Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/61d1ce-cd80-429d-bfe1-89b3a3f15df0/1/EnQM4_whnPJeaxWRQxPEz7dH7rY.roa
File: EnQM4_whnPJeaxWRQxPEz7dH7rY.roa (raw, json)
Hash identifier: anAGsxZMEMPM7WeK+BVeddK3oakg7+TLd3wIh7D05ik=
Subject key identifier: 12:74:0C:E3:FC:21:9C:F2:5E:6B:15:91:43:13:C4:CF:B7:47:EE:B6
Certificate issuer: /CN=0eb8bc44e36fae16d37102fd0d519f284d663d90
Certificate serial: 019428265E9F001AA61732CE150E3605AF7E
Authority key identifier: 0E:B8:BC:44:E3:6F:AE:16:D3:71:02:FD:0D:51:9F:28:4D:66:3D:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dri8RONvrhbTcQL9DVGfKE1mPZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/61d1ce-cd80-429d-bfe1-89b3a3f15df0/1/EnQM4_whnPJeaxWRQxPEz7dH7rY.roa
Signing time: Thu 02 Jan 2025 17:53:10 +0000
ROA not before: Thu 02 Jan 2025 17:53:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209680
IP address blocks: 91.132.204.0/24 maxlen: 24
2a09:d880::/48 maxlen: 48
2a09:d881::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:5e:9f:00:1a:a6:17:32:ce:15:0e:36:05:af:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0eb8bc44e36fae16d37102fd0d519f284d663d90
Validity
Not Before: Jan 2 17:53:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=12740ce3fc219cf25e6b15914313c4cfb747eeb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:20:dc:54:f5:29:13:68:34:1a:a9:95:66:c8:
5c:4a:6c:6b:ca:7e:43:5b:45:87:54:89:fe:00:44:
f1:54:52:d0:30:b0:e9:24:44:10:e9:39:88:23:71:
49:dd:69:e8:20:ce:d7:90:7c:52:5c:95:18:b1:1f:
1a:0e:9b:c0:03:2a:cb:41:40:39:65:1d:ff:b6:b5:
e9:92:35:b2:a6:74:97:a7:bc:79:3b:6c:8b:e4:ad:
88:08:54:17:c4:df:41:b6:2d:9b:1e:8f:31:08:de:
0b:de:b8:32:0c:4f:12:39:23:a8:0c:11:ff:00:7e:
39:77:44:b8:57:07:23:7b:ed:b1:b7:41:87:92:ca:
89:cb:a0:db:7f:68:ff:a1:07:ad:f8:dc:2b:f5:6e:
fa:5c:27:4d:a4:5f:45:6e:b8:4a:22:5c:40:6b:89:
18:31:02:a3:e0:eb:ec:2a:ce:6a:f3:32:da:b6:31:
c0:da:4d:45:78:42:9e:fc:32:f3:7e:56:cd:98:d2:
2e:81:dc:d2:19:d4:10:57:02:97:a2:7f:3b:bd:f7:
58:00:c1:ff:93:f4:0b:0f:8b:cb:d9:d7:c5:3a:30:
ca:56:bf:68:9a:e3:7f:0b:9e:98:ac:72:fe:9f:f5:
92:62:6c:55:5c:bf:35:a6:2c:cb:bc:fd:b8:1b:68:
82:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:74:0C:E3:FC:21:9C:F2:5E:6B:15:91:43:13:C4:CF:B7:47:EE:B6
X509v3 Authority Key Identifier:
keyid:0E:B8:BC:44:E3:6F:AE:16:D3:71:02:FD:0D:51:9F:28:4D:66:3D:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dri8RONvrhbTcQL9DVGfKE1mPZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61d1ce-cd80-429d-bfe1-89b3a3f15df0/1/EnQM4_whnPJeaxWRQxPEz7dH7rY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61d1ce-cd80-429d-bfe1-89b3a3f15df0/1/Dri8RONvrhbTcQL9DVGfKE1mPZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.204.0/24
IPv6:
2a09:d880::/48
2a09:d881::/48
Signature Algorithm: sha256WithRSAEncryption
92:fd:e6:3c:14:1e:67:8d:0b:6a:de:cf:cd:63:d3:3b:0a:fd:
1b:1b:c3:00:61:fb:9a:48:85:b5:0c:03:f2:59:e6:f2:a1:e7:
63:4b:f2:2f:a8:e8:03:0f:27:fe:d0:5e:2b:73:36:0e:18:7a:
06:a0:39:a3:45:fc:69:ef:32:ae:88:a2:67:7f:b9:50:22:63:
b1:c5:8f:07:5b:c0:88:99:d4:de:0d:c5:9d:84:53:20:af:9b:
88:90:2b:6d:72:b0:7d:68:75:46:a8:fa:7d:d2:f1:db:ec:11:
13:94:a5:e8:13:8e:be:71:ac:8d:d1:9b:76:3e:22:e6:69:7b:
32:d1:7a:e4:7f:d8:95:e6:15:8c:0e:7e:64:b7:d4:3c:af:6c:
41:02:b5:0c:19:55:8a:9c:9c:73:b7:ec:dc:61:f6:70:a8:d9:
15:46:4d:5e:c6:4f:3a:b6:98:f9:ba:a5:5e:77:ad:e9:33:a8:
26:90:57:53:e6:5c:49:54:05:d3:be:fe:68:7b:71:75:9a:8b:
39:fa:19:f3:50:fe:55:a6:e4:9c:37:8a:a0:8e:4f:9c:59:4e:
01:7a:c3:60:d7:f6:42:a9:13:23:65:8f:91:a0:62:42:e3:f8:
4f:2d:b0:f6:69:b1:c8:ed:3d:58:87:b6:f3:ac:6b:61:60:55:
b0:5b:a1:4f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQoJl6fABqmFzLOFQ42Ba9+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlYjhiYzQ0ZTM2ZmFlMTZkMzcxMDJmZDBkNTE5ZjI4NGQ2
NjNkOTAwHhcNMjUwMTAyMTc1MzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjc0MGNlM2ZjMjE5Y2YyNWU2YjE1OTE0MzEzYzRjZmI3NDdlZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CDcVPUpE2g0GqmVZshcSmxryn5D
W0WHVIn+AETxVFLQMLDpJEQQ6TmII3FJ3WnoIM7XkHxSXJUYsR8aDpvAAyrLQUA5
ZR3/trXpkjWypnSXp7x5O2yL5K2ICFQXxN9Bti2bHo8xCN4L3rgyDE8SOSOoDBH/
AH45d0S4Vwcje+2xt0GHksqJy6Dbf2j/oQet+Nwr9W76XCdNpF9FbrhKIlxAa4kY
MQKj4OvsKs5q8zLatjHA2k1FeEKe/DLzflbNmNIugdzSGdQQVwKXon87vfdYAMH/
k/QLD4vL2dfFOjDKVr9omuN/C56YrHL+n/WSYmxVXL81pizLvP24G2iC3wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBJ0DOP8IZzyXmsVkUMTxM+3R+62MB8GA1UdIwQY
MBaAFA64vETjb64W03EC/Q1RnyhNZj2QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHJpOFJPTnZyaGJUY1FMOURWR2ZLRTFtUFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS82MWQxY2UtY2Q4MC00MjlkLWJmZTEt
ODliM2EzZjE1ZGYwLzEvRW5RTTRfd2huUEplYXhXUlF4UEV6N2RIN3JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS82MWQxY2UtY2Q4MC00MjlkLWJmZTEtODliM2EzZjE1ZGYw
LzEvRHJpOFJPTnZyaGJUY1FMOURWR2ZLRTFtUFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAW4TMMBgE
AgACMBIDBwAqCdiAAAADBwAqCdiBAAAwDQYJKoZIhvcNAQELBQADggEBAJL95jwU
HmeNC2rez81j0zsK/RsbwwBh+5pIhbUMA/JZ5vKh52NL8i+o6AMPJ/7QXitzNg4Y
egagOaNF/GnvMq6Iomd/uVAiY7HFjwdbwIiZ1N4NxZ2EUyCvm4iQK21ysH1odUao
+n3S8dvsEROUpegTjr5xrI3Rm3Y+IuZpezLReuR/2JXmFYwOfmS31DyvbEECtQwZ
VYqcnHO37Nxh9nCo2RVGTV7GTzq2mPm6pV53rekzqCaQV1PmXElUBdO+/mh7cXWa
izn6GfNQ/lWm5Jw3iqCOT5xZTgF6w2DX9kKpEyNlj5GgYkLj+E8tsPZpscjtPViH
tvOsa2FgVbBboU8=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:30 2025 by rpki-client