Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/JEudm5eaXMbpcorZfF2mGZr0koE.roa
File: JEudm5eaXMbpcorZfF2mGZr0koE.roa (raw, json)
Hash identifier: XbkPUoxJZnY0l62UTU5OlIMUIwc1e7/u/vIUsrvTLYY=
Subject key identifier: 24:4B:9D:9B:97:9A:5C:C6:E9:72:8A:D9:7C:5D:A6:19:9A:F4:92:81
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 019427B6339950FA05519869DDFD978B8010
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/JEudm5eaXMbpcorZfF2mGZr0koE.roa
Signing time: Thu 02 Jan 2025 15:50:39 +0000
ROA not before: Thu 02 Jan 2025 15:50:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21485
IP address blocks: 91.231.153.0/24 maxlen: 24
2001:67c:15ec::/48 maxlen: 48
2a0a:3500::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:33:99:50:fa:05:51:98:69:dd:fd:97:8b:80:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Jan 2 15:50:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=244b9d9b979a5cc6e9728ad97c5da6199af49281
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:aa:15:3d:46:4b:e1:0c:4d:ab:55:ab:a3:63:
80:a9:b8:c6:f9:cc:dd:99:39:4b:ac:b7:aa:e8:0b:
5d:56:d6:7c:75:1a:d9:67:85:65:16:93:d6:2a:97:
2c:c3:03:74:e1:f6:b1:d5:1d:b7:91:c3:7c:17:b9:
ec:4c:51:1e:3a:6f:bb:8a:32:59:8d:02:62:f9:9c:
eb:0f:67:f9:29:ff:71:00:a7:75:9b:39:ec:6d:7d:
f6:b1:b1:9e:f7:c0:a2:48:a9:df:d6:54:92:4a:71:
61:5f:8f:97:2a:c8:a6:43:91:77:11:72:09:5d:1e:
56:5d:42:6e:b8:29:85:a5:92:7f:b2:3e:24:41:e5:
a7:c7:c1:d6:d6:6c:ff:0b:85:fe:06:a2:70:3f:37:
77:ad:56:01:22:b8:2c:3f:13:6e:2e:2c:73:95:a4:
ca:4c:06:d8:b6:29:97:7a:04:c6:9f:c5:6d:27:fa:
c6:82:78:db:9a:3b:64:d8:19:fd:83:2b:4f:a9:10:
a1:44:8f:42:1e:af:b2:41:51:31:f6:07:5f:d3:30:
4e:46:83:e4:ec:c5:7a:5f:bc:38:35:09:b9:d0:eb:
98:90:70:52:fc:b0:7d:72:b3:31:d7:e6:3f:a5:ab:
25:05:f6:a9:7e:44:ae:f8:7d:c2:12:7a:4f:11:56:
a2:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:4B:9D:9B:97:9A:5C:C6:E9:72:8A:D9:7C:5D:A6:19:9A:F4:92:81
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/JEudm5eaXMbpcorZfF2mGZr0koE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.153.0/24
IPv6:
2001:67c:15ec::/48
2a0a:3500::/32
Signature Algorithm: sha256WithRSAEncryption
30:f2:67:e5:94:02:0e:01:b1:2e:c7:90:e5:f9:d7:09:94:82:
02:b7:06:ad:96:9a:9b:22:2d:44:35:5f:b1:76:07:7a:80:a1:
2b:c8:71:d8:2b:4a:6b:dd:d8:cb:f8:9a:c1:43:7c:3c:e8:82:
52:b8:74:b5:2d:9f:ac:c7:eb:f6:b2:6a:a0:cc:b6:c1:f3:e1:
7b:5b:80:d4:32:a3:72:2d:c6:d6:b2:59:c4:dc:42:01:32:17:
fe:f0:b3:97:44:e1:9c:ad:d2:29:f6:40:64:96:20:b6:1c:3e:
1a:2a:13:07:f4:c2:f1:be:06:06:13:95:02:a9:bd:61:b7:44:
d1:55:36:8f:e2:86:0d:ca:e7:13:6b:99:23:f9:0b:e6:f5:79:
7f:09:be:1b:3b:eb:33:28:73:43:7c:23:35:b4:e6:03:1f:ef:
66:87:7b:69:da:f8:40:5e:01:0e:98:d1:c2:34:58:64:48:3a:
c1:56:8c:ac:c8:83:3e:aa:af:fa:e5:a4:bc:a0:54:8c:22:ef:
67:13:4a:e0:ce:4c:2a:71:b7:f8:3f:f5:b6:68:be:6d:e2:3d:
7f:12:e1:9d:a6:c2:b2:7b:46:a7:6f:1d:1c:3c:9e:8c:1f:3f:
0f:42:ac:36:fd:3f:ec:b2:31:e0:31:cb:be:ca:fe:7d:f0:b9:
3e:72:53:85
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQntjOZUPoFUZhp3f2Xi4AQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjUwMTAyMTU1MDM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDRiOWQ5Yjk3OWE1Y2M2ZTk3MjhhZDk3YzVkYTYxOTlhZjQ5MjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3qoVPUZL4QxNq1Wro2OAqbjG+czd
mTlLrLeq6AtdVtZ8dRrZZ4VlFpPWKpcswwN04fax1R23kcN8F7nsTFEeOm+7ijJZ
jQJi+ZzrD2f5Kf9xAKd1mznsbX32sbGe98CiSKnf1lSSSnFhX4+XKsimQ5F3EXIJ
XR5WXUJuuCmFpZJ/sj4kQeWnx8HW1mz/C4X+BqJwPzd3rVYBIrgsPxNuLixzlaTK
TAbYtimXegTGn8VtJ/rGgnjbmjtk2Bn9gytPqRChRI9CHq+yQVEx9gdf0zBORoPk
7MV6X7w4NQm50OuYkHBS/LB9crMx1+Y/paslBfapfkSu+H3CEnpPEVailwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCRLnZuXmlzG6XKK2Xxdphma9JKBMB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvSkV1ZG01ZWFYTWJwY29yWmZGMm1HWnIwa29FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAW+eZMBYE
AgACMBADBwAgAQZ8FewDBQAqCjUAMA0GCSqGSIb3DQEBCwUAA4IBAQAw8mfllAIO
AbEux5Dl+dcJlIICtwatlpqbIi1ENV+xdgd6gKEryHHYK0pr3djL+JrBQ3w86IJS
uHS1LZ+sx+v2smqgzLbB8+F7W4DUMqNyLcbWslnE3EIBMhf+8LOXROGcrdIp9kBk
liC2HD4aKhMH9MLxvgYGE5UCqb1ht0TRVTaP4oYNyucTa5kj+Qvm9Xl/Cb4bO+sz
KHNDfCM1tOYDH+9mh3tp2vhAXgEOmNHCNFhkSDrBVoysyIM+qq/65aS8oFSMIu9n
E0rgzkwqcbf4P/W2aL5t4j1/EuGdpsKye0anbx0cPJ6MHz8PQqw2/T/ssjHgMcu+
yv598Lk+clOF
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:13:46 2025 by rpki-client