Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/540897-f4b7-4848-b07b-96ab21696974/1/MQ8RZspaKkEig8cCCF7-zec3ZHI.roa
File: MQ8RZspaKkEig8cCCF7-zec3ZHI.roa (raw, json)
Hash identifier: TWPrc2azmEsVYvz4zvYsbEnxkist2uhLkvy3lSkFipY=
Subject key identifier: 31:0F:11:66:CA:5A:2A:41:22:83:C7:02:08:5E:FE:CD:E7:37:64:72
Certificate issuer: /CN=e23a74630a8424ccd5f5bb0f60220894527d732c
Certificate serial: 019420D5EC22622ED1FDCD2356D49797825E
Authority key identifier: E2:3A:74:63:0A:84:24:CC:D5:F5:BB:0F:60:22:08:94:52:7D:73:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4jp0YwqEJMzV9bsPYCIIlFJ9cyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/540897-f4b7-4848-b07b-96ab21696974/1/MQ8RZspaKkEig8cCCF7-zec3ZHI.roa
Signing time: Wed 01 Jan 2025 07:47:58 +0000
ROA not before: Wed 01 Jan 2025 07:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21217
IP address blocks: 91.199.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:ec:22:62:2e:d1:fd:cd:23:56:d4:97:97:82:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e23a74630a8424ccd5f5bb0f60220894527d732c
Validity
Not Before: Jan 1 07:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=310f1166ca5a2a412283c702085efecde7376472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:49:4b:84:0e:c9:43:87:86:6d:10:aa:21:a5:
97:24:47:ee:a6:4f:ae:68:55:b4:f5:d2:30:6d:20:
06:96:2c:5d:ae:62:c1:35:3d:4a:4c:4a:05:95:43:
d1:a1:a5:da:10:79:ea:8d:d1:ef:97:25:95:56:01:
8a:b8:b0:5a:82:ba:51:8b:34:c6:c9:7b:51:54:f2:
e1:32:3b:59:05:0d:ea:cf:c8:0d:bf:43:fd:64:79:
f9:69:00:d8:35:83:d3:ae:79:ad:b7:3f:12:3f:0a:
14:a3:8e:4d:8b:1f:94:be:5e:cb:cc:a1:b4:96:34:
da:1e:21:82:db:a4:f8:3d:d9:2f:b5:2e:b4:ec:57:
f2:18:28:26:6a:f9:09:b9:54:11:10:e5:8c:62:f8:
5f:1a:a0:b4:0c:e0:d9:f9:5d:22:87:98:93:64:2f:
cd:e2:b3:f8:5e:cb:6f:bd:ca:f9:57:92:8a:04:b2:
af:40:3f:70:41:b5:00:d6:1c:eb:fa:08:80:c0:04:
b3:6f:c5:71:52:aa:b2:7d:8c:7e:63:7a:28:b5:4a:
be:b7:45:bf:36:18:f1:6c:51:f9:8b:dc:2a:a6:99:
bf:36:59:67:1e:e3:6a:cf:f2:97:cb:2b:1e:71:59:
a1:9c:7c:27:96:25:19:7c:68:ed:7c:b7:8c:1b:36:
9f:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:0F:11:66:CA:5A:2A:41:22:83:C7:02:08:5E:FE:CD:E7:37:64:72
X509v3 Authority Key Identifier:
keyid:E2:3A:74:63:0A:84:24:CC:D5:F5:BB:0F:60:22:08:94:52:7D:73:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4jp0YwqEJMzV9bsPYCIIlFJ9cyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/540897-f4b7-4848-b07b-96ab21696974/1/MQ8RZspaKkEig8cCCF7-zec3ZHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/540897-f4b7-4848-b07b-96ab21696974/1/4jp0YwqEJMzV9bsPYCIIlFJ9cyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.255.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:ec:87:8b:78:6e:3c:7e:aa:e8:d1:27:d4:97:95:2e:fa:ca:
4b:fa:0f:b5:81:19:c8:da:57:f2:14:42:25:b8:84:b1:ed:f8:
d7:cc:21:5e:f7:a4:1a:01:5d:d1:99:90:82:3d:9e:4b:4a:57:
96:f8:60:dd:a8:d3:c2:1b:fc:10:80:9a:76:ed:0c:60:e4:bc:
c5:a6:cc:11:4d:d9:07:e9:e5:5c:80:af:3a:4f:51:7c:45:9c:
94:6a:00:97:8d:6f:e8:e6:a9:21:83:2f:0d:cb:98:bf:97:39:
4e:7b:4d:fc:81:58:63:9d:8d:a5:87:68:46:65:36:e0:b5:bd:
aa:7d:e8:96:0b:f9:21:e1:41:cf:3f:f1:b0:b4:47:0a:56:82:
51:b7:6f:58:b1:53:5e:76:00:5e:74:99:78:eb:a8:f3:62:a7:
41:c9:04:04:71:a8:3c:db:f7:07:97:2b:ae:c0:85:62:77:55:
bb:34:55:a5:13:c2:05:18:c8:d2:b4:c8:3a:62:eb:11:16:30:
86:be:94:0e:d5:6f:70:67:9a:d9:48:36:3c:01:a6:e7:a9:33:
77:fd:ca:06:8c:3a:2e:6d:21:f5:78:16:93:6e:6b:ef:97:5e:
46:24:0c:06:3d:eb:3f:e6:e5:6d:69:62:2b:06:ba:92:2e:7d:
bd:0d:60:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1ewiYi7R/c0jVtSXl4JeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyM2E3NDYzMGE4NDI0Y2NkNWY1YmIwZjYwMjIwODk0NTI3
ZDczMmMwHhcNMjUwMTAxMDc0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTBmMTE2NmNhNWEyYTQxMjI4M2M3MDIwODVlZmVjZGU3Mzc2NDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUlLhA7JQ4eGbRCqIaWXJEfupk+u
aFW09dIwbSAGlixdrmLBNT1KTEoFlUPRoaXaEHnqjdHvlyWVVgGKuLBagrpRizTG
yXtRVPLhMjtZBQ3qz8gNv0P9ZHn5aQDYNYPTrnmttz8SPwoUo45Nix+Uvl7LzKG0
ljTaHiGC26T4PdkvtS607FfyGCgmavkJuVQREOWMYvhfGqC0DODZ+V0ih5iTZC/N
4rP4Xstvvcr5V5KKBLKvQD9wQbUA1hzr+giAwASzb8VxUqqyfYx+Y3ootUq+t0W/
NhjxbFH5i9wqppm/NllnHuNqz/KXyysecVmhnHwnliUZfGjtfLeMGzafxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDEPEWbKWipBIoPHAghe/s3nN2RyMB8GA1UdIwQY
MBaAFOI6dGMKhCTM1fW7D2AiCJRSfXMsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGpwMFl3cUVKTXpWOWJzUFlDSUlsRko5Y3l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi81NDA4OTctZjRiNy00ODQ4LWIwN2It
OTZhYjIxNjk2OTc0LzEvTVE4UlpzcGFLa0VpZzhjQ0NGNy16ZWMzWkhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi81NDA4OTctZjRiNy00ODQ4LWIwN2ItOTZhYjIxNjk2OTc0
LzEvNGpwMFl3cUVKTXpWOWJzUFlDSUlsRko5Y3l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8f/MA0G
CSqGSIb3DQEBCwUAA4IBAQBK7IeLeG48fqro0SfUl5Uu+spL+g+1gRnI2lfyFEIl
uISx7fjXzCFe96QaAV3RmZCCPZ5LSleW+GDdqNPCG/wQgJp27Qxg5LzFpswRTdkH
6eVcgK86T1F8RZyUagCXjW/o5qkhgy8Ny5i/lzlOe038gVhjnY2lh2hGZTbgtb2q
feiWC/kh4UHPP/GwtEcKVoJRt29YsVNedgBedJl466jzYqdByQQEcag82/cHlyuu
wIVid1W7NFWlE8IFGMjStMg6YusRFjCGvpQO1W9wZ5rZSDY8AabnqTN3/coGjDou
bSH1eBaTbmvvl15GJAwGPes/5uVtaWIrBrqSLn29DWAr
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:38 2025 by rpki-client