Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mamkTKGSReS2IZWbMBaGBHtazXk.roa
File: mamkTKGSReS2IZWbMBaGBHtazXk.roa (raw, json)
Hash identifier: 9Jxk3IvKfPWI0wFkvEE49EXlcuZQKcDj7x053MjbAB0=
Subject key identifier: 99:A9:A4:4C:A1:92:45:E4:B6:21:95:9B:30:16:86:04:7B:5A:CD:79
Certificate issuer: /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial: 0194258FADC0D3FA5BB262A0ABAAC5C8259E
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mamkTKGSReS2IZWbMBaGBHtazXk.roa
Signing time: Thu 02 Jan 2025 05:49:20 +0000
ROA not before: Thu 02 Jan 2025 05:49:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 91.239.149.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:ad:c0:d3:fa:5b:b2:62:a0:ab:aa:c5:c8:25:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Validity
Not Before: Jan 2 05:49:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99a9a44ca19245e4b621959b301686047b5acd79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:72:c9:46:d5:ad:83:c6:f9:c0:0a:07:4f:d6:
56:33:db:ea:cb:9a:dc:13:0b:77:b6:56:6b:a0:64:
cb:72:cd:8d:df:28:8a:f7:74:08:97:7f:85:b0:eb:
13:1a:0a:21:db:d9:7d:a0:d1:60:c1:f3:25:22:d3:
fc:7e:eb:8a:78:23:87:c6:b7:d7:c2:04:ae:4e:80:
74:49:51:53:3a:d5:14:65:7f:69:6c:48:1f:56:9f:
b8:e4:4d:57:88:ba:3e:62:72:4b:ef:84:1e:a5:b2:
4e:01:27:50:ee:d6:3b:7f:6c:30:50:a6:7a:dd:e6:
ee:9f:78:6c:29:d9:d6:91:60:b5:4a:3d:89:1b:b1:
aa:68:23:76:09:cc:ef:6b:0d:d9:8d:fb:5d:fb:da:
af:f8:87:7e:0a:fd:d6:c5:4c:82:f8:b5:d6:05:b3:
90:2c:5d:2e:69:be:ac:16:07:bb:ef:0a:43:cd:3a:
1a:95:84:f5:72:88:95:53:a3:9f:b0:3a:76:a0:ac:
6c:b7:c8:9c:4f:8c:a4:c5:11:47:77:8d:f9:1e:c4:
83:65:4c:8e:e7:60:17:5a:be:35:b0:f7:ea:98:80:
4c:4f:8d:16:3e:33:f5:19:64:52:b3:18:1a:8d:2a:
1e:b4:b0:21:c2:b1:be:91:59:25:fd:c2:22:14:8d:
af:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:A9:A4:4C:A1:92:45:E4:B6:21:95:9B:30:16:86:04:7B:5A:CD:79
X509v3 Authority Key Identifier:
keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mamkTKGSReS2IZWbMBaGBHtazXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.149.0/24
Signature Algorithm: sha256WithRSAEncryption
82:d9:68:1c:88:d5:44:03:ca:0a:b7:48:7a:de:2f:43:d2:69:
77:58:6a:ce:49:6d:2a:90:6b:ff:4c:65:24:86:ca:a1:7b:6d:
c0:ba:ff:07:65:7f:04:ea:a7:76:cc:06:16:c6:1a:6d:f7:58:
1d:70:9b:dc:db:84:e8:4b:75:42:04:41:23:16:58:49:db:15:
bb:a2:1e:3f:99:3e:55:d7:8c:53:c0:f2:31:a7:9f:ee:ff:26:
e7:f6:cd:22:4f:58:bd:0c:28:ce:30:7f:ab:84:2b:68:04:12:
9a:86:40:a3:bd:80:1a:35:b7:55:f2:87:37:39:88:f6:0d:7a:
da:a6:dd:6c:f9:cb:1f:b5:23:de:49:1f:68:52:7d:e7:1f:39:
8b:bb:bb:89:cc:89:87:f2:3f:e5:2a:2c:d3:f2:ed:48:27:f3:
76:17:0d:af:20:69:ed:89:c2:c8:02:e9:e1:28:74:18:a8:e7:
26:98:c3:17:af:24:bd:d0:4b:b5:34:d9:31:a1:1e:3a:8b:37:
5b:38:27:77:7d:d9:27:cd:b2:b8:16:44:31:11:a8:7f:21:79:
5f:2b:29:94:03:9b:ec:64:15:d7:16:3b:f1:5d:54:d6:72:bd:
a6:98:d0:3a:91:57:3c:0c:6f:4e:25:56:ed:51:8c:ec:f6:01:
e8:f0:17:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj63A0/pbsmKgq6rFyCWeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMGMwZDA0MjI1NTY2ZGI5NWU5YWQzYjJlZjYwNTAxNDk3
NWFhYTIwHhcNMjUwMTAyMDU0OTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWE5YTQ0Y2ExOTI0NWU0YjYyMTk1OWIzMDE2ODYwNDdiNWFjZDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHLJRtWtg8b5wAoHT9ZWM9vqy5rc
Ewt3tlZroGTLcs2N3yiK93QIl3+FsOsTGgoh29l9oNFgwfMlItP8fuuKeCOHxrfX
wgSuToB0SVFTOtUUZX9pbEgfVp+45E1XiLo+YnJL74QepbJOASdQ7tY7f2wwUKZ6
3ebun3hsKdnWkWC1Sj2JG7GqaCN2Cczvaw3Zjftd+9qv+Id+Cv3WxUyC+LXWBbOQ
LF0uab6sFge77wpDzToalYT1coiVU6OfsDp2oKxst8icT4ykxRFHd435HsSDZUyO
52AXWr41sPfqmIBMT40WPjP1GWRSsxgajSoetLAhwrG+kVkl/cIiFI2vIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJmppEyhkkXktiGVmzAWhgR7Ws15MB8GA1UdIwQY
MBaAFJsMDQQiVWbblemtOy72BQFJdaqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMt
ZThlZjJmMDk1OThlLzEvbWFta1RLR1NSZVMySVpXYk1CYUdCSHRhelhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMtZThlZjJmMDk1OThl
LzEvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW++VMA0G
CSqGSIb3DQEBCwUAA4IBAQCC2WgciNVEA8oKt0h63i9D0ml3WGrOSW0qkGv/TGUk
hsqhe23Auv8HZX8E6qd2zAYWxhpt91gdcJvc24ToS3VCBEEjFlhJ2xW7oh4/mT5V
14xTwPIxp5/u/ybn9s0iT1i9DCjOMH+rhCtoBBKahkCjvYAaNbdV8oc3OYj2DXra
pt1s+csftSPeSR9oUn3nHzmLu7uJzImH8j/lKizT8u1IJ/N2Fw2vIGnticLIAunh
KHQYqOcmmMMXryS90Eu1NNkxoR46izdbOCd3fdknzbK4FkQxEah/IXlfKymUA5vs
ZBXXFjvxXVTWcr2mmNA6kVc8DG9OJVbtUYzs9gHo8Beq
-----END CERTIFICATE-----
Generated at Sun May 11 13:40:10 2025 by rpki-client