Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/tRxgXr9YQwTbEh2NqyL9M68npkQ.roa
File: tRxgXr9YQwTbEh2NqyL9M68npkQ.roa (raw, json)
Hash identifier: QcuVE9jeWpJsMM52+9+6n7mFIjZuC9lNEDcWkB7O3NI=
Subject key identifier: B5:1C:60:5E:BF:58:43:04:DB:12:1D:8D:AB:22:FD:33:AF:27:A6:44
Certificate issuer: /CN=f11f289a00a1b115b7f3a4d1b8011bf90d1a2f72
Certificate serial: 0194236919F478EBABC34DECD8D26E10E20E
Authority key identifier: F1:1F:28:9A:00:A1:B1:15:B7:F3:A4:D1:B8:01:1B:F9:0D:1A:2F:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8R8omgChsRW386TRuAEb-Q0aL3I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/tRxgXr9YQwTbEh2NqyL9M68npkQ.roa
Signing time: Wed 01 Jan 2025 19:47:57 +0000
ROA not before: Wed 01 Jan 2025 19:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57720
IP address blocks: 91.234.149.0/24 maxlen: 24
2001:67c:7a8::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:19:f4:78:eb:ab:c3:4d:ec:d8:d2:6e:10:e2:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f11f289a00a1b115b7f3a4d1b8011bf90d1a2f72
Validity
Not Before: Jan 1 19:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b51c605ebf584304db121d8dab22fd33af27a644
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ba:89:60:bb:a4:d2:9c:18:10:27:4b:b9:19:
8b:07:e2:02:c1:27:8d:d7:3f:6a:2c:58:6a:1c:0c:
cb:31:f9:16:02:2e:ed:b9:e5:a6:18:39:f1:a9:f5:
b5:16:b2:65:ca:66:f0:2f:07:bd:16:0a:8e:51:2f:
5e:05:e1:48:e6:85:c5:4e:57:98:15:40:0f:94:75:
98:26:c2:b2:4c:ee:47:07:3a:6f:90:95:09:b6:c0:
09:42:2c:76:c0:76:4c:05:a6:45:bc:68:62:84:68:
48:1c:5f:8e:46:8b:cf:90:36:d3:3c:09:7b:7c:d5:
67:53:dd:b0:76:95:51:3c:18:8f:63:04:1b:87:dd:
6b:9b:e7:2b:33:3e:e0:7c:9e:63:72:d6:f1:d6:c4:
da:c8:66:31:5c:87:37:1a:79:ed:f5:04:56:f5:50:
a5:8a:05:1d:77:23:bc:21:88:54:60:b5:1d:41:60:
48:f3:e7:7a:aa:82:fc:16:a2:58:ae:e9:10:fe:a6:
92:14:0e:a1:92:56:4b:b9:f8:f6:ef:4d:a1:64:ff:
55:02:a9:47:a0:3f:d5:9d:15:25:11:44:96:7c:f1:
ae:b6:47:4a:70:50:9b:c4:98:11:47:1c:17:61:4b:
4f:c7:28:86:0d:32:16:88:68:89:33:43:85:60:5d:
82:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:1C:60:5E:BF:58:43:04:DB:12:1D:8D:AB:22:FD:33:AF:27:A6:44
X509v3 Authority Key Identifier:
keyid:F1:1F:28:9A:00:A1:B1:15:B7:F3:A4:D1:B8:01:1B:F9:0D:1A:2F:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8R8omgChsRW386TRuAEb-Q0aL3I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/tRxgXr9YQwTbEh2NqyL9M68npkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/8R8omgChsRW386TRuAEb-Q0aL3I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.149.0/24
IPv6:
2001:67c:7a8::/48
Signature Algorithm: sha256WithRSAEncryption
99:b4:e5:52:99:fb:d7:f0:ae:93:85:e3:ce:d5:e8:d1:58:d9:
c7:0c:57:ca:7d:18:a5:a0:76:ef:09:1f:61:34:5a:81:61:8c:
c2:d0:a0:b5:e9:56:9a:da:08:c9:57:71:b1:89:d9:cc:13:28:
ba:b3:62:bf:81:7a:6f:49:af:27:2a:dd:67:d3:a6:c0:bf:04:
85:87:0e:34:aa:57:29:83:ea:cb:73:51:70:c0:22:7d:63:b5:
a9:69:80:ad:b2:c6:ec:bc:75:9f:a8:74:68:1f:7f:f5:c5:c9:
73:b3:db:f3:85:01:dd:7c:16:ab:39:ae:88:98:7a:08:0f:b8:
d1:70:1f:31:44:22:8c:4d:49:9a:d7:ba:9f:f4:02:25:af:03:
20:cf:72:eb:8b:28:d5:3e:00:5e:71:8b:9f:72:15:20:8f:70:
8e:24:3b:e7:05:ef:ab:df:f2:f7:e6:dd:5c:16:6b:51:a6:4d:
09:02:f1:9a:ad:d6:59:e3:35:6e:83:3f:cc:cc:00:8a:d6:4d:
fd:fa:46:24:a8:b3:06:e6:2d:ed:47:d1:e2:00:55:a5:0e:b5:
03:8b:c3:8c:f5:b4:4e:c1:55:54:9d:3a:80:c2:6c:a6:72:b4:
7d:91:fe:88:2b:fc:fc:e9:79:20:cb:2d:e6:65:07:97:8a:a4:
c5:11:97:ea
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQjaRn0eOurw03s2NJuEOIOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMWYyODlhMDBhMWIxMTViN2YzYTRkMWI4MDExYmY5MGQx
YTJmNzIwHhcNMjUwMTAxMTk0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTFjNjA1ZWJmNTg0MzA0ZGIxMjFkOGRhYjIyZmQzM2FmMjdhNjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LqJYLuk0pwYECdLuRmLB+ICwSeN
1z9qLFhqHAzLMfkWAi7tueWmGDnxqfW1FrJlymbwLwe9FgqOUS9eBeFI5oXFTleY
FUAPlHWYJsKyTO5HBzpvkJUJtsAJQix2wHZMBaZFvGhihGhIHF+ORovPkDbTPAl7
fNVnU92wdpVRPBiPYwQbh91rm+crMz7gfJ5jctbx1sTayGYxXIc3Gnnt9QRW9VCl
igUddyO8IYhUYLUdQWBI8+d6qoL8FqJYrukQ/qaSFA6hklZLufj2702hZP9VAqlH
oD/VnRUlEUSWfPGutkdKcFCbxJgRRxwXYUtPxyiGDTIWiGiJM0OFYF2CswIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLUcYF6/WEME2xIdjasi/TOvJ6ZEMB8GA1UdIwQY
MBaAFPEfKJoAobEVt/Ok0bgBG/kNGi9yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFI4b21nQ2hzUlczODZUUnVBRWItUTBhTDNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS81MTUxZTEtMzZiNy00MjA1LTlhZjct
NzRlODQ5NjcxNjhiLzEvdFJ4Z1hyOVlRd1RiRWgyTnF5TDlNNjhucGtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS81MTUxZTEtMzZiNy00MjA1LTlhZjctNzRlODQ5NjcxNjhi
LzEvOFI4b21nQ2hzUlczODZUUnVBRWItUTBhTDNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW+qVMA8E
AgACMAkDBwAgAQZ8B6gwDQYJKoZIhvcNAQELBQADggEBAJm05VKZ+9fwrpOF487V
6NFY2ccMV8p9GKWgdu8JH2E0WoFhjMLQoLXpVpraCMlXcbGJ2cwTKLqzYr+Bem9J
rycq3WfTpsC/BIWHDjSqVymD6stzUXDAIn1jtalpgK2yxuy8dZ+odGgff/XFyXOz
2/OFAd18Fqs5roiYeggPuNFwHzFEIoxNSZrXup/0AiWvAyDPcuuLKNU+AF5xi59y
FSCPcI4kO+cF76vf8vfm3VwWa1GmTQkC8Zqt1lnjNW6DP8zMAIrWTf36RiSoswbm
Le1H0eIAVaUOtQOLw4z1tE7BVVSdOoDCbKZytH2R/ogr/PzpeSDLLeZlB5eKpMUR
l+o=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:21 2025 by rpki-client