Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/777eef-4d02-4d39-b1e4-1079d55aee91/1/be5WdK6iPEkhbXurpsBiJLlldps.roa
File: be5WdK6iPEkhbXurpsBiJLlldps.roa (raw, json)
Hash identifier: 0YokzCz16IGMuCLhlbe4WQ2dF7nXC982PfyCD/leOcY=
Subject key identifier: 6D:EE:56:74:AE:A2:3C:49:21:6D:7B:AB:A6:C0:62:24:B9:65:76:9B
Certificate issuer: /CN=d58214cfa326611e9d494135a12ce8276f0f1784
Certificate serial: 019422FC12D7164E8B71015449F63EC51813
Authority key identifier: D5:82:14:CF:A3:26:61:1E:9D:49:41:35:A1:2C:E8:27:6F:0F:17:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1YIUz6MmYR6dSUE1oSzoJ28PF4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/777eef-4d02-4d39-b1e4-1079d55aee91/1/be5WdK6iPEkhbXurpsBiJLlldps.roa
Signing time: Wed 01 Jan 2025 17:48:52 +0000
ROA not before: Wed 01 Jan 2025 17:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49791
IP address blocks: 91.217.10.0/23 maxlen: 23
91.217.10.0/24 maxlen: 24
91.217.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:12:d7:16:4e:8b:71:01:54:49:f6:3e:c5:18:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d58214cfa326611e9d494135a12ce8276f0f1784
Validity
Not Before: Jan 1 17:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6dee5674aea23c49216d7baba6c06224b965769b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3b:90:b7:32:c2:db:82:87:4a:4c:ec:05:21:
1f:8a:65:e0:68:c0:d2:86:0e:4e:c5:9c:e1:45:d5:
a8:09:d5:8d:0d:76:ca:0d:f2:64:26:40:35:43:9c:
d8:c9:b4:45:21:a1:dd:9d:64:d7:9d:2d:92:46:53:
3f:ba:25:64:9d:4f:f7:5a:6c:5c:b8:9d:ef:d7:93:
79:c6:c0:19:94:4e:7c:2a:ae:1e:5a:df:b4:fc:1a:
2a:0c:ac:ba:1b:41:18:a0:b7:78:7a:06:bd:11:73:
52:d7:93:bd:8b:39:4d:4c:50:38:93:a4:d5:ff:d5:
5e:f9:5a:a3:bf:31:10:7a:93:7f:df:3a:5d:41:46:
fc:8a:94:bd:d5:a3:5d:5a:84:45:e8:e4:b8:92:1b:
1a:a4:22:b6:13:0b:48:05:d1:3d:f8:c8:15:89:22:
0a:47:7f:3c:50:b2:75:41:da:31:5a:83:f0:b4:d2:
14:7f:bf:cb:b8:69:42:02:ba:da:ab:42:2d:d5:e5:
34:1d:6b:a5:57:4b:de:37:89:cc:94:78:7a:10:18:
e8:0d:16:c6:3a:38:d3:d6:c2:88:44:5c:16:ae:b1:
43:aa:e1:6e:48:b4:64:95:b0:0f:6e:b3:44:d3:be:
9a:8e:67:25:a5:f2:02:8b:16:05:76:3c:be:e4:4f:
85:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:EE:56:74:AE:A2:3C:49:21:6D:7B:AB:A6:C0:62:24:B9:65:76:9B
X509v3 Authority Key Identifier:
keyid:D5:82:14:CF:A3:26:61:1E:9D:49:41:35:A1:2C:E8:27:6F:0F:17:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1YIUz6MmYR6dSUE1oSzoJ28PF4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/777eef-4d02-4d39-b1e4-1079d55aee91/1/be5WdK6iPEkhbXurpsBiJLlldps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/777eef-4d02-4d39-b1e4-1079d55aee91/1/1YIUz6MmYR6dSUE1oSzoJ28PF4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.10.0/23
Signature Algorithm: sha256WithRSAEncryption
04:bb:ac:80:be:5a:1f:0e:b3:7d:35:e5:6d:97:c4:5c:60:af:
b8:8e:2e:ff:57:53:7a:43:58:f1:68:c6:2f:40:a8:81:40:d5:
16:5d:1e:2f:3c:c9:45:17:46:af:94:9e:4e:58:97:e4:a8:a9:
fb:74:3d:ea:82:22:db:85:d3:96:27:3d:5a:1b:d8:e4:d7:81:
40:c1:5e:4d:23:95:24:bf:2f:89:9f:ba:c1:f2:d8:1f:a9:7b:
e3:02:44:52:7f:de:aa:23:79:80:c0:82:b9:80:fb:f3:fa:5f:
12:13:14:b1:13:34:5a:3c:b7:a3:a7:1d:aa:41:15:4c:f3:3c:
fe:48:97:5d:c8:30:3e:34:3c:43:e8:ab:6c:75:4e:5e:c7:cf:
98:0f:99:aa:7b:6a:c5:9b:1b:40:93:f7:cd:14:da:3a:4b:fe:
9c:06:79:fb:3a:20:3d:8c:77:4e:68:3e:d3:6f:2b:f6:68:19:
ac:91:06:c9:dd:a0:e7:ac:aa:d1:c7:a9:e9:76:3b:fb:de:d3:
f0:09:0b:c9:f2:81:a5:c2:6c:3a:df:05:b3:c4:db:c6:0b:53:
4e:c0:dc:ec:13:1e:d7:e0:ac:4d:04:a6:e4:74:21:2d:fe:12:
89:97:20:35:24:7a:c1:52:4c:44:b7:b3:2f:e8:a4:33:fb:0f:
b3:85:1d:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/BLXFk6LcQFUSfY+xRgTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ODIxNGNmYTMyNjYxMWU5ZDQ5NDEzNWExMmNlODI3NmYw
ZjE3ODQwHhcNMjUwMTAxMTc0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGVlNTY3NGFlYTIzYzQ5MjE2ZDdiYWJhNmMwNjIyNGI5NjU3NjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTuQtzLC24KHSkzsBSEfimXgaMDS
hg5OxZzhRdWoCdWNDXbKDfJkJkA1Q5zYybRFIaHdnWTXnS2SRlM/uiVknU/3Wmxc
uJ3v15N5xsAZlE58Kq4eWt+0/BoqDKy6G0EYoLd4ega9EXNS15O9izlNTFA4k6TV
/9Ve+VqjvzEQepN/3zpdQUb8ipS91aNdWoRF6OS4khsapCK2EwtIBdE9+MgViSIK
R388ULJ1QdoxWoPwtNIUf7/LuGlCArraq0It1eU0HWulV0veN4nMlHh6EBjoDRbG
OjjT1sKIRFwWrrFDquFuSLRklbAPbrNE076ajmclpfICixYFdjy+5E+FkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG3uVnSuojxJIW17q6bAYiS5ZXabMB8GA1UdIwQY
MBaAFNWCFM+jJmEenUlBNaEs6CdvDxeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVlJVXo2TW1ZUjZkU1VFMW9Tem9KMjhQRjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83NzdlZWYtNGQwMi00ZDM5LWIxZTQt
MTA3OWQ1NWFlZTkxLzEvYmU1V2RLNmlQRWtoYlh1cnBzQmlKTGxsZHBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83NzdlZWYtNGQwMi00ZDM5LWIxZTQtMTA3OWQ1NWFlZTkx
LzEvMVlJVXo2TW1ZUjZkU1VFMW9Tem9KMjhQRjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW9kKMA0G
CSqGSIb3DQEBCwUAA4IBAQAEu6yAvlofDrN9NeVtl8RcYK+4ji7/V1N6Q1jxaMYv
QKiBQNUWXR4vPMlFF0avlJ5OWJfkqKn7dD3qgiLbhdOWJz1aG9jk14FAwV5NI5Uk
vy+Jn7rB8tgfqXvjAkRSf96qI3mAwIK5gPvz+l8SExSxEzRaPLejpx2qQRVM8zz+
SJddyDA+NDxD6KtsdU5ex8+YD5mqe2rFmxtAk/fNFNo6S/6cBnn7OiA9jHdOaD7T
byv2aBmskQbJ3aDnrKrRx6npdjv73tPwCQvJ8oGlwmw63wWzxNvGC1NOwNzsEx7X
4KxNBKbkdCEt/hKJlyA1JHrBUkxEt7Mv6KQz+w+zhR1k
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:37:33 2025 by rpki-client