Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/c4bfd4-a0a1-4334-860a-4fa537dbe2e9/1/IW2vrK3HcpopB_Br4A5_Kcu1YHA.roa
File: IW2vrK3HcpopB_Br4A5_Kcu1YHA.roa (raw, json)
Hash identifier: jn7q3prF672ojCYbhHkipYPT+tMJuwcHdRX7fdgmul8=
Subject key identifier: 21:6D:AF:AC:AD:C7:72:9A:29:07:F0:6B:E0:0E:7F:29:CB:B5:60:70
Certificate issuer: /CN=e8a32e8a6ac6f6ec37860ee7c07eb8df93147779
Certificate serial: 019421B1F9AA7B048FA8E4ED78DC9EB6F87F
Authority key identifier: E8:A3:2E:8A:6A:C6:F6:EC:37:86:0E:E7:C0:7E:B8:DF:93:14:77:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6KMuimrG9uw3hg7nwH6435MUd3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/c4bfd4-a0a1-4334-860a-4fa537dbe2e9/1/IW2vrK3HcpopB_Br4A5_Kcu1YHA.roa
Signing time: Wed 01 Jan 2025 11:48:19 +0000
ROA not before: Wed 01 Jan 2025 11:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3246
IP address blocks: 91.142.112.0/20 maxlen: 20
185.143.148.0/22 maxlen: 22
2a00:17b0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:f9:aa:7b:04:8f:a8:e4:ed:78:dc:9e:b6:f8:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8a32e8a6ac6f6ec37860ee7c07eb8df93147779
Validity
Not Before: Jan 1 11:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=216dafacadc7729a2907f06be00e7f29cbb56070
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e0:8a:07:4a:9c:1d:ce:c6:87:00:b5:fe:c6:
10:40:cc:06:26:49:1e:36:f5:32:53:47:cb:7d:a2:
04:a9:ed:5a:63:f6:a9:3b:fc:ef:79:4a:9b:a7:2b:
57:e5:c4:be:55:4f:a5:94:0c:a3:70:56:c4:b1:53:
25:7f:7e:e6:8e:ea:31:a0:c9:e8:27:b8:6f:55:51:
0c:36:22:6b:00:cf:a0:8d:5d:1c:d1:02:b2:7a:0d:
5f:47:59:88:d2:08:91:9c:17:8a:44:3c:63:6e:6d:
79:46:e4:0e:a1:e4:76:0b:e7:5e:12:23:ff:82:f2:
97:18:6d:fd:af:8b:39:88:5a:44:a2:c6:3f:ce:05:
ef:09:03:eb:cf:e3:d8:11:8b:ed:cc:c2:2e:18:6b:
05:fc:29:b8:01:c1:01:c3:df:21:26:9e:94:30:2c:
a0:79:9e:be:2c:39:c8:cd:7d:7a:18:8b:21:6d:fc:
e6:92:ea:cb:3f:96:0b:26:b3:fd:41:40:09:26:9f:
f5:75:44:3c:23:2d:34:67:34:dd:7c:21:e3:82:fa:
55:d0:5d:49:29:7d:b9:9f:39:ca:7c:a8:cd:1b:f7:
d7:53:1b:52:45:54:33:a9:70:af:f6:0f:61:70:40:
d7:1b:d8:1e:40:c7:42:62:f9:48:23:31:61:db:42:
3c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:6D:AF:AC:AD:C7:72:9A:29:07:F0:6B:E0:0E:7F:29:CB:B5:60:70
X509v3 Authority Key Identifier:
keyid:E8:A3:2E:8A:6A:C6:F6:EC:37:86:0E:E7:C0:7E:B8:DF:93:14:77:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6KMuimrG9uw3hg7nwH6435MUd3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/c4bfd4-a0a1-4334-860a-4fa537dbe2e9/1/IW2vrK3HcpopB_Br4A5_Kcu1YHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/c4bfd4-a0a1-4334-860a-4fa537dbe2e9/1/6KMuimrG9uw3hg7nwH6435MUd3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.112.0/20
185.143.148.0/22
IPv6:
2a00:17b0::/32
Signature Algorithm: sha256WithRSAEncryption
be:29:40:40:a6:ea:05:ac:5e:a7:51:7c:a1:db:fd:ab:eb:c0:
ec:e7:8a:9c:ef:d2:d3:2b:37:7c:d5:02:26:75:81:a9:27:28:
98:3c:58:67:b7:ef:a4:52:77:76:e2:26:6c:5d:f8:7c:e9:b1:
d6:0c:49:e1:f6:6a:5b:92:77:b7:9b:93:05:4a:2a:e5:5e:bb:
25:27:4c:61:7b:a8:10:59:a4:33:95:8a:1c:da:cb:1f:88:c3:
3f:7a:42:9c:75:41:93:34:7f:e1:51:47:6a:dd:6d:84:8d:d5:
71:b1:72:ed:2d:60:e2:51:57:0b:b0:c7:25:c0:ed:b0:fc:74:
2f:a0:20:3f:fc:62:83:31:1d:3a:22:55:ba:18:2e:5e:a1:45:
66:13:5c:09:a9:32:96:75:82:60:1b:ec:74:79:2c:1e:b4:ac:
19:db:43:96:60:b6:8e:77:d1:50:07:4d:44:db:da:ce:c5:04:
2d:74:d4:60:c4:b3:87:7f:85:84:32:9c:e9:be:4d:d4:62:13:
08:d0:b2:83:f8:a8:f8:5c:65:99:a2:d4:50:f9:5e:aa:c8:db:
e0:89:ab:5f:1b:77:41:6b:f7:bf:0f:07:36:0e:c3:68:5c:bc:
13:8d:8d:74:f1:f2:51:c3:ed:83:f9:78:39:0e:d1:1c:7b:cf:
42:83:c6:47
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQhsfmqewSPqOTteNyetvh/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YTMyZThhNmFjNmY2ZWMzNzg2MGVlN2MwN2ViOGRmOTMx
NDc3NzkwHhcNMjUwMTAxMTE0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTZkYWZhY2FkYzc3MjlhMjkwN2YwNmJlMDBlN2YyOWNiYjU2MDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteCKB0qcHc7GhwC1/sYQQMwGJkke
NvUyU0fLfaIEqe1aY/apO/zveUqbpytX5cS+VU+llAyjcFbEsVMlf37mjuoxoMno
J7hvVVEMNiJrAM+gjV0c0QKyeg1fR1mI0giRnBeKRDxjbm15RuQOoeR2C+deEiP/
gvKXGG39r4s5iFpEosY/zgXvCQPrz+PYEYvtzMIuGGsF/Cm4AcEBw98hJp6UMCyg
eZ6+LDnIzX16GIshbfzmkurLP5YLJrP9QUAJJp/1dUQ8Iy00ZzTdfCHjgvpV0F1J
KX25nznKfKjNG/fXUxtSRVQzqXCv9g9hcEDXG9geQMdCYvlIIzFh20I8WwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCFtr6ytx3KaKQfwa+AOfynLtWBwMB8GA1UdIwQY
MBaAFOijLopqxvbsN4YO58B+uN+TFHd5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNktNdWltckc5dXczaGc3bndINjQzNU1VZDNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9jNGJmZDQtYTBhMS00MzM0LTg2MGEt
NGZhNTM3ZGJlMmU5LzEvSVcydnJLM0hjcG9wQl9CcjRBNV9LY3UxWUhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9jNGJmZDQtYTBhMS00MzM0LTg2MGEtNGZhNTM3ZGJlMmU5
LzEvNktNdWltckc5dXczaGc3bndINjQzNU1VZDNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEW45wAwQC
uY+UMA0EAgACMAcDBQAqABewMA0GCSqGSIb3DQEBCwUAA4IBAQC+KUBApuoFrF6n
UXyh2/2r68Ds54qc79LTKzd81QImdYGpJyiYPFhnt++kUnd24iZsXfh86bHWDEnh
9mpbkne3m5MFSirlXrslJ0xhe6gQWaQzlYoc2ssfiMM/ekKcdUGTNH/hUUdq3W2E
jdVxsXLtLWDiUVcLsMclwO2w/HQvoCA//GKDMR06IlW6GC5eoUVmE1wJqTKWdYJg
G+x0eSwetKwZ20OWYLaOd9FQB01E29rOxQQtdNRgxLOHf4WEMpzpvk3UYhMI0LKD
+Kj4XGWZotRQ+V6qyNvgiatfG3dBa/e/Dwc2DsNoXLwTjY108fJRw+2D+Xg5DtEc
e89Cg8ZH
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:55:57 2025 by rpki-client