Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/1f040b-b310-438b-b15e-3df47b620d60/1/ieIY7b0KhvQU4QgMPfI50NN4QnY.roa
File: ieIY7b0KhvQU4QgMPfI50NN4QnY.roa (raw, json)
Hash identifier: 5XIl/Vpt8manbA7AG4mG7L9mNTT0fdofSZrC08n/ke4=
Subject key identifier: 89:E2:18:ED:BD:0A:86:F4:14:E1:08:0C:3D:F2:39:D0:D3:78:42:76
Certificate issuer: /CN=f29859b70ea450e13ada8724c0eb6beecc8daa91
Certificate serial: 019426D9641E964155F7B3D1E67E54FF4F65
Authority key identifier: F2:98:59:B7:0E:A4:50:E1:3A:DA:87:24:C0:EB:6B:EE:CC:8D:AA:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8phZtw6kUOE62ockwOtr7syNqpE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/1f040b-b310-438b-b15e-3df47b620d60/1/ieIY7b0KhvQU4QgMPfI50NN4QnY.roa
Signing time: Thu 02 Jan 2025 11:49:28 +0000
ROA not before: Thu 02 Jan 2025 11:49:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43807
IP address blocks: 91.198.160.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:64:1e:96:41:55:f7:b3:d1:e6:7e:54:ff:4f:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f29859b70ea450e13ada8724c0eb6beecc8daa91
Validity
Not Before: Jan 2 11:49:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89e218edbd0a86f414e1080c3df239d0d3784276
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:84:ee:62:46:11:9c:83:79:3e:e0:ce:77:92:
5f:6a:31:70:65:ca:49:a8:a4:34:bd:12:6c:42:44:
07:68:db:34:f9:1f:70:d1:c9:d9:5b:2a:f7:11:5a:
ce:46:ab:e5:dc:f2:96:fb:34:32:de:09:e3:7d:77:
72:32:ff:44:22:6f:52:f0:aa:06:e0:a3:38:eb:53:
b7:00:88:71:b9:4d:9c:c3:4b:be:a4:b2:7d:7d:00:
cb:27:70:31:fc:1a:aa:88:77:20:95:6e:7c:a2:29:
07:73:0d:c2:3e:57:e3:5f:7b:b6:4b:64:14:1c:ff:
9e:91:25:98:14:1a:31:32:5d:40:cb:ea:b2:fc:86:
3f:81:5c:92:0e:59:88:6b:1b:b8:d5:0b:7e:5a:48:
4e:83:b7:ff:05:1e:63:3c:ee:68:9b:b6:55:13:f7:
20:23:f6:c3:1e:d6:86:bb:24:2c:96:58:1f:0f:73:
be:af:85:f4:04:c8:e7:f1:6c:55:bb:8f:8a:7b:d5:
47:9a:62:75:76:5e:1c:89:34:55:02:f9:e6:65:9e:
4f:ad:18:79:73:57:d6:6a:77:da:2a:12:a6:11:a9:
b4:5e:dc:48:38:1b:eb:c3:5a:67:04:81:12:22:7a:
7a:5a:ae:ca:b2:2c:71:84:ad:6f:a2:5f:76:85:55:
fc:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:E2:18:ED:BD:0A:86:F4:14:E1:08:0C:3D:F2:39:D0:D3:78:42:76
X509v3 Authority Key Identifier:
keyid:F2:98:59:B7:0E:A4:50:E1:3A:DA:87:24:C0:EB:6B:EE:CC:8D:AA:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8phZtw6kUOE62ockwOtr7syNqpE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/1f040b-b310-438b-b15e-3df47b620d60/1/ieIY7b0KhvQU4QgMPfI50NN4QnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/1f040b-b310-438b-b15e-3df47b620d60/1/8phZtw6kUOE62ockwOtr7syNqpE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.160.0/24
Signature Algorithm: sha256WithRSAEncryption
d1:02:29:da:87:8c:87:6c:d4:39:48:d1:32:e6:2c:84:45:44:
3e:41:77:14:83:36:f3:fd:74:b0:65:e4:1f:21:28:93:88:ff:
dd:6f:9d:1f:e5:ec:44:fe:92:84:fe:8a:d6:24:63:46:f3:22:
37:de:8a:16:fa:3f:3c:4b:13:da:68:3f:0a:0b:6b:a6:c2:76:
a8:f7:3f:8f:59:3c:11:2e:98:5b:3c:31:08:40:62:f5:7c:84:
60:23:9b:3a:00:ca:f9:66:58:69:d9:ad:16:11:c5:5a:d5:9f:
78:2f:72:e7:5f:9b:d6:d9:ae:68:df:6c:3c:02:64:9e:54:0c:
3d:56:96:17:81:60:a8:13:0c:03:d8:9c:78:56:15:06:a2:c6:
83:8c:ca:0b:4f:de:41:00:9f:83:10:32:49:83:51:a5:bd:df:
3a:12:0f:37:f5:0a:82:50:7d:6e:11:e8:e1:b7:86:42:39:e6:
39:84:56:36:24:de:68:56:93:06:3f:ab:16:2f:13:eb:f4:b9:
64:1d:65:33:91:27:14:84:82:df:23:43:42:f4:5a:03:d6:00:
0e:48:99:c8:28:de:68:c3:b4:4a:f4:15:97:e6:1f:18:df:01:
1b:d2:62:47:48:f0:05:4f:a6:a8:cf:83:b0:60:83:0a:96:63:
76:7d:35:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2WQelkFV97PR5n5U/09lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyOTg1OWI3MGVhNDUwZTEzYWRhODcyNGMwZWI2YmVlY2M4
ZGFhOTEwHhcNMjUwMTAyMTE0OTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWUyMThlZGJkMGE4NmY0MTRlMTA4MGMzZGYyMzlkMGQzNzg0Mjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYTuYkYRnIN5PuDOd5JfajFwZcpJ
qKQ0vRJsQkQHaNs0+R9w0cnZWyr3EVrORqvl3PKW+zQy3gnjfXdyMv9EIm9S8KoG
4KM461O3AIhxuU2cw0u+pLJ9fQDLJ3Ax/BqqiHcglW58oikHcw3CPlfjX3u2S2QU
HP+ekSWYFBoxMl1Ay+qy/IY/gVySDlmIaxu41Qt+WkhOg7f/BR5jPO5om7ZVE/cg
I/bDHtaGuyQsllgfD3O+r4X0BMjn8WxVu4+Ke9VHmmJ1dl4ciTRVAvnmZZ5PrRh5
c1fWanfaKhKmEam0XtxIOBvrw1pnBIESInp6Wq7KsixxhK1vol92hVX8xQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIniGO29Cob0FOEIDD3yOdDTeEJ2MB8GA1UdIwQY
MBaAFPKYWbcOpFDhOtqHJMDra+7MjaqRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHBoWnR3NmtVT0U2Mm9ja3dPdHI3c3lOcXBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8xZjA0MGItYjMxMC00MzhiLWIxNWUt
M2RmNDdiNjIwZDYwLzEvaWVJWTdiMEtodlFVNFFnTVBmSTUwTk40UW5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8xZjA0MGItYjMxMC00MzhiLWIxNWUtM2RmNDdiNjIwZDYw
LzEvOHBoWnR3NmtVT0U2Mm9ja3dPdHI3c3lOcXBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8agMA0G
CSqGSIb3DQEBCwUAA4IBAQDRAinah4yHbNQ5SNEy5iyERUQ+QXcUgzbz/XSwZeQf
ISiTiP/db50f5exE/pKE/orWJGNG8yI33ooW+j88SxPaaD8KC2umwnao9z+PWTwR
LphbPDEIQGL1fIRgI5s6AMr5Zlhp2a0WEcVa1Z94L3LnX5vW2a5o32w8AmSeVAw9
VpYXgWCoEwwD2Jx4VhUGosaDjMoLT95BAJ+DEDJJg1Glvd86Eg839QqCUH1uEejh
t4ZCOeY5hFY2JN5oVpMGP6sWLxPr9LlkHWUzkScUhILfI0NC9FoD1gAOSJnIKN5o
w7RK9BWX5h8Y3wEb0mJHSPAFT6aoz4OwYIMKlmN2fTXP
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:23:20 2025 by rpki-client