydyvRpzrKjdJkWX
0e/gh7enaDzI1Y9HDZAXTd45l4jlQv5nDlVN8Qt2Wu4bwgiWrSF87CNXNebOn68X
SMuIge4jhty9nnm0EcQna4M2eQI2v22EM9DEE7REm3IyInChBdYb1v8LTwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFES7w6yvSHMLbJ9PlBCchs7WlWK+MB8GA1UdIwQY
MBaAFASO77WyZINWFxHJkPIP9VKsTiycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkk3dnRiSmtnMVlYRWNtUThnXzFVcXhPTEp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS80YjYzNTQtYTdhMy00MzUxLWE3ZGUt
YWVhYzVkOWNkYzdiLzEvUkx2RHJLOUljd3RzbjAtVUVKeUd6dGFWWXI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS80YjYzNTQtYTdhMy00MzUxLWE3ZGUtYWVhYzVkOWNkYzdi
LzEvQkk3dnRiSmtnMVlYRWNtUThnXzFVcXhPTEp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEW5eAAwQC
uZKwMA0EAgACMAcDBQAqAzWAMA0GCSqGSIb3DQEBCwUAA4IBAQB6DiEaw8IFvPVH
qhq63N9xjq/eUTA9uyTAH3IK82of5xBw6kw9aWWA0scn5vyN53zfjMPoY10N47Xs
BQJ9JiH3+QqNkmzBooM1YWg0/Scy8J9EI4qECsmsknSQTsZ7B6pDFxM+sJUmiOAy
JEvOQgTiIYW2JuzrVK8jrSrT1LqVfGbv/kB1AXV52ccDXBo98En1teyeCos31W0a
6zNje3xqQtxxzF5VU0bykbhXNQx821tkO0mjSo2HnY5R/PIgKsufVYI9gNhwNBV9
0WO7dFenXIZaalGSxD3qEZ3dB4SB1Ol9kFPRPMqYRp/rJIQjdIQJHk58TeOnfCHj
3pIFkYo7
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:55:06 2025 by rpki-client